Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/Q8yVtiyi1Dwx_sy4hQJwg5P3sz8.roa
File: Q8yVtiyi1Dwx_sy4hQJwg5P3sz8.roa (raw, json)
Hash identifier: I7yna7UsnXDwxOHNlgIYBEFD4hXYh9D3ZAgT8j3AQl4=
Subject key identifier: 43:CC:95:B6:2C:A2:D4:3C:31:FE:CC:B8:85:02:70:83:93:F7:B3:3F
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 01972ABCA267B08692F97400792539409460
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/Q8yVtiyi1Dwx_sy4hQJwg5P3sz8.roa
Signing time: Sun 01 Jun 2025 09:04:54 +0000
ROA not before: Sun 01 Jun 2025 09:04:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
2001:67c:64:ffff:0:197:2abb:f5f2/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 01 Jun 2025 09:15:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:2a:bc:a2:67:b0:86:92:f9:74:00:79:25:39:40:94:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Jun 1 09:04:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=43cc95b62ca2d43c31feccb88502708393f7b33f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:01:4c:40:d7:2d:da:7e:13:f1:30:7c:75:59:
10:a3:b8:33:75:4e:32:a2:1d:ca:4b:7b:9e:a0:03:
7a:1e:c6:9b:d7:07:71:9c:84:ca:be:b5:d1:d1:a5:
bf:5c:ab:c0:24:75:f0:78:e7:c7:fd:84:c6:5c:b2:
1d:f1:da:23:0b:8c:53:51:3c:c5:e3:94:4a:ec:ee:
c9:83:72:82:28:dc:68:0a:ad:ae:f6:fc:ca:38:32:
55:0f:6b:cf:82:67:81:86:8e:99:f5:92:8b:77:e2:
ab:35:95:f2:6b:e1:c7:55:d6:43:cd:92:2c:2c:a6:
fa:93:b0:f3:65:80:34:82:2a:68:6e:be:13:4f:35:
ea:f9:a6:5c:0a:a6:7c:d8:c8:b6:de:f4:b9:ac:6a:
87:a0:e9:e4:e9:7d:29:de:b5:a4:62:51:08:fd:31:
8a:64:bd:c0:59:66:b0:11:ca:a3:59:1b:d5:1a:3a:
e4:0f:42:c5:66:98:78:99:4e:ef:43:24:01:4b:00:
d5:d4:69:13:d8:50:cf:cb:77:4c:5c:30:b2:76:34:
3b:7c:05:3f:a4:cc:91:fc:0a:8e:96:ad:02:cf:be:
e2:05:a1:5e:4d:e2:a1:7f:79:24:39:03:20:cc:54:
4b:3b:95:59:a3:84:fb:13:ff:85:12:54:b4:68:52:
cf:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:CC:95:B6:2C:A2:D4:3C:31:FE:CC:B8:85:02:70:83:93:F7:B3:3F
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/Q8yVtiyi1Dwx_sy4hQJwg5P3sz8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
2001:67c:64:ffff:0:197:2abb:f5f2/128
Signature Algorithm: sha256WithRSAEncryption
71:3a:ac:86:44:55:1a:90:7c:43:7a:08:5c:16:41:07:da:04:
56:57:7e:36:5b:37:b2:18:f2:df:ec:c3:ca:1a:5e:40:f7:64:
99:55:33:ec:b0:5d:6e:c7:e8:c1:88:92:5f:46:2c:55:55:fb:
89:6a:0f:e6:bc:b0:51:8a:3f:08:20:dd:b7:72:05:de:b9:05:
fe:34:2f:65:ee:5d:44:1b:11:a7:75:98:c8:4b:d0:9b:ff:63:
f9:66:4a:98:cc:70:7b:7e:90:06:34:fc:9a:39:b2:da:12:2a:
20:40:cb:bf:ee:8e:3b:45:79:aa:16:fc:9e:35:9a:ae:4d:c8:
72:f0:46:2f:01:f3:c8:e7:ae:cd:ca:4e:5e:76:b1:67:da:ac:
84:44:26:64:be:87:5b:64:fb:1c:36:16:21:c1:a7:f7:b8:ad:
a4:17:c3:31:00:81:ce:a4:ea:d4:82:24:d2:dc:f2:33:6d:58:
b1:39:4e:52:ac:35:58:0a:7c:76:83:51:3c:63:63:53:12:41:
82:2e:79:f0:69:e9:4d:2b:28:58:43:37:e1:cd:ef:31:d2:c3:
4f:a4:e8:91:34:7d:b6:6e:a4:19:85:32:51:5a:52:1f:a2:ee:
2c:e9:16:67:8f:c3:6c:9e:f2:a9:dd:86:c3:0b:fa:fe:7c:e1:
a7:3a:bc:bf
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZcqvKJnsIaS+XQAeSU5QJRgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNjAxMDkwNDU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2NjOTViNjJjYTJkNDNjMzFmZWNjYjg4NTAyNzA4MzkzZjdiMzNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgFMQNct2n4T8TB8dVkQo7gzdU4y
oh3KS3ueoAN6Hsab1wdxnITKvrXR0aW/XKvAJHXweOfH/YTGXLId8dojC4xTUTzF
45RK7O7Jg3KCKNxoCq2u9vzKODJVD2vPgmeBho6Z9ZKLd+KrNZXya+HHVdZDzZIs
LKb6k7DzZYA0gipobr4TTzXq+aZcCqZ82Mi23vS5rGqHoOnk6X0p3rWkYlEI/TGK
ZL3AWWawEcqjWRvVGjrkD0LFZph4mU7vQyQBSwDV1GkT2FDPy3dMXDCydjQ7fAU/
pMyR/AqOlq0Cz77iBaFeTeKhf3kkOQMgzFRLO5VZo4T7E/+FElS0aFLPfwIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFEPMlbYsotQ8Mf7MuIUCcIOT97M/MB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvUTh5VnRpeWkxRHd4X3N5NGhRSndnNVAzc3o4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAAjBMAxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
AxEAIAEGfABk//8AAAGXKrv18jANBgkqhkiG9w0BAQsFAAOCAQEAcTqshkRVGpB8
Q3oIXBZBB9oEVld+Nls3shjy3+zDyhpeQPdkmVUz7LBdbsfowYiSX0YsVVX7iWoP
5rywUYo/CCDdt3IF3rkF/jQvZe5dRBsRp3WYyEvQm/9j+WZKmMxwe36QBjT8mjmy
2hIqIEDLv+6OO0V5qhb8njWark3IcvBGLwHzyOeuzcpOXnaxZ9qshEQmZL6HW2T7
HDYWIcGn97itpBfDMQCBzqTq1IIk0tzyM21YsTlOUqw1WAp8doNRPGNjUxJBgi55
8GnpTSsoWEM34c3vMdLDT6TokTR9tm6kGYUyUVpSH6LuLOkWZ4/DbJ7yqd2Gwwv6
/nzhpzq8vw==
-----END CERTIFICATE-----
Generated at Mon Jun 9 07:37:41 2025 by rpki-client