Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/6QOELcWV3z8UtlwqfKZg2sJIIIQ.roa
File: 6QOELcWV3z8UtlwqfKZg2sJIIIQ.roa (raw, json)
Hash identifier: DNoWULgeDG2K0u7OvicX4oT6VBe3dlmYPC5VL6H+81E=
Subject key identifier: E9:03:84:2D:C5:95:DF:3F:14:B6:5C:2A:7C:A6:60:DA:C2:48:20:84
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 019728698B183A0AD48BE6D875820F078532
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/6QOELcWV3z8UtlwqfKZg2sJIIIQ.roa
Signing time: Sat 31 May 2025 22:14:54 +0000
ROA not before: Sat 31 May 2025 22:14:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 31 May 2025 23:04:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:28:69:8b:18:3a:0a:d4:8b:e6:d8:75:82:0f:07:85:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 31 22:14:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e903842dc595df3f14b65c2a7ca660dac2482084
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:98:48:13:4b:10:da:54:aa:4a:c8:0b:e0:9f:
6b:f6:dc:38:01:c8:49:6d:cd:46:13:4e:c8:78:13:
57:62:94:5a:4f:9f:68:06:a3:94:fb:d6:a7:a4:9f:
76:66:b8:b1:c7:f1:c8:e0:3f:d7:11:fd:c8:c5:e4:
b2:e5:ec:0c:7c:17:0e:48:e0:66:e7:01:ef:d1:dc:
67:f5:6c:06:a5:c2:49:ef:c3:21:d5:4f:c2:da:be:
c9:d8:14:7b:d7:fa:68:b7:d0:0c:31:f3:ec:c3:b8:
0c:ed:fe:77:ba:e9:11:32:ba:47:8a:1d:2e:af:20:
00:b5:86:ed:7f:02:ea:1a:0f:cb:1a:a4:a1:7d:21:
f7:27:be:0c:04:56:6e:07:74:a7:25:e4:cf:c5:46:
ce:c3:87:cd:bf:3b:85:94:6f:f6:54:6b:9b:b0:ba:
3f:9c:c8:26:b9:a7:3b:78:a5:bc:6a:9b:8f:b6:19:
45:70:c3:e9:5a:ef:98:79:53:f4:86:06:53:85:16:
3c:67:c0:ea:2e:ef:bf:04:3c:68:cb:55:b0:b0:5a:
f8:28:46:49:20:da:2f:48:d9:1e:22:52:27:13:33:
d8:e1:fb:e9:7b:cd:d3:02:dc:0c:a0:ac:a5:fc:ca:
87:66:ba:3f:44:12:4f:27:9d:5d:03:e8:56:67:eb:
97:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:03:84:2D:C5:95:DF:3F:14:B6:5C:2A:7C:A6:60:DA:C2:48:20:84
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/6QOELcWV3z8UtlwqfKZg2sJIIIQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
Signature Algorithm: sha256WithRSAEncryption
73:47:cb:c0:5d:a0:d0:8a:33:6b:30:64:63:ac:65:0d:d7:70:
18:b8:b4:61:30:89:84:74:ad:47:7e:ff:64:4f:d5:2c:4a:5b:
1e:a8:f5:17:13:b7:dc:31:3d:1d:0c:04:ba:aa:9c:80:a2:38:
76:05:bb:b2:00:75:f5:0c:f3:56:24:a7:7e:d1:95:d2:04:4b:
fa:cb:b9:95:66:c9:f8:65:b6:f6:d5:a9:77:0f:9f:18:6a:55:
2d:1c:30:29:b7:29:29:43:ef:96:f9:3b:e3:dc:50:5c:56:ed:
7b:ce:2c:29:0b:c6:ac:32:56:10:c7:fe:73:5b:a5:da:2b:c4:
24:58:0b:5c:a6:3b:09:e2:d5:12:64:79:80:91:ed:6b:5a:e1:
dc:16:61:e1:41:3d:8e:ce:61:df:de:41:2a:59:6c:2f:fb:49:
d5:7e:be:48:a1:c8:01:a6:2f:bc:2f:31:46:25:12:a3:69:73:
44:c8:70:37:47:6d:bd:2c:f2:00:71:ec:16:9e:9a:24:15:12:
11:ed:cf:e2:4b:d6:25:62:b6:f8:b0:26:03:7b:83:70:57:d0:
28:95:07:33:58:12:10:ee:38:c4:3e:ce:ac:48:1c:e9:19:39:
dc:0e:d2:e0:db:76:33:8e:cf:cf:21:0d:7e:5f:ee:fa:5e:f6:
34:00:d2:44
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZcoaYsYOgrUi+bYdYIPB4UyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTMxMjIxNDU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTAzODQyZGM1OTVkZjNmMTRiNjVjMmE3Y2E2NjBkYWMyNDgyMDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt5hIE0sQ2lSqSsgL4J9r9tw4AchJ
bc1GE07IeBNXYpRaT59oBqOU+9anpJ92Zrixx/HI4D/XEf3IxeSy5ewMfBcOSOBm
5wHv0dxn9WwGpcJJ78Mh1U/C2r7J2BR71/pot9AMMfPsw7gM7f53uukRMrpHih0u
ryAAtYbtfwLqGg/LGqShfSH3J74MBFZuB3SnJeTPxUbOw4fNvzuFlG/2VGubsLo/
nMgmuac7eKW8apuPthlFcMPpWu+YeVP0hgZThRY8Z8DqLu+/BDxoy1WwsFr4KEZJ
INovSNkeIlInEzPY4fvpe83TAtwMoKyl/MqHZro/RBJPJ51dA+hWZ+uXGQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFOkDhC3Fld8/FLZcKnymYNrCSCCEMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvNlFPRUxjV1YzejhVdGx3cWZLWmcyc0pJSUlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTA/BAIAAjA5AxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
MA0GCSqGSIb3DQEBCwUAA4IBAQBzR8vAXaDQijNrMGRjrGUN13AYuLRhMImEdK1H
fv9kT9UsSlseqPUXE7fcMT0dDAS6qpyAojh2BbuyAHX1DPNWJKd+0ZXSBEv6y7mV
Zsn4Zbb21al3D58YalUtHDAptykpQ++W+Tvj3FBcVu17ziwpC8asMlYQx/5zW6Xa
K8QkWAtcpjsJ4tUSZHmAke1rWuHcFmHhQT2OzmHf3kEqWWwv+0nVfr5IocgBpi+8
LzFGJRKjaXNEyHA3R229LPIAcewWnpokFRIR7c/iS9YlYrb4sCYDe4NwV9AolQcz
WBIQ7jjEPs6sSBzpGTncDtLg23Yzjs/PIQ1+X+76XvY0ANJE
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:06:01 2025 by rpki-client