Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/y9e_gi3y7S2hNQzqxAQyN39FziM.roa
File: y9e_gi3y7S2hNQzqxAQyN39FziM.roa (raw, json)
Hash identifier: EXu3klmtkDflV4HX7jJ9R370j3ozUtnB8VqNTXrYsvI=
Subject key identifier: CB:D7:BF:82:2D:F2:ED:2D:A1:35:0C:EA:C4:04:32:37:7F:45:CE:23
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0196EEE55A8DA2A8E072C9F27A1713A446E2
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/y9e_gi3y7S2hNQzqxAQyN39FziM.roa
Signing time: Tue 20 May 2025 18:12:10 +0000
ROA not before: Tue 20 May 2025 18:12:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 20 May 2025 19:05:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ee:e5:5a:8d:a2:a8:e0:72:c9:f2:7a:17:13:a4:46:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 20 18:12:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cbd7bf822df2ed2da1350ceac40432377f45ce23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:fd:27:7b:47:37:83:0b:38:15:22:17:ea:0c:
64:61:12:ad:03:90:5f:5f:a3:b8:71:b1:16:6d:9d:
7b:f1:c5:6d:83:48:0d:06:e6:a7:1b:7c:32:b8:c8:
2e:da:fe:45:ff:27:29:39:f0:3b:6a:52:bc:30:42:
87:54:82:a8:9d:ae:9e:9f:0e:f6:2a:b0:ac:2d:11:
06:1f:47:f7:b6:da:46:1b:a6:7e:be:a8:29:28:7c:
21:4a:ea:8b:c3:5d:de:c3:e1:93:f0:c8:bd:35:9c:
94:1e:e6:82:8f:df:72:e7:ea:b9:e9:e4:3e:0a:e0:
c5:39:ea:c6:5c:fe:18:13:0b:36:9f:b6:ca:ce:37:
a8:8a:e9:78:46:b9:2e:31:c1:9e:af:1c:87:63:47:
94:a6:c8:cb:85:bb:11:38:55:43:4d:65:28:3e:f3:
5c:00:5a:ce:b7:a0:7a:00:ba:8d:66:b6:26:7d:52:
89:1c:59:95:86:a8:e0:38:17:5b:f0:9f:7c:14:6b:
e7:da:94:cf:99:02:fd:85:41:06:cb:c9:c4:34:63:
09:73:a6:a5:aa:d5:b5:b9:ba:f9:a5:fe:2d:88:09:
67:94:d7:ed:1e:34:82:a4:ae:2e:b2:c9:d8:9f:95:
3a:1b:3f:ed:85:97:8d:2a:fc:ba:6c:ff:be:08:ca:
fe:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:D7:BF:82:2D:F2:ED:2D:A1:35:0C:EA:C4:04:32:37:7F:45:CE:23
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/y9e_gi3y7S2hNQzqxAQyN39FziM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
Signature Algorithm: sha256WithRSAEncryption
b6:c2:3e:30:b0:36:c9:83:a7:22:99:bf:fb:49:5d:26:0e:20:
c8:06:dc:76:d0:18:9f:5f:b7:44:63:7d:51:e5:94:3e:7f:82:
12:5c:2c:c4:b3:65:48:67:e0:de:00:e8:ec:2b:99:9a:85:ec:
50:7e:f9:e0:d7:48:11:71:59:76:13:f4:9c:29:ae:b4:5d:e6:
62:87:53:d9:47:a1:85:46:79:7b:43:8e:80:c8:a2:e8:8d:94:
9a:0f:40:d3:b8:10:10:ec:3a:bf:8e:b2:bd:47:a6:94:77:2a:
28:d6:25:0e:e5:8f:0b:26:66:48:2f:3a:0b:e6:8f:b6:68:26:
7d:97:21:88:3d:bf:d4:57:30:3a:f1:41:3b:9a:f2:8d:b6:3e:
a1:8f:39:0c:3b:fc:dd:03:74:ad:9d:42:f0:19:8e:d6:ad:1e:
ad:e6:86:ca:44:8f:b6:9b:dd:4e:91:66:c2:9f:db:9b:ee:75:
0c:a1:fe:a6:23:67:ec:23:c6:ed:0b:f0:50:96:97:91:ab:1a:
f9:cf:3d:a3:ff:9d:2a:ae:09:e0:0d:23:5a:a8:d2:4d:d3:02:
24:19:91:6d:4f:e3:7e:91:93:9f:a1:29:b5:60:a8:7c:e6:9c:
60:4d:e7:6b:95:ee:e7:f8:fb:69:db:84:1a:47:af:fb:29:61:
72:59:4b:13
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZbu5VqNoqjgcsnyehcTpEbiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTIwMTgxMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmQ3YmY4MjJkZjJlZDJkYTEzNTBjZWFjNDA0MzIzNzdmNDVjZTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq/0ne0c3gws4FSIX6gxkYRKtA5Bf
X6O4cbEWbZ178cVtg0gNBuanG3wyuMgu2v5F/ycpOfA7alK8MEKHVIKona6enw72
KrCsLREGH0f3ttpGG6Z+vqgpKHwhSuqLw13ew+GT8Mi9NZyUHuaCj99y5+q56eQ+
CuDFOerGXP4YEws2n7bKzjeoiul4RrkuMcGerxyHY0eUpsjLhbsROFVDTWUoPvNc
AFrOt6B6ALqNZrYmfVKJHFmVhqjgOBdb8J98FGvn2pTPmQL9hUEGy8nENGMJc6al
qtW1ubr5pf4tiAlnlNftHjSCpK4ussnYn5U6Gz/thZeNKvy6bP++CMr+vQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFMvXv4It8u0toTUM6sQEMjd/Rc4jMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEveTllX2dpM3k3UzJoTlF6cXhBUXlOMzlGemlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGW7V2MKDANBgkqhkiG9w0BAQsFAAOCAQEAtsI+MLA2yYOnIpm/+0ldJg4g
yAbcdtAYn1+3RGN9UeWUPn+CElwsxLNlSGfg3gDo7CuZmoXsUH754NdIEXFZdhP0
nCmutF3mYodT2UehhUZ5e0OOgMii6I2Umg9A07gQEOw6v46yvUemlHcqKNYlDuWP
CyZmSC86C+aPtmgmfZchiD2/1FcwOvFBO5ryjbY+oY85DDv83QN0rZ1C8BmO1q0e
reaGykSPtpvdTpFmwp/bm+51DKH+piNn7CPG7QvwUJaXkasa+c89o/+dKq4J4A0j
WqjSTdMCJBmRbU/jfpGTn6EptWCofOacYE3na5Xu5/j7aduEGkev+ylhcllLEw==
-----END CERTIFICATE-----
Generated at Sun Jun 8 07:38:12 2025 by rpki-client