Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/vrBGOUf4KnnpstlDGBc-dILenCk.roa
File: vrBGOUf4KnnpstlDGBc-dILenCk.roa (raw, json)
Hash identifier: TkPJjd+tNsAZcPTodIBcpT7qUgmLQpr4a8pZdyJ+3hg=
Subject key identifier: BE:B0:46:39:47:F8:2A:79:E9:B2:D9:43:18:17:3E:74:82:DE:9C:29
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 01971F2E909B2FC580EAAB7349A2FF51F0E0
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/vrBGOUf4KnnpstlDGBc-dILenCk.roa
Signing time: Fri 30 May 2025 03:13:54 +0000
ROA not before: Fri 30 May 2025 03:13:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 30 May 2025 04:04:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:1f:2e:90:9b:2f:c5:80:ea:ab:73:49:a2:ff:51:f0:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 30 03:13:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=beb0463947f82a79e9b2d94318173e7482de9c29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:1a:a1:2a:0d:f8:57:5e:ba:96:c7:d1:8c:0f:
b4:52:27:3d:02:a2:1e:bb:8f:aa:28:d8:d4:b8:50:
56:16:ea:de:7c:13:2b:6a:95:9b:12:4f:3a:ef:32:
5b:35:9f:47:99:de:fd:5c:74:89:04:57:eb:7e:fc:
2d:ef:de:00:d6:fb:3f:4b:06:87:41:cf:6e:91:e9:
c3:23:46:36:a4:95:c7:d5:3b:43:69:2a:6d:8b:f1:
62:7c:dc:d1:8b:1a:52:62:ea:dc:7a:73:2a:84:c7:
0b:d0:56:2d:1e:66:17:c6:7e:87:65:db:76:32:02:
9c:b7:8f:b3:a9:f7:cb:96:80:d4:72:1b:75:ed:14:
cc:b9:4a:18:b7:32:6b:02:a7:4e:0e:c7:b2:2c:23:
a3:aa:9e:1f:4a:f2:ee:75:f8:fe:f1:ac:a4:17:69:
06:a2:32:49:ee:7b:a6:3b:bd:1f:8e:5b:5f:55:bb:
46:7f:5e:92:3a:1e:f6:07:a2:29:de:47:32:4f:e5:
c7:37:94:a5:d8:fe:6c:0c:6e:20:56:4e:3c:88:9c:
56:6a:cc:da:60:f7:01:4e:13:a1:ec:2d:08:3f:06:
ed:ec:59:a6:bd:87:0d:04:25:d8:63:39:39:8e:2e:
ae:81:08:e6:02:2e:f4:d5:06:1c:4d:a5:33:d5:47:
55:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:B0:46:39:47:F8:2A:79:E9:B2:D9:43:18:17:3E:74:82:DE:9C:29
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/vrBGOUf4KnnpstlDGBc-dILenCk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
Signature Algorithm: sha256WithRSAEncryption
0e:e4:1b:ed:32:67:84:0a:a6:fb:2e:bd:9f:cf:1f:c4:ef:2e:
2e:ca:05:cf:f8:a1:21:b9:9b:29:80:c2:f7:6f:c3:b7:37:8d:
9f:f4:76:26:8e:1a:72:f4:56:8a:aa:37:af:88:bf:d7:90:1f:
36:58:f7:69:16:9c:52:c0:7d:89:02:b4:a1:53:59:42:b9:d9:
ae:b5:dd:8d:82:18:70:05:f8:8f:d2:ef:c7:f1:76:4b:c3:69:
16:63:25:5e:90:7a:c6:f2:f4:f8:b6:6a:d7:17:c5:a4:c5:e6:
57:f4:d7:a5:8e:45:e2:53:7c:1b:ac:30:b4:10:b9:1c:db:f5:
41:0d:8a:ca:c7:d0:2c:0c:73:ca:5b:b1:8f:64:f9:6b:62:b9:
bd:96:42:c2:f8:9c:b6:c5:49:e4:fa:33:f7:e2:46:48:8d:49:
a5:45:f1:9a:08:94:f7:ef:85:b2:9f:ae:8b:b0:21:72:56:57:
6d:41:f9:05:b0:7c:f0:65:76:7a:49:05:de:98:d4:07:58:41:
d5:39:c8:77:78:a9:c4:99:40:d1:80:6c:fb:39:52:f3:85:86:
77:5c:6b:df:cf:c9:3e:f5:e4:c4:47:f1:65:1a:a5:e4:b1:29:
d3:08:52:1b:d0:9f:ec:fe:cb:91:55:bc:92:00:49:6c:08:f8:
10:c9:f2:a1
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZcfLpCbL8WA6qtzSaL/UfDgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTMwMDMxMzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWIwNDYzOTQ3ZjgyYTc5ZTliMmQ5NDMxODE3M2U3NDgyZGU5YzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuBqhKg34V166lsfRjA+0Uic9AqIe
u4+qKNjUuFBWFurefBMrapWbEk867zJbNZ9Hmd79XHSJBFfrfvwt794A1vs/SwaH
Qc9ukenDI0Y2pJXH1TtDaSpti/FifNzRixpSYurcenMqhMcL0FYtHmYXxn6HZdt2
MgKct4+zqffLloDUcht17RTMuUoYtzJrAqdODseyLCOjqp4fSvLudfj+8aykF2kG
ojJJ7numO70fjltfVbtGf16SOh72B6Ip3kcyT+XHN5Sl2P5sDG4gVk48iJxWasza
YPcBThOh7C0IPwbt7FmmvYcNBCXYYzk5ji6ugQjmAi701QYcTaUz1UdVrQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFL6wRjlH+Cp56bLZQxgXPnSC3pwpMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvdnJCR09VZjRLbm5wc3RsREdCYy1kSUxlbkNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTA/BAIAAjA5AxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
MA0GCSqGSIb3DQEBCwUAA4IBAQAO5BvtMmeECqb7Lr2fzx/E7y4uygXP+KEhuZsp
gML3b8O3N42f9HYmjhpy9FaKqjeviL/XkB82WPdpFpxSwH2JArShU1lCudmutd2N
ghhwBfiP0u/H8XZLw2kWYyVekHrG8vT4tmrXF8WkxeZX9NeljkXiU3wbrDC0ELkc
2/VBDYrKx9AsDHPKW7GPZPlrYrm9lkLC+Jy2xUnk+jP34kZIjUmlRfGaCJT374Wy
n66LsCFyVldtQfkFsHzwZXZ6SQXemNQHWEHVOch3eKnEmUDRgGz7OVLzhYZ3XGvf
z8k+9eTER/FlGqXksSnTCFIb0J/s/suRVbySAElsCPgQyfKh
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:47:30 2025 by rpki-client