Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/y6NE6PNLcNzYPmeAH1YdbA7YbeA.roa
File: y6NE6PNLcNzYPmeAH1YdbA7YbeA.roa (raw, json)
Hash identifier: aIyGuOOVtoSawTzIfNhjanNzhKPKoNXsJLmTDTZkYVU=
Subject key identifier: CB:A3:44:E8:F3:4B:70:DC:D8:3E:67:80:1F:56:1D:6C:0E:D8:6D:E0
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 01970A9521F875F1642790216E3F7AFED1ED
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/y6NE6PNLcNzYPmeAH1YdbA7YbeA.roa
Signing time: Mon 26 May 2025 03:13:55 +0000
ROA not before: Mon 26 May 2025 03:13:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 26 May 2025 04:04:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:0a:95:21:f8:75:f1:64:27:90:21:6e:3f:7a:fe:d1:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 26 03:13:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cba344e8f34b70dcd83e67801f561d6c0ed86de0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:98:64:c4:fe:8e:f0:2f:64:d8:a7:27:d9:2a:
cc:50:19:be:80:a9:29:9f:b1:f7:1b:af:9a:bb:06:
3e:c8:b8:f4:b1:c8:89:e5:16:b8:1d:f6:87:d0:4d:
ad:9f:41:55:67:d7:c0:30:ff:0a:4f:39:81:83:2c:
1e:ba:a7:a8:ed:90:d2:2b:0c:c4:ae:19:13:dd:02:
eb:0e:b1:ae:aa:21:65:e8:41:5d:6e:ab:17:8c:56:
cf:51:8e:6d:b8:94:93:7e:43:ae:17:58:96:71:f7:
42:f9:49:4a:3e:a4:eb:a0:8c:fd:d4:0e:29:58:24:
89:32:d8:b8:de:de:e4:16:80:2d:57:cc:e8:8c:9b:
1c:25:be:9f:63:6c:51:7b:72:10:d5:21:65:96:f4:
4c:d6:c4:f6:da:da:9a:78:03:79:fb:86:cb:95:61:
0a:3b:05:b2:1c:31:27:f4:f2:ac:80:56:b7:56:b3:
2e:af:e7:8d:8a:e0:a8:6d:11:63:33:32:c0:d3:ab:
7d:0b:75:f0:81:6e:e2:c8:e4:58:84:57:71:94:ec:
be:91:7f:0d:e1:5e:d2:15:b1:98:4d:4f:e2:77:5e:
af:75:3d:12:10:de:de:cc:7e:85:3f:28:9e:a0:37:
cd:1b:b7:58:74:f3:df:68:11:72:a5:15:e8:c0:e3:
e6:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:A3:44:E8:F3:4B:70:DC:D8:3E:67:80:1F:56:1D:6C:0E:D8:6D:E0
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/y6NE6PNLcNzYPmeAH1YdbA7YbeA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
Signature Algorithm: sha256WithRSAEncryption
a7:2b:55:6b:ff:02:95:0f:85:d4:bf:6b:39:d8:16:3b:16:f6:
a6:46:3e:81:be:cf:7e:d3:ef:20:bd:54:c3:c1:ef:63:06:9f:
a4:17:7d:f2:2d:bb:46:e1:0f:46:f1:e8:78:2a:dc:f5:ce:b4:
8c:1a:10:45:a4:46:ca:fc:07:4c:6e:a0:7c:c3:70:75:89:d4:
2b:e0:f0:b1:74:8a:2d:a7:9f:25:80:a5:fd:15:d2:bf:18:b8:
47:e2:13:3c:9e:1d:a3:94:48:45:b3:cd:3c:cc:35:a7:eb:79:
66:0d:ec:7d:c2:2d:20:8d:91:ed:56:f9:c4:63:da:94:4d:fd:
00:9f:4c:f5:db:8d:42:8e:d0:75:af:c7:f3:c9:11:18:d7:6d:
12:ab:17:fc:c2:d8:7c:29:ae:9a:de:e6:ea:19:a3:94:ef:50:
d7:7d:c7:68:bd:3c:06:9a:0e:43:64:f3:c5:a8:34:17:4d:6a:
53:d5:8d:b7:f7:29:9a:a3:5b:6a:58:97:15:e5:f0:db:a6:cf:
8f:3f:90:7c:07:d0:40:5f:71:2e:52:74:c6:27:a0:b8:ed:d6:
53:e7:9a:ba:7e:47:5f:b6:2e:d7:55:d1:3a:2e:a5:5f:a1:0e:
e2:84:1a:b5:90:47:4f:21:d7:6c:3c:a0:81:d9:bf:47:90:8f:
e2:1e:9f:22
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZcKlSH4dfFkJ5Ahbj96/tHtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTI2MDMxMzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmEzNDRlOGYzNGI3MGRjZDgzZTY3ODAxZjU2MWQ2YzBlZDg2ZGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZhkxP6O8C9k2Kcn2SrMUBm+gKkp
n7H3G6+auwY+yLj0sciJ5Ra4HfaH0E2tn0FVZ9fAMP8KTzmBgyweuqeo7ZDSKwzE
rhkT3QLrDrGuqiFl6EFdbqsXjFbPUY5tuJSTfkOuF1iWcfdC+UlKPqTroIz91A4p
WCSJMti43t7kFoAtV8zojJscJb6fY2xRe3IQ1SFllvRM1sT22tqaeAN5+4bLlWEK
OwWyHDEn9PKsgFa3VrMur+eNiuCobRFjMzLA06t9C3XwgW7iyORYhFdxlOy+kX8N
4V7SFbGYTU/id16vdT0SEN7ezH6FPyieoDfNG7dYdPPfaBFypRXowOPmNwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFMujROjzS3Dc2D5ngB9WHWwO2G3gMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEveTZORTZQTkxjTnpZUG1lQUgxWWRiQTdZYmVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGW7V2MKDANBgkqhkiG9w0BAQsFAAOCAQEApytVa/8ClQ+F1L9rOdgWOxb2
pkY+gb7PftPvIL1Uw8HvYwafpBd98i27RuEPRvHoeCrc9c60jBoQRaRGyvwHTG6g
fMNwdYnUK+DwsXSKLaefJYCl/RXSvxi4R+ITPJ4do5RIRbPNPMw1p+t5Zg3sfcIt
II2R7Vb5xGPalE39AJ9M9duNQo7Qda/H88kRGNdtEqsX/MLYfCmumt7m6hmjlO9Q
133HaL08BpoOQ2Tzxag0F01qU9WNt/cpmqNbaliXFeXw26bPjz+QfAfQQF9xLlJ0
xieguO3WU+eaun5HX7Yu11XROi6lX6EO4oQatZBHTyHXbDyggdm/R5CP4h6fIg==
-----END CERTIFICATE-----
Generated at Sun Jun 8 07:15:37 2025 by rpki-client