Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/XQRhqJSmP11uTiNuQyoo5hcmux4.roa
File: XQRhqJSmP11uTiNuQyoo5hcmux4.roa (raw, json)
Hash identifier: 9jN54rjYJtImVEKTuRZiglv0Tni9bpVemGIEwMvpTo8=
Subject key identifier: 5D:04:61:A8:94:A6:3F:5D:6E:4E:23:6E:43:2A:28:E6:17:26:BB:1E
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 01970830A50C5FA020CF3DDAED813F1FE2FE
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/XQRhqJSmP11uTiNuQyoo5hcmux4.roa
Signing time: Sun 25 May 2025 16:04:55 +0000
ROA not before: Sun 25 May 2025 16:04:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:82f:f537/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 25 May 2025 16:14:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:08:30:a5:0c:5f:a0:20:cf:3d:da:ed:81:3f:1f:e2:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 25 16:04:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5d0461a894a63f5d6e4e236e432a28e61726bb1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:c5:12:bb:8e:6e:e7:59:17:16:18:88:e4:29:
51:42:99:c1:a1:43:75:47:70:88:8f:49:d9:4b:43:
e3:0e:f6:fb:c6:08:85:b1:50:aa:a7:51:90:62:0d:
16:2c:1b:48:56:43:20:00:56:a3:4f:6f:e7:6a:18:
eb:c1:5d:fa:08:2e:f7:7b:1b:ba:0c:b9:0d:fd:29:
57:67:af:b4:a6:c6:86:87:9e:93:7f:d5:aa:3f:0e:
03:33:a6:9d:06:13:be:7e:79:7a:78:14:fa:77:0e:
be:4e:6d:78:e2:f9:5e:a0:2e:7f:1b:26:99:00:f9:
73:af:06:b0:40:3d:91:36:52:68:07:54:11:2a:45:
90:f9:cf:c0:4e:0d:bd:39:48:c8:26:8b:6e:3c:b8:
fc:5f:d9:0e:86:48:71:00:8d:51:d1:6f:70:b9:d2:
06:b3:a1:f6:71:80:d6:53:a6:7f:e3:f0:46:07:7f:
c2:90:9b:21:54:ad:c3:16:e7:63:7c:91:ac:8b:4a:
75:fd:8e:6a:f7:07:16:fe:a2:55:be:fc:fb:02:a2:
6e:2b:7f:75:51:b8:87:9f:00:c1:e9:61:0f:e0:2c:
17:57:9c:fe:d1:d2:8d:4a:0a:88:30:bd:12:c2:1f:
cf:88:2d:4e:b3:90:0c:e9:ce:08:73:b8:e5:8e:85:
af:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:04:61:A8:94:A6:3F:5D:6E:4E:23:6E:43:2A:28:E6:17:26:BB:1E
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/XQRhqJSmP11uTiNuQyoo5hcmux4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:82f:f537/128
Signature Algorithm: sha256WithRSAEncryption
55:a4:9b:19:8a:75:a9:49:89:ca:2e:3c:6b:df:e1:b4:04:2a:
79:49:ca:1a:24:38:02:ce:4e:11:a1:10:8b:b0:76:6a:f2:e8:
55:ab:b8:62:d6:3c:95:1e:61:ef:3c:f1:30:e2:c6:54:90:00:
38:09:85:18:11:c4:48:97:44:4b:94:c7:81:12:cb:1f:ae:38:
79:e1:3b:e2:d3:8b:dd:90:bb:d3:13:c9:d1:c9:3c:0d:33:92:
b3:8d:de:a3:a8:8d:11:90:2c:86:ce:b9:74:e5:ed:c4:41:d1:
04:7d:e5:e4:44:e7:72:00:ad:18:2b:83:68:29:78:cc:ad:17:
15:1c:3e:b2:42:93:12:12:f2:8f:8c:f4:6e:0f:b3:0f:18:48:
d0:f2:e2:1d:74:19:f8:48:0e:94:b1:e8:25:f4:e4:e7:85:b1:
8a:23:c6:37:fc:c4:59:a6:8d:b6:d0:7d:cb:fe:ef:05:14:83:
30:06:13:fc:37:42:7e:cd:0f:52:b7:93:ce:f2:83:e2:05:7d:
be:75:80:2f:59:14:2e:5c:b7:5e:73:c7:e0:3e:41:19:38:b4:
34:b9:db:15:99:0e:9f:96:32:7b:19:8e:64:56:1a:d3:ad:4b:
ef:2b:3c:05:01:63:0e:e2:72:bf:ae:5b:45:10:3a:2d:1c:4a:
e8:d9:99:68
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZcIMKUMX6Agzz3a7YE/H+L+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTI1MTYwNDU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDA0NjFhODk0YTYzZjVkNmU0ZTIzNmU0MzJhMjhlNjE3MjZiYjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA08USu45u51kXFhiI5ClRQpnBoUN1
R3CIj0nZS0PjDvb7xgiFsVCqp1GQYg0WLBtIVkMgAFajT2/nahjrwV36CC73exu6
DLkN/SlXZ6+0psaGh56Tf9WqPw4DM6adBhO+fnl6eBT6dw6+Tm144vleoC5/GyaZ
APlzrwawQD2RNlJoB1QRKkWQ+c/ATg29OUjIJotuPLj8X9kOhkhxAI1R0W9wudIG
s6H2cYDWU6Z/4/BGB3/CkJshVK3DFudjfJGsi0p1/Y5q9wcW/qJVvvz7AqJuK391
UbiHnwDB6WEP4CwXV5z+0dKNSgqIML0Swh/PiC1Os5AM6c4Ic7jljoWvlwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFF0EYaiUpj9dbk4jbkMqKOYXJrseMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvWFFSaHFKU21QMTF1VGlOdVF5b281aGNtdXg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlwgv9TcwDQYJKoZIhvcNAQELBQADggEB
AFWkmxmKdalJicouPGvf4bQEKnlJyhokOALOThGhEIuwdmry6FWruGLWPJUeYe88
8TDixlSQADgJhRgRxEiXREuUx4ESyx+uOHnhO+LTi92Qu9MTydHJPA0zkrON3qOo
jRGQLIbOuXTl7cRB0QR95eRE53IArRgrg2gpeMytFxUcPrJCkxIS8o+M9G4Psw8Y
SNDy4h10GfhIDpSx6CX05OeFsYojxjf8xFmmjbbQfcv+7wUUgzAGE/w3Qn7ND1K3
k87yg+IFfb51gC9ZFC5ct15zx+A+QRk4tDS52xWZDp+WMnsZjmRWGtOtS+8rPAUB
Yw7icr+uW0UQOi0cSujZmWg=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:49:42 2025 by rpki-client