Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/yU9_nZV7mP05JPC9Dpl3GJv28RI.roa
File: yU9_nZV7mP05JPC9Dpl3GJv28RI.roa (raw, json)
Hash identifier: l+yI0hxIIcZXIAh5WOYUhcEh03zAddChiy8yEf97lRw=
Subject key identifier: C9:4F:7F:9D:95:7B:98:FD:39:24:F0:BD:0E:99:77:18:9B:F6:F1:12
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 019727542359BC1953CABA83ED8999F1FDD8
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/yU9_nZV7mP05JPC9Dpl3GJv28RI.roa
Signing time: Sat 31 May 2025 17:11:54 +0000
ROA not before: Sat 31 May 2025 17:11:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 31 May 2025 18:04:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:27:54:23:59:bc:19:53:ca:ba:83:ed:89:99:f1:fd:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 31 17:11:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c94f7f9d957b98fd3924f0bd0e9977189bf6f112
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:ef:30:1d:0e:09:19:0a:7e:0a:28:cb:18:9c:
7c:54:d3:3c:fb:12:08:a5:e3:ed:12:0a:c4:8b:07:
fc:f0:14:0a:b3:94:48:c2:28:0f:cc:9c:57:68:59:
85:a7:1d:6c:74:f5:f3:f2:b1:96:82:d8:c6:84:b8:
2a:f9:88:1a:25:8c:50:59:41:76:5d:4a:7b:75:f4:
60:c6:8c:34:e1:e5:ed:3d:97:cc:5f:fe:cc:ec:21:
bb:94:da:60:3e:5f:3d:74:49:c1:c0:03:9a:df:61:
18:af:28:ee:5b:9a:b6:bc:fe:60:93:18:5e:de:82:
33:bb:64:23:7b:d2:78:f4:61:c3:aa:09:bd:e5:3a:
ab:62:8d:a9:d9:58:48:ff:dc:ba:7e:9e:c0:09:46:
63:70:20:4b:19:21:f7:fa:f4:c4:01:5e:89:b0:c3:
34:92:76:76:61:0c:e3:26:56:51:98:54:d1:d8:f3:
9d:a2:8c:4b:2f:7b:71:4b:b0:82:40:96:f1:8a:d2:
5a:58:41:c8:31:a6:c5:bc:e6:72:c3:28:d0:23:1a:
99:2b:3e:f3:a0:14:8c:e9:f2:b5:7e:8f:c7:6f:c6:
72:07:74:38:1a:95:01:96:29:89:b2:16:22:cd:fe:
21:d8:18:de:80:01:e8:d4:67:f5:f9:5f:2f:91:8f:
66:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:4F:7F:9D:95:7B:98:FD:39:24:F0:BD:0E:99:77:18:9B:F6:F1:12
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/yU9_nZV7mP05JPC9Dpl3GJv28RI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
Signature Algorithm: sha256WithRSAEncryption
11:0c:a8:82:85:d1:c4:eb:91:2f:cf:fb:07:64:5f:83:25:82:
ed:d6:ef:db:b1:a1:e1:71:07:3b:f4:4f:6b:a1:24:2e:58:31:
d6:ee:7c:6e:35:87:57:ae:2f:c3:d9:b4:85:2f:d6:59:84:f2:
22:9f:9e:a3:d5:b4:ce:15:eb:5e:81:14:00:09:57:92:35:6c:
00:9c:4e:e8:76:8c:62:ee:e0:aa:2a:45:16:cb:dc:4f:26:cc:
e3:33:15:02:89:4e:a6:86:e8:c9:ce:51:dc:be:41:df:19:1f:
56:a7:2e:1f:24:23:5f:9a:74:86:8d:31:90:43:b0:cc:ca:72:
f8:2a:e4:5d:2b:10:42:bb:47:bd:84:68:b5:d8:2b:c6:4f:24:
7a:b0:c2:98:76:a1:4b:76:e5:27:c2:cb:14:b0:70:63:2b:3f:
08:f6:bc:c2:e2:cc:21:26:3b:e4:d5:6b:c9:b8:79:4a:6e:ac:
a9:ec:40:3e:89:7e:8a:ad:ab:ab:07:f0:73:8d:cf:cf:8c:e2:
7d:e4:3c:bf:21:e9:7f:4e:6f:7a:84:73:aa:0b:fa:04:ff:75:
8e:f8:68:c0:51:15:a8:b6:18:97:13:07:92:2d:5c:54:eb:a5:
c2:62:cc:42:b2:c4:8c:a3:47:36:29:83:fa:be:2b:84:c1:39:
28:ed:47:ea
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZcnVCNZvBlTyrqD7YmZ8f3YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTMxMTcxMTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTRmN2Y5ZDk1N2I5OGZkMzkyNGYwYmQwZTk5NzcxODliZjZmMTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAse8wHQ4JGQp+CijLGJx8VNM8+xII
pePtEgrEiwf88BQKs5RIwigPzJxXaFmFpx1sdPXz8rGWgtjGhLgq+YgaJYxQWUF2
XUp7dfRgxow04eXtPZfMX/7M7CG7lNpgPl89dEnBwAOa32EYryjuW5q2vP5gkxhe
3oIzu2Qje9J49GHDqgm95TqrYo2p2VhI/9y6fp7ACUZjcCBLGSH3+vTEAV6JsMM0
knZ2YQzjJlZRmFTR2POdooxLL3txS7CCQJbxitJaWEHIMabFvOZywyjQIxqZKz7z
oBSM6fK1fo/Hb8ZyB3Q4GpUBlimJshYizf4h2BjegAHo1Gf1+V8vkY9mIwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFMlPf52Ve5j9OSTwvQ6Zdxib9vESMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEveVU5X25aVjdtUDA1SlBDOURwbDNHSnYyOFJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTA/BAIAAjA5AxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
MA0GCSqGSIb3DQEBCwUAA4IBAQARDKiChdHE65Evz/sHZF+DJYLt1u/bsaHhcQc7
9E9roSQuWDHW7nxuNYdXri/D2bSFL9ZZhPIin56j1bTOFetegRQACVeSNWwAnE7o
doxi7uCqKkUWy9xPJszjMxUCiU6mhujJzlHcvkHfGR9Wpy4fJCNfmnSGjTGQQ7DM
ynL4KuRdKxBCu0e9hGi12CvGTyR6sMKYdqFLduUnwssUsHBjKz8I9rzC4swhJjvk
1WvJuHlKbqyp7EA+iX6KraurB/Bzjc/PjOJ95Dy/Iel/Tm96hHOqC/oE/3WO+GjA
URWothiXEweSLVxU66XCYsxCssSMo0c2KYP6viuEwTko7Ufq
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:42:02 2025 by rpki-client