Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/wrZWV2fTpLla1iluO80TsaKT8Rg.roa
File: wrZWV2fTpLla1iluO80TsaKT8Rg.roa (raw, json)
Hash identifier: sMC7IPTYTMbzozn425BZZYN/+OYe3I26J9mSFy5+2QU=
Subject key identifier: C2:B6:56:57:67:D3:A4:B9:5A:D6:29:6E:3B:CD:13:B1:A2:93:F1:18
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 01973E133DD34CF9D5A99C68A98EB42052B5
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/wrZWV2fTpLla1iluO80TsaKT8Rg.roa
Signing time: Thu 05 Jun 2025 03:12:17 +0000
ROA not before: Thu 05 Jun 2025 03:12:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
2001:67c:64:ffff:0:197:353f:be91/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 05 Jun 2025 04:05:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3e:13:3d:d3:4c:f9:d5:a9:9c:68:a9:8e:b4:20:52:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Jun 5 03:12:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c2b6565767d3a4b95ad6296e3bcd13b1a293f118
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:db:47:81:a0:20:10:29:b1:3a:5a:47:2e:a5:
18:b2:69:1c:b4:d9:9d:04:cd:55:4c:3a:95:a3:ac:
c7:30:a1:5c:33:70:21:dd:65:19:93:4a:a4:8b:8b:
aa:a7:53:73:80:4d:b6:6f:a1:cc:c6:62:5a:eb:d1:
ab:73:cb:13:8f:84:c2:f7:56:e9:35:3d:15:55:59:
d7:06:e6:53:d7:3d:c3:30:69:22:c3:98:b4:7d:c3:
82:d4:f8:5a:07:ad:a7:30:72:02:e0:66:74:f0:5b:
47:37:7b:7a:d8:7d:e1:4e:e5:1e:6e:55:3c:97:88:
10:54:e3:85:d9:8a:9c:e1:6f:b1:ba:57:da:23:72:
b9:ad:4b:0e:a2:fe:fa:9a:6a:f6:b8:e6:f7:d1:9b:
f7:33:4e:62:52:eb:3a:14:94:12:c7:c3:5e:16:8c:
d5:76:a2:c5:d6:2c:f9:2a:1c:2b:cb:f1:8c:34:b5:
cd:d1:1f:10:21:e7:d3:1e:99:af:09:69:53:d7:bc:
fb:38:cf:ae:34:4e:ef:8c:c7:8f:c1:4e:4d:ad:b9:
77:3c:c9:fb:0d:0b:05:d0:6c:18:ab:24:7f:8f:db:
2d:e3:dd:a3:c2:84:e7:1a:b0:86:60:9c:ac:1d:b6:
10:da:fa:c7:16:10:86:6e:20:c6:73:ac:90:60:ae:
26:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:B6:56:57:67:D3:A4:B9:5A:D6:29:6E:3B:CD:13:B1:A2:93:F1:18
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/wrZWV2fTpLla1iluO80TsaKT8Rg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
2001:67c:64:ffff:0:197:353f:be91/128
Signature Algorithm: sha256WithRSAEncryption
0d:48:24:c2:2b:4c:3b:47:b4:68:da:5e:ab:0e:bb:1d:ea:7f:
12:c8:5d:ee:6b:19:67:05:3b:bd:11:14:44:91:bc:11:02:a8:
d2:71:b8:2f:d0:08:a0:c7:88:38:01:0c:d8:4d:e5:18:3e:96:
4a:3e:1d:8e:f9:e6:05:0d:fe:4a:fa:e0:5c:f8:9c:c8:b1:50:
40:bf:d7:bf:05:8e:0c:6c:21:1c:aa:89:4f:9e:62:f8:36:f5:
bd:b9:8f:a6:74:b3:75:ac:51:02:49:1b:eb:97:11:8b:99:ba:
54:f1:6f:94:9f:f0:8b:3c:b7:3c:21:d5:4a:48:11:db:d9:2c:
7f:46:1f:3b:4c:8d:1d:1f:90:4e:ee:81:24:0c:45:8c:30:f6:
9c:eb:46:8a:e6:1b:54:d4:91:91:02:ea:79:f4:84:0a:64:bb:
0f:ff:ae:ba:ad:7e:a6:d2:4c:c4:43:7d:bc:d1:cf:07:ba:89:
28:d5:f4:29:a0:e1:70:f4:77:ed:2c:03:ae:8d:3b:0f:8e:0f:
e7:ac:73:89:d1:32:62:a9:bc:90:7f:77:dc:89:60:e2:01:3c:
a9:8c:b8:f2:31:38:1e:73:4a:80:1b:97:87:32:d0:0b:9c:fa:
e6:3b:3d:6c:ed:86:23:21:86:09:65:e4:e5:33:cf:d7:51:29:
ad:e9:02:60
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZc+Ez3TTPnVqZxoqY60IFK1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNjA1MDMxMjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmI2NTY1NzY3ZDNhNGI5NWFkNjI5NmUzYmNkMTNiMWEyOTNmMTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4NtHgaAgECmxOlpHLqUYsmkctNmd
BM1VTDqVo6zHMKFcM3Ah3WUZk0qki4uqp1NzgE22b6HMxmJa69Grc8sTj4TC91bp
NT0VVVnXBuZT1z3DMGkiw5i0fcOC1PhaB62nMHIC4GZ08FtHN3t62H3hTuUeblU8
l4gQVOOF2Yqc4W+xulfaI3K5rUsOov76mmr2uOb30Zv3M05iUus6FJQSx8NeFozV
dqLF1iz5Khwry/GMNLXN0R8QIefTHpmvCWlT17z7OM+uNE7vjMePwU5Nrbl3PMn7
DQsF0GwYqyR/j9st492jwoTnGrCGYJysHbYQ2vrHFhCGbiDGc6yQYK4mrwIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFMK2Vldn06S5WtYpbjvNE7Gik/EYMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvd3JaV1YyZlRwTGxhMWlsdU84MFRzYUtUOFJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAAjBMAxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
AxEAIAEGfABk//8AAAGXNT++kTANBgkqhkiG9w0BAQsFAAOCAQEADUgkwitMO0e0
aNpeqw67Hep/Eshd7msZZwU7vREURJG8EQKo0nG4L9AIoMeIOAEM2E3lGD6WSj4d
jvnmBQ3+SvrgXPicyLFQQL/XvwWODGwhHKqJT55i+Db1vbmPpnSzdaxRAkkb65cR
i5m6VPFvlJ/wizy3PCHVSkgR29ksf0YfO0yNHR+QTu6BJAxFjDD2nOtGiuYbVNSR
kQLqefSECmS7D/+uuq1+ptJMxEN9vNHPB7qJKNX0KaDhcPR37SwDro07D44P56xz
idEyYqm8kH933Ilg4gE8qYy48jE4HnNKgBuXhzLQC5z65js9bO2GIyGGCWXk5TPP
11EprekCYA==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:16:49 2025 by rpki-client