Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/vdI-eudye6MV1cctqVQN-nixDLg.roa
File: vdI-eudye6MV1cctqVQN-nixDLg.roa (raw, json)
Hash identifier: zmuQaUEFvUgjHAUyPHWxUJ24pfUACYp5enLqF/NWRgA=
Subject key identifier: BD:D2:3E:7A:E7:72:7B:A3:15:D5:C7:2D:A9:54:0D:FA:78:B1:0C:B8
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 01970CBB5C5ADD4632EB9EA1CE3A2C46EA02
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/vdI-eudye6MV1cctqVQN-nixDLg.roa
Signing time: Mon 26 May 2025 13:14:54 +0000
ROA not before: Mon 26 May 2025 13:14:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 26 May 2025 14:04:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:0c:bb:5c:5a:dd:46:32:eb:9e:a1:ce:3a:2c:46:ea:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 26 13:14:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bdd23e7ae7727ba315d5c72da9540dfa78b10cb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:bd:77:15:86:30:66:48:ea:b2:57:d4:ac:83:
e3:ea:33:6a:4a:98:13:b1:14:72:42:6c:bc:f2:55:
c1:a5:e7:87:59:96:71:f6:77:aa:d8:b2:61:c4:2d:
fa:1c:9d:4d:24:92:f1:a4:ba:65:77:4b:1f:e0:89:
9c:9b:98:a5:09:1e:42:3d:60:4f:12:bc:0f:94:f4:
bc:1f:5d:7f:78:7d:21:0f:c7:4a:ea:e4:f1:9a:2f:
62:0e:2f:97:59:99:32:ed:e0:9b:cf:de:1a:c6:43:
69:7c:db:7e:43:92:75:7c:28:95:b9:1f:de:be:ee:
06:1d:97:6c:25:a7:c0:5c:e9:fc:e7:27:0c:72:72:
1e:0b:99:7d:e1:46:44:ce:0a:0a:a0:1a:69:d1:f0:
0d:07:2b:ac:73:dc:3c:2f:fb:bc:40:9b:15:20:ad:
6a:71:90:a1:68:b3:50:77:97:30:db:4f:0c:98:01:
bb:7b:ef:cc:2a:42:5e:f1:31:3b:05:b9:54:09:36:
d7:a6:be:43:77:11:80:c9:6f:87:d9:47:74:6c:bb:
1e:91:df:15:a2:62:19:7e:32:e8:f7:a0:e4:44:23:
8f:b9:a1:2a:a0:88:a4:5a:f4:51:af:c3:b5:50:5f:
44:e7:ae:52:ab:cd:7f:8a:03:ef:ed:db:df:ab:50:
eb:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:D2:3E:7A:E7:72:7B:A3:15:D5:C7:2D:A9:54:0D:FA:78:B1:0C:B8
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/vdI-eudye6MV1cctqVQN-nixDLg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
Signature Algorithm: sha256WithRSAEncryption
32:fe:7e:c1:6d:c2:3b:bc:72:4f:87:42:c9:c4:8a:03:61:d1:
ec:15:70:18:33:5d:78:50:5b:c5:f3:3b:b6:1b:fc:67:68:62:
41:5b:35:9e:f7:f0:64:2f:64:57:23:81:0a:4e:36:20:5b:f9:
47:a6:8e:66:38:1c:cb:ca:59:e5:d9:b8:ea:9a:2f:36:8f:b5:
b1:04:50:26:43:3f:fa:ab:f1:35:17:eb:2c:8e:7b:b0:82:46:
48:e5:bd:08:86:62:d9:59:35:66:01:a0:14:18:92:9f:c1:91:
33:f8:f5:1d:db:5b:c2:b6:41:75:36:6e:5e:46:dd:61:3f:f2:
c8:9e:3f:b2:b0:2a:5b:d8:f0:9e:7a:c2:c5:e4:1a:2e:36:b2:
ae:03:7d:a6:c8:cf:ff:6d:5a:7e:56:1a:1c:4f:d6:6b:11:4a:
8b:c2:86:9a:ab:c0:ff:9f:56:2f:cb:42:a5:54:a4:48:e9:07:
e6:5a:57:33:28:96:23:df:b5:a9:c8:73:7d:6d:cc:b4:fd:5c:
b2:c6:11:73:13:46:3a:9a:b5:95:9e:59:b4:9c:32:40:67:4c:
b6:e5:9e:dd:ac:a5:5e:7c:a3:7e:54:13:4e:f2:d5:f5:83:c8:
b0:10:12:02:78:3c:6e:8d:8a:45:01:e6:3b:3e:12:53:37:eb:
72:24:7a:c8
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZcMu1xa3UYy656hzjosRuoCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTI2MTMxNDU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGQyM2U3YWU3NzI3YmEzMTVkNWM3MmRhOTU0MGRmYTc4YjEwY2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtb13FYYwZkjqslfUrIPj6jNqSpgT
sRRyQmy88lXBpeeHWZZx9neq2LJhxC36HJ1NJJLxpLpld0sf4Imcm5ilCR5CPWBP
ErwPlPS8H11/eH0hD8dK6uTxmi9iDi+XWZky7eCbz94axkNpfNt+Q5J1fCiVuR/e
vu4GHZdsJafAXOn85ycMcnIeC5l94UZEzgoKoBpp0fANByusc9w8L/u8QJsVIK1q
cZChaLNQd5cw208MmAG7e+/MKkJe8TE7BblUCTbXpr5DdxGAyW+H2Ud0bLsekd8V
omIZfjLo96DkRCOPuaEqoIikWvRRr8O1UF9E565Sq81/igPv7dvfq1DroQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFL3SPnrncnujFdXHLalUDfp4sQy4MB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvdmRJLWV1ZHllNk1WMWNjdHFWUU4tbml4RExnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGW7V2MKDANBgkqhkiG9w0BAQsFAAOCAQEAMv5+wW3CO7xyT4dCycSKA2HR
7BVwGDNdeFBbxfM7thv8Z2hiQVs1nvfwZC9kVyOBCk42IFv5R6aOZjgcy8pZ5dm4
6povNo+1sQRQJkM/+qvxNRfrLI57sIJGSOW9CIZi2Vk1ZgGgFBiSn8GRM/j1Hdtb
wrZBdTZuXkbdYT/yyJ4/srAqW9jwnnrCxeQaLjayrgN9psjP/21aflYaHE/WaxFK
i8KGmqvA/59WL8tCpVSkSOkH5lpXMyiWI9+1qchzfW3MtP1cssYRcxNGOpq1lZ5Z
tJwyQGdMtuWe3aylXnyjflQTTvLV9YPIsBASAng8bo2KRQHmOz4SUzfrciR6yA==
-----END CERTIFICATE-----
Generated at Sun Jun 8 07:18:18 2025 by rpki-client