Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/_quUW5D9Dooxs-RcV9HwfYl2a9U.roa
File: _quUW5D9Dooxs-RcV9HwfYl2a9U.roa (raw, json)
Hash identifier: 2PquFUPx1wYgLDeeo4NxAlC/+TOARp797BAn3Jz9a1I=
Subject key identifier: FE:AB:94:5B:90:FD:0E:8A:31:B3:E4:5C:57:D1:F0:7D:89:76:6B:D5
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0196F472EE817DFE6F133FB6A77F3D5F51FB
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/_quUW5D9Dooxs-RcV9HwfYl2a9U.roa
Signing time: Wed 21 May 2025 20:04:54 +0000
ROA not before: Wed 21 May 2025 20:04:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:196:f472:77b8/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 21 May 2025 20:12:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f4:72:ee:81:7d:fe:6f:13:3f:b6:a7:7f:3d:5f:51:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 21 20:04:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=feab945b90fd0e8a31b3e45c57d1f07d89766bd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:ef:f7:af:e8:7f:89:60:ca:26:dc:ac:17:fd:
c1:94:c8:69:17:cb:e0:27:db:29:a9:01:fd:5a:c7:
a6:a0:43:0e:5d:66:51:8a:33:28:6b:45:fb:8c:8d:
b4:cb:b3:cd:0b:13:24:27:58:76:b3:69:2a:84:d8:
73:27:1b:07:56:34:b9:09:fb:e6:7c:44:5b:77:ad:
0f:cf:11:63:40:3c:7d:e1:40:1d:c1:43:d4:08:2b:
84:8d:74:57:de:55:0f:ce:c8:9a:72:79:4e:df:62:
77:98:85:f4:bd:b7:d6:56:bf:38:39:e4:35:c8:8e:
2f:e2:67:37:0b:97:4f:f6:58:08:e1:53:57:a0:c1:
f1:c3:77:cf:e5:8f:e7:ec:e7:b1:14:71:43:fd:ce:
f6:08:ba:ad:d8:9d:95:02:d6:03:8b:41:40:e2:be:
b3:2a:d7:43:52:86:c1:2d:cf:f9:07:3d:1b:d8:ff:
3c:62:20:c2:cb:d7:2c:1f:28:a7:eb:27:e7:90:45:
91:ad:7f:fe:1f:3b:ed:2c:80:10:c8:7f:0d:28:08:
8d:de:8b:01:c0:84:2b:8f:81:bc:26:4c:10:02:1f:
b5:63:d8:f5:94:01:8c:20:9f:11:92:64:00:dd:e9:
98:28:6d:88:4d:c7:97:75:8b:bd:9f:1c:df:56:03:
1b:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:AB:94:5B:90:FD:0E:8A:31:B3:E4:5C:57:D1:F0:7D:89:76:6B:D5
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/_quUW5D9Dooxs-RcV9HwfYl2a9U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:196:f472:77b8/128
Signature Algorithm: sha256WithRSAEncryption
78:62:ca:ec:f0:73:13:46:85:32:73:89:f7:56:22:8f:ee:19:
2a:67:81:aa:11:20:12:af:ad:04:65:ad:6a:1a:f8:27:af:75:
59:c5:cf:30:63:21:0e:a2:1e:b9:85:ff:55:47:6a:43:ab:45:
27:8d:b8:b8:fd:a5:13:db:bc:4d:96:e7:bf:de:c2:a0:89:7f:
80:c7:cb:aa:cd:8f:06:3d:b4:bd:78:a9:2f:39:17:72:75:3c:
4e:76:c0:43:8d:74:bc:98:27:2f:60:4a:c0:78:e0:c5:b9:7a:
e3:e7:ae:93:c9:88:94:e0:6a:5c:82:29:59:8c:0b:93:15:d0:
26:73:51:b4:82:ec:24:9e:93:df:80:ae:cc:28:6f:74:47:a8:
95:36:74:78:7e:ef:e5:8b:85:dc:f5:42:c0:95:e7:9a:c7:82:
69:df:55:e4:35:8a:96:3f:e6:b6:d4:4b:92:d5:37:42:a6:91:
bc:7c:21:96:4f:66:20:99:09:69:9b:c0:b9:b9:3a:ea:a5:52:
a2:56:c8:7d:06:2e:cd:1d:93:f2:25:90:b5:24:c5:c0:cd:3c:
1e:2e:c3:8d:14:88:44:09:fe:72:9c:81:d2:8a:dc:3e:c0:b7:
62:56:51:58:04:05:83:a0:ab:28:e7:d7:ec:1f:eb:31:7b:10:
97:3a:00:99
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZb0cu6Bff5vEz+2p389X1H7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTIxMjAwNDU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWFiOTQ1YjkwZmQwZThhMzFiM2U0NWM1N2QxZjA3ZDg5NzY2YmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4e/3r+h/iWDKJtysF/3BlMhpF8vg
J9spqQH9WsemoEMOXWZRijMoa0X7jI20y7PNCxMkJ1h2s2kqhNhzJxsHVjS5Cfvm
fERbd60PzxFjQDx94UAdwUPUCCuEjXRX3lUPzsiacnlO32J3mIX0vbfWVr84OeQ1
yI4v4mc3C5dP9lgI4VNXoMHxw3fP5Y/n7OexFHFD/c72CLqt2J2VAtYDi0FA4r6z
KtdDUobBLc/5Bz0b2P88YiDCy9csHyin6yfnkEWRrX/+HzvtLIAQyH8NKAiN3osB
wIQrj4G8JkwQAh+1Y9j1lAGMIJ8RkmQA3emYKG2ITceXdYu9nxzfVgMbCQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFP6rlFuQ/Q6KMbPkXFfR8H2JdmvVMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvX3F1VVc1RDlEb294cy1SY1Y5SHdmWWwyYTlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlvRyd7gwDQYJKoZIhvcNAQELBQADggEB
AHhiyuzwcxNGhTJzifdWIo/uGSpngaoRIBKvrQRlrWoa+CevdVnFzzBjIQ6iHrmF
/1VHakOrRSeNuLj9pRPbvE2W57/ewqCJf4DHy6rNjwY9tL14qS85F3J1PE52wEON
dLyYJy9gSsB44MW5euPnrpPJiJTgalyCKVmMC5MV0CZzUbSC7CSek9+Arswob3RH
qJU2dHh+7+WLhdz1QsCV55rHgmnfVeQ1ipY/5rbUS5LVN0Kmkbx8IZZPZiCZCWmb
wLm5OuqlUqJWyH0GLs0dk/IlkLUkxcDNPB4uw40UiEQJ/nKcgdKK3D7At2JWUVgE
BYOgqyjn1+wf6zF7EJc6AJk=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:43:46 2025 by rpki-client