Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/Q4aN_Wiz8GdlwdGnzjqRmIYi4cI.roa
File: Q4aN_Wiz8GdlwdGnzjqRmIYi4cI.roa (raw, json)
Hash identifier: gTZNQDP7WR4K5t4XBwXjZT9Hi6TV18RteEXFtyCzh9Y=
Subject key identifier: 43:86:8D:FD:68:B3:F0:67:65:C1:D1:A7:CE:3A:91:98:86:22:E1:C2
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 019704FF148FA16B7EFB3BA0ABD790755ACC
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/Q4aN_Wiz8GdlwdGnzjqRmIYi4cI.roa
Signing time: Sun 25 May 2025 01:11:55 +0000
ROA not before: Sun 25 May 2025 01:11:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 25 May 2025 02:04:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:04:ff:14:8f:a1:6b:7e:fb:3b:a0:ab:d7:90:75:5a:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 25 01:11:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=43868dfd68b3f06765c1d1a7ce3a91988622e1c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:8d:dc:b4:f5:4c:ea:45:63:29:d5:13:b7:3e:
ce:aa:34:92:9c:8a:f0:d4:70:d4:c5:2a:55:c0:04:
c3:f5:41:e5:5c:ed:fe:8e:03:3a:0b:b1:57:b9:4e:
62:c0:04:a7:4a:91:1c:70:5d:7b:49:b1:65:5a:14:
44:7b:25:c5:f8:b9:65:d5:3d:08:30:db:47:e5:e6:
56:1e:ef:29:82:c1:a0:3e:a6:84:da:ec:ff:b1:27:
9b:93:9c:41:30:19:41:b0:f4:00:34:e4:95:7b:11:
fe:6b:65:c8:35:67:00:08:65:4d:7c:96:ba:4b:bd:
cd:37:6f:cd:26:a1:8c:e5:e5:c4:4f:80:76:a7:ff:
c6:ea:dc:9d:a4:65:0e:49:6f:74:8f:4d:6c:28:3b:
6a:b6:f5:59:0d:b0:3b:c2:71:ac:38:f5:ab:dd:ff:
21:1a:e1:3d:32:3a:c6:dc:ac:be:55:7d:b5:e4:b9:
71:a3:1e:20:21:49:aa:f5:d2:23:a7:60:ca:0c:a9:
ca:0e:11:bf:11:ad:75:ce:71:63:cd:19:eb:55:a0:
fe:65:c5:4c:f4:9f:b5:7d:cf:7f:c6:12:ad:08:9b:
53:69:ba:a4:17:ba:ad:a2:47:26:21:83:ae:c9:1c:
33:6c:1d:79:e9:b7:c7:c0:6a:ae:4a:75:44:40:94:
a8:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:86:8D:FD:68:B3:F0:67:65:C1:D1:A7:CE:3A:91:98:86:22:E1:C2
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/Q4aN_Wiz8GdlwdGnzjqRmIYi4cI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
Signature Algorithm: sha256WithRSAEncryption
5b:e4:92:b2:d1:f9:67:c0:74:e7:5c:6c:c9:f0:90:4c:ff:f2:
bf:e9:3b:a1:b5:4d:ea:6e:72:db:33:be:67:ca:a8:b8:20:fa:
ca:d6:56:98:e8:92:ac:71:2d:f2:d4:d7:bf:5e:db:f3:62:7c:
17:4a:e8:7c:8c:3d:60:e7:24:55:17:58:09:e3:69:f7:ce:db:
5c:a3:00:d4:c2:90:60:ca:05:bb:5d:67:79:78:f2:b3:98:b0:
8c:0f:ed:98:ac:95:f0:d9:0e:26:27:c7:57:b4:04:01:81:0d:
e9:0d:5b:58:ed:6e:40:7b:36:77:64:68:7f:93:f2:17:e9:60:
f0:4e:dc:9a:17:a6:92:ac:0a:3c:6c:f0:3b:a6:12:e3:d6:ae:
d8:68:94:c7:67:af:43:0c:9e:ed:29:72:57:f5:b4:3c:52:5a:
da:2c:08:af:66:56:26:a9:3f:af:ca:4b:c7:96:47:b4:14:a7:
b9:2a:e4:48:b3:66:ab:f5:de:76:76:5b:46:e8:1a:3d:ab:ed:
da:71:9d:12:61:30:f0:93:f8:94:be:39:07:bf:c7:3c:4f:82:
dc:09:93:2e:f2:70:dd:ab:0e:4c:c5:59:e6:e4:dd:1b:a1:fe:
a1:af:c6:e6:68:d8:bb:f4:48:0d:58:7f:dc:0d:76:0f:cc:fe:
8e:07:26:69
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZcE/xSPoWt++zugq9eQdVrMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTI1MDExMTU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Mzg2OGRmZDY4YjNmMDY3NjVjMWQxYTdjZTNhOTE5ODg2MjJlMWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqI3ctPVM6kVjKdUTtz7OqjSSnIrw
1HDUxSpVwATD9UHlXO3+jgM6C7FXuU5iwASnSpEccF17SbFlWhREeyXF+Lll1T0I
MNtH5eZWHu8pgsGgPqaE2uz/sSebk5xBMBlBsPQANOSVexH+a2XINWcACGVNfJa6
S73NN2/NJqGM5eXET4B2p//G6tydpGUOSW90j01sKDtqtvVZDbA7wnGsOPWr3f8h
GuE9MjrG3Ky+VX215Llxox4gIUmq9dIjp2DKDKnKDhG/Ea11znFjzRnrVaD+ZcVM
9J+1fc9/xhKtCJtTabqkF7qtokcmIYOuyRwzbB156bfHwGquSnVEQJSoKwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFEOGjf1os/BnZcHRp846kZiGIuHCMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvUTRhTl9XaXo4R2Rsd2RHbnpqcVJtSVlpNGNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGW7V2MKDANBgkqhkiG9w0BAQsFAAOCAQEAW+SSstH5Z8B051xsyfCQTP/y
v+k7obVN6m5y2zO+Z8qouCD6ytZWmOiSrHEt8tTXv17b82J8F0rofIw9YOckVRdY
CeNp987bXKMA1MKQYMoFu11neXjys5iwjA/tmKyV8NkOJifHV7QEAYEN6Q1bWO1u
QHs2d2Rof5PyF+lg8E7cmhemkqwKPGzwO6YS49au2GiUx2evQwye7SlyV/W0PFJa
2iwIr2ZWJqk/r8pLx5ZHtBSnuSrkSLNmq/XednZbRugaPavt2nGdEmEw8JP4lL45
B7/HPE+C3AmTLvJw3asOTMVZ5uTdG6H+oa/G5mjYu/RIDVh/3A12D8z+jgcmaQ==
-----END CERTIFICATE-----
Generated at Sun Jun 8 11:14:32 2025 by rpki-client