Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/HqUG1LtEP008K7pUvrutn4NuOu4.roa
File: HqUG1LtEP008K7pUvrutn4NuOu4.roa (raw, json)
Hash identifier: KHOjqy8/XgtLiLm5HBaf6l2J1h+rDYXFyoXlE2y0IK8=
Subject key identifier: 1E:A5:06:D4:BB:44:3F:4D:3C:2B:BA:54:BE:BB:AD:9F:83:6E:3A:EE
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0196FE88B77032C8FDFF723F05B028055D81
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/HqUG1LtEP008K7pUvrutn4NuOu4.roa
Signing time: Fri 23 May 2025 19:04:54 +0000
ROA not before: Fri 23 May 2025 19:04:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:196:fe87:ed5e/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 23 May 2025 19:11:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:fe:88:b7:70:32:c8:fd:ff:72:3f:05:b0:28:05:5d:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 23 19:04:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1ea506d4bb443f4d3c2bba54bebbad9f836e3aee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:f9:32:95:a0:5f:59:36:ce:2e:74:a0:2b:99:
4a:9c:a8:d0:bf:5b:57:83:d0:06:9c:48:98:a7:13:
33:c9:8d:ac:f8:85:59:95:60:11:e7:d2:d4:1f:50:
fc:5f:ea:8f:66:0a:54:9f:fc:f2:52:d5:93:61:0a:
5b:fc:41:99:ce:24:bc:3c:7c:60:a3:b9:b4:be:9f:
97:36:1b:23:04:d9:58:28:92:51:97:d0:dc:35:cb:
60:1e:f1:70:e8:77:01:8b:0a:4e:af:e4:74:8d:1d:
49:35:f6:e5:b8:32:42:96:e2:2a:84:2d:8f:8d:99:
99:04:d4:c8:d6:d5:2b:d0:a3:59:7b:d1:6b:45:75:
70:fd:d4:f2:5b:68:e9:4c:1f:fb:95:cb:41:0e:72:
68:ce:b5:20:ec:bb:f9:85:f8:c3:a0:d2:e4:e9:b0:
b5:5e:aa:9e:40:de:84:5a:f9:58:4d:2a:a8:8f:80:
9b:13:4f:23:a2:67:0c:1c:f9:2d:bd:11:f4:36:df:
5f:52:d1:a5:9a:c5:fc:17:a9:8c:c2:4d:57:ff:e4:
1a:28:67:a2:d0:98:e0:64:1e:ea:48:d0:4a:4a:05:
c1:09:56:bd:94:78:2a:49:86:68:69:00:66:84:eb:
c5:8f:cf:dc:1a:b6:1c:94:0d:fe:69:27:c4:c4:46:
fb:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:A5:06:D4:BB:44:3F:4D:3C:2B:BA:54:BE:BB:AD:9F:83:6E:3A:EE
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/HqUG1LtEP008K7pUvrutn4NuOu4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:196:fe87:ed5e/128
Signature Algorithm: sha256WithRSAEncryption
9f:1a:12:4a:93:c7:d5:3b:9e:28:b8:7f:43:29:32:16:5a:30:
3f:aa:a3:66:86:eb:74:dc:31:03:f7:ae:7c:ca:43:6e:63:dc:
eb:7a:ad:4f:da:b4:58:d1:f8:6b:55:54:f8:f0:cf:0c:00:7e:
be:94:62:61:cd:5b:34:da:cc:82:ae:5d:50:49:a2:85:48:f3:
e3:12:0f:b7:cd:54:1a:04:27:46:c4:98:d7:e0:64:34:6a:11:
34:12:69:54:34:7d:15:11:a0:f0:f0:d6:10:69:0b:e7:de:12:
13:7c:e9:81:3a:6c:13:5c:33:91:91:18:72:ad:a1:76:2c:1c:
49:d2:7f:fb:8a:46:f3:a7:b7:83:0a:ea:a3:5c:45:d7:b0:6a:
8f:8e:9c:12:38:13:2b:70:86:6c:78:17:e5:9d:0e:5a:3a:09:
c4:f9:12:d0:f1:fe:c3:f4:b8:dd:a6:f4:4d:bd:52:e3:f2:ce:
eb:67:45:9d:bb:6e:1f:53:2a:f2:bc:17:42:ae:5a:0c:37:74:
f0:40:c5:12:95:cd:67:11:53:6d:ca:f2:62:a5:09:bc:04:84:
95:e6:a3:a2:4d:7b:14:f9:c5:86:c5:6f:bb:2a:2e:57:e6:c7:
a5:a0:ee:c2:2e:56:56:d5:6e:b7:6c:65:2f:70:94:21:8e:66:
c0:f0:4c:b2
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZb+iLdwMsj9/3I/BbAoBV2BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTIzMTkwNDU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWE1MDZkNGJiNDQzZjRkM2MyYmJhNTRiZWJiYWQ5ZjgzNmUzYWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyPkylaBfWTbOLnSgK5lKnKjQv1tX
g9AGnEiYpxMzyY2s+IVZlWAR59LUH1D8X+qPZgpUn/zyUtWTYQpb/EGZziS8PHxg
o7m0vp+XNhsjBNlYKJJRl9DcNctgHvFw6HcBiwpOr+R0jR1JNfbluDJCluIqhC2P
jZmZBNTI1tUr0KNZe9FrRXVw/dTyW2jpTB/7lctBDnJozrUg7Lv5hfjDoNLk6bC1
XqqeQN6EWvlYTSqoj4CbE08jomcMHPktvRH0Nt9fUtGlmsX8F6mMwk1X/+QaKGei
0JjgZB7qSNBKSgXBCVa9lHgqSYZoaQBmhOvFj8/cGrYclA3+aSfExEb7ZwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFB6lBtS7RD9NPCu6VL67rZ+DbjruMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvSHFVRzFMdEVQMDA4SzdwVXZydXRuNE51T3U0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlv6H7V4wDQYJKoZIhvcNAQELBQADggEB
AJ8aEkqTx9U7nii4f0MpMhZaMD+qo2aG63TcMQP3rnzKQ25j3Ot6rU/atFjR+GtV
VPjwzwwAfr6UYmHNWzTazIKuXVBJooVI8+MSD7fNVBoEJ0bEmNfgZDRqETQSaVQ0
fRURoPDw1hBpC+feEhN86YE6bBNcM5GRGHKtoXYsHEnSf/uKRvOnt4MK6qNcRdew
ao+OnBI4Eytwhmx4F+WdDlo6CcT5EtDx/sP0uN2m9E29UuPyzutnRZ27bh9TKvK8
F0KuWgw3dPBAxRKVzWcRU23K8mKlCbwEhJXmo6JNexT5xYbFb7sqLlfmx6Wg7sIu
VlbVbrdsZS9wlCGOZsDwTLI=
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:33:36 2025 by rpki-client