Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/qUO1px2I-I_DnuhWicfuprHqF_k.roa
File: qUO1px2I-I_DnuhWicfuprHqF_k.roa (raw, json)
Hash identifier: MdmwrGINpRqLtbZ2TUUqlvPcYcD7WmaF/Kg1YjUksQI=
Subject key identifier: A9:43:B5:A7:1D:88:F8:8F:C3:9E:E8:56:89:C7:EE:A6:B1:EA:17:F9
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 01972F7C75354070ADF04D03D4A416D4132D
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/qUO1px2I-I_DnuhWicfuprHqF_k.roa
Signing time: Mon 02 Jun 2025 07:12:54 +0000
ROA not before: Mon 02 Jun 2025 07:12:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 02 Jun 2025 08:04:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:2f:7c:75:35:40:70:ad:f0:4d:03:d4:a4:16:d4:13:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Jun 2 07:12:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a943b5a71d88f88fc39ee85689c7eea6b1ea17f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:b2:42:bc:73:9e:d7:c9:81:56:ad:4c:01:2f:
31:89:22:1d:73:8e:3f:4c:77:18:0b:b4:7c:2c:40:
33:71:d1:a7:9c:3e:f2:cd:4d:5d:aa:40:42:51:4a:
ca:e1:86:56:ca:40:90:62:a0:86:c5:13:45:88:26:
85:da:10:2f:a9:86:2f:55:75:41:18:45:a5:7c:f0:
2f:89:d5:b7:06:7e:64:ae:56:7d:6c:4b:1a:6c:7b:
d2:3d:bb:01:c5:71:54:15:46:1c:dc:fe:ac:aa:b3:
c1:ef:2a:e6:ec:49:2f:f1:d2:e2:43:c9:21:d9:35:
06:53:06:c2:93:d5:58:48:88:3f:9b:c7:42:ea:79:
8c:69:d9:e9:f4:43:18:66:2a:f7:52:ae:1e:e2:3b:
b8:45:2c:41:cc:59:96:1a:3c:5d:8d:1c:eb:f1:b5:
10:46:1d:44:ba:2b:3b:25:d7:f1:34:22:d1:37:c0:
4a:d0:04:2b:44:56:fa:d7:d7:91:48:23:14:76:32:
9b:ca:92:92:b1:30:98:2e:73:9f:b7:95:42:37:b4:
c2:a3:01:50:17:be:f0:ac:c5:f3:9a:fc:d0:7a:ac:
48:9f:50:1b:8e:71:41:b1:d7:c4:5c:86:7d:bb:fe:
f4:b9:76:1d:71:58:93:63:86:86:7d:50:9b:e5:2f:
1a:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:43:B5:A7:1D:88:F8:8F:C3:9E:E8:56:89:C7:EE:A6:B1:EA:17:F9
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/qUO1px2I-I_DnuhWicfuprHqF_k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
Signature Algorithm: sha256WithRSAEncryption
29:b6:f1:54:9e:40:f2:e9:94:e6:b6:d0:e9:5b:07:8d:81:ba:
e6:bc:fd:c8:61:17:87:ca:6a:7c:a6:7b:7f:27:57:8d:db:43:
e2:70:64:7c:8c:c0:ea:85:40:90:6a:61:70:99:80:a4:53:b8:
90:ce:55:e4:e2:1d:d7:4f:21:10:d5:11:69:08:06:15:a9:4f:
06:24:4b:14:da:c4:c6:a7:ee:d6:b9:d0:2c:f6:e5:54:a5:d7:
ca:47:dd:c6:a8:62:5e:a3:18:c3:64:12:9f:4b:1a:15:45:18:
ee:aa:4b:0e:76:49:c9:8f:30:14:92:ba:e6:3d:27:49:86:70:
6e:e5:1e:8f:5d:1a:e7:e1:c6:9d:6a:58:a4:cc:3c:7b:d0:0e:
32:03:df:f0:57:72:c9:8a:1c:15:63:f0:f3:6f:b3:5e:86:21:
76:e0:53:76:5a:20:be:53:ee:e2:96:ce:0e:8f:b8:27:9a:77:
ca:28:f6:70:1e:88:8c:55:bd:58:97:6d:9c:4e:d3:39:6b:c9:
ab:0a:ee:e6:53:9b:63:80:fc:88:28:a7:8f:36:fe:1b:9b:ae:
bd:ff:88:cc:8f:ef:24:3b:57:22:12:ca:3f:31:60:8c:2b:e4:
e8:7c:5b:1c:ff:db:90:66:52:e3:9b:b6:60:0f:a9:d3:96:76:
28:07:4b:70
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZcvfHU1QHCt8E0D1KQW1BMtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNjAyMDcxMjU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTQzYjVhNzFkODhmODhmYzM5ZWU4NTY4OWM3ZWVhNmIxZWExN2Y5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk7JCvHOe18mBVq1MAS8xiSIdc44/
THcYC7R8LEAzcdGnnD7yzU1dqkBCUUrK4YZWykCQYqCGxRNFiCaF2hAvqYYvVXVB
GEWlfPAvidW3Bn5krlZ9bEsabHvSPbsBxXFUFUYc3P6sqrPB7yrm7Ekv8dLiQ8kh
2TUGUwbCk9VYSIg/m8dC6nmMadnp9EMYZir3Uq4e4ju4RSxBzFmWGjxdjRzr8bUQ
Rh1Euis7JdfxNCLRN8BK0AQrRFb619eRSCMUdjKbypKSsTCYLnOft5VCN7TCowFQ
F77wrMXzmvzQeqxIn1AbjnFBsdfEXIZ9u/70uXYdcViTY4aGfVCb5S8aQwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFKlDtacdiPiPw57oVonH7qax6hf5MB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvcVVPMXB4MkktSV9EbnVoV2ljZnVwckhxRl9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTA/BAIAAjA5AxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
MA0GCSqGSIb3DQEBCwUAA4IBAQAptvFUnkDy6ZTmttDpWweNgbrmvP3IYReHymp8
pnt/J1eN20PicGR8jMDqhUCQamFwmYCkU7iQzlXk4h3XTyEQ1RFpCAYVqU8GJEsU
2sTGp+7WudAs9uVUpdfKR93GqGJeoxjDZBKfSxoVRRjuqksOdknJjzAUkrrmPSdJ
hnBu5R6PXRrn4cadalikzDx70A4yA9/wV3LJihwVY/Dzb7NehiF24FN2WiC+U+7i
ls4Oj7gnmnfKKPZwHoiMVb1Yl22cTtM5a8mrCu7mU5tjgPyIKKePNv4bm669/4jM
j+8kO1ciEso/MWCMK+TofFsc/9uQZlLjm7ZgD6nTlnYoB0tw
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:13:51 2025 by rpki-client