Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/yx00hfLz-bIPBOrFaJhULcacifU.roa
File: yx00hfLz-bIPBOrFaJhULcacifU.roa (raw, json)
Hash identifier: IrSoKZzL5DvN0BGXT1dP4yIDM5zzNrKPlBzt3gf1W/M=
Subject key identifier: CB:1D:34:85:F2:F3:F9:B2:0F:04:EA:C5:68:98:54:2D:C6:9C:89:F5
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0197376B71CB1B12C7F3B085977DDC3D72DD
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/yx00hfLz-bIPBOrFaJhULcacifU.roa
Signing time: Tue 03 Jun 2025 20:11:17 +0000
ROA not before: Tue 03 Jun 2025 20:11:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
2001:67c:64:ffff:0:197:353f:be91/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 03 Jun 2025 21:04:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:37:6b:71:cb:1b:12:c7:f3:b0:85:97:7d:dc:3d:72:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Jun 3 20:11:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cb1d3485f2f3f9b20f04eac56898542dc69c89f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:e4:ef:b8:fd:43:a1:8b:ec:41:fc:ee:86:9f:
7c:c3:d6:ab:a0:95:c0:40:09:25:39:9c:a2:80:29:
8c:66:a1:71:40:70:3d:d2:a0:53:ae:3e:ba:bd:68:
4b:01:c7:67:cb:d4:44:62:a6:2f:c9:a0:a3:a6:ab:
68:4a:a6:bd:03:5a:ce:d3:ba:af:28:4b:73:9d:3e:
ff:3c:93:2b:d2:54:35:4f:8e:fa:41:19:c5:08:0b:
d7:3e:a9:b8:44:80:39:1e:55:2c:70:c3:22:ee:c8:
74:e5:2e:16:69:58:ee:e7:07:4b:18:95:2f:62:f2:
d3:86:12:50:f9:29:85:88:c9:a1:0b:8b:22:fc:a5:
7e:3a:44:8c:35:58:48:d1:c9:4f:90:f2:76:8f:42:
08:8e:a1:95:5d:bd:7e:b5:bb:f9:14:11:54:34:c7:
e2:67:76:4d:a5:d8:26:ac:b3:ed:6f:6d:3a:ee:b6:
14:59:f9:f5:1e:ab:c2:bd:a4:34:a6:27:ef:27:0f:
79:e9:b1:32:8e:38:ce:c8:7c:5a:39:8c:74:73:f4:
e9:98:65:dd:9d:c8:34:e2:10:03:09:6b:6e:3c:40:
23:3e:ad:8a:00:a7:80:8b:1e:56:8b:04:bb:2e:22:
6d:27:0a:84:61:7d:94:26:e2:ac:69:ab:e3:b7:95:
9d:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:1D:34:85:F2:F3:F9:B2:0F:04:EA:C5:68:98:54:2D:C6:9C:89:F5
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/yx00hfLz-bIPBOrFaJhULcacifU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
2001:67c:64:ffff:0:197:353f:be91/128
Signature Algorithm: sha256WithRSAEncryption
c2:43:63:9f:52:9a:76:01:1c:42:02:96:c7:3d:1e:f8:93:95:
35:78:51:6b:f8:cc:29:b3:c6:31:46:17:b3:a9:2e:b9:90:44:
8e:ad:cd:b6:92:bf:d7:48:c6:37:50:f5:c6:af:31:19:ab:9c:
2f:28:7e:55:fb:b9:04:64:8f:eb:7e:76:54:f8:34:41:9f:b6:
7c:ea:c2:70:8e:b8:48:37:0c:ba:d1:b7:b6:02:97:0c:02:39:
db:79:c4:23:1d:7c:d5:40:49:2d:5f:ad:06:a1:4c:b5:9f:6a:
7f:2e:53:e4:f4:94:48:f9:b0:71:48:19:72:22:c3:a3:9a:96:
46:dc:69:63:f9:85:05:24:12:cf:32:53:8e:7c:8f:5e:ff:64:
f3:2a:4d:21:3a:6d:09:8b:95:21:12:d0:2a:d7:7e:6c:38:24:
60:2b:e6:50:58:95:ec:35:36:73:0a:83:f5:18:72:d1:81:e9:
7b:bd:62:d3:a5:8c:27:73:14:82:a2:4b:4a:74:3e:36:69:8f:
b0:be:7c:30:2f:fd:fb:9e:fb:9f:d4:72:db:ce:2e:7d:e3:63:
00:e2:4b:14:47:7c:06:ab:bb:ea:ea:b1:b6:10:54:11:e6:35:
a2:8a:11:b0:f9:6f:46:36:3f:66:87:ca:af:d8:73:b7:84:c7:
bc:58:f7:d1
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZc3a3HLGxLH87CFl33cPXLdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNjAzMjAxMTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjFkMzQ4NWYyZjNmOWIyMGYwNGVhYzU2ODk4NTQyZGM2OWM4OWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvuTvuP1DoYvsQfzuhp98w9aroJXA
QAklOZyigCmMZqFxQHA90qBTrj66vWhLAcdny9REYqYvyaCjpqtoSqa9A1rO07qv
KEtznT7/PJMr0lQ1T476QRnFCAvXPqm4RIA5HlUscMMi7sh05S4WaVju5wdLGJUv
YvLThhJQ+SmFiMmhC4si/KV+OkSMNVhI0clPkPJ2j0IIjqGVXb1+tbv5FBFUNMfi
Z3ZNpdgmrLPtb2067rYUWfn1HqvCvaQ0pifvJw956bEyjjjOyHxaOYx0c/TpmGXd
ncg04hADCWtuPEAjPq2KAKeAix5WiwS7LiJtJwqEYX2UJuKsaavjt5WdewIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFMsdNIXy8/myDwTqxWiYVC3GnIn1MB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEveXgwMGhmTHotYklQQk9yRmFKaFVMY2FjaWZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAAjBMAxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
AxEAIAEGfABk//8AAAGXNT++kTANBgkqhkiG9w0BAQsFAAOCAQEAwkNjn1KadgEc
QgKWxz0e+JOVNXhRa/jMKbPGMUYXs6kuuZBEjq3NtpK/10jGN1D1xq8xGaucLyh+
Vfu5BGSP6352VPg0QZ+2fOrCcI64SDcMutG3tgKXDAI523nEIx181UBJLV+tBqFM
tZ9qfy5T5PSUSPmwcUgZciLDo5qWRtxpY/mFBSQSzzJTjnyPXv9k8ypNITptCYuV
IRLQKtd+bDgkYCvmUFiV7DU2cwqD9Rhy0YHpe71i06WMJ3MUgqJLSnQ+NmmPsL58
MC/9+577n9Ry284ufeNjAOJLFEd8Bqu76uqxthBUEeY1oooRsPlvRjY/ZofKr9hz
t4THvFj30Q==
-----END CERTIFICATE-----
Generated at Sun Jun 8 04:20:39 2025 by rpki-client