Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/qTofIqvHGshEqkNjHLb5NgSUiAA.roa
File: qTofIqvHGshEqkNjHLb5NgSUiAA.roa (raw, json)
Hash identifier: kMd7tCiVzs3NiofGvZVIeoSkfpTDYGH5QI+zigzALwE=
Subject key identifier: A9:3A:1F:22:AB:C7:1A:C8:44:AA:43:63:1C:B6:F9:36:04:94:88:00
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 01970B39037173C9559E00B493B211CEDF0B
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/qTofIqvHGshEqkNjHLb5NgSUiAA.roa
Signing time: Mon 26 May 2025 06:12:55 +0000
ROA not before: Mon 26 May 2025 06:12:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 26 May 2025 07:04:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:0b:39:03:71:73:c9:55:9e:00:b4:93:b2:11:ce:df:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 26 06:12:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a93a1f22abc71ac844aa43631cb6f93604948800
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:6e:08:fb:52:63:fc:b1:af:4a:91:9b:db:aa:
a6:17:15:89:05:dc:ec:2b:a1:64:e5:ab:0a:28:14:
39:46:f6:3a:7a:f5:d0:32:19:a3:60:15:be:69:2b:
ed:50:25:44:b8:43:68:cb:61:a4:0e:fc:00:5c:ea:
bc:72:24:2b:90:23:e0:1f:8e:db:44:f6:8a:3f:10:
57:ac:65:6d:28:fa:0a:d4:ed:6e:a5:54:1c:f5:47:
41:ee:cd:e1:8e:b1:1c:56:5d:f6:d8:da:9e:7f:54:
0b:f0:d6:f4:6d:18:d2:70:d3:c7:6f:a9:3b:d6:d0:
ab:2d:08:7a:f7:ec:68:ff:28:72:b7:da:14:69:d8:
a6:aa:b2:39:91:90:fa:23:f3:d8:26:a1:7d:41:7a:
5c:58:94:83:73:c7:4f:99:cb:92:93:52:b4:f9:3e:
b7:f6:7b:9a:48:0a:a0:de:c1:45:7f:0f:26:b2:b6:
e1:6f:4c:29:b7:ee:dc:4a:05:2d:bb:23:47:4b:00:
2e:78:29:dd:e1:44:0e:12:a3:82:14:5a:2e:46:b1:
79:19:89:a9:b6:97:d4:25:7d:55:1f:2d:fa:ff:b6:
7a:86:19:81:b2:dd:00:64:42:95:f0:ee:a5:fd:fc:
34:f8:a9:79:37:d3:a3:14:eb:8a:51:76:cd:47:56:
30:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:3A:1F:22:AB:C7:1A:C8:44:AA:43:63:1C:B6:F9:36:04:94:88:00
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/qTofIqvHGshEqkNjHLb5NgSUiAA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
Signature Algorithm: sha256WithRSAEncryption
bf:57:6c:94:e1:44:59:60:c8:e3:ed:3d:98:b5:d7:e9:aa:f1:
27:95:78:6b:b3:2a:14:35:6b:28:81:52:42:15:e6:fb:ce:16:
a3:a1:b9:d1:5c:04:1f:21:1e:8a:88:9d:b7:63:7f:1a:b6:8a:
8d:f7:c0:c2:03:43:3d:3d:4b:fb:cb:7d:49:2e:93:1a:66:2d:
1a:ea:9b:ed:5e:a5:59:67:15:dd:b3:59:ed:c5:5e:d8:c4:ed:
bd:78:dd:e2:c2:6f:ff:d9:29:2f:bd:d0:c1:73:5e:05:41:84:
bb:d7:0a:6b:30:72:00:8b:c4:00:47:17:ec:8c:2c:51:73:3c:
35:a3:69:46:b7:ba:82:07:75:13:a7:11:ec:e7:01:40:5b:a2:
d5:25:5b:47:b8:4f:c5:2b:e9:a8:57:ba:c9:9a:a5:bf:2a:95:
39:a2:fe:d7:eb:d6:5f:6c:89:79:4c:bc:62:c0:18:29:b0:30:
ed:72:7a:bd:8a:46:dd:02:6a:f6:f2:ef:3f:b7:cd:ef:d4:8c:
77:66:db:42:ab:47:1e:78:8d:bb:93:ca:d6:2a:d2:6e:a2:0c:
e5:c6:ee:ab:91:1e:cd:fc:f0:13:8a:31:8e:86:c2:a9:36:80:
74:f5:90:9a:0b:54:b1:aa:9e:bd:bc:f5:5c:19:75:f4:48:bf:
38:0e:7a:9f
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZcLOQNxc8lVngC0k7IRzt8LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTI2MDYxMjU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTNhMWYyMmFiYzcxYWM4NDRhYTQzNjMxY2I2ZjkzNjA0OTQ4ODAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4G4I+1Jj/LGvSpGb26qmFxWJBdzs
K6Fk5asKKBQ5RvY6evXQMhmjYBW+aSvtUCVEuENoy2GkDvwAXOq8ciQrkCPgH47b
RPaKPxBXrGVtKPoK1O1upVQc9UdB7s3hjrEcVl322Nqef1QL8Nb0bRjScNPHb6k7
1tCrLQh69+xo/yhyt9oUadimqrI5kZD6I/PYJqF9QXpcWJSDc8dPmcuSk1K0+T63
9nuaSAqg3sFFfw8msrbhb0wpt+7cSgUtuyNHSwAueCnd4UQOEqOCFFouRrF5GYmp
tpfUJX1VHy36/7Z6hhmBst0AZEKV8O6l/fw0+Kl5N9OjFOuKUXbNR1YwVwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFKk6HyKrxxrIRKpDYxy2+TYElIgAMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvcVRvZklxdkhHc2hFcWtOakhMYjVOZ1NVaUFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGW7V2MKDANBgkqhkiG9w0BAQsFAAOCAQEAv1dslOFEWWDI4+09mLXX6arx
J5V4a7MqFDVrKIFSQhXm+84Wo6G50VwEHyEeioidt2N/GraKjffAwgNDPT1L+8t9
SS6TGmYtGuqb7V6lWWcV3bNZ7cVe2MTtvXjd4sJv/9kpL73QwXNeBUGEu9cKazBy
AIvEAEcX7IwsUXM8NaNpRre6ggd1E6cR7OcBQFui1SVbR7hPxSvpqFe6yZqlvyqV
OaL+1+vWX2yJeUy8YsAYKbAw7XJ6vYpG3QJq9vLvP7fN79SMd2bbQqtHHniNu5PK
1irSbqIM5cbuq5EezfzwE4oxjobCqTaAdPWQmgtUsaqevbz1XBl19Ei/OA56nw==
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:06:35 2025 by rpki-client