Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/QwaNoT-8RxTGblfl3g3DBiaCstA.roa
File: QwaNoT-8RxTGblfl3g3DBiaCstA.roa (raw, json)
Hash identifier: Y1OxALOGGToPhZRM0gX2DrXXLXlOJbzIpq0QYBDN96I=
Subject key identifier: 43:06:8D:A1:3F:BC:47:14:C6:6E:57:E5:DE:0D:C3:06:26:82:B2:D0
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 019737382C64C4A4FD35C74D7D4AF7FD18CA
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/QwaNoT-8RxTGblfl3g3DBiaCstA.roa
Signing time: Tue 03 Jun 2025 19:15:17 +0000
ROA not before: Tue 03 Jun 2025 19:15:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
2001:67c:64:ffff:0:197:353f:be91/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 03 Jun 2025 20:04:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:37:38:2c:64:c4:a4:fd:35:c7:4d:7d:4a:f7:fd:18:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Jun 3 19:15:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=43068da13fbc4714c66e57e5de0dc3062682b2d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:24:9c:9e:ba:bd:c2:50:8f:68:5b:99:c1:35:
5b:8b:80:71:80:7d:14:00:ff:e5:af:6d:2d:63:da:
ac:40:94:d5:8e:09:5a:da:d9:5f:29:92:34:6d:1d:
2d:61:35:bc:85:5b:c0:6c:35:47:28:f6:4a:ec:0d:
90:63:d2:ef:59:79:b7:4b:7c:32:33:96:80:9a:95:
01:32:80:bb:45:80:00:b2:6a:50:6b:27:a2:cc:c4:
15:64:80:07:62:99:f8:f7:f3:04:3e:34:1c:7d:d4:
c5:04:96:46:58:63:27:65:94:59:0d:ab:39:58:ea:
91:8c:26:ac:84:af:95:93:56:68:75:dc:4d:6b:23:
73:d4:b6:33:9b:80:89:74:b3:83:b5:d1:53:76:e6:
0e:e2:7e:69:d2:96:fe:04:87:ac:c2:53:b0:0c:7e:
39:58:4b:0a:de:b4:49:7d:09:62:81:29:fd:80:a8:
21:0c:bb:db:95:76:d1:c3:8d:98:67:25:39:0f:29:
ba:a2:f3:f8:24:96:1a:9a:83:a8:27:32:a0:d2:de:
5b:e9:f6:fe:e0:d3:2d:89:f3:8b:87:53:c6:84:89:
31:c1:d2:c2:68:72:79:fa:59:98:8c:31:4b:c2:98:
ec:fb:41:83:76:2b:f6:94:6b:64:ec:df:a4:7d:91:
dd:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:06:8D:A1:3F:BC:47:14:C6:6E:57:E5:DE:0D:C3:06:26:82:B2:D0
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/QwaNoT-8RxTGblfl3g3DBiaCstA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
2001:67c:64:ffff:0:197:353f:be91/128
Signature Algorithm: sha256WithRSAEncryption
6b:32:bf:27:eb:c2:50:2f:70:8b:ec:43:f6:e8:86:f7:bd:cc:
5e:a3:42:8f:42:14:53:c3:e0:12:d7:4e:32:00:89:ac:0b:ef:
42:16:04:16:06:27:91:9c:a2:86:82:42:ec:84:53:83:1d:2f:
ef:38:e2:15:9f:1f:fe:8b:96:c7:ad:4a:b7:17:d8:0b:75:a4:
32:35:67:81:ee:14:97:9d:cd:e5:7a:7e:2c:94:2e:02:3a:7f:
1e:c6:bf:1d:d7:18:cd:0c:8a:c0:6a:0b:b3:25:f7:b6:84:50:
f3:61:e4:95:4c:86:5d:a6:28:1a:f3:78:d2:52:96:f0:7b:29:
70:22:21:dd:ce:1f:dc:11:8d:f9:80:31:a0:bc:ca:17:e0:ac:
51:d4:4e:b0:46:bb:7a:fa:be:22:e6:e0:55:0c:0f:36:62:9c:
e2:d6:8a:76:fa:d2:69:9d:8a:ca:44:32:51:18:ae:e3:08:19:
3e:aa:35:a9:fe:ee:c3:4f:f5:b2:59:45:df:cf:21:99:c7:9a:
69:b5:80:f1:66:a7:76:1b:72:62:b5:2f:8e:6d:82:ef:7c:a5:
c0:c6:86:01:45:e5:10:e3:db:e8:f4:a5:66:1b:94:9b:9d:b2:
d3:1e:07:4e:df:fd:6f:04:33:ed:5f:53:cb:db:55:b0:3c:09:
ab:3a:44:2b
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZc3OCxkxKT9NcdNfUr3/RjKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNjAzMTkxNTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzA2OGRhMTNmYmM0NzE0YzY2ZTU3ZTVkZTBkYzMwNjI2ODJiMmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6iScnrq9wlCPaFuZwTVbi4BxgH0U
AP/lr20tY9qsQJTVjgla2tlfKZI0bR0tYTW8hVvAbDVHKPZK7A2QY9LvWXm3S3wy
M5aAmpUBMoC7RYAAsmpQayeizMQVZIAHYpn49/MEPjQcfdTFBJZGWGMnZZRZDas5
WOqRjCashK+Vk1ZoddxNayNz1LYzm4CJdLODtdFTduYO4n5p0pb+BIeswlOwDH45
WEsK3rRJfQligSn9gKghDLvblXbRw42YZyU5Dym6ovP4JJYamoOoJzKg0t5b6fb+
4NMtifOLh1PGhIkxwdLCaHJ5+lmYjDFLwpjs+0GDdiv2lGtk7N+kfZHdZQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFEMGjaE/vEcUxm5X5d4NwwYmgrLQMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvUXdhTm9ULThSeFRHYmxmbDNnM0RCaWFDc3RBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAAjBMAxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
AxEAIAEGfABk//8AAAGXNT++kTANBgkqhkiG9w0BAQsFAAOCAQEAazK/J+vCUC9w
i+xD9uiG973MXqNCj0IUU8PgEtdOMgCJrAvvQhYEFgYnkZyihoJC7IRTgx0v7zji
FZ8f/ouWx61KtxfYC3WkMjVnge4Ul53N5Xp+LJQuAjp/Hsa/HdcYzQyKwGoLsyX3
toRQ82HklUyGXaYoGvN40lKW8HspcCIh3c4f3BGN+YAxoLzKF+CsUdROsEa7evq+
IubgVQwPNmKc4taKdvrSaZ2KykQyURiu4wgZPqo1qf7uw0/1sllF388hmceaabWA
8WandhtyYrUvjm2C73ylwMaGAUXlEOPb6PSlZhuUm52y0x4HTt/9bwQz7V9Ty9tV
sDwJqzpEKw==
-----END CERTIFICATE-----
Generated at Sun Jun 8 14:40:43 2025 by rpki-client