Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/Fzit0JPBkGamCwGt_jYjUwFfh_U.roa
File: Fzit0JPBkGamCwGt_jYjUwFfh_U.roa (raw, json)
Hash identifier: RmqesfttAKDRz0vKTseC0kvCAIayHrWc3uyH60D4Hc8=
Subject key identifier: 17:38:AD:D0:93:C1:90:66:A6:0B:01:AD:FE:36:23:53:01:5F:87:F5
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 019676EC2948AC49BFEC44EED2C0424853D2
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/Fzit0JPBkGamCwGt_jYjUwFfh_U.roa
Signing time: Sun 27 Apr 2025 11:05:10 +0000
ROA not before: Sun 27 Apr 2025 11:05:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:76eb:8acb/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 27 Apr 2025 11:12:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:76:ec:29:48:ac:49:bf:ec:44:ee:d2:c0:42:48:53:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Apr 27 11:05:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1738add093c19066a60b01adfe362353015f87f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:82:27:8b:8e:8d:7b:72:c1:88:96:c2:26:fb:
eb:7f:90:d3:19:da:8b:d7:93:60:c9:ff:cc:ae:58:
24:43:83:ff:e8:8b:a7:11:9c:c0:02:85:34:13:aa:
bb:81:80:67:a7:75:65:1f:bf:6b:52:ca:da:44:2e:
2a:42:43:fb:84:d5:58:70:75:8a:ef:d2:36:cf:f2:
40:da:f7:d2:e3:74:ce:ae:0b:75:1e:67:89:88:98:
f9:f2:48:68:62:9b:9c:74:c8:13:74:51:e5:08:2a:
62:72:83:d8:09:32:dd:99:8b:39:81:86:66:cc:1c:
51:33:13:f9:35:5b:6e:d8:df:53:aa:c1:9e:55:cd:
50:83:9c:ef:c5:ca:56:d7:eb:21:67:fd:35:4c:b0:
f0:cd:2a:66:85:25:df:5a:f3:59:aa:d6:21:ce:10:
ec:d0:dd:91:c3:7c:af:e4:f0:c8:09:f1:4a:45:0a:
c2:39:dd:a2:19:64:35:a0:56:4c:c5:6f:f5:e9:a7:
cf:7a:31:8c:db:43:28:c6:b6:74:0f:04:57:23:68:
7c:2c:90:37:d0:43:fb:e3:7f:d2:80:07:de:39:bb:
d7:72:d7:9e:06:a0:db:ba:b8:3a:45:88:2a:f4:24:
53:96:08:bd:e8:fb:94:cb:47:60:33:02:05:40:e0:
cd:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:38:AD:D0:93:C1:90:66:A6:0B:01:AD:FE:36:23:53:01:5F:87:F5
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/Fzit0JPBkGamCwGt_jYjUwFfh_U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:76eb:8acb/128
Signature Algorithm: sha256WithRSAEncryption
b4:2f:0e:b3:bb:6d:4c:3f:68:c1:00:4d:cc:a0:f6:d6:6a:e4:
57:c8:4b:e0:49:95:e3:59:21:51:c5:e4:68:62:71:e2:cd:61:
97:bb:c9:a8:c3:d1:cc:f2:b2:36:5f:88:f4:39:20:22:f5:de:
4a:82:5e:45:f3:17:ba:95:9c:a2:66:55:39:41:b6:fa:f7:e1:
45:f7:db:67:78:08:cf:00:6f:1c:ad:43:e7:45:7d:ce:f2:00:
d2:25:d0:af:71:88:ef:bf:c3:db:d4:20:b1:28:83:1d:65:52:
12:5d:bb:c2:a8:d3:02:30:e7:d8:c1:7e:4f:35:eb:e2:28:81:
ce:31:b4:2d:d0:7a:73:97:f0:83:bd:0a:29:f4:00:98:c2:66:
40:b2:93:1f:74:21:69:2b:79:b5:24:62:e9:3b:4f:45:60:0b:
6f:30:ac:87:57:ea:00:cc:db:be:c4:e5:27:2c:b2:46:44:ad:
67:ee:e8:16:5b:6e:0f:f6:e6:1f:9b:8c:3b:92:ed:13:fc:c0:
7a:ce:92:85:e5:6a:16:d4:4e:6c:3f:51:8c:fc:ed:9a:06:d1:
d8:ea:6a:6a:33:ed:ba:f1:7a:5c:aa:d1:31:15:5e:69:0e:e0:
46:96:33:82:8d:0e:6b:e9:2c:43:98:54:a7:e0:e0:65:c5:50:
04:7e:d5:2b
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZZ27ClIrEm/7ETu0sBCSFPSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNDI3MTEwNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzM4YWRkMDkzYzE5MDY2YTYwYjAxYWRmZTM2MjM1MzAxNWY4N2Y1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxoIni46Ne3LBiJbCJvvrf5DTGdqL
15Ngyf/MrlgkQ4P/6IunEZzAAoU0E6q7gYBnp3VlH79rUsraRC4qQkP7hNVYcHWK
79I2z/JA2vfS43TOrgt1HmeJiJj58khoYpucdMgTdFHlCCpicoPYCTLdmYs5gYZm
zBxRMxP5NVtu2N9TqsGeVc1Qg5zvxcpW1+shZ/01TLDwzSpmhSXfWvNZqtYhzhDs
0N2Rw3yv5PDICfFKRQrCOd2iGWQ1oFZMxW/16afPejGM20MoxrZ0DwRXI2h8LJA3
0EP743/SgAfeObvXcteeBqDburg6RYgq9CRTlgi96PuUy0dgMwIFQODNBwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFBc4rdCTwZBmpgsBrf42I1MBX4f1MB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvRnppdDBKUEJrR2FtQ3dHdF9qWWpVd0ZmaF9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGWduuKyzANBgkqhkiG9w0BAQsFAAOCAQEAtC8Os7ttTD9owQBNzKD21mrk
V8hL4EmV41khUcXkaGJx4s1hl7vJqMPRzPKyNl+I9DkgIvXeSoJeRfMXupWcomZV
OUG2+vfhRffbZ3gIzwBvHK1D50V9zvIA0iXQr3GI77/D29QgsSiDHWVSEl27wqjT
AjDn2MF+TzXr4iiBzjG0LdB6c5fwg70KKfQAmMJmQLKTH3QhaSt5tSRi6TtPRWAL
bzCsh1fqAMzbvsTlJyyyRkStZ+7oFltuD/bmH5uMO5LtE/zAes6SheVqFtRObD9R
jPztmgbR2OpqajPtuvF6XKrRMRVeaQ7gRpYzgo0Oa+ksQ5hUp+DgZcVQBH7VKw==
-----END CERTIFICATE-----
Generated at Wed Apr 30 21:24:17 2025 by rpki-client