Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/qGMPsiNbOINW9djHZ6R_Cs0TS2g.roa
File: qGMPsiNbOINW9djHZ6R_Cs0TS2g.roa (raw, json)
Hash identifier: whYGWwqED2TYhPojW9dBY8+elm0KRjYi+WSP9E/3/R4=
Subject key identifier: A8:63:0F:B2:23:5B:38:83:56:F5:D8:C7:67:A4:7F:0A:CD:13:4B:68
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0196EF8D284648DED3570B926AE790FDFFF9
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/qGMPsiNbOINW9djHZ6R_Cs0TS2g.roa
Signing time: Tue 20 May 2025 21:15:27 +0000
ROA not before: Tue 20 May 2025 21:15:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 20 May 2025 22:04:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ef:8d:28:46:48:de:d3:57:0b:92:6a:e7:90:fd:ff:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 20 21:15:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a8630fb2235b388356f5d8c767a47f0acd134b68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:27:d3:28:9e:a8:2e:f6:d1:c5:9d:90:ed:a3:
21:92:eb:36:51:0f:b4:79:62:5a:28:85:e9:91:18:
f6:b1:2b:ef:3c:dc:b2:6a:de:26:22:17:a6:0c:41:
61:c4:05:20:b3:34:d6:47:e5:9a:0c:41:e1:b5:c0:
4e:e6:d6:05:e0:37:51:4b:2f:37:e7:3a:30:37:c3:
f5:63:29:f9:36:02:f2:b4:00:a9:89:33:ea:43:bc:
f4:59:7d:7c:af:2a:18:b5:63:23:60:e9:bf:6d:9d:
69:c3:5e:8b:3d:ff:48:db:b4:46:0c:7e:ea:52:35:
ed:34:fd:cc:3e:61:98:33:bd:b1:65:44:72:bc:31:
fb:12:11:ff:8e:1b:f5:86:5f:b7:46:15:ed:5d:d5:
d1:77:f2:ed:6e:9d:2d:83:2d:d3:17:e3:4a:66:16:
f6:5c:ea:95:06:38:7e:43:59:9a:22:67:db:b7:a5:
4f:25:53:58:ac:a0:6a:26:60:c3:1c:84:d9:72:d6:
78:9b:d4:41:c0:fe:d1:88:c1:89:a1:c8:f3:93:d9:
97:67:39:59:ae:5d:23:e7:1e:37:1d:1a:f7:00:e6:
b6:38:c1:56:77:9b:af:85:7a:c0:25:97:a9:a9:1c:
04:df:5c:2e:1f:cd:b0:c7:ef:e6:13:a4:01:b8:40:
41:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:63:0F:B2:23:5B:38:83:56:F5:D8:C7:67:A4:7F:0A:CD:13:4B:68
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/qGMPsiNbOINW9djHZ6R_Cs0TS2g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
Signature Algorithm: sha256WithRSAEncryption
3f:df:e5:89:68:15:f6:9a:5f:10:4b:19:8c:35:b3:93:31:de:
3d:0c:83:b4:08:49:53:a5:68:c4:74:7b:3a:c9:1d:02:63:94:
32:14:7f:55:53:f6:af:bf:09:99:67:b3:72:d5:70:99:c2:a8:
e0:36:42:91:b4:66:ae:fc:0d:73:e5:c6:b6:67:97:c4:17:78:
25:ac:9c:68:89:33:ef:ac:2f:9c:97:e6:12:03:68:66:bd:ac:
3c:73:d9:18:fc:d1:00:36:21:25:e1:8c:04:a3:22:c4:0d:df:
a4:72:be:91:43:03:5a:75:1b:c5:d0:5c:9c:d0:f2:96:f2:fb:
89:fd:51:ba:4f:3b:dc:00:02:f7:a7:af:f8:d5:dd:5c:66:7e:
05:a1:de:91:27:1d:ec:e2:01:62:73:cd:e3:62:85:b4:3f:e2:
d6:50:c3:67:87:7e:ba:9b:99:47:3b:b9:2e:f1:af:cd:4d:96:
9f:28:cb:14:fe:6d:03:35:a7:e9:27:bf:f3:f9:65:b1:df:d4:
b6:42:33:62:1d:0f:19:f8:fd:7d:ce:65:99:af:df:51:6e:f2:
41:97:34:1d:71:86:d5:a2:da:4e:c0:e2:d9:9b:99:52:1a:9c:
59:93:b7:79:37:4f:0a:05:e9:ee:bf:56:78:a7:91:15:a1:1a:
cc:4c:59:62
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZbvjShGSN7TVwuSaueQ/f/5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTIwMjExNTI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODYzMGZiMjIzNWIzODgzNTZmNWQ4Yzc2N2E0N2YwYWNkMTM0YjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwCfTKJ6oLvbRxZ2Q7aMhkus2UQ+0
eWJaKIXpkRj2sSvvPNyyat4mIhemDEFhxAUgszTWR+WaDEHhtcBO5tYF4DdRSy83
5zowN8P1Yyn5NgLytACpiTPqQ7z0WX18ryoYtWMjYOm/bZ1pw16LPf9I27RGDH7q
UjXtNP3MPmGYM72xZURyvDH7EhH/jhv1hl+3RhXtXdXRd/Ltbp0tgy3TF+NKZhb2
XOqVBjh+Q1maImfbt6VPJVNYrKBqJmDDHITZctZ4m9RBwP7RiMGJocjzk9mXZzlZ
rl0j5x43HRr3AOa2OMFWd5uvhXrAJZepqRwE31wuH82wx+/mE6QBuEBB1QIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFKhjD7IjWziDVvXYx2ekfwrNE0toMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvcUdNUHNpTmJPSU5XOWRqSFo2Ul9DczBUUzJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGW7V2MKDANBgkqhkiG9w0BAQsFAAOCAQEAP9/liWgV9ppfEEsZjDWzkzHe
PQyDtAhJU6VoxHR7OskdAmOUMhR/VVP2r78JmWezctVwmcKo4DZCkbRmrvwNc+XG
tmeXxBd4JaycaIkz76wvnJfmEgNoZr2sPHPZGPzRADYhJeGMBKMixA3fpHK+kUMD
WnUbxdBcnNDylvL7if1Ruk873AAC96ev+NXdXGZ+BaHekScd7OIBYnPN42KFtD/i
1lDDZ4d+upuZRzu5LvGvzU2WnyjLFP5tAzWn6Se/8/llsd/UtkIzYh0PGfj9fc5l
ma/fUW7yQZc0HXGG1aLaTsDi2ZuZUhqcWZO3eTdPCgXp7r9WeKeRFaEazExZYg==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:02:31 2025 by rpki-client