Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/QqJVgOLLu-nlvYh176RfZifQmvA.roa
File: QqJVgOLLu-nlvYh176RfZifQmvA.roa (raw, json)
Hash identifier: J3n1apspLhUCSvhrpybrN3BOlIuZAEhZoAG1XEZlDQ0=
Subject key identifier: 42:A2:55:80:E2:CB:BB:E9:E5:BD:88:75:EF:A4:5F:66:27:D0:9A:F0
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 01972B6A955D3F54407552BAF71528D674C4
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/QqJVgOLLu-nlvYh176RfZifQmvA.roa
Signing time: Sun 01 Jun 2025 12:14:54 +0000
ROA not before: Sun 01 Jun 2025 12:14:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 01 Jun 2025 13:04:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:2b:6a:95:5d:3f:54:40:75:52:ba:f7:15:28:d6:74:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Jun 1 12:14:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=42a25580e2cbbbe9e5bd8875efa45f6627d09af0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:bd:44:d2:5b:d9:b7:45:0b:96:5f:d5:a1:11:
32:4d:34:1a:76:8d:bd:db:88:d3:22:2a:e7:04:eb:
b7:88:b8:c9:5b:50:a7:bb:57:ce:76:da:74:9a:2f:
c2:f9:b3:5a:6e:81:c8:a1:1b:2c:da:74:66:e7:06:
8f:8b:13:5b:5e:7e:7b:d6:c0:d3:bc:53:af:40:ac:
ca:ec:c6:8e:16:e7:0e:74:c7:72:a2:d4:ed:5a:78:
62:9c:ad:cd:25:09:8f:60:ae:34:94:8f:69:eb:5d:
8b:9b:4b:bc:8a:f9:72:e3:b8:2f:9b:6c:63:47:24:
42:52:75:23:62:99:41:9b:9e:b6:ec:fe:ab:3a:a3:
f3:e3:31:05:6c:8b:f8:11:f5:11:1f:8c:02:57:ec:
aa:50:c9:19:5c:60:e3:48:f6:76:bf:70:af:a3:29:
82:0c:dc:95:01:1b:a0:c6:dc:35:32:ca:b8:a2:f7:
97:60:d8:11:bc:02:66:38:d7:08:e6:3c:65:30:93:
69:c7:a2:48:d9:77:a8:7e:fb:da:9b:f2:80:08:d7:
c7:1b:dc:9f:49:11:48:20:ca:67:45:fe:ba:71:bd:
c7:6b:18:3b:c2:64:7e:3e:a6:48:d8:b7:2c:ac:a4:
46:3c:55:55:c6:f3:2c:00:9e:a5:6e:3d:bb:e0:d3:
d5:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:A2:55:80:E2:CB:BB:E9:E5:BD:88:75:EF:A4:5F:66:27:D0:9A:F0
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/QqJVgOLLu-nlvYh176RfZifQmvA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
Signature Algorithm: sha256WithRSAEncryption
93:2e:88:30:3b:db:74:fb:0a:2f:63:64:e6:10:46:dc:16:1d:
2f:8a:ab:9a:8e:1f:30:6c:eb:da:86:bd:25:ca:b3:aa:da:21:
1f:bf:5c:0f:78:86:f8:3b:e8:f6:44:35:a7:9c:f2:01:ee:e1:
ae:f3:fc:30:7c:51:04:7a:d7:19:3b:76:e1:41:b4:82:fe:a9:
61:1b:85:1c:be:8c:7d:c5:8a:43:49:f2:2a:7a:09:9f:aa:ea:
ba:e1:74:67:3c:77:46:2d:6e:67:ec:e7:a4:ee:2c:5e:8e:f3:
62:dd:6a:44:af:79:ca:7a:12:fc:f0:b0:a7:05:16:77:70:92:
1f:8c:5c:b0:da:f4:81:49:31:98:26:dc:55:0b:92:f9:a2:58:
f8:ba:fd:d7:f2:7a:01:d3:9f:8e:d6:2c:5c:4a:33:24:5d:27:
ca:89:8b:b3:9d:31:8b:ee:3c:12:3b:e2:50:1c:25:20:9e:3b:
3a:e7:a9:f6:59:63:88:7f:47:a1:a3:3e:57:00:1e:30:ad:ec:
f6:9e:eb:e0:1e:28:b2:33:a3:14:bf:57:e6:c9:89:08:e1:22:
a2:5c:89:e3:bc:f8:af:5d:f6:00:c3:dc:24:70:e8:0b:c2:91:
cf:e4:99:53:6e:62:29:e0:72:0d:54:ab:7b:1a:f8:11:e0:f4:
56:9d:c8:a4
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZcrapVdP1RAdVK69xUo1nTEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNjAxMTIxNDU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmEyNTU4MGUyY2JiYmU5ZTViZDg4NzVlZmE0NWY2NjI3ZDA5YWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyL1E0lvZt0ULll/VoREyTTQado29
24jTIirnBOu3iLjJW1Cnu1fOdtp0mi/C+bNaboHIoRss2nRm5waPixNbXn571sDT
vFOvQKzK7MaOFucOdMdyotTtWnhinK3NJQmPYK40lI9p612Lm0u8ivly47gvm2xj
RyRCUnUjYplBm5627P6rOqPz4zEFbIv4EfURH4wCV+yqUMkZXGDjSPZ2v3CvoymC
DNyVARugxtw1Msq4oveXYNgRvAJmONcI5jxlMJNpx6JI2Xeofvvam/KACNfHG9yf
SRFIIMpnRf66cb3Haxg7wmR+PqZI2LcsrKRGPFVVxvMsAJ6lbj274NPVAQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFEKiVYDiy7vp5b2Ide+kX2Yn0JrwMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvUXFKVmdPTEx1LW5sdlloMTc2UmZaaWZRbXZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTA/BAIAAjA5AxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
MA0GCSqGSIb3DQEBCwUAA4IBAQCTLogwO9t0+wovY2TmEEbcFh0viquajh8wbOva
hr0lyrOq2iEfv1wPeIb4O+j2RDWnnPIB7uGu8/wwfFEEetcZO3bhQbSC/qlhG4Uc
vox9xYpDSfIqegmfquq64XRnPHdGLW5n7Oek7ixejvNi3WpEr3nKehL88LCnBRZ3
cJIfjFyw2vSBSTGYJtxVC5L5olj4uv3X8noB05+O1ixcSjMkXSfKiYuznTGL7jwS
O+JQHCUgnjs656n2WWOIf0ehoz5XAB4wrez2nuvgHiiyM6MUv1fmyYkI4SKiXInj
vPivXfYAw9wkcOgLwpHP5JlTbmIp4HINVKt7GvgR4PRWncik
-----END CERTIFICATE-----
Generated at Sun Jun 8 11:39:01 2025 by rpki-client