Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/QMOuhn3reUozTvD-pT9nqzWdEp8.roa
File: QMOuhn3reUozTvD-pT9nqzWdEp8.roa (raw, json)
Hash identifier: wnRBtgCI/G4A0wmBb2ocpC0Fb/4lb6NSpp05qOxSjGg=
Subject key identifier: 40:C3:AE:86:7D:EB:79:4A:33:4E:F0:FE:A5:3F:67:AB:35:9D:12:9F
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 0197413BA8384780A0849DE1AFBB72ACF0ED
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/QMOuhn3reUozTvD-pT9nqzWdEp8.roa
Signing time: Thu 05 Jun 2025 17:55:18 +0000
ROA not before: Thu 05 Jun 2025 17:55:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207530
IP address blocks: 2a12:bec4:1a90::/44 maxlen: 44
Validation: Failed, certificate revoked on Thu 05 Jun 2025 20:29:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:41:3b:a8:38:47:80:a0:84:9d:e1:af:bb:72:ac:f0:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: Jun 5 17:55:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=40c3ae867deb794a334ef0fea53f67ab359d129f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:5f:e5:cc:00:94:04:86:5b:a7:6b:25:9c:11:
19:c5:76:63:ea:35:d8:fd:20:88:fd:d5:ba:8f:fe:
1a:44:68:0b:f2:84:fe:a9:0e:f8:60:fe:c5:44:e0:
69:90:a0:ac:b6:6a:5d:4b:d7:8d:78:74:14:f1:76:
d2:67:1a:ec:bf:28:b9:61:d9:d3:be:14:22:5b:99:
8f:b3:06:c3:ac:0a:04:22:ab:46:b7:db:67:54:cf:
75:ec:ad:f4:2f:6c:7d:d7:e5:c0:f7:93:0d:2e:8c:
49:da:6e:44:13:6c:dc:6d:8a:c5:00:f5:b9:d8:80:
2b:15:1a:a0:b7:40:5a:7e:97:2f:5f:bc:fd:d1:72:
5a:41:ef:51:46:65:05:04:06:c0:3b:9f:dd:47:58:
5f:19:61:14:c8:84:dd:f1:9d:29:3b:9f:30:e9:05:
10:dd:92:a6:dd:40:48:e0:87:cc:81:72:dc:2c:94:
36:38:e8:63:88:5a:48:91:ed:41:55:ac:ee:5a:27:
1e:07:f9:eb:5e:20:19:af:10:18:d7:58:eb:01:fa:
96:f7:0b:92:10:76:26:76:0e:0e:e7:c2:d4:7f:14:
10:04:f6:31:aa:fe:88:ba:c6:d7:aa:07:76:39:6a:
bd:33:ec:3d:22:0c:b1:d7:8b:39:d6:74:54:ba:1d:
0b:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:C3:AE:86:7D:EB:79:4A:33:4E:F0:FE:A5:3F:67:AB:35:9D:12:9F
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/QMOuhn3reUozTvD-pT9nqzWdEp8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bec4:1a90::/44
Signature Algorithm: sha256WithRSAEncryption
73:fe:ad:4e:b8:e6:72:ec:9a:10:37:79:fb:aa:a7:79:28:8c:
65:b4:bf:97:c9:80:28:6e:31:30:65:bf:c6:70:d8:b4:11:27:
4d:b8:24:ba:db:de:fa:0c:fd:09:8b:39:d6:0a:98:c3:81:dd:
90:a8:24:4d:02:a0:82:9a:c0:d4:58:19:86:d4:8c:14:76:28:
7a:21:75:33:05:0a:d9:7e:2d:54:80:72:72:09:25:f2:19:3c:
6c:8a:58:5a:84:50:93:5d:32:2f:da:38:36:d0:73:22:a0:55:
47:16:aa:47:00:ba:99:d6:d1:bd:d3:ab:91:4e:1e:91:ae:f7:
04:1a:8f:1a:a8:ff:a4:67:eb:54:fb:e4:a8:c6:ae:32:1a:d9:
7e:a9:f2:15:4b:da:75:dc:5e:5b:8e:35:0d:ec:a3:bd:12:c8:
b5:12:3a:40:30:5a:f1:4f:5a:75:a7:c1:69:43:41:11:7c:2e:
ae:09:8f:45:7a:f6:6b:7d:c5:45:13:4e:c9:28:da:52:8d:8c:
88:4e:e7:ba:f6:90:0a:38:1a:75:0a:3d:e9:b5:b6:34:d3:59:
90:aa:a7:0a:07:e3:36:93:51:b1:46:48:35:51:0f:7b:e1:86:
3a:12:0c:89:56:ad:88:36:51:71:c2:56:79:e6:c3:38:dc:8b:
f4:ae:43:44
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZdBO6g4R4CghJ3hr7tyrPDtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjUwNjA1MTc1NTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGMzYWU4NjdkZWI3OTRhMzM0ZWYwZmVhNTNmNjdhYjM1OWQxMjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy1/lzACUBIZbp2slnBEZxXZj6jXY
/SCI/dW6j/4aRGgL8oT+qQ74YP7FROBpkKCstmpdS9eNeHQU8XbSZxrsvyi5YdnT
vhQiW5mPswbDrAoEIqtGt9tnVM917K30L2x91+XA95MNLoxJ2m5EE2zcbYrFAPW5
2IArFRqgt0BafpcvX7z90XJaQe9RRmUFBAbAO5/dR1hfGWEUyITd8Z0pO58w6QUQ
3ZKm3UBI4IfMgXLcLJQ2OOhjiFpIke1BVazuWiceB/nrXiAZrxAY11jrAfqW9wuS
EHYmdg4O58LUfxQQBPYxqv6IusbXqgd2OWq9M+w9Igyx14s51nRUuh0LhQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEDDroZ963lKM07w/qU/Z6s1nRKfMB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvUU1PdWhuM3JlVW96VHZELXBUOW5xeldkRXA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhK+xBqQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBz/q1OuOZy7JoQN3n7qqd5KIxltL+XyYAobjEw
Zb/GcNi0ESdNuCS62976DP0JiznWCpjDgd2QqCRNAqCCmsDUWBmG1IwUdih6IXUz
BQrZfi1UgHJyCSXyGTxsilhahFCTXTIv2jg20HMioFVHFqpHALqZ1tG906uRTh6R
rvcEGo8aqP+kZ+tU++Soxq4yGtl+qfIVS9p13F5bjjUN7KO9Esi1EjpAMFrxT1p1
p8FpQ0ERfC6uCY9FevZrfcVFE07JKNpSjYyITue69pAKOBp1Cj3ptbY001mQqqcK
B+M2k1GxRkg1UQ974YY6EgyJVq2INlFxwlZ55sM43Iv0rkNE
-----END CERTIFICATE-----
Generated at Thu Jun 19 18:05:38 2025 by rpki-client