Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/qOcUHKESsRWQeTL2SMhrpgQMNvs.roa
File: qOcUHKESsRWQeTL2SMhrpgQMNvs.roa (raw, json)
Hash identifier: 8hv+rwmfL/1xPlChd8fzyDmVw85k7BV5Jp8s73bU4n0=
Subject key identifier: A8:E7:14:1C:A1:12:B1:15:90:79:32:F6:48:C8:6B:A6:04:0C:36:FB
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 019703EC6AB92B60870F878D34447DFBFF85
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/qOcUHKESsRWQeTL2SMhrpgQMNvs.roa
Signing time: Sat 24 May 2025 20:11:54 +0000
ROA not before: Sat 24 May 2025 20:11:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 24 May 2025 21:04:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:03:ec:6a:b9:2b:60:87:0f:87:8d:34:44:7d:fb:ff:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 24 20:11:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a8e7141ca112b115907932f648c86ba6040c36fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:b4:f6:3f:f5:60:b2:41:e8:61:ae:47:02:35:
15:9e:7b:b3:78:05:ac:8c:2c:ff:0b:fb:2d:21:26:
13:66:12:c0:d6:d1:d3:c2:9f:c0:c5:06:08:51:72:
0b:42:e7:d5:8d:e2:04:04:f2:c8:13:23:b8:71:5a:
fe:78:f7:0b:78:06:b6:dc:cf:47:63:24:7b:7e:17:
15:3e:50:2b:70:b7:aa:fe:c0:8f:0e:f3:4b:1d:54:
8e:08:f9:53:8c:1b:ff:6f:7f:09:0d:a0:86:c0:79:
a7:32:41:a2:44:81:bd:70:81:01:78:c9:e0:5b:33:
74:6c:15:66:2e:4d:67:cc:03:06:02:08:fd:4f:71:
0f:90:9b:2d:fa:79:36:82:ac:e8:de:77:47:14:22:
c7:b7:b0:fd:ba:a0:9d:31:aa:a8:93:78:9e:81:fb:
57:a9:f2:32:31:32:0b:1b:b1:ae:49:c5:9f:20:e4:
b5:b4:82:96:c1:fa:14:21:3a:98:09:24:17:29:0d:
89:24:cb:7a:4c:eb:72:bd:c4:b7:08:59:74:44:e3:
42:e5:96:e5:25:58:60:69:43:4a:28:69:fa:8b:5f:
02:04:24:55:6c:ed:b0:b5:7c:81:a4:6e:f8:e9:a3:
f5:fb:67:eb:65:63:5d:bc:19:c5:d9:fc:70:b9:22:
ea:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:E7:14:1C:A1:12:B1:15:90:79:32:F6:48:C8:6B:A6:04:0C:36:FB
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/qOcUHKESsRWQeTL2SMhrpgQMNvs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
Signature Algorithm: sha256WithRSAEncryption
26:23:4c:0a:b3:24:f7:b7:ee:9e:3a:8a:15:6b:46:99:3c:a4:
16:42:5a:b9:8e:22:60:50:2a:c8:ee:55:64:7c:8a:88:8e:ef:
36:b3:7a:1f:75:04:a2:e4:b5:72:04:a8:95:cb:cb:57:34:ae:
ec:66:9f:e5:05:29:83:62:c3:e5:03:4d:0a:52:c7:86:bc:26:
30:57:cd:6f:ba:87:2f:e1:0f:8a:3e:e7:ad:1e:2a:08:4e:5d:
b6:db:fe:32:09:d5:66:da:dd:5f:72:c9:80:ee:82:99:3a:7c:
da:39:db:3e:ce:d8:49:35:07:57:f7:70:a2:30:45:c8:d3:15:
c7:4e:7d:f2:4f:2f:15:02:a7:bf:c7:2a:7a:d7:0b:ab:87:23:
e6:ea:aa:ff:af:86:f4:cf:02:31:9b:64:54:3e:d6:64:bf:50:
da:74:de:2a:2b:dc:b8:8f:5e:83:3d:24:c0:c6:d0:ad:9a:d9:
41:a1:aa:36:55:ce:c2:aa:26:f6:73:88:b2:8f:d1:4c:93:4b:
fc:18:3b:bd:eb:88:cd:79:9a:e9:54:8c:53:e3:09:fe:d9:28:
f9:a0:8d:16:5a:f1:fa:81:b4:e1:0d:92:bd:3b:47:5c:ce:53:
5a:b3:de:3c:e1:fe:17:00:26:66:4d:3f:13:42:61:62:ea:0b:
40:d3:25:c9
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZcD7Gq5K2CHD4eNNER9+/+FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTI0MjAxMTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGU3MTQxY2ExMTJiMTE1OTA3OTMyZjY0OGM4NmJhNjA0MGMzNmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxrT2P/VgskHoYa5HAjUVnnuzeAWs
jCz/C/stISYTZhLA1tHTwp/AxQYIUXILQufVjeIEBPLIEyO4cVr+ePcLeAa23M9H
YyR7fhcVPlArcLeq/sCPDvNLHVSOCPlTjBv/b38JDaCGwHmnMkGiRIG9cIEBeMng
WzN0bBVmLk1nzAMGAgj9T3EPkJst+nk2gqzo3ndHFCLHt7D9uqCdMaqok3iegftX
qfIyMTILG7GuScWfIOS1tIKWwfoUITqYCSQXKQ2JJMt6TOtyvcS3CFl0RONC5Zbl
JVhgaUNKKGn6i18CBCRVbO2wtXyBpG746aP1+2frZWNdvBnF2fxwuSLq/QIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFKjnFByhErEVkHky9kjIa6YEDDb7MB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvcU9jVUhLRVNzUldRZVRMMlNNaHJwZ1FNTnZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGW7V2MKDANBgkqhkiG9w0BAQsFAAOCAQEAJiNMCrMk97funjqKFWtGmTyk
FkJauY4iYFAqyO5VZHyKiI7vNrN6H3UEouS1cgSolcvLVzSu7Gaf5QUpg2LD5QNN
ClLHhrwmMFfNb7qHL+EPij7nrR4qCE5dttv+MgnVZtrdX3LJgO6CmTp82jnbPs7Y
STUHV/dwojBFyNMVx0598k8vFQKnv8cqetcLq4cj5uqq/6+G9M8CMZtkVD7WZL9Q
2nTeKivcuI9egz0kwMbQrZrZQaGqNlXOwqom9nOIso/RTJNL/Bg7veuIzXma6VSM
U+MJ/tko+aCNFlrx+oG04Q2SvTtHXM5TWrPePOH+FwAmZk0/E0JhYuoLQNMlyQ==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:47:27 2025 by rpki-client