Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/a_QcX9mLxN8qHr2N6mLMvRCYeWY.roa
File: a_QcX9mLxN8qHr2N6mLMvRCYeWY.roa (raw, json)
Hash identifier: Vj23mGFQSBw+y1X9g90uaTNZotYhaFDVv6lj951lFA0=
Subject key identifier: 6B:F4:1C:5F:D9:8B:C4:DF:2A:1E:BD:8D:EA:62:CC:BD:10:98:79:66
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0197305919CAA461E0DF7FA5EDD5A783170C
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/a_QcX9mLxN8qHr2N6mLMvRCYeWY.roa
Signing time: Mon 02 Jun 2025 11:13:54 +0000
ROA not before: Mon 02 Jun 2025 11:13:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 02 Jun 2025 12:05:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:30:59:19:ca:a4:61:e0:df:7f:a5:ed:d5:a7:83:17:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Jun 2 11:13:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6bf41c5fd98bc4df2a1ebd8dea62ccbd10987966
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:df:e5:b0:c7:28:b0:b0:ff:02:18:75:3f:26:
7e:52:1c:50:cb:08:02:65:c0:79:17:01:d5:3d:0a:
af:5e:ea:95:2f:e8:dd:39:05:6b:41:6a:22:2a:ae:
b6:8f:58:a0:08:36:a7:4d:9c:63:f3:34:72:78:fb:
f6:fe:fe:e7:65:31:00:e9:48:a9:84:39:a8:f1:f3:
c8:51:ab:b0:b7:7a:f9:94:bb:5b:a1:41:f9:9b:83:
99:c8:d5:76:71:91:a5:49:69:22:42:03:38:2d:af:
38:f1:dd:3d:d0:7d:ce:a9:a2:db:ec:91:fb:6c:f7:
51:e3:d3:a8:c4:2e:36:6b:0f:28:7b:10:da:a9:0f:
5b:97:d1:f0:25:99:7d:ed:46:c9:35:eb:f6:1e:8d:
05:32:2d:25:81:a1:7c:18:71:91:ff:1c:4b:b5:08:
4b:4b:f6:c2:e9:05:ca:9b:01:1d:39:c2:bb:63:bb:
41:54:9f:45:5e:3a:c0:e0:f2:8a:0c:39:51:b8:fc:
34:3e:81:44:a9:10:10:bd:8c:8c:84:7d:9a:7c:b0:
6e:8c:01:00:81:77:29:7f:1f:34:e6:65:09:84:a9:
d2:48:e5:67:f0:04:03:9e:6e:a5:b6:d3:b3:36:49:
71:54:a9:f5:f0:83:e8:a7:bf:b5:92:df:1a:4b:78:
af:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:F4:1C:5F:D9:8B:C4:DF:2A:1E:BD:8D:EA:62:CC:BD:10:98:79:66
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/a_QcX9mLxN8qHr2N6mLMvRCYeWY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
Signature Algorithm: sha256WithRSAEncryption
7c:00:7b:da:fd:4f:fc:e9:ee:03:58:68:bf:ef:b8:d6:69:64:
01:50:57:0d:67:a4:7f:8b:bd:06:5c:12:d8:8e:7d:c5:03:cf:
10:90:ab:fd:4b:a7:e1:47:f3:d3:10:b4:69:87:30:d8:39:e4:
ae:a5:ed:4a:9b:d4:38:1b:e9:73:53:1b:54:1d:85:92:0d:6b:
5f:82:d6:59:4d:8f:dd:0a:42:0d:f6:de:02:91:03:83:bc:e0:
a1:9e:18:df:32:e5:14:bc:fc:7e:f5:9e:57:e3:5e:f0:dc:b2:
4d:c7:6d:e8:83:b2:c7:1c:67:3a:60:a5:7e:41:6d:f5:58:d4:
91:d7:54:cb:2f:77:a8:c5:17:c3:fc:17:da:46:64:18:e6:f7:
27:0d:ab:d4:b2:09:39:1f:69:12:73:57:84:89:b1:60:4f:5b:
b9:2f:b3:2f:f0:59:5d:e9:68:07:79:40:79:7f:48:15:d7:63:
1e:6c:9a:28:12:88:f2:df:0e:0d:fe:81:99:7e:f0:98:61:28:
c2:41:b7:b5:37:b8:58:14:1e:d1:b5:0d:44:a1:94:bb:53:f8:
67:7e:71:53:0c:33:3c:f5:fd:cd:f6:69:8b:d8:14:f3:fc:a8:
e6:ae:4b:6e:c4:1e:42:fe:8a:00:b5:ec:98:57:dc:65:1c:4e:
9e:f3:9e:c2
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZcwWRnKpGHg33+l7dWngxcMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNjAyMTExMzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmY0MWM1ZmQ5OGJjNGRmMmExZWJkOGRlYTYyY2NiZDEwOTg3OTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAud/lsMcosLD/Ahh1PyZ+UhxQywgC
ZcB5FwHVPQqvXuqVL+jdOQVrQWoiKq62j1igCDanTZxj8zRyePv2/v7nZTEA6Uip
hDmo8fPIUauwt3r5lLtboUH5m4OZyNV2cZGlSWkiQgM4La848d090H3OqaLb7JH7
bPdR49OoxC42aw8oexDaqQ9bl9HwJZl97UbJNev2Ho0FMi0lgaF8GHGR/xxLtQhL
S/bC6QXKmwEdOcK7Y7tBVJ9FXjrA4PKKDDlRuPw0PoFEqRAQvYyMhH2afLBujAEA
gXcpfx805mUJhKnSSOVn8AQDnm6lttOzNklxVKn18IPop7+1kt8aS3ivUQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFGv0HF/Zi8TfKh69jepizL0QmHlmMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvYV9RY1g5bUx4TjhxSHIyTjZtTE12UkNZZVdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTA/BAIAAjA5AxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
MA0GCSqGSIb3DQEBCwUAA4IBAQB8AHva/U/86e4DWGi/77jWaWQBUFcNZ6R/i70G
XBLYjn3FA88QkKv9S6fhR/PTELRphzDYOeSupe1Km9Q4G+lzUxtUHYWSDWtfgtZZ
TY/dCkIN9t4CkQODvOChnhjfMuUUvPx+9Z5X417w3LJNx23og7LHHGc6YKV+QW31
WNSR11TLL3eoxRfD/BfaRmQY5vcnDavUsgk5H2kSc1eEibFgT1u5L7Mv8Fld6WgH
eUB5f0gV12MebJooEojy3w4N/oGZfvCYYSjCQbe1N7hYFB7RtQ1EoZS7U/hnfnFT
DDM89f3N9mmL2BTz/KjmrktuxB5C/ooAteyYV9xlHE6e857C
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:28:15 2025 by rpki-client