Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/zydkKXsm2yb1qdNblp8fZvHI8xI.roa
File: zydkKXsm2yb1qdNblp8fZvHI8xI.roa (raw, json)
Hash identifier: DJLsQG+d8gxzGpHkW/uj5qi0N4q54m/9O89ZRod+kGQ=
Subject key identifier: CF:27:64:29:7B:26:DB:26:F5:A9:D3:5B:96:9F:1F:66:F1:C8:F3:12
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0197259E858FD3A088BEC25C240480C96C56
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/zydkKXsm2yb1qdNblp8fZvHI8xI.roa
Signing time: Sat 31 May 2025 09:13:55 +0000
ROA not before: Sat 31 May 2025 09:13:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 31 May 2025 10:04:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:25:9e:85:8f:d3:a0:88:be:c2:5c:24:04:80:c9:6c:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 31 09:13:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cf2764297b26db26f5a9d35b969f1f66f1c8f312
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:83:d0:6b:0a:f3:80:a9:e9:40:62:93:f2:0b:
88:f3:af:d8:5e:1a:8d:f7:69:e5:01:d8:b2:49:3b:
6c:2b:60:cb:3f:a2:ca:31:d3:49:c4:c5:67:62:bb:
2d:c5:9d:2e:04:25:16:64:bc:2d:1d:93:db:4e:ae:
53:1d:8e:b9:38:ec:47:a4:b1:18:01:69:7e:db:98:
ee:e6:fa:d9:e0:3b:eb:13:b2:f9:d3:f6:e9:6b:dd:
d6:ce:f6:1c:9b:15:5f:b2:68:18:7c:87:3a:14:95:
eb:3f:9d:8c:75:96:ae:ad:29:b6:4d:f4:a3:47:f6:
68:d1:39:06:90:40:a3:3d:ef:7f:d1:82:f2:55:56:
b5:fe:8b:25:82:e0:28:2e:d5:10:59:23:c2:f9:2a:
b0:29:09:04:e9:53:fd:2c:4b:9e:0d:e6:f9:b9:4a:
de:25:d7:5a:ce:f5:3c:42:ce:41:8a:1b:44:00:1f:
0c:ff:c3:28:ac:61:36:9e:d7:48:0c:8c:71:29:dc:
d0:3b:3e:16:8e:57:4f:0d:ea:06:85:c0:b2:7e:e8:
14:a4:fc:62:90:46:fb:e6:bf:d9:3c:72:4b:a9:b3:
98:01:72:86:8f:19:ad:c8:ec:93:82:82:f0:39:98:
4a:c5:39:f5:3f:f5:aa:5e:84:eb:a0:ae:24:61:10:
d8:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:27:64:29:7B:26:DB:26:F5:A9:D3:5B:96:9F:1F:66:F1:C8:F3:12
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/zydkKXsm2yb1qdNblp8fZvHI8xI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
Signature Algorithm: sha256WithRSAEncryption
24:07:33:4e:a0:6f:4e:c6:54:85:1d:9c:c3:60:cc:b3:ab:84:
e9:28:38:55:c9:b6:26:1e:6e:62:27:cb:32:75:9d:19:89:9d:
b6:40:b1:da:e2:9c:53:89:31:cd:75:34:0e:f4:8f:99:5a:73:
ec:ac:ef:4b:7f:31:80:a8:39:8c:ac:63:da:91:f3:26:b3:52:
ea:3a:84:26:46:4c:dc:b2:84:93:da:81:0d:8c:4e:2f:82:de:
2b:97:fb:35:67:db:20:33:f0:c9:77:9f:3b:74:68:12:76:59:
88:f5:dc:dd:4f:9c:4f:50:30:d3:59:b0:b7:8d:a1:a9:ae:ae:
d4:f1:aa:65:ea:86:a1:e6:39:9c:10:ce:33:c2:dc:09:cc:74:
4e:28:4d:35:b2:6b:64:01:a9:03:78:4e:e3:77:4c:5e:9d:9a:
33:f7:a3:ee:1a:96:d9:3b:65:7d:ea:78:ac:13:8e:24:41:c4:
87:75:87:0b:61:0e:1a:bd:ba:c6:95:45:e7:b2:3d:db:c8:36:
85:c0:60:7e:6d:ca:fc:6d:40:42:de:a2:42:c8:d5:7c:2f:4a:
cc:bb:bb:b9:48:60:6a:60:4b:7c:3a:bf:65:1e:0d:b5:06:d2:
26:21:c5:f0:18:b3:d4:c0:df:29:66:03:3d:0f:47:47:b3:e9:
15:b3:de:c0
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZclnoWP06CIvsJcJASAyWxWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTMxMDkxMzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjI3NjQyOTdiMjZkYjI2ZjVhOWQzNWI5NjlmMWY2NmYxYzhmMzEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnIPQawrzgKnpQGKT8guI86/YXhqN
92nlAdiySTtsK2DLP6LKMdNJxMVnYrstxZ0uBCUWZLwtHZPbTq5THY65OOxHpLEY
AWl+25ju5vrZ4DvrE7L50/bpa93WzvYcmxVfsmgYfIc6FJXrP52MdZaurSm2TfSj
R/Zo0TkGkECjPe9/0YLyVVa1/oslguAoLtUQWSPC+SqwKQkE6VP9LEueDeb5uUre
JddazvU8Qs5BihtEAB8M/8MorGE2ntdIDIxxKdzQOz4WjldPDeoGhcCyfugUpPxi
kEb75r/ZPHJLqbOYAXKGjxmtyOyTgoLwOZhKxTn1P/WqXoTroK4kYRDY/wIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFM8nZCl7Jtsm9anTW5afH2bxyPMSMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvenlka0tYc20yeWIxcWROYmxwOGZadkhJOHhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTA/BAIAAjA5AxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
MA0GCSqGSIb3DQEBCwUAA4IBAQAkBzNOoG9OxlSFHZzDYMyzq4TpKDhVybYmHm5i
J8sydZ0ZiZ22QLHa4pxTiTHNdTQO9I+ZWnPsrO9LfzGAqDmMrGPakfMms1LqOoQm
RkzcsoST2oENjE4vgt4rl/s1Z9sgM/DJd587dGgSdlmI9dzdT5xPUDDTWbC3jaGp
rq7U8apl6oah5jmcEM4zwtwJzHROKE01smtkAakDeE7jd0xenZoz96PuGpbZO2V9
6nisE44kQcSHdYcLYQ4avbrGlUXnsj3byDaFwGB+bcr8bUBC3qJCyNV8L0rMu7u5
SGBqYEt8Or9lHg21BtImIcXwGLPUwN8pZgM9D0dHs+kVs97A
-----END CERTIFICATE-----
Generated at Sun Jun 8 07:41:52 2025 by rpki-client