Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/wVHfmlChLiKQ83emMP5N7qLuCqk.roa
File: wVHfmlChLiKQ83emMP5N7qLuCqk.roa (raw, json)
Hash identifier: 2SXIjEAXju8lUVvSfq80W7A259iDKk1gWVljQT+TK8E=
Subject key identifier: C1:51:DF:9A:50:A1:2E:22:90:F3:77:A6:30:FE:4D:EE:A2:EE:0A:A9
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0196FF33EB673B645B5B884A4D2B318BD073
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/wVHfmlChLiKQ83emMP5N7qLuCqk.roa
Signing time: Fri 23 May 2025 22:11:54 +0000
ROA not before: Fri 23 May 2025 22:11:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 23 May 2025 23:04:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ff:33:eb:67:3b:64:5b:5b:88:4a:4d:2b:31:8b:d0:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 23 22:11:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c151df9a50a12e2290f377a630fe4deea2ee0aa9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:76:ac:cc:78:10:c0:84:c3:16:c1:1c:77:7d:
3b:87:51:d8:5d:27:39:b3:ea:22:42:e3:2a:17:34:
fd:1b:86:e4:77:40:67:0c:3c:ba:5c:f6:47:bd:ba:
8a:3e:23:98:d4:e3:c9:30:0f:9c:be:fd:9f:6b:66:
e4:67:4a:00:8c:b4:03:26:b4:75:8a:41:24:c5:d7:
0b:dd:c2:e4:d7:39:25:94:ad:da:d7:64:cd:1d:31:
3e:b4:fe:32:44:73:bf:3f:93:2f:da:bf:98:67:b2:
f9:54:ff:0b:e8:6a:3f:1e:b7:39:c2:fb:ae:4d:50:
0d:4b:62:3c:38:84:34:c8:bb:8f:ec:fc:59:eb:c0:
e1:b6:ce:40:15:93:99:99:4f:6f:3a:11:b5:60:83:
bb:e0:29:de:fb:83:fa:2d:38:75:52:fb:2f:4f:e2:
9c:9b:82:16:fb:b2:62:8c:50:41:50:c8:63:f1:42:
93:a1:dd:f0:d8:76:ae:06:f8:74:a0:c2:27:a7:e2:
fe:3e:a5:bd:c4:8f:3e:ab:85:76:b6:3c:40:cc:7d:
64:01:d9:75:41:de:cd:75:e3:03:f5:05:e7:ab:dd:
f8:78:75:95:dc:86:fc:11:e3:af:da:93:82:0c:d4:
42:ca:4a:8b:22:7e:70:08:66:1b:c2:0d:b3:3b:5e:
fd:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:51:DF:9A:50:A1:2E:22:90:F3:77:A6:30:FE:4D:EE:A2:EE:0A:A9
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/wVHfmlChLiKQ83emMP5N7qLuCqk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
Signature Algorithm: sha256WithRSAEncryption
35:62:31:72:89:91:7b:9a:73:02:08:56:e1:0a:5b:07:7e:98:
e2:fc:d7:97:61:d5:64:d6:29:26:93:68:82:4b:91:20:be:15:
d0:02:58:d9:31:4b:5b:3d:c5:15:3b:7e:c0:55:29:99:3c:92:
1e:69:54:fc:f1:3b:41:f3:22:8a:b9:8a:5f:c8:cc:bc:70:c1:
16:9e:7b:a7:e4:3d:cc:a8:d8:ac:19:ea:c7:1f:70:1b:09:ff:
a7:01:75:35:9d:ca:b3:bd:18:3c:ea:24:79:35:02:f8:67:d2:
16:9c:ac:2c:0f:e0:41:52:00:dd:d1:c4:7c:a5:34:5c:e6:67:
9e:3b:8b:fe:8c:d3:a0:fc:5f:ad:22:e7:fc:c2:f3:17:9e:55:
2e:f6:ff:e9:5f:de:eb:e1:37:07:82:c5:ca:b0:a9:b9:0f:43:
a1:fa:ba:0a:aa:5e:08:12:0e:83:50:b8:22:87:c4:9e:db:d4:
79:63:80:11:ab:50:d5:dd:90:c8:34:46:dd:48:7d:7f:30:2c:
f0:44:58:34:7d:3d:4b:4b:05:f5:dd:47:52:76:2f:50:11:14:
e8:76:5f:ca:e7:4c:d6:ac:ec:06:35:51:fe:b3:d5:30:7f:15:
5f:ef:54:a6:b5:ce:dd:83:6d:1e:ae:9f:84:0c:a5:7e:9e:b9:
07:30:3e:41
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZb/M+tnO2RbW4hKTSsxi9BzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTIzMjIxMTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTUxZGY5YTUwYTEyZTIyOTBmMzc3YTYzMGZlNGRlZWEyZWUwYWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3aszHgQwITDFsEcd307h1HYXSc5
s+oiQuMqFzT9G4bkd0BnDDy6XPZHvbqKPiOY1OPJMA+cvv2fa2bkZ0oAjLQDJrR1
ikEkxdcL3cLk1zkllK3a12TNHTE+tP4yRHO/P5Mv2r+YZ7L5VP8L6Go/Hrc5wvuu
TVANS2I8OIQ0yLuP7PxZ68Dhts5AFZOZmU9vOhG1YIO74Cne+4P6LTh1UvsvT+Kc
m4IW+7JijFBBUMhj8UKTod3w2HauBvh0oMInp+L+PqW9xI8+q4V2tjxAzH1kAdl1
Qd7NdeMD9QXnq934eHWV3Ib8EeOv2pOCDNRCykqLIn5wCGYbwg2zO179wQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFMFR35pQoS4ikPN3pjD+Te6i7gqpMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvd1ZIZm1sQ2hMaUtRODNlbU1QNU43cUx1Q3FrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGW7V2MKDANBgkqhkiG9w0BAQsFAAOCAQEANWIxcomRe5pzAghW4QpbB36Y
4vzXl2HVZNYpJpNogkuRIL4V0AJY2TFLWz3FFTt+wFUpmTySHmlU/PE7QfMiirmK
X8jMvHDBFp57p+Q9zKjYrBnqxx9wGwn/pwF1NZ3Ks70YPOokeTUC+GfSFpysLA/g
QVIA3dHEfKU0XOZnnjuL/ozToPxfrSLn/MLzF55VLvb/6V/e6+E3B4LFyrCpuQ9D
ofq6CqpeCBIOg1C4IofEntvUeWOAEatQ1d2QyDRG3Uh9fzAs8ERYNH09S0sF9d1H
UnYvUBEU6HZfyudM1qzsBjVR/rPVMH8VX+9UprXO3YNtHq6fhAylfp65BzA+QQ==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:20:27 2025 by rpki-client