Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/wkZ-LCafNpiZlcjKZ4gD1hS35wY.roa
File: wkZ-LCafNpiZlcjKZ4gD1hS35wY.roa (raw, json)
Hash identifier: GG+gkh4h+AxLqhCsCHGo0ZIpvI9ykGBFBQfVSkcWkT4=
Subject key identifier: C2:46:7E:2C:26:9F:36:98:99:95:C8:CA:67:88:03:D6:14:B7:E7:06
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0196A38DF09548E9EF0B133E4BAA2AE6EFCC
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/wkZ-LCafNpiZlcjKZ4gD1hS35wY.roa
Signing time: Tue 06 May 2025 03:05:10 +0000
ROA not before: Tue 06 May 2025 03:05:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:a38d:b324/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 06 May 2025 03:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a3:8d:f0:95:48:e9:ef:0b:13:3e:4b:aa:2a:e6:ef:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 6 03:05:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c2467e2c269f36989995c8ca678803d614b7e706
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:00:85:bf:3c:4f:4d:9b:c4:d5:96:6d:47:bd:
28:fb:f6:18:06:23:c6:f9:f0:03:89:d7:78:19:2a:
ed:24:9b:18:82:3d:ca:c3:60:0c:f0:bc:ac:9f:35:
50:a1:47:09:31:b7:f0:2f:ad:7d:67:d6:a9:1a:26:
08:d7:c1:78:a8:2f:0a:1c:e0:5d:7b:e1:c3:d9:33:
cb:c9:5f:70:84:ad:fb:2d:10:f3:fd:32:57:7b:28:
b6:75:90:3c:60:c1:36:82:fd:be:a4:42:6b:68:41:
f3:68:4b:5c:e4:69:dd:4c:9d:c6:40:f3:8a:4d:e3:
cb:40:80:66:1b:dc:ec:71:30:95:da:b6:da:9b:40:
85:cf:38:fe:6b:ab:73:b4:66:3d:16:98:03:b5:80:
57:a3:c9:b9:4e:22:48:07:76:50:09:e8:d0:2a:0d:
35:7c:a9:1c:2a:db:8c:10:02:fc:67:00:b2:4f:c9:
05:3a:4a:9b:5c:49:67:ef:9e:21:b2:d2:c0:8b:c4:
50:df:38:26:cf:c6:2d:26:4b:05:cd:3d:7b:4d:38:
f0:b4:06:06:1b:64:a3:44:7d:74:2c:26:63:e8:cb:
b0:59:a7:c7:65:20:a6:6a:8e:c2:cf:94:3c:be:12:
9c:27:3e:ee:57:53:fd:af:29:e3:17:1d:97:9f:88:
7e:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:46:7E:2C:26:9F:36:98:99:95:C8:CA:67:88:03:D6:14:B7:E7:06
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/wkZ-LCafNpiZlcjKZ4gD1hS35wY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:a38d:b324/128
Signature Algorithm: sha256WithRSAEncryption
80:0b:67:82:e8:97:50:4c:cb:80:6c:91:a7:a1:9f:88:7d:bc:
d2:65:24:51:bf:7c:ce:cd:52:00:2f:9b:77:6c:e6:55:5a:9b:
97:44:99:f2:5f:05:aa:45:7e:8d:e8:cd:b6:aa:91:22:f8:5d:
1c:ed:29:dc:bf:6e:6e:dc:b5:e2:37:84:46:65:9d:42:b8:78:
31:4d:b9:b7:5c:8d:d6:b1:0a:23:f8:eb:94:3d:6f:aa:f4:bb:
8a:cd:9a:f6:cb:ae:3e:3f:f9:56:92:14:a5:03:19:04:d5:5d:
79:2f:91:cf:46:4a:fd:a2:78:d8:0f:4e:2a:ee:36:c1:1d:05:
98:18:28:54:0d:be:9b:c7:68:88:35:dc:ef:dd:d2:ef:69:9c:
88:56:8b:18:ff:b8:ff:b6:27:61:92:91:c0:5c:63:1a:36:17:
28:f6:ad:0c:b3:27:cb:4d:5a:63:e6:28:90:6e:f0:6a:00:e9:
13:86:bf:de:0f:63:bd:5e:15:71:9e:64:c1:f1:47:ad:b9:29:
e1:94:25:ff:08:1f:38:f3:0c:4e:a0:af:9d:ff:b7:d7:df:a8:
18:1e:f4:99:b3:be:97:15:47:a3:ed:49:a9:f7:21:ce:c4:43:
c6:83:82:40:c1:3b:7e:71:7d:be:66:d6:a0:e4:51:0f:4e:0c:
b0:0a:1f:b5
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZajjfCVSOnvCxM+S6oq5u/MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTA2MDMwNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjQ2N2UyYzI2OWYzNjk4OTk5NWM4Y2E2Nzg4MDNkNjE0YjdlNzA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqwCFvzxPTZvE1ZZtR70o+/YYBiPG
+fADidd4GSrtJJsYgj3Kw2AM8LysnzVQoUcJMbfwL619Z9apGiYI18F4qC8KHOBd
e+HD2TPLyV9whK37LRDz/TJXeyi2dZA8YME2gv2+pEJraEHzaEtc5GndTJ3GQPOK
TePLQIBmG9zscTCV2rbam0CFzzj+a6tztGY9FpgDtYBXo8m5TiJIB3ZQCejQKg01
fKkcKtuMEAL8ZwCyT8kFOkqbXEln754hstLAi8RQ3zgmz8YtJksFzT17TTjwtAYG
G2SjRH10LCZj6MuwWafHZSCmao7Cz5Q8vhKcJz7uV1P9rynjFx2Xn4h+jQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFMJGfiwmnzaYmZXIymeIA9YUt+cGMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvd2taLUxDYWZOcGlabGNqS1o0Z0QxaFMzNXdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGWo42zJDANBgkqhkiG9w0BAQsFAAOCAQEAgAtnguiXUEzLgGyRp6GfiH28
0mUkUb98zs1SAC+bd2zmVVqbl0SZ8l8FqkV+jejNtqqRIvhdHO0p3L9ubty14jeE
RmWdQrh4MU25t1yN1rEKI/jrlD1vqvS7is2a9suuPj/5VpIUpQMZBNVdeS+Rz0ZK
/aJ42A9OKu42wR0FmBgoVA2+m8doiDXc793S72mciFaLGP+4/7YnYZKRwFxjGjYX
KPatDLMny01aY+YokG7wagDpE4a/3g9jvV4VcZ5kwfFHrbkp4ZQl/wgfOPMMTqCv
nf+319+oGB70mbO+lxVHo+1JqfchzsRDxoOCQME7fnF9vmbWoORRD04MsAoftQ==
-----END CERTIFICATE-----
Generated at Sun Jun 8 06:43:57 2025 by rpki-client