Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/yMlOpeV10sjk4ZjWpiqo-93rJSc.roa
File: yMlOpeV10sjk4ZjWpiqo-93rJSc.roa (raw, json)
Hash identifier: AzMtqcRa1bOsF2BCkRoFsulCaUDGTEPWI4CvrDZJ9ns=
Subject key identifier: C8:C9:4E:A5:E5:75:D2:C8:E4:E1:98:D6:A6:2A:A8:FB:DD:EB:25:27
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0197075B52A00FDA4DDC1DB9509CB9DA6691
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/yMlOpeV10sjk4ZjWpiqo-93rJSc.roa
Signing time: Sun 25 May 2025 12:11:54 +0000
ROA not before: Sun 25 May 2025 12:11:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 25 May 2025 13:04:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:07:5b:52:a0:0f:da:4d:dc:1d:b9:50:9c:b9:da:66:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 25 12:11:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c8c94ea5e575d2c8e4e198d6a62aa8fbddeb2527
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:1e:4f:c5:e5:d4:e6:2c:83:fc:c7:c5:58:61:
d4:52:02:2e:88:40:df:cd:a2:4f:f1:a5:0e:c0:37:
5e:67:94:15:fb:1a:f3:c6:88:80:b3:5a:0e:a9:e1:
c4:f9:8b:65:da:eb:c0:1a:67:c2:c0:c0:51:d8:4f:
b7:c1:72:02:16:64:de:3f:50:ac:c7:b9:b0:b5:c9:
48:aa:b4:dd:78:32:46:ed:32:2f:8c:a4:de:68:a0:
0a:4f:c2:b9:f1:c4:47:bc:f4:e8:07:a8:4f:b1:b4:
6f:b8:42:25:26:9b:e6:52:b4:dc:67:1e:f7:a5:29:
2a:57:d3:5d:7b:de:73:49:a5:aa:de:bd:0b:de:52:
e0:d0:3a:1a:8a:09:85:b4:9c:b8:6f:6b:fc:f3:6a:
fa:be:c4:99:f7:48:f1:00:13:a0:da:1e:ad:73:6b:
22:c7:39:6a:d5:f2:16:60:09:60:fb:d8:ce:33:4a:
5f:f7:c6:c2:cb:08:6b:24:fe:d1:ef:ba:bb:cd:0a:
bb:15:b3:f0:fa:c6:af:5d:90:cd:4f:f3:50:bf:fe:
da:90:6f:a0:ec:5d:d8:9d:c4:10:c1:99:26:ec:67:
d5:1e:0b:55:e5:f4:38:7c:58:3c:81:31:6a:2d:3e:
51:3f:b4:75:04:74:a5:14:ea:cd:dc:89:a2:dd:19:
70:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:C9:4E:A5:E5:75:D2:C8:E4:E1:98:D6:A6:2A:A8:FB:DD:EB:25:27
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/yMlOpeV10sjk4ZjWpiqo-93rJSc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
Signature Algorithm: sha256WithRSAEncryption
27:df:9b:bc:1f:84:9c:bc:88:f7:4e:15:33:97:d3:54:f7:4e:
dd:af:1e:ee:64:95:5a:22:45:54:cc:61:d9:73:a9:77:84:c5:
73:c5:e9:77:cd:7a:3c:97:ab:8d:2b:f7:1f:49:87:17:c0:0c:
34:bd:81:be:39:b3:5f:32:b2:56:c2:af:6f:85:bb:15:07:ca:
c0:af:e6:03:5b:f1:ab:bc:26:eb:f6:c2:78:e2:f3:39:19:69:
9b:bf:9d:38:d0:69:ab:0e:70:47:f6:e7:23:8f:2d:e5:9c:74:
97:59:57:ec:c3:0d:da:d0:54:99:cf:19:62:c4:94:9b:fe:57:
af:63:ea:8c:e9:5f:c4:8f:ba:bc:2e:4d:4d:c2:32:9b:ea:fb:
da:71:37:8e:c7:e8:83:1a:41:3b:12:05:6e:6d:6f:93:11:59:
e4:48:58:3d:23:ab:7c:4f:65:e9:56:f9:51:92:83:6f:75:ed:
11:6f:bd:0d:c8:08:c8:07:b3:f4:b6:4c:ea:99:cb:06:c0:c4:
e5:77:da:b2:8c:58:63:b7:06:d7:3e:9c:8a:c6:c7:74:c5:c8:
e7:cf:f5:4e:ce:37:12:83:fe:d3:ad:b1:01:99:06:5c:17:6f:
4f:f8:a5:53:78:38:27:6c:76:cd:58:ae:43:ba:eb:1f:84:db:
eb:4f:ae:fa
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZcHW1KgD9pN3B25UJy52maRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTI1MTIxMTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGM5NGVhNWU1NzVkMmM4ZTRlMTk4ZDZhNjJhYThmYmRkZWIyNTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvx5PxeXU5iyD/MfFWGHUUgIuiEDf
zaJP8aUOwDdeZ5QV+xrzxoiAs1oOqeHE+Ytl2uvAGmfCwMBR2E+3wXICFmTeP1Cs
x7mwtclIqrTdeDJG7TIvjKTeaKAKT8K58cRHvPToB6hPsbRvuEIlJpvmUrTcZx73
pSkqV9Nde95zSaWq3r0L3lLg0DoaigmFtJy4b2v882r6vsSZ90jxABOg2h6tc2si
xzlq1fIWYAlg+9jOM0pf98bCywhrJP7R77q7zQq7FbPw+savXZDNT/NQv/7akG+g
7F3YncQQwZkm7GfVHgtV5fQ4fFg8gTFqLT5RP7R1BHSlFOrN3Imi3RlwgQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFMjJTqXlddLI5OGY1qYqqPvd6yUnMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEveU1sT3BlVjEwc2prNFpqV3BpcW8tOTNySlNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGW7V2MKDANBgkqhkiG9w0BAQsFAAOCAQEAJ9+bvB+EnLyI904VM5fTVPdO
3a8e7mSVWiJFVMxh2XOpd4TFc8Xpd816PJerjSv3H0mHF8AMNL2BvjmzXzKyVsKv
b4W7FQfKwK/mA1vxq7wm6/bCeOLzORlpm7+dONBpqw5wR/bnI48t5Zx0l1lX7MMN
2tBUmc8ZYsSUm/5Xr2PqjOlfxI+6vC5NTcIym+r72nE3jsfogxpBOxIFbm1vkxFZ
5EhYPSOrfE9l6Vb5UZKDb3XtEW+9DcgIyAez9LZM6pnLBsDE5XfasoxYY7cG1z6c
isbHdMXI58/1Ts43EoP+062xAZkGXBdvT/ilU3g4J2x2zViuQ7rrH4Tb60+u+g==
-----END CERTIFICATE-----
Generated at Sun Jun 8 06:31:59 2025 by rpki-client