Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/QK-PFG81axCz2J6RJcnnZf1KkOE.roa
File: QK-PFG81axCz2J6RJcnnZf1KkOE.roa (raw, json)
Hash identifier: I6zPdro+ssxmeu7Yb+rK1tRRK19ONcrQLkhBx/qK0eQ=
Subject key identifier: 40:AF:8F:14:6F:35:6B:10:B3:D8:9E:91:25:C9:E7:65:FD:4A:90:E1
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 01973E83D98B372EA3DE9E8F780042FA4435
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/QK-PFG81axCz2J6RJcnnZf1KkOE.roa
Signing time: Thu 05 Jun 2025 05:15:17 +0000
ROA not before: Thu 05 Jun 2025 05:15:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
2001:67c:64:ffff:0:197:353f:be91/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 05 Jun 2025 06:04:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3e:83:d9:8b:37:2e:a3:de:9e:8f:78:00:42:fa:44:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Jun 5 05:15:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=40af8f146f356b10b3d89e9125c9e765fd4a90e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:46:8f:0d:2d:f9:23:2b:24:36:b4:8b:ca:1d:
06:cb:1c:d3:f9:9d:07:2c:e7:e6:99:74:54:61:14:
df:2f:b6:4a:b7:0c:ee:aa:2d:cd:00:36:c1:67:1a:
27:c3:35:37:41:c3:1b:74:46:0d:b4:a2:31:89:f0:
af:8a:6f:a6:9f:51:af:55:ff:71:dd:b1:7c:d8:f2:
23:0e:69:00:fe:6d:c4:02:c5:6a:fe:4a:b8:50:8c:
ec:ca:84:02:29:86:e7:d3:58:79:9c:07:de:9a:a5:
6c:24:b3:ae:b2:7c:8a:03:c9:b8:58:ad:c2:1c:25:
eb:dd:b4:41:74:4b:37:ca:cb:32:6b:ad:f3:d6:2b:
44:1b:c3:b5:9c:0d:a2:bf:c9:2e:31:a5:61:f5:f4:
2b:21:0d:d2:67:cd:1a:c6:34:30:73:d6:46:5b:d8:
4e:5d:ef:d9:7a:36:8f:19:d4:6d:a9:a3:a9:d2:cc:
9f:26:16:99:6a:72:ea:78:1c:26:bf:03:c9:50:4f:
ce:6d:1b:e0:37:bf:52:8f:f7:4b:10:6a:23:ae:8d:
24:44:81:ad:ea:d7:02:e1:3a:4e:9f:2d:ab:b4:ea:
57:05:ba:36:e1:f6:53:7d:a8:08:e2:9b:4f:f6:45:
9d:86:65:b8:d7:d5:df:c7:b3:62:e9:60:a3:28:4f:
58:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:AF:8F:14:6F:35:6B:10:B3:D8:9E:91:25:C9:E7:65:FD:4A:90:E1
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/QK-PFG81axCz2J6RJcnnZf1KkOE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
2001:67c:64:ffff:0:197:353f:be91/128
Signature Algorithm: sha256WithRSAEncryption
4b:d0:06:3e:88:b7:8b:bf:bf:aa:64:4a:fc:83:75:35:ff:be:
2b:07:3d:71:6b:45:cc:57:e0:d0:05:3e:2c:33:00:5c:56:31:
dd:b3:70:c1:7b:0c:76:5d:49:a9:56:a5:e5:f7:e2:6b:88:82:
53:80:5e:46:69:6f:a2:c1:73:a9:62:4c:22:c7:02:1a:73:dd:
96:9b:1b:ca:16:27:f8:9e:43:a3:63:d7:11:7f:d0:13:a5:23:
7a:c1:66:46:e7:89:d3:fb:cb:a2:4a:53:bb:a5:72:db:8d:0f:
81:2c:21:77:1b:d2:f2:16:87:13:4c:96:6c:d8:00:6a:ff:23:
d5:79:07:0b:b0:c0:fb:7c:98:8d:1b:0d:14:7f:6f:ef:09:6c:
2e:fb:ec:56:2b:bf:e7:ee:87:18:ca:14:38:8c:fc:14:24:21:
38:c9:11:19:1e:f5:25:56:26:22:cd:56:ed:fc:19:f7:fa:aa:
6e:7a:81:9b:dd:48:8d:98:d6:9d:46:14:6f:23:d1:86:28:a4:
ff:6e:49:2a:8e:c8:6f:6f:45:eb:8d:73:c7:71:7b:82:5c:f6:
54:d7:e7:0f:2c:80:de:f9:3c:e6:d5:a4:e7:f5:95:31:c7:7a:
7b:1e:dc:92:6e:79:a7:8d:d7:fd:62:ef:8f:24:10:1d:13:5d:
14:3f:d4:97
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZc+g9mLNy6j3p6PeABC+kQ1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNjA1MDUxNTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGFmOGYxNDZmMzU2YjEwYjNkODllOTEyNWM5ZTc2NWZkNGE5MGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApUaPDS35IyskNrSLyh0GyxzT+Z0H
LOfmmXRUYRTfL7ZKtwzuqi3NADbBZxonwzU3QcMbdEYNtKIxifCvim+mn1GvVf9x
3bF82PIjDmkA/m3EAsVq/kq4UIzsyoQCKYbn01h5nAfemqVsJLOusnyKA8m4WK3C
HCXr3bRBdEs3yssya63z1itEG8O1nA2iv8kuMaVh9fQrIQ3SZ80axjQwc9ZGW9hO
Xe/ZejaPGdRtqaOp0syfJhaZanLqeBwmvwPJUE/ObRvgN79Sj/dLEGojro0kRIGt
6tcC4TpOny2rtOpXBbo24fZTfagI4ptP9kWdhmW419Xfx7Ni6WCjKE9YzQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFECvjxRvNWsQs9iekSXJ52X9SpDhMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvUUstUEZHODFheEN6Mko2Ukpjbm5aZjFLa09FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAAjBMAxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
AxEAIAEGfABk//8AAAGXNT++kTANBgkqhkiG9w0BAQsFAAOCAQEAS9AGPoi3i7+/
qmRK/IN1Nf++Kwc9cWtFzFfg0AU+LDMAXFYx3bNwwXsMdl1JqVal5ffia4iCU4Be
RmlvosFzqWJMIscCGnPdlpsbyhYn+J5Do2PXEX/QE6UjesFmRueJ0/vLokpTu6Vy
240PgSwhdxvS8haHE0yWbNgAav8j1XkHC7DA+3yYjRsNFH9v7wlsLvvsViu/5+6H
GMoUOIz8FCQhOMkRGR71JVYmIs1W7fwZ9/qqbnqBm91IjZjWnUYUbyPRhiik/25J
Ko7Ib29F641zx3F7glz2VNfnDyyA3vk85tWk5/WVMcd6ex7ckm55p43X/WLvjyQQ
HRNdFD/Ulw==
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:13:16 2025 by rpki-client