Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/QzeN4urjdxlZQ2254oVCBg8teeA.roa
File: QzeN4urjdxlZQ2254oVCBg8teeA.roa (raw, json)
Hash identifier: JVM92r8Ih50CKcnGANL9mqtVVzjC+2vqYNt3utJqidQ=
Subject key identifier: 43:37:8D:E2:EA:E3:77:19:59:43:6D:B9:E2:85:42:06:0F:2D:79:E0
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0196F366AA9665045D4A44769EA9702C31BB
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/QzeN4urjdxlZQ2254oVCBg8teeA.roa
Signing time: Wed 21 May 2025 15:11:53 +0000
ROA not before: Wed 21 May 2025 15:11:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 21 May 2025 16:04:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f3:66:aa:96:65:04:5d:4a:44:76:9e:a9:70:2c:31:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 21 15:11:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=43378de2eae3771959436db9e28542060f2d79e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:0c:f3:0c:c1:2b:5d:8b:da:07:17:d1:e4:24:
cd:9c:3d:1c:4d:4f:0e:88:d8:67:cd:ad:c8:4c:65:
84:72:40:07:db:01:de:c5:54:55:17:59:5b:02:ae:
2b:c3:9e:74:3e:a2:73:1d:da:47:f2:bc:2b:fc:d4:
81:2b:5b:f2:24:de:2e:2d:84:91:d4:5d:7e:fc:45:
40:b7:88:4a:4b:76:85:cf:54:8c:26:2f:b5:79:e1:
1f:5f:3a:d2:c8:0a:e4:02:5e:f6:ae:ac:28:0b:74:
5f:76:fe:8b:2a:62:54:8f:4c:54:33:d0:a3:b7:b9:
70:9e:2e:ae:4f:21:6f:e0:b0:8e:b7:5d:04:8f:48:
d9:0e:44:c0:20:37:dd:40:20:5c:9f:47:96:f8:0c:
ed:5f:53:0d:7b:d4:aa:80:e4:72:86:03:0b:74:9f:
53:3c:b4:5c:42:03:a1:48:92:2a:6e:db:84:5d:fc:
e4:bd:01:ec:25:27:fc:8a:ab:12:b1:8e:1c:6c:84:
70:69:43:82:86:8c:f8:4f:48:84:16:95:ac:48:3c:
57:77:bc:41:bf:25:d1:61:da:0a:10:58:39:0f:e2:
4b:27:66:79:0e:17:c5:9b:27:80:7e:d8:c9:d5:b5:
45:40:96:28:8f:36:38:76:b8:e8:f4:4a:93:78:ea:
37:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:37:8D:E2:EA:E3:77:19:59:43:6D:B9:E2:85:42:06:0F:2D:79:E0
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/QzeN4urjdxlZQ2254oVCBg8teeA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
Signature Algorithm: sha256WithRSAEncryption
28:73:fe:b7:33:4d:c6:ae:6f:8a:fb:1b:e1:23:53:88:ad:20:
74:a1:d8:25:e2:18:66:90:d0:dc:11:bb:a6:68:75:1b:95:2a:
33:c4:9c:fb:46:fa:94:76:52:7b:e8:d9:bb:fe:e6:d1:c8:22:
91:6b:1b:60:77:07:76:bb:9b:6f:65:8c:3a:33:be:e9:1b:fc:
7f:cf:95:da:a2:68:eb:2c:61:96:35:99:c3:b3:9b:d0:68:6a:
a2:4c:19:dc:4c:46:c0:50:62:f6:fd:6d:66:36:25:61:82:9d:
3c:67:1a:24:21:b6:8a:c9:b0:4b:06:f1:96:2d:78:d1:ed:50:
6e:e9:6c:7f:53:e5:33:fe:91:22:c3:dd:8e:a3:5f:73:c1:02:
29:a1:88:65:2b:04:3b:c5:21:d4:a7:c8:db:be:0a:fb:9e:4f:
76:f0:fb:e2:ff:9a:f8:f5:1e:20:20:34:ab:18:f6:5a:cb:a0:
bb:aa:26:49:09:fe:fe:78:08:7c:b8:f7:7d:56:a3:b8:0f:f8:
41:c0:37:9f:02:84:24:65:b4:8b:10:b8:50:f0:bd:98:95:d8:
6d:dc:6b:d4:03:79:d2:2b:21:03:e7:6c:bb:11:2a:04:6f:01:
1f:19:e7:4b:be:98:c9:12:69:05:ea:95:08:a6:1b:dd:5c:12:
03:95:65:a2
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZbzZqqWZQRdSkR2nqlwLDG7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTIxMTUxMTUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzM3OGRlMmVhZTM3NzE5NTk0MzZkYjllMjg1NDIwNjBmMmQ3OWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2gzzDMErXYvaBxfR5CTNnD0cTU8O
iNhnza3ITGWEckAH2wHexVRVF1lbAq4rw550PqJzHdpH8rwr/NSBK1vyJN4uLYSR
1F1+/EVAt4hKS3aFz1SMJi+1eeEfXzrSyArkAl72rqwoC3Rfdv6LKmJUj0xUM9Cj
t7lwni6uTyFv4LCOt10Ej0jZDkTAIDfdQCBcn0eW+AztX1MNe9SqgORyhgMLdJ9T
PLRcQgOhSJIqbtuEXfzkvQHsJSf8iqsSsY4cbIRwaUOChoz4T0iEFpWsSDxXd7xB
vyXRYdoKEFg5D+JLJ2Z5DhfFmyeAftjJ1bVFQJYojzY4drjo9EqTeOo3pQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFEM3jeLq43cZWUNtueKFQgYPLXngMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvUXplTjR1cmpkeGxaUTIyNTRvVkNCZzh0ZWVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGW7V2MKDANBgkqhkiG9w0BAQsFAAOCAQEAKHP+tzNNxq5vivsb4SNTiK0g
dKHYJeIYZpDQ3BG7pmh1G5UqM8Sc+0b6lHZSe+jZu/7m0cgikWsbYHcHdrubb2WM
OjO+6Rv8f8+V2qJo6yxhljWZw7Ob0GhqokwZ3ExGwFBi9v1tZjYlYYKdPGcaJCG2
ismwSwbxli140e1Qbulsf1PlM/6RIsPdjqNfc8ECKaGIZSsEO8Uh1KfI274K+55P
dvD74v+a+PUeICA0qxj2Wsugu6omSQn+/ngIfLj3fVajuA/4QcA3nwKEJGW0ixC4
UPC9mJXYbdxr1AN50ishA+dsuxEqBG8BHxnnS76YyRJpBeqVCKYb3VwSA5Vlog==
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:08:23 2025 by rpki-client