Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/va8aKei65FA-jToYkYf4IBcV_-E.roa
File: va8aKei65FA-jToYkYf4IBcV_-E.roa (raw, json)
Hash identifier: qMEQ7FlYdS3dl5cNfKc6jH5JeerJlaMCJ3m5iES4W28=
Subject key identifier: BD:AF:1A:29:E8:BA:E4:50:3E:8D:3A:18:91:87:F8:20:17:15:FF:E1
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 01963A9F74A6431C325BCE2EA036F14AD31E
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/va8aKei65FA-jToYkYf4IBcV_-E.roa
Signing time: Tue 15 Apr 2025 18:04:10 +0000
ROA not before: Tue 15 Apr 2025 18:04:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:3a9f:55b0/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 15 Apr 2025 18:12:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3a:9f:74:a6:43:1c:32:5b:ce:2e:a0:36:f1:4a:d3:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Apr 15 18:04:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bdaf1a29e8bae4503e8d3a189187f8201715ffe1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:6e:0e:8c:44:3d:5a:ce:38:bf:2e:e2:35:b4:
e3:e6:bf:9c:0e:ec:1b:cd:37:3a:5b:a1:8a:09:e1:
0e:79:93:34:45:9a:77:60:f0:76:07:65:1c:6d:2d:
22:da:0f:12:ad:58:85:28:ba:13:59:5d:3a:43:d2:
f9:c9:67:c2:c3:14:55:65:ac:e3:bd:d1:a4:9e:a3:
f1:54:04:7b:a5:bf:e0:15:e0:f3:79:c8:0e:15:3c:
35:1a:15:36:77:47:22:7b:1a:7c:19:cd:c4:68:5a:
98:0d:f9:06:d8:2f:e7:9f:ee:c6:19:51:78:49:9a:
8d:26:83:77:2e:cb:2d:65:d9:11:57:71:58:f5:99:
db:67:30:a0:fc:6f:de:09:ad:92:60:68:07:5c:6e:
82:c6:4a:c0:74:82:d3:63:54:57:44:3b:f8:12:55:
5a:d8:6a:0a:75:fd:1f:c4:fe:f2:fa:a1:94:38:4f:
0f:8d:b9:3f:c0:d2:e1:f9:de:3b:ae:d2:50:88:ee:
35:3d:ca:2e:41:14:1a:0b:fc:8e:2c:7b:e8:33:83:
9a:41:43:13:60:3b:ec:c8:ed:99:3f:00:98:71:43:
4b:d4:03:ee:99:04:50:c0:38:88:d8:49:1f:ed:30:
47:e1:17:45:05:82:e0:49:f7:11:ca:a6:16:0a:4e:
5c:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:AF:1A:29:E8:BA:E4:50:3E:8D:3A:18:91:87:F8:20:17:15:FF:E1
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/va8aKei65FA-jToYkYf4IBcV_-E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:3a9f:55b0/128
Signature Algorithm: sha256WithRSAEncryption
5a:f7:c6:02:4b:94:34:71:1c:88:4f:16:39:13:74:ab:61:ad:
68:1a:9c:d2:63:cd:44:95:88:b1:94:82:08:83:a8:81:17:7b:
d6:24:d6:bc:a7:8c:a1:9e:ae:35:ea:82:60:7f:16:de:84:33:
20:8a:50:0c:ef:2d:8e:be:16:18:4a:bf:4a:70:79:29:b1:2a:
d8:e8:18:fe:df:74:95:71:fc:37:19:8f:5b:95:dc:7e:92:7d:
f1:49:dd:4a:b4:ce:d8:39:b2:af:c0:9f:98:8d:ea:86:66:63:
ff:d8:bd:86:c2:61:2f:84:ea:76:0d:3e:6e:97:ab:e5:0e:57:
aa:ac:d8:02:75:97:9f:bf:c3:3e:ff:ce:67:16:fa:ee:63:5c:
48:eb:ac:32:d6:f4:56:4e:1c:e7:61:a3:97:d2:4e:60:f2:e7:
ce:03:05:20:b2:66:b2:d8:bf:eb:d9:30:8c:b1:82:c6:86:63:
ed:7e:08:3d:57:9f:c4:db:d3:50:ae:71:5b:77:dc:c6:76:5a:
c4:7a:ff:3a:5b:06:e1:f9:69:8a:07:80:c1:c0:4d:37:26:8f:
06:25:e3:42:d4:cf:11:81:7e:74:27:37:32:75:ca:d4:92:e4:
d3:b4:e8:7a:f0:6f:1f:f2:87:7f:74:4b:a7:9c:25:47:f6:73:
05:63:ed:c8
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZY6n3SmQxwyW84uoDbxStMeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNDE1MTgwNDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGFmMWEyOWU4YmFlNDUwM2U4ZDNhMTg5MTg3ZjgyMDE3MTVmZmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsW4OjEQ9Ws44vy7iNbTj5r+cDuwb
zTc6W6GKCeEOeZM0RZp3YPB2B2UcbS0i2g8SrViFKLoTWV06Q9L5yWfCwxRVZazj
vdGknqPxVAR7pb/gFeDzecgOFTw1GhU2d0ciexp8Gc3EaFqYDfkG2C/nn+7GGVF4
SZqNJoN3LsstZdkRV3FY9ZnbZzCg/G/eCa2SYGgHXG6CxkrAdILTY1RXRDv4ElVa
2GoKdf0fxP7y+qGUOE8Pjbk/wNLh+d47rtJQiO41PcouQRQaC/yOLHvoM4OaQUMT
YDvsyO2ZPwCYcUNL1APumQRQwDiI2Ekf7TBH4RdFBYLgSfcRyqYWCk5cSwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFL2vGinouuRQPo06GJGH+CAXFf/hMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvdmE4YUtlaTY1RkEtalRvWWtZZjRJQmNWXy1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGWOp9VsDANBgkqhkiG9w0BAQsFAAOCAQEAWvfGAkuUNHEciE8WORN0q2Gt
aBqc0mPNRJWIsZSCCIOogRd71iTWvKeMoZ6uNeqCYH8W3oQzIIpQDO8tjr4WGEq/
SnB5KbEq2OgY/t90lXH8NxmPW5XcfpJ98UndSrTO2Dmyr8CfmI3qhmZj/9i9hsJh
L4Tqdg0+bper5Q5XqqzYAnWXn7/DPv/OZxb67mNcSOusMtb0Vk4c52Gjl9JOYPLn
zgMFILJmsti/69kwjLGCxoZj7X4IPVefxNvTUK5xW3fcxnZaxHr/OlsG4flpigeA
wcBNNyaPBiXjQtTPEYF+dCc3MnXK1JLk07ToevBvH/KHf3RLp5wlR/ZzBWPtyA==
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:19:59 2025 by rpki-client