Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/55bd95-c637-451b-b07c-79b409c1bd38/1/x1eJbWpmQl3-10Ti5rN1KHMVNQY.roa
File: x1eJbWpmQl3-10Ti5rN1KHMVNQY.roa (raw, json)
Hash identifier: ci4Z76IUsc0nvbs4nyl4b4RvrzunMGUN5yIgu/rWnI8=
Subject key identifier: C7:57:89:6D:6A:66:42:5D:FE:D7:44:E2:E6:B3:75:28:73:15:35:06
Certificate issuer: /CN=aa7bfd420db5caebada1a2055d87bc7da2b09c07
Certificate serial: 019718BAFB122D8CEDE0BEBF5E9E6DAD9F52
Authority key identifier: AA:7B:FD:42:0D:B5:CA:EB:AD:A1:A2:05:5D:87:BC:7D:A2:B0:9C:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qnv9Qg21yuutoaIFXYe8faKwnAc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/55bd95-c637-451b-b07c-79b409c1bd38/1/x1eJbWpmQl3-10Ti5rN1KHMVNQY.roa
Signing time: Wed 28 May 2025 21:09:56 +0000
ROA not before: Wed 28 May 2025 21:09:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211377
IP address blocks: 2001:67c:26c0::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 11 Jun 2025 21:48:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:18:ba:fb:12:2d:8c:ed:e0:be:bf:5e:9e:6d:ad:9f:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa7bfd420db5caebada1a2055d87bc7da2b09c07
Validity
Not Before: May 28 21:09:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c757896d6a66425dfed744e2e6b3752873153506
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:47:07:04:70:de:40:94:b3:73:de:88:85:b5:
e8:50:da:6f:0b:01:c2:d0:c5:b7:58:76:24:e6:f4:
f4:e6:a7:8f:86:77:41:d6:c5:8d:57:66:e1:2e:18:
9f:f4:86:28:db:4c:3a:0c:f9:b2:10:91:9e:ae:ad:
40:08:ea:cc:61:43:a4:12:b3:50:38:76:5c:38:7a:
87:68:00:88:74:3c:d6:ca:85:7d:f6:ac:e8:ec:2f:
90:5d:b5:5e:a1:44:7f:f5:5d:fc:f2:f5:87:08:b9:
0b:36:98:82:95:bc:c6:cc:e0:60:3a:d6:b6:06:09:
bc:40:fc:66:c9:a5:f7:2d:b9:af:0e:c9:6f:b7:3d:
4c:a4:74:54:83:b1:ef:79:d8:80:7e:7a:fb:44:d3:
2a:e6:39:d3:59:5d:6a:09:ac:46:61:d5:b6:f8:d0:
84:45:99:ba:7e:62:82:2e:c2:d6:2d:47:51:e5:f0:
f1:bb:62:f2:94:50:c1:21:a2:5e:ac:6e:b4:1c:c1:
18:56:8d:0c:12:ac:e8:38:f8:00:4e:27:e0:33:e3:
a6:df:86:61:15:a1:9e:ad:f2:00:3b:ab:75:9b:ad:
6c:13:b9:71:d9:38:5d:17:35:ea:b0:30:68:85:0e:
8c:e7:e7:3a:8a:a1:39:2b:fc:1f:de:98:fe:0e:41:
50:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:57:89:6D:6A:66:42:5D:FE:D7:44:E2:E6:B3:75:28:73:15:35:06
X509v3 Authority Key Identifier:
keyid:AA:7B:FD:42:0D:B5:CA:EB:AD:A1:A2:05:5D:87:BC:7D:A2:B0:9C:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qnv9Qg21yuutoaIFXYe8faKwnAc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/55bd95-c637-451b-b07c-79b409c1bd38/1/x1eJbWpmQl3-10Ti5rN1KHMVNQY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/55bd95-c637-451b-b07c-79b409c1bd38/1/qnv9Qg21yuutoaIFXYe8faKwnAc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:26c0::/48
Signature Algorithm: sha256WithRSAEncryption
15:ce:08:82:65:41:0f:0e:e9:25:74:99:b2:05:fe:89:d0:27:
95:4c:0e:b3:1b:43:d0:51:be:e4:3e:d2:22:e0:e6:1f:85:ff:
8d:17:18:65:fe:1f:11:15:86:aa:9f:8e:72:84:4b:63:74:de:
07:35:b4:08:16:7b:3d:21:2a:da:71:a6:31:98:05:a7:48:1c:
26:fb:88:2d:29:17:a8:8e:09:fc:3c:c5:a3:3a:83:45:80:76:
29:84:b3:e3:80:2e:03:5f:62:95:cf:0c:e2:c5:2f:06:c6:e2:
4a:47:42:2c:52:a7:fd:96:95:97:21:54:db:71:e9:b8:7b:6e:
16:01:e6:00:84:91:85:84:0f:04:1a:61:d5:15:3e:a5:f0:61:
09:22:00:78:f8:46:cd:14:0d:31:9d:e9:7c:82:08:88:c1:80:
b8:0e:37:b2:87:ff:e3:06:d9:2f:34:ae:69:13:74:60:d3:31:
0a:ca:0e:d3:e7:a8:9c:4c:c8:df:bf:2f:d0:a6:ac:4c:33:d9:
b4:4f:98:c5:02:81:bf:96:02:68:7e:6c:20:78:47:ae:ba:9f:
93:73:94:b2:60:e2:b0:f8:82:17:48:09:cf:84:b9:b4:fc:01:
18:37:42:33:e0:b9:62:2c:11:02:cd:9c:47:ff:37:3f:2d:30:
31:16:8b:6a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZcYuvsSLYzt4L6/Xp5trZ9SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhN2JmZDQyMGRiNWNhZWJhZGExYTIwNTVkODdiYzdkYTJi
MDljMDcwHhcNMjUwNTI4MjEwOTU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzU3ODk2ZDZhNjY0MjVkZmVkNzQ0ZTJlNmIzNzUyODczMTUzNTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsUcHBHDeQJSzc96IhbXoUNpvCwHC
0MW3WHYk5vT05qePhndB1sWNV2bhLhif9IYo20w6DPmyEJGerq1ACOrMYUOkErNQ
OHZcOHqHaACIdDzWyoV99qzo7C+QXbVeoUR/9V388vWHCLkLNpiClbzGzOBgOta2
Bgm8QPxmyaX3LbmvDslvtz1MpHRUg7HvediAfnr7RNMq5jnTWV1qCaxGYdW2+NCE
RZm6fmKCLsLWLUdR5fDxu2LylFDBIaJerG60HMEYVo0MEqzoOPgATifgM+Om34Zh
FaGerfIAO6t1m61sE7lx2ThdFzXqsDBohQ6M5+c6iqE5K/wf3pj+DkFQ+QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMdXiW1qZkJd/tdE4uazdShzFTUGMB8GA1UdIwQY
MBaAFKp7/UINtcrrraGiBV2HvH2isJwHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcW52OVFnMjF5dXV0b2FJRlhZZThmYUt3bkFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS81NWJkOTUtYzYzNy00NTFiLWIwN2Mt
NzliNDA5YzFiZDM4LzEveDFlSmJXcG1RbDMtMTBUaTVyTjFLSE1WTlFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS81NWJkOTUtYzYzNy00NTFiLWIwN2MtNzliNDA5YzFiZDM4
LzEvcW52OVFnMjF5dXV0b2FJRlhZZThmYUt3bkFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfCbA
MA0GCSqGSIb3DQEBCwUAA4IBAQAVzgiCZUEPDukldJmyBf6J0CeVTA6zG0PQUb7k
PtIi4OYfhf+NFxhl/h8RFYaqn45yhEtjdN4HNbQIFns9ISracaYxmAWnSBwm+4gt
KReojgn8PMWjOoNFgHYphLPjgC4DX2KVzwzixS8GxuJKR0IsUqf9lpWXIVTbcem4
e24WAeYAhJGFhA8EGmHVFT6l8GEJIgB4+EbNFA0xnel8ggiIwYC4Djeyh//jBtkv
NK5pE3Rg0zEKyg7T56icTMjfvy/QpqxMM9m0T5jFAoG/lgJofmwgeEeuup+Tc5Sy
YOKw+IIXSAnPhLm0/AEYN0Iz4LliLBECzZxH/zc/LTAxFotq
-----END CERTIFICATE-----
Generated at Sun Jun 15 09:21:19 2025 by rpki-client