Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/xPKuuFeHhoYTCtahiDLUv7SmSF8.roa
File: xPKuuFeHhoYTCtahiDLUv7SmSF8.roa (raw, json)
Hash identifier: qZlsO/PhkoKLRM4/paNosK/CqyIzdfEEK18Lvmrrrqc=
Subject key identifier: C4:F2:AE:B8:57:87:86:86:13:0A:D6:A1:88:32:D4:BF:B4:A6:48:5F
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 01970A5C5E464259BCDC5523E722F366864B
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/xPKuuFeHhoYTCtahiDLUv7SmSF8.roa
Signing time: Mon 26 May 2025 02:11:55 +0000
ROA not before: Mon 26 May 2025 02:11:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 26 May 2025 03:04:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:0a:5c:5e:46:42:59:bc:dc:55:23:e7:22:f3:66:86:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 26 02:11:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c4f2aeb857878686130ad6a18832d4bfb4a6485f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:51:a8:49:38:9d:b5:e0:27:2a:35:2b:f6:0e:
b9:8f:e3:75:ac:2b:af:3d:3c:9f:5a:b4:c3:83:ab:
67:5f:57:c1:1b:c6:c0:45:de:1e:c0:db:81:ef:97:
3e:91:65:27:f5:48:c5:35:4e:ed:bd:e4:f9:88:0b:
31:3c:21:21:cf:b8:9a:23:67:cc:20:bd:02:10:c6:
0a:bd:59:bd:04:b0:52:87:8a:da:b0:2c:87:07:98:
4f:08:6d:af:de:d5:ea:cc:31:b2:90:a5:42:59:79:
98:7e:35:84:76:3f:0d:42:54:56:f4:e6:22:7d:07:
38:63:ce:40:34:86:57:17:e5:11:2f:9f:60:c1:4b:
e6:f0:71:7d:90:cd:96:2a:97:a3:14:f1:2e:7a:a7:
fb:bf:ea:b5:10:76:31:dc:1e:1a:73:e1:3d:08:f5:
6a:27:30:0f:ff:25:77:62:e1:17:75:ab:fc:c1:c6:
06:a3:9a:8c:9a:31:92:c1:87:f6:05:9e:f7:f1:b3:
b5:5d:7d:8b:0b:2f:0f:38:de:09:41:3b:e6:28:64:
25:ac:75:f5:a3:c4:6d:47:d0:27:f6:6f:d5:a6:b1:
4a:19:8c:c0:fa:70:7c:cc:51:65:bd:a2:48:2a:a3:
11:74:ae:95:76:3d:8d:aa:8c:ef:c0:d7:f8:94:1b:
c2:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:F2:AE:B8:57:87:86:86:13:0A:D6:A1:88:32:D4:BF:B4:A6:48:5F
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/xPKuuFeHhoYTCtahiDLUv7SmSF8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
Signature Algorithm: sha256WithRSAEncryption
2c:f2:a7:31:a3:cd:eb:c3:ae:56:94:22:d7:06:e8:b4:35:e8:
4e:e2:9c:1e:64:20:2d:6c:77:3f:5b:44:4b:be:c7:ed:e0:9e:
e3:84:12:97:41:a8:23:c7:96:cb:31:d7:93:4a:42:90:e4:2c:
92:55:85:ce:1f:d1:7e:03:1a:7c:cd:ce:92:3a:77:90:35:56:
32:e1:72:95:e0:92:12:8b:46:6f:2e:d6:b5:ee:1a:1a:6a:55:
fc:99:42:75:f4:66:2f:57:e2:4f:8a:6e:17:ad:3c:81:85:c1:
5f:3d:8a:a2:6a:00:c9:2b:f8:31:17:d8:dc:5f:87:ec:79:00:
6d:c5:e7:ba:a4:f7:25:4e:55:cc:10:9a:79:c1:a8:77:fa:3f:
fd:d0:68:10:47:4a:18:25:f1:bc:7d:5c:21:cd:16:f8:24:ff:
78:d0:d4:57:1a:9a:97:84:c8:ed:e7:67:0b:a7:3b:4c:2a:18:
e6:08:b7:fd:4c:16:31:6f:b7:60:27:79:9c:4c:bf:d5:54:19:
d9:94:a0:c9:65:3c:d5:3e:71:86:ef:5f:32:7f:cd:6e:a3:f3:
00:21:f3:cb:5a:e5:71:8c:de:74:ed:70:53:68:c5:17:5d:ce:
ac:22:9d:bf:5d:42:5f:49:7a:7c:7d:ce:9e:8f:a8:f7:f1:25:
2f:49:45:ec
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZcKXF5GQlm83FUj5yLzZoZLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTI2MDIxMTU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGYyYWViODU3ODc4Njg2MTMwYWQ2YTE4ODMyZDRiZmI0YTY0ODVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxFGoSTidteAnKjUr9g65j+N1rCuv
PTyfWrTDg6tnX1fBG8bARd4ewNuB75c+kWUn9UjFNU7tveT5iAsxPCEhz7iaI2fM
IL0CEMYKvVm9BLBSh4rasCyHB5hPCG2v3tXqzDGykKVCWXmYfjWEdj8NQlRW9OYi
fQc4Y85ANIZXF+URL59gwUvm8HF9kM2WKpejFPEueqf7v+q1EHYx3B4ac+E9CPVq
JzAP/yV3YuEXdav8wcYGo5qMmjGSwYf2BZ738bO1XX2LCy8PON4JQTvmKGQlrHX1
o8RtR9An9m/VprFKGYzA+nB8zFFlvaJIKqMRdK6Vdj2NqozvwNf4lBvC7QIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFMTyrrhXh4aGEwrWoYgy1L+0pkhfMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEveFBLdXVGZUhob1lUQ3RhaGlETFV2N1NtU0Y4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGW7V2MKDANBgkqhkiG9w0BAQsFAAOCAQEALPKnMaPN68OuVpQi1wbotDXo
TuKcHmQgLWx3P1tES77H7eCe44QSl0GoI8eWyzHXk0pCkOQsklWFzh/RfgMafM3O
kjp3kDVWMuFyleCSEotGby7Wte4aGmpV/JlCdfRmL1fiT4puF608gYXBXz2KomoA
ySv4MRfY3F+H7HkAbcXnuqT3JU5VzBCaecGod/o//dBoEEdKGCXxvH1cIc0W+CT/
eNDUVxqal4TI7ednC6c7TCoY5gi3/UwWMW+3YCd5nEy/1VQZ2ZSgyWU81T5xhu9f
Mn/NbqPzACHzy1rlcYzedO1wU2jFF13OrCKdv11CX0l6fH3Ono+o9/ElL0lF7A==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:48:42 2025 by rpki-client