Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/CQ7VJckoLvidCbCSSHs7t4SR_Zg.roa
File: CQ7VJckoLvidCbCSSHs7t4SR_Zg.roa (raw, json)
Hash identifier: jpams7VDOz6cfjpsIpC1qgbUfqADoWriLCIM7k8f5mU=
Subject key identifier: 09:0E:D5:25:C9:28:2E:F8:9D:09:B0:92:48:7B:3B:B7:84:91:FD:98
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 019732B4C7C7C50956F73275522D49B98D73
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/CQ7VJckoLvidCbCSSHs7t4SR_Zg.roa
Signing time: Mon 02 Jun 2025 22:13:17 +0000
ROA not before: Mon 02 Jun 2025 22:13:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 02 Jun 2025 23:04:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:32:b4:c7:c7:c5:09:56:f7:32:75:52:2d:49:b9:8d:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Jun 2 22:13:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=090ed525c9282ef89d09b092487b3bb78491fd98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:cd:82:82:54:af:2f:b1:b5:fb:fd:dd:a9:0a:
cf:cf:6b:0d:4c:15:5f:1f:67:6c:ec:70:d7:e2:cf:
b0:6b:79:ca:bc:a9:83:42:5e:4f:bf:ce:14:07:37:
b8:01:ff:21:49:4e:45:05:1e:c3:42:50:00:8c:a4:
a5:64:36:c2:1a:d2:fd:a1:5d:ac:9e:a3:56:7c:3b:
ea:f6:b4:47:6f:72:aa:c5:ea:76:69:6b:ec:44:1f:
ae:d1:15:a6:ad:7d:31:f4:c0:69:c2:b5:33:ad:bf:
fa:5e:7e:0c:96:5c:79:9e:3d:94:ee:0d:9c:f8:15:
68:c9:db:21:9d:44:3b:08:99:98:2e:3b:0b:ef:00:
a6:56:bf:b2:11:32:08:53:0d:c2:42:ac:cb:a0:ef:
5a:ce:15:e9:35:23:34:c9:1a:d4:56:21:23:d3:31:
d0:64:d5:8f:a3:80:c8:e3:b2:42:5a:15:76:7d:cd:
8e:86:c8:03:d2:8b:3b:cf:0b:83:1a:a6:3e:9f:85:
1f:31:4f:10:5e:0f:0f:80:26:61:02:7d:a6:17:3a:
3a:7c:5c:1e:06:c4:fc:e7:a8:89:9b:ed:d9:7d:25:
a9:39:a8:ff:51:2a:31:67:d0:ba:95:8d:51:db:bc:
e1:04:b3:9c:69:b4:c2:90:0b:21:01:e3:99:59:ab:
fa:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:0E:D5:25:C9:28:2E:F8:9D:09:B0:92:48:7B:3B:B7:84:91:FD:98
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/CQ7VJckoLvidCbCSSHs7t4SR_Zg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
Signature Algorithm: sha256WithRSAEncryption
43:6c:c9:f6:4f:b5:e1:60:52:e4:14:e9:c2:f2:3b:2c:eb:42:
6b:3c:ce:5a:53:c1:7f:cf:5f:0d:9d:f6:d2:05:95:21:5f:bf:
51:4b:c4:36:37:f7:54:c8:8e:76:f8:10:05:34:df:2a:42:6b:
0d:8c:5c:20:df:ae:b8:54:58:8e:2a:64:31:42:3e:98:f9:b6:
a8:69:8e:d8:08:8e:dc:dd:75:38:c8:21:9f:f9:4f:f5:ba:73:
a3:92:a6:59:9e:2d:83:fc:eb:a5:5d:30:da:5a:99:c9:50:7d:
af:15:42:d1:68:5a:ee:47:77:30:ed:8e:c4:89:c1:42:a2:16:
f3:18:46:95:05:77:0c:33:09:9f:3a:3d:0f:dc:bd:1a:0f:de:
9b:f4:c0:9c:86:e2:ec:dd:62:33:18:0f:b2:f0:7f:ee:3b:37:
3b:8e:29:db:24:b8:a8:82:e3:c9:ec:e9:9e:64:0b:70:5b:c4:
50:c2:35:5f:84:41:c4:d0:b2:98:2c:f8:00:59:09:e9:97:43:
f9:73:dc:97:6c:31:a4:93:db:24:26:9e:49:be:b9:c6:17:35:
9f:95:e6:af:44:bc:63:f2:86:30:1a:43:47:4f:e3:98:b0:66:
34:9c:d9:8d:89:7a:6c:41:7f:f9:a8:a9:7b:df:bd:7d:72:e3:
27:f8:ab:64
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZcytMfHxQlW9zJ1Ui1JuY1zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNjAyMjIxMzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTBlZDUyNWM5MjgyZWY4OWQwOWIwOTI0ODdiM2JiNzg0OTFmZDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh82CglSvL7G1+/3dqQrPz2sNTBVf
H2ds7HDX4s+wa3nKvKmDQl5Pv84UBze4Af8hSU5FBR7DQlAAjKSlZDbCGtL9oV2s
nqNWfDvq9rRHb3Kqxep2aWvsRB+u0RWmrX0x9MBpwrUzrb/6Xn4Mllx5nj2U7g2c
+BVoydshnUQ7CJmYLjsL7wCmVr+yETIIUw3CQqzLoO9azhXpNSM0yRrUViEj0zHQ
ZNWPo4DI47JCWhV2fc2OhsgD0os7zwuDGqY+n4UfMU8QXg8PgCZhAn2mFzo6fFwe
BsT856iJm+3ZfSWpOaj/USoxZ9C6lY1R27zhBLOcabTCkAshAeOZWav6JwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFAkO1SXJKC74nQmwkkh7O7eEkf2YMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvQ1E3Vkpja29MdmlkQ2JDU1NIczd0NFNSX1pnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTA/BAIAAjA5AxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
MA0GCSqGSIb3DQEBCwUAA4IBAQBDbMn2T7XhYFLkFOnC8jss60JrPM5aU8F/z18N
nfbSBZUhX79RS8Q2N/dUyI52+BAFNN8qQmsNjFwg3664VFiOKmQxQj6Y+baoaY7Y
CI7c3XU4yCGf+U/1unOjkqZZni2D/OulXTDaWpnJUH2vFULRaFruR3cw7Y7EicFC
ohbzGEaVBXcMMwmfOj0P3L0aD96b9MCchuLs3WIzGA+y8H/uOzc7jinbJLioguPJ
7OmeZAtwW8RQwjVfhEHE0LKYLPgAWQnpl0P5c9yXbDGkk9skJp5JvrnGFzWfleav
RLxj8oYwGkNHT+OYsGY0nNmNiXpsQX/5qKl73719cuMn+Ktk
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:06:31 2025 by rpki-client