Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/xyf8v8gZywRNv_iRXe4cG3oChCM.roa
File: xyf8v8gZywRNv_iRXe4cG3oChCM.roa (raw, json)
Hash identifier: aCye/rOZZgbOzP1KKgrmjV0CGbOoeelt8p4N4e7gOtI=
Subject key identifier: C7:27:FC:BF:C8:19:CB:04:4D:BF:F8:91:5D:EE:1C:1B:7A:02:84:23
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 01973EB9DDD78D8DD0DDDC1575C792C96456
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/xyf8v8gZywRNv_iRXe4cG3oChCM.roa
Signing time: Thu 05 Jun 2025 06:14:17 +0000
ROA not before: Thu 05 Jun 2025 06:14:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
2001:67c:64:ffff:0:197:353f:be91/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 05 Jun 2025 07:05:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3e:b9:dd:d7:8d:8d:d0:dd:dc:15:75:c7:92:c9:64:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Jun 5 06:14:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c727fcbfc819cb044dbff8915dee1c1b7a028423
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:e6:af:77:2b:38:f8:22:d9:e4:09:a7:ca:e1:
70:61:aa:83:6e:7a:2a:b7:bb:c7:8b:8c:e2:3b:df:
92:d6:3c:83:6c:ab:5d:43:07:fc:ab:f7:30:58:41:
5f:c9:02:a9:3b:78:52:64:13:eb:f8:57:72:e3:b6:
08:d7:10:66:c6:fa:bb:b4:b6:ad:35:57:14:6c:2a:
4a:0e:20:de:39:38:6d:9f:38:04:e6:63:2d:03:5c:
44:64:a1:0c:6f:b5:60:09:75:44:c7:27:9c:ef:fe:
e7:06:3d:48:d4:90:00:71:6e:d9:64:f1:e3:f3:88:
4f:d5:69:a0:82:57:07:85:b8:73:5d:3f:7d:fd:be:
ec:5f:7a:0a:0d:52:04:19:1b:43:74:10:61:d3:2f:
62:26:e0:22:8a:be:5b:8d:f0:d9:af:73:a1:83:56:
6d:f7:2e:65:23:cd:36:f0:eb:87:3e:39:61:e8:a3:
b0:70:87:0c:bc:ea:63:95:4f:b8:19:d1:95:99:fe:
af:91:25:86:95:a6:91:61:8f:8c:d4:71:18:56:b4:
e5:0b:03:21:7e:d4:2f:52:7b:16:86:36:69:88:07:
b7:05:35:13:7b:92:36:f7:2c:65:53:bd:bf:ae:18:
28:65:b4:4e:19:60:b3:cb:b3:f7:a6:ef:9e:25:6d:
54:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:27:FC:BF:C8:19:CB:04:4D:BF:F8:91:5D:EE:1C:1B:7A:02:84:23
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/xyf8v8gZywRNv_iRXe4cG3oChCM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
2001:67c:64:ffff:0:197:353f:be91/128
Signature Algorithm: sha256WithRSAEncryption
b1:ed:33:9f:3a:31:6f:4e:a1:5e:9b:8d:90:ec:db:3f:a1:75:
29:c8:0f:e5:6f:22:f1:74:0e:f5:41:e3:a8:8b:63:c0:18:64:
c3:b8:6d:4c:8b:09:bc:79:68:da:0e:e0:c3:cf:15:d9:5d:0a:
13:6e:7d:71:cc:f0:d9:c7:f0:6d:db:e8:a8:0f:ed:30:96:4d:
ea:a1:41:cc:6b:d6:12:6e:ba:1b:5f:ef:03:00:98:e3:fa:9c:
ae:bd:26:69:4a:e6:85:d6:e9:02:0b:25:ff:47:95:24:db:00:
7f:f2:1f:8c:85:70:57:ac:2f:7d:21:ea:be:85:13:84:8a:7f:
2e:13:a6:82:8b:28:70:15:b6:12:ae:6b:ec:3c:11:5d:ed:00:
9c:56:d4:17:d4:e5:b8:a7:02:58:2f:80:d4:c5:1e:70:75:e2:
2a:c4:cb:0a:55:cb:54:ee:98:ea:22:8a:e4:c7:39:1f:5d:ca:
e0:64:a2:1a:a1:24:5c:c8:56:4e:b8:98:93:45:16:06:89:94:
92:a0:c3:fe:74:b8:3d:fe:46:91:8d:39:ee:1e:5c:66:2f:a3:
25:cc:f7:c0:db:96:a9:c1:be:20:98:12:d6:f2:a2:0d:00:ec:
94:4f:91:6e:5d:e0:23:45:2d:d3:35:ae:19:51:7a:94:bc:fc:
43:2e:ac:a9
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZc+ud3XjY3Q3dwVdceSyWRWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNjA1MDYxNDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzI3ZmNiZmM4MTljYjA0NGRiZmY4OTE1ZGVlMWMxYjdhMDI4NDIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Oavdys4+CLZ5AmnyuFwYaqDbnoq
t7vHi4ziO9+S1jyDbKtdQwf8q/cwWEFfyQKpO3hSZBPr+Fdy47YI1xBmxvq7tLat
NVcUbCpKDiDeOThtnzgE5mMtA1xEZKEMb7VgCXVExyec7/7nBj1I1JAAcW7ZZPHj
84hP1WmgglcHhbhzXT99/b7sX3oKDVIEGRtDdBBh0y9iJuAiir5bjfDZr3Ohg1Zt
9y5lI8028OuHPjlh6KOwcIcMvOpjlU+4GdGVmf6vkSWGlaaRYY+M1HEYVrTlCwMh
ftQvUnsWhjZpiAe3BTUTe5I29yxlU72/rhgoZbROGWCzy7P3pu+eJW1UEwIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFMcn/L/IGcsETb/4kV3uHBt6AoQjMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEveHlmOHY4Z1p5d1JOdl9pUlhlNGNHM29DaENNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAAjBMAxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
AxEAIAEGfABk//8AAAGXNT++kTANBgkqhkiG9w0BAQsFAAOCAQEAse0znzoxb06h
XpuNkOzbP6F1KcgP5W8i8XQO9UHjqItjwBhkw7htTIsJvHlo2g7gw88V2V0KE259
cczw2cfwbdvoqA/tMJZN6qFBzGvWEm66G1/vAwCY4/qcrr0maUrmhdbpAgsl/0eV
JNsAf/IfjIVwV6wvfSHqvoUThIp/LhOmgosocBW2Eq5r7DwRXe0AnFbUF9TluKcC
WC+A1MUecHXiKsTLClXLVO6Y6iKK5Mc5H13K4GSiGqEkXMhWTriYk0UWBomUkqDD
/nS4Pf5GkY057h5cZi+jJcz3wNuWqcG+IJgS1vKiDQDslE+Rbl3gI0Ut0zWuGVF6
lLz8Qy6sqQ==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:18:22 2025 by rpki-client