Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/QKefMQTiZ-OSaM_v1tinq5uY75U.roa
File: QKefMQTiZ-OSaM_v1tinq5uY75U.roa (raw, json)
Hash identifier: z4UIDVjeUVIV9qs+bQC3EWDfhXJt8ptOIYq8OuWFZLc=
Subject key identifier: 40:A7:9F:31:04:E2:67:E3:92:68:CF:EF:D6:D8:A7:AB:9B:98:EF:95
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0196C83F3FBB43C809F6F832D92B6BDEE2C0
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/QKefMQTiZ-OSaM_v1tinq5uY75U.roa
Signing time: Tue 13 May 2025 06:05:10 +0000
ROA not before: Tue 13 May 2025 06:05:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:c83e:8d91/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 13 May 2025 06:15:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c8:3f:3f:bb:43:c8:09:f6:f8:32:d9:2b:6b:de:e2:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 13 06:05:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=40a79f3104e267e39268cfefd6d8a7ab9b98ef95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:fa:5f:d7:51:a3:54:80:17:d3:8a:12:f5:5c:
a1:e6:6e:52:92:d8:ec:45:1e:75:b0:30:d2:6d:01:
c6:98:b2:b3:bf:9e:bc:0f:70:14:7d:10:13:4e:20:
35:d6:eb:83:cb:4b:79:ce:76:f2:fa:b2:12:e4:26:
a3:78:f2:dc:4f:ae:c7:56:1c:e7:0b:5c:69:36:e6:
8c:27:4c:68:38:6d:5e:df:b9:7b:7e:d6:61:65:d9:
47:a2:92:b9:ca:0b:e8:f4:20:68:c5:75:b1:f7:69:
b0:b9:83:2c:1f:89:18:74:0e:65:06:49:9b:00:f2:
b5:ff:74:6f:ce:19:4c:f3:5d:d0:69:cb:25:66:b4:
e2:62:81:a3:0b:ef:a9:b6:2f:f9:a1:1e:71:07:6a:
5a:80:17:27:5b:5d:7b:ee:1f:aa:2e:f9:9c:9a:90:
20:0c:c0:09:a5:06:59:b2:d2:73:d4:d9:1a:1b:e6:
9b:8f:7b:86:5b:5d:0e:6c:4b:94:21:36:e1:d6:0c:
40:ee:37:ac:8d:ae:1e:2a:b7:0c:6a:00:a0:cf:98:
91:d2:b9:0a:07:cf:d4:59:60:1a:d9:c3:fd:68:ad:
b9:2d:c5:73:f0:a4:8e:80:f9:c0:1c:6c:ac:e9:70:
b0:5c:b9:d8:ce:fd:6c:e0:00:6c:a9:15:64:89:b3:
aa:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:A7:9F:31:04:E2:67:E3:92:68:CF:EF:D6:D8:A7:AB:9B:98:EF:95
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/QKefMQTiZ-OSaM_v1tinq5uY75U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:c83e:8d91/128
Signature Algorithm: sha256WithRSAEncryption
ba:27:bb:d2:e0:cf:7f:17:21:1c:fb:76:67:6c:16:db:3c:1b:
80:11:8d:c4:06:dd:bb:1b:10:db:9a:ac:99:81:7d:74:6c:b2:
26:f0:b4:c7:1f:1d:13:b4:88:cb:36:41:be:85:fc:d9:7a:40:
bb:25:e3:10:2b:b4:d7:aa:4b:bf:0c:a3:4e:37:8c:37:cb:64:
e4:fc:d9:dd:da:20:4c:50:c0:9d:fb:be:b7:5f:1b:ee:10:b2:
ae:cd:30:f9:3f:b7:1e:03:f4:58:ec:5e:f8:57:d9:2c:65:65:
57:19:1c:da:ac:f2:71:9b:fd:de:c7:21:77:c5:33:25:9e:60:
46:4e:7b:45:65:1e:ac:5d:23:ab:ad:29:42:25:1a:66:f9:6f:
99:06:13:95:cc:ef:85:fa:c0:e4:36:89:aa:09:f2:d4:3b:67:
d7:dc:fe:d9:eb:6a:0b:24:b1:4e:54:04:64:83:13:63:a8:a2:
36:c3:88:38:bf:5b:da:d0:37:97:d5:15:6b:61:96:e1:e0:16:
99:74:e8:33:94:19:0f:87:7a:9f:e8:d3:75:13:ab:aa:fb:43:
71:ab:71:fd:34:a8:36:75:ae:a1:78:55:a6:72:cd:cc:ff:53:
1e:9b:d7:c1:b2:e8:fc:e4:ca:be:c3:ea:e8:c6:15:27:fa:24:
01:3f:d8:b7
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZbIPz+7Q8gJ9vgy2Str3uLAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTEzMDYwNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGE3OWYzMTA0ZTI2N2UzOTI2OGNmZWZkNmQ4YTdhYjliOThlZjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Ppf11GjVIAX04oS9Vyh5m5Sktjs
RR51sDDSbQHGmLKzv568D3AUfRATTiA11uuDy0t5znby+rIS5CajePLcT67HVhzn
C1xpNuaMJ0xoOG1e37l7ftZhZdlHopK5ygvo9CBoxXWx92mwuYMsH4kYdA5lBkmb
APK1/3RvzhlM813QacslZrTiYoGjC++pti/5oR5xB2pagBcnW1177h+qLvmcmpAg
DMAJpQZZstJz1NkaG+abj3uGW10ObEuUITbh1gxA7jesja4eKrcMagCgz5iR0rkK
B8/UWWAa2cP9aK25LcVz8KSOgPnAHGys6XCwXLnYzv1s4ABsqRVkibOqVQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFECnnzEE4mfjkmjP79bYp6ubmO+VMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvUUtlZk1RVGlaLU9TYU1fdjF0aW5xNXVZNzVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGWyD6NkTANBgkqhkiG9w0BAQsFAAOCAQEAuie70uDPfxchHPt2Z2wW2zwb
gBGNxAbduxsQ25qsmYF9dGyyJvC0xx8dE7SIyzZBvoX82XpAuyXjECu016pLvwyj
TjeMN8tk5PzZ3dogTFDAnfu+t18b7hCyrs0w+T+3HgP0WOxe+FfZLGVlVxkc2qzy
cZv93schd8UzJZ5gRk57RWUerF0jq60pQiUaZvlvmQYTlczvhfrA5DaJqgny1Dtn
19z+2etqCySxTlQEZIMTY6iiNsOIOL9b2tA3l9UVa2GW4eAWmXToM5QZD4d6n+jT
dROrqvtDcatx/TSoNnWuoXhVpnLNzP9THpvXwbLo/OTKvsPq6MYVJ/okAT/Ytw==
-----END CERTIFICATE-----
Generated at Sat Jun 7 21:56:26 2025 by rpki-client