Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/v5su5FuhLLsPEVJjq8tLR2Nmvkk.roa
File: v5su5FuhLLsPEVJjq8tLR2Nmvkk.roa (raw, json)
Hash identifier: pCKhkgRwq/C++l8VOo0uBkewPlwisGy2R7vvIRr2txI=
Subject key identifier: BF:9B:2E:E4:5B:A1:2C:BB:0F:11:52:63:AB:CB:4B:47:63:66:BE:49
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0197022E8E401FC636A54B0CA29BBDC02C89
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/v5su5FuhLLsPEVJjq8tLR2Nmvkk.roa
Signing time: Sat 24 May 2025 12:04:54 +0000
ROA not before: Sat 24 May 2025 12:04:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:22d:f37e/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 24 May 2025 12:15:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:02:2e:8e:40:1f:c6:36:a5:4b:0c:a2:9b:bd:c0:2c:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 24 12:04:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bf9b2ee45ba12cbb0f115263abcb4b476366be49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:66:c4:42:be:ba:3a:c1:41:e3:47:2c:ce:c4:
3d:44:9c:2f:e6:cc:ab:ef:21:27:a5:77:75:49:a7:
3d:9a:13:82:17:d2:aa:01:9d:32:09:51:1e:43:e9:
8e:28:72:24:84:99:fc:66:db:35:6c:d3:e7:82:dd:
16:16:2b:69:1d:e8:8c:9b:8a:4e:e1:7b:f8:1a:27:
6f:e0:f3:6d:2e:8e:ad:89:13:69:bf:ff:bb:97:f7:
74:4e:af:87:ae:ea:15:c9:66:ae:aa:dc:d7:a1:bb:
cc:25:3f:3e:54:e6:0b:70:e0:38:60:6a:a5:3f:e3:
85:3f:45:2f:46:7b:d3:c4:f2:89:da:a8:26:b7:14:
28:c2:bd:b0:fa:91:30:49:88:c4:7c:2d:52:e2:e0:
82:bc:73:e9:59:8e:6f:93:bf:42:79:bb:fb:9a:11:
a7:2a:97:e9:3a:b7:20:24:83:0b:22:cf:4e:13:b4:
70:73:54:53:b1:1b:7d:d0:d9:f2:b9:32:5d:71:89:
97:10:57:50:93:29:05:9d:4d:f5:36:87:b4:88:47:
ca:75:f5:ed:d6:50:7d:10:62:09:69:9f:cd:11:16:
82:7b:16:2c:e4:7e:bf:c2:69:eb:6c:77:87:58:96:
8f:23:4a:44:56:09:53:7c:a0:5c:64:da:d1:ee:58:
45:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:9B:2E:E4:5B:A1:2C:BB:0F:11:52:63:AB:CB:4B:47:63:66:BE:49
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/v5su5FuhLLsPEVJjq8tLR2Nmvkk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:22d:f37e/128
Signature Algorithm: sha256WithRSAEncryption
10:a0:fc:1f:30:9a:8c:5c:5d:b7:ac:ea:5a:21:5f:21:fd:be:
34:0c:ee:d8:17:9d:74:18:79:53:57:53:19:3d:64:07:6c:de:
49:da:76:e5:88:45:31:42:4a:52:69:6e:a3:39:e9:ec:96:49:
2c:fc:29:3a:90:c3:90:dc:a9:12:88:f4:c9:e3:c9:99:dc:d7:
b0:e4:17:4a:36:7c:b7:16:12:8c:b2:df:78:d4:21:9a:fd:2d:
bc:b1:8d:2c:2a:59:a9:0c:21:e1:64:2e:bb:c3:38:5b:96:c3:
66:29:a3:b2:eb:f8:e1:03:37:e2:9c:b8:18:c1:be:b2:23:d4:
b2:b6:3b:d2:96:78:7f:71:e1:f7:26:f7:d6:7c:91:fb:08:3b:
07:29:99:01:28:9d:1f:a2:f8:cd:7e:9d:ca:c3:70:21:28:34:
47:e4:66:af:64:6a:dd:a1:33:fe:4f:0b:c4:83:ab:ae:28:f3:
82:50:c8:1e:0f:51:a6:82:a0:ab:55:fe:7e:7e:cf:c6:e2:a5:
71:84:b7:c9:91:9e:9b:78:12:5c:13:07:aa:16:5b:0f:8a:b9:
52:3d:60:a0:de:5d:41:60:99:99:0a:f4:f5:d9:aa:92:bb:7f:
12:0e:a4:d3:5c:09:fe:a7:3a:62:10:c6:98:a0:c2:74:55:ca:
ea:82:a3:04
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZcCLo5AH8Y2pUsMopu9wCyJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTI0MTIwNDU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjliMmVlNDViYTEyY2JiMGYxMTUyNjNhYmNiNGI0NzYzNjZiZTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGbEQr66OsFB40cszsQ9RJwv5syr
7yEnpXd1Sac9mhOCF9KqAZ0yCVEeQ+mOKHIkhJn8Zts1bNPngt0WFitpHeiMm4pO
4Xv4Gidv4PNtLo6tiRNpv/+7l/d0Tq+HruoVyWauqtzXobvMJT8+VOYLcOA4YGql
P+OFP0UvRnvTxPKJ2qgmtxQowr2w+pEwSYjEfC1S4uCCvHPpWY5vk79Cebv7mhGn
KpfpOrcgJIMLIs9OE7Rwc1RTsRt90NnyuTJdcYmXEFdQkykFnU31Noe0iEfKdfXt
1lB9EGIJaZ/NERaCexYs5H6/wmnrbHeHWJaPI0pEVglTfKBcZNrR7lhF+wIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFL+bLuRboSy7DxFSY6vLS0djZr5JMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvdjVzdTVGdWhMTHNQRVZKanE4dExSMk5tdmtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlwIt834wDQYJKoZIhvcNAQELBQADggEB
ABCg/B8wmoxcXbes6lohXyH9vjQM7tgXnXQYeVNXUxk9ZAds3knaduWIRTFCSlJp
bqM56eyWSSz8KTqQw5DcqRKI9MnjyZnc17DkF0o2fLcWEoyy33jUIZr9LbyxjSwq
WakMIeFkLrvDOFuWw2Ypo7Lr+OEDN+KcuBjBvrIj1LK2O9KWeH9x4fcm99Z8kfsI
OwcpmQEonR+i+M1+ncrDcCEoNEfkZq9kat2hM/5PC8SDq64o84JQyB4PUaaCoKtV
/n5+z8bipXGEt8mRnpt4ElwTB6oWWw+KuVI9YKDeXUFgmZkK9PXZqpK7fxIOpNNc
Cf6nOmIQxpigwnRVyuqCowQ=
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:24:16 2025 by rpki-client