Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/vHugnj1okVFfoCSBoQYMlN65d48.roa
File: vHugnj1okVFfoCSBoQYMlN65d48.roa (raw, json)
Hash identifier: Udpa0kpU7je39haLkuUnG9l9sK4qyzUbTmVE+6pcKIA=
Subject key identifier: BC:7B:A0:9E:3D:68:91:51:5F:A0:24:81:A1:06:0C:94:DE:B9:77:8F
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0196F521CC1D4EEAB725CA79C9ABD02B301A
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/vHugnj1okVFfoCSBoQYMlN65d48.roa
Signing time: Wed 21 May 2025 23:15:54 +0000
ROA not before: Wed 21 May 2025 23:15:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 22 May 2025 00:04:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f5:21:cc:1d:4e:ea:b7:25:ca:79:c9:ab:d0:2b:30:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 21 23:15:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bc7ba09e3d6891515fa02481a1060c94deb9778f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:e3:e6:ac:81:d5:c7:46:3f:f0:88:d7:f4:ec:
f0:71:d8:99:69:7c:cd:f8:62:ac:cc:10:1a:59:4b:
18:b4:02:f8:18:ab:fe:b2:fc:38:9d:59:17:58:18:
e7:a2:ee:36:a7:9a:22:d1:ea:df:71:77:8a:c5:5a:
4f:70:8d:3f:88:3d:af:61:fd:61:b3:c7:0a:d1:af:
0a:4c:43:74:49:94:c9:30:a0:d4:91:00:ed:e8:65:
97:8c:61:e2:58:d0:94:58:2f:87:1c:8d:31:cb:b7:
9f:43:95:23:79:2d:c9:a6:4e:50:70:fb:20:5f:ba:
0f:43:7c:19:91:83:73:ef:33:10:a6:78:37:f7:f1:
7a:ad:5a:d9:c9:f2:de:64:de:be:de:0b:01:0b:0b:
60:a0:e8:6f:64:8a:6a:97:97:5b:c0:1a:4f:6a:f6:
3c:ff:43:84:d6:0b:9f:43:06:5b:00:69:c4:75:37:
5f:2b:bd:ef:30:e4:4c:aa:f4:40:21:d7:d5:33:bb:
fe:d3:7f:47:76:94:cc:a1:38:7b:16:fa:2a:9c:22:
f7:d9:b3:a5:43:d9:bf:71:12:fe:09:bb:a1:ba:0e:
39:b9:ac:bd:5d:84:bb:61:d6:7c:c6:85:91:25:31:
07:c0:0d:dc:43:df:04:67:03:ee:db:2b:1b:31:11:
58:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:7B:A0:9E:3D:68:91:51:5F:A0:24:81:A1:06:0C:94:DE:B9:77:8F
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/vHugnj1okVFfoCSBoQYMlN65d48.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
Signature Algorithm: sha256WithRSAEncryption
85:fa:a4:69:3a:f2:ad:3d:4e:b3:3a:48:cf:a3:66:57:69:a9:
b7:c1:44:7f:50:16:0c:9a:b5:aa:92:03:a2:8b:75:b1:78:f3:
b6:0b:a5:c2:a1:3d:6b:ec:a0:b9:8f:d6:0a:65:4d:cc:b5:bb:
c8:d7:36:e6:0f:97:4b:25:4a:af:97:6a:eb:2f:4d:5e:e3:bc:
98:8d:2f:b9:61:53:86:14:51:8c:7d:7e:40:19:8d:4c:03:82:
cc:a8:d2:25:aa:8a:af:31:fb:51:37:20:34:66:4f:62:d6:fb:
76:0d:81:a8:a7:bc:45:8f:68:3a:1a:dc:68:31:37:20:0c:e1:
0a:e6:58:83:aa:f5:e7:8a:73:32:8b:30:0a:3d:96:0b:8b:64:
9a:ee:08:f9:78:b6:8c:e8:0d:9a:04:97:ee:88:ec:5d:c7:7d:
ad:a3:2c:5c:24:31:83:66:da:a0:09:c9:81:51:95:46:a1:9b:
0d:cf:39:5c:77:59:cf:11:dd:97:7a:ec:03:3a:e2:d6:61:79:
d0:89:39:0b:e8:44:35:32:7b:76:07:49:1c:84:0c:0e:df:2e:
b4:54:da:54:ec:15:80:7b:25:b5:ba:04:f5:e1:ce:7b:e6:e3:
5c:69:cb:e8:c1:e2:d3:20:c6:6f:3b:c6:5d:19:d3:21:a0:12:
00:16:82:64
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZb1IcwdTuq3Jcp5yavQKzAaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTIxMjMxNTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzdiYTA5ZTNkNjg5MTUxNWZhMDI0ODFhMTA2MGM5NGRlYjk3NzhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApePmrIHVx0Y/8IjX9OzwcdiZaXzN
+GKszBAaWUsYtAL4GKv+svw4nVkXWBjnou42p5oi0erfcXeKxVpPcI0/iD2vYf1h
s8cK0a8KTEN0SZTJMKDUkQDt6GWXjGHiWNCUWC+HHI0xy7efQ5UjeS3Jpk5QcPsg
X7oPQ3wZkYNz7zMQpng39/F6rVrZyfLeZN6+3gsBCwtgoOhvZIpql5dbwBpPavY8
/0OE1gufQwZbAGnEdTdfK73vMORMqvRAIdfVM7v+039HdpTMoTh7FvoqnCL32bOl
Q9m/cRL+Cbuhug45uay9XYS7YdZ8xoWRJTEHwA3cQ98EZwPu2ysbMRFYxQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFLx7oJ49aJFRX6AkgaEGDJTeuXePMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvdkh1Z25qMW9rVkZmb0NTQm9RWU1sTjY1ZDQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGW7V2MKDANBgkqhkiG9w0BAQsFAAOCAQEAhfqkaTryrT1OszpIz6NmV2mp
t8FEf1AWDJq1qpIDoot1sXjztgulwqE9a+yguY/WCmVNzLW7yNc25g+XSyVKr5dq
6y9NXuO8mI0vuWFThhRRjH1+QBmNTAOCzKjSJaqKrzH7UTcgNGZPYtb7dg2BqKe8
RY9oOhrcaDE3IAzhCuZYg6r154pzMoswCj2WC4tkmu4I+Xi2jOgNmgSX7ojsXcd9
raMsXCQxg2baoAnJgVGVRqGbDc85XHdZzxHdl3rsAzri1mF50Ik5C+hENTJ7dgdJ
HIQMDt8utFTaVOwVgHsltboE9eHOe+bjXGnL6MHi0yDGbzvGXRnTIaASABaCZA==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:55:11 2025 by rpki-client