Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/4MwhxI6W678nAmVtCMerhy53p6A.roa
File: 4MwhxI6W678nAmVtCMerhy53p6A.roa (raw, json)
Hash identifier: xvm8uDDsOB1k5vbmpEMQ4SNKomB2emvP6MLbhkBge8M=
Subject key identifier: E0:CC:21:C4:8E:96:EB:BF:27:02:65:6D:08:C7:AB:87:2E:77:A7:A0
Certificate issuer: /CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Certificate serial: 0197E41A10325F122406EAC44F05D45D85B5
Authority key identifier: C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/4MwhxI6W678nAmVtCMerhy53p6A.roa
Signing time: Mon 07 Jul 2025 08:56:42 +0000
ROA not before: Mon 07 Jul 2025 08:56:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208360
IP address blocks: 2a0e:67c5::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 09 Jul 2025 10:54:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:e4:1a:10:32:5f:12:24:06:ea:c4:4f:05:d4:5d:85:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Validity
Not Before: Jul 7 08:56:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e0cc21c48e96ebbf2702656d08c7ab872e77a7a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:69:9a:00:bc:67:1b:d2:af:9b:75:a7:f2:93:
07:cb:85:13:0a:fe:51:be:c2:7d:b3:a8:81:10:7e:
28:15:f5:4d:1e:a3:c0:d9:03:05:0f:93:bf:cf:ae:
c2:e3:be:32:f7:94:57:68:ac:89:ea:ae:54:01:2d:
5d:90:4d:14:0b:07:4f:e3:13:ec:ba:78:b7:f2:b3:
34:7f:6c:09:6f:94:91:e3:4c:66:4d:fd:e7:e0:67:
0b:f1:ed:1b:3e:f6:52:1f:af:eb:f4:7e:f5:24:03:
1d:f7:91:82:1b:26:e1:7a:89:2d:bd:da:99:22:8f:
06:2b:71:ae:fa:ec:38:05:fa:98:87:e0:e6:9b:e2:
05:22:09:7e:1b:42:7b:9f:2d:46:6a:46:59:dc:3c:
db:12:b5:d5:e6:2f:e0:86:92:b0:b2:f1:ce:d3:e0:
f0:fc:ae:2d:d0:38:d7:12:b4:96:e0:76:9a:e3:a9:
94:4e:d9:ce:89:f0:36:51:d5:51:19:d6:fc:8e:1e:
06:ec:ad:3d:28:ab:4b:b2:e9:f2:3f:07:4f:37:3a:
b8:13:68:31:5b:e9:91:1b:49:7b:8f:20:c8:ca:87:
8c:a7:7a:06:6a:76:f5:c1:5a:c7:df:d6:70:70:46:
5d:d0:c3:42:7f:70:87:1b:e1:84:63:26:0b:15:06:
3e:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:CC:21:C4:8E:96:EB:BF:27:02:65:6D:08:C7:AB:87:2E:77:A7:A0
X509v3 Authority Key Identifier:
keyid:C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/4MwhxI6W678nAmVtCMerhy53p6A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/w4KAxTALdIiKx-tL-mQX2aLnsL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:67c5::/32
Signature Algorithm: sha256WithRSAEncryption
c5:45:f7:a4:e3:2d:ef:63:78:55:eb:0e:4c:37:f4:6b:2a:35:
18:3e:fa:a0:a6:a0:c8:36:c9:29:9e:22:d8:90:8d:57:3f:f3:
14:72:3e:30:11:cf:6c:17:d3:f0:5d:f5:9d:fb:87:b8:74:f8:
33:28:f4:dc:bd:43:b1:55:18:e3:57:a2:26:26:bb:dc:07:f6:
cf:0f:c8:f7:07:69:1e:e7:b0:86:0e:d6:fb:6d:5b:65:9a:92:
d3:c5:1c:52:89:4a:a1:6e:a2:39:09:c8:28:9e:d4:b2:6f:36:
dd:e1:84:0d:26:60:0a:d9:7f:ec:de:83:ce:c8:15:c4:b8:b2:
14:c9:c9:17:1d:f8:07:db:6d:61:aa:8f:1e:82:f8:58:af:97:
e9:02:ae:01:2c:bf:6c:9e:8c:c6:99:dd:0d:90:1e:5a:93:1d:
47:b9:f4:01:7a:9c:e6:c6:eb:25:2a:4a:6f:62:c7:18:12:8b:
43:79:69:54:3d:2b:22:10:83:bf:df:69:31:05:5e:99:0d:5b:
17:93:51:c2:01:90:1c:6a:e6:f4:2a:79:d3:66:1f:f2:1b:ee:
e8:e6:6d:e7:9d:02:2c:3b:52:34:a8:7f:89:35:d3:16:f1:57:
d8:15:37:33:0f:3c:74:cc:a8:f6:31:5c:43:15:32:77:3d:80:
db:46:97:c6
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZfkGhAyXxIkBurETwXUXYW1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzODI4MGM1MzAwYjc0ODg4YWM3ZWI0YmZhNjQxN2Q5YTJl
N2IwYmUwHhcNMjUwNzA3MDg1NjQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGNjMjFjNDhlOTZlYmJmMjcwMjY1NmQwOGM3YWI4NzJlNzdhN2EwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsWmaALxnG9Kvm3Wn8pMHy4UTCv5R
vsJ9s6iBEH4oFfVNHqPA2QMFD5O/z67C474y95RXaKyJ6q5UAS1dkE0UCwdP4xPs
uni38rM0f2wJb5SR40xmTf3n4GcL8e0bPvZSH6/r9H71JAMd95GCGybheoktvdqZ
Io8GK3Gu+uw4BfqYh+Dmm+IFIgl+G0J7ny1GakZZ3DzbErXV5i/ghpKwsvHO0+Dw
/K4t0DjXErSW4Haa46mUTtnOifA2UdVRGdb8jh4G7K09KKtLsunyPwdPNzq4E2gx
W+mRG0l7jyDIyoeMp3oGanb1wVrH39ZwcEZd0MNCf3CHG+GEYyYLFQY+jQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFODMIcSOluu/JwJlbQjHq4cud6egMB8GA1UdIwQY
MBaAFMOCgMUwC3SIisfrS/pkF9mi57C+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2Yt
NDFiYjIxYWMyODAxLzEvNE13aHhJNlc2NzhuQW1WdENNZXJoeTUzcDZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2YtNDFiYjIxYWMyODAx
LzEvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg5nxTAN
BgkqhkiG9w0BAQsFAAOCAQEAxUX3pOMt72N4VesOTDf0ayo1GD76oKagyDbJKZ4i
2JCNVz/zFHI+MBHPbBfT8F31nfuHuHT4Myj03L1DsVUY41eiJia73Af2zw/I9wdp
Huewhg7W+21bZZqS08UcUolKoW6iOQnIKJ7Usm823eGEDSZgCtl/7N6DzsgVxLiy
FMnJFx34B9ttYaqPHoL4WK+X6QKuASy/bJ6MxpndDZAeWpMdR7n0AXqc5sbrJSpK
b2LHGBKLQ3lpVD0rIhCDv99pMQVemQ1bF5NRwgGQHGrm9Cp502Yf8hvu6OZt550C
LDtSNKh/iTXTFvFX2BU3Mw88dMyo9jFcQxUydz2A20aXxg==
-----END CERTIFICATE-----
Generated at Sat Jul 26 12:09:14 2025 by rpki-client