Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/0C8CiyM5g_RzFpJ6CEbX5PdKRqQ.roa
File: 0C8CiyM5g_RzFpJ6CEbX5PdKRqQ.roa (raw, json)
Hash identifier: gSgcHw8b7oLE/Xahne5BHgaLCYvr36OS6GzDFSLU9Bg=
Subject key identifier: D0:2F:02:8B:23:39:83:F4:73:16:92:7A:08:46:D7:E4:F7:4A:46:A4
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 0197C3C11DD541C77BB73D134315A657E2AA
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/0C8CiyM5g_RzFpJ6CEbX5PdKRqQ.roa
Signing time: Tue 01 Jul 2025 02:11:42 +0000
ROA not before: Tue 01 Jul 2025 02:11:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 01 Jul 2025 03:08:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c3:c1:1d:d5:41:c7:7b:b7:3d:13:43:15:a6:57:e2:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jul 1 02:11:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d02f028b233983f47316927a0846d7e4f74a46a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:50:58:de:de:33:89:5c:36:65:59:c7:85:d3:
2e:d1:b0:1b:93:33:c5:3e:6d:10:75:73:10:ea:eb:
2a:e0:e6:b6:83:31:95:e2:c6:bf:cc:e5:d9:00:36:
f6:00:0e:13:9c:32:be:e4:71:7a:dd:15:85:52:bc:
39:09:4e:0b:71:6c:4f:16:ae:a1:d2:f2:f0:cd:ea:
68:f0:80:33:ef:ce:b2:36:e9:11:20:fe:27:87:ed:
1c:15:3f:b8:ff:ac:b3:73:70:51:19:e1:4d:58:0b:
5e:46:15:3f:e7:88:df:5c:21:00:c9:fe:0a:05:dc:
9b:f1:14:40:cf:60:d4:cd:cf:c7:c9:81:7f:59:7e:
54:23:de:d0:c1:84:9a:f3:56:bd:17:b4:f2:40:f2:
c0:ce:dd:86:1d:30:17:4c:fd:d8:26:e3:00:f5:31:
e0:f0:a7:46:f6:58:fc:56:b3:2d:15:6c:da:3c:63:
af:78:a4:b3:df:a5:d0:86:92:6a:29:6a:4c:c4:32:
a4:2b:5f:61:8b:42:fe:e0:87:5e:dd:62:03:5c:77:
bf:64:30:5c:4a:eb:ec:12:77:1c:61:bc:68:05:55:
31:ac:59:da:34:15:32:57:7b:3e:c7:97:f2:94:e7:
3a:bc:9e:9a:69:3e:f3:62:6f:14:96:69:df:5c:f9:
51:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:2F:02:8B:23:39:83:F4:73:16:92:7A:08:46:D7:E4:F7:4A:46:A4
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/0C8CiyM5g_RzFpJ6CEbX5PdKRqQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
25:65:46:e7:0a:17:e5:e5:2a:ba:16:a2:2c:8f:b5:7f:0c:cb:
28:98:19:5d:f6:9d:31:1a:4e:c8:a6:60:6a:ce:17:7f:d4:1c:
db:5e:39:41:9d:be:22:6e:14:ff:e8:db:f4:d3:24:14:4b:38:
75:f3:74:c1:2e:32:b4:80:45:98:f4:da:81:f4:9e:08:52:83:
fa:18:1d:4b:2a:70:4a:ac:87:d0:e1:f2:60:60:20:bc:5c:27:
ef:c9:ab:51:92:88:fa:c4:c8:19:b4:76:1c:fc:09:33:67:ac:
a2:55:07:c6:08:b6:7e:ff:cf:85:1e:5f:5d:b0:6d:6b:0c:91:
a8:19:1d:14:2b:1d:ef:47:68:f1:24:84:89:4a:41:84:f4:52:
94:4c:e2:60:1d:a7:54:39:bd:b1:ca:e4:73:c9:fb:b3:ed:df:
d8:55:31:f1:22:9b:6d:c5:6c:11:46:9f:22:4b:31:8f:9a:80:
98:34:9b:ed:8b:a9:f0:b3:25:78:7b:58:34:b7:c5:6a:84:cf:
24:a6:d9:f4:1b:1c:85:fd:99:ae:2c:0e:20:4a:2e:37:59:f6:
8e:10:e0:f8:5c:14:b3:59:0c:1e:58:60:c7:f1:f1:07:18:27:
70:09:ef:cc:30:45:3b:c5:a5:01:51:41:7c:9d:dc:df:bd:59:
87:95:e8:2f
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZfDwR3VQcd7tz0TQxWmV+KqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNzAxMDIxMTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDJmMDI4YjIzMzk4M2Y0NzMxNjkyN2EwODQ2ZDdlNGY3NGE0NmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyFBY3t4ziVw2ZVnHhdMu0bAbkzPF
Pm0QdXMQ6usq4Oa2gzGV4sa/zOXZADb2AA4TnDK+5HF63RWFUrw5CU4LcWxPFq6h
0vLwzepo8IAz786yNukRIP4nh+0cFT+4/6yzc3BRGeFNWAteRhU/54jfXCEAyf4K
Bdyb8RRAz2DUzc/HyYF/WX5UI97QwYSa81a9F7TyQPLAzt2GHTAXTP3YJuMA9THg
8KdG9lj8VrMtFWzaPGOveKSz36XQhpJqKWpMxDKkK19hi0L+4Ide3WIDXHe/ZDBc
SuvsEnccYbxoBVUxrFnaNBUyV3s+x5fylOc6vJ6aaT7zYm8UlmnfXPlR/QIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFNAvAosjOYP0cxaSeghG1+T3SkakMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvMEM4Q2l5TTVnX1J6RnBKNkNFYlg1UGRLUnFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAJWVG5woX5eUquhaiLI+1fwzL
KJgZXfadMRpOyKZgas4Xf9Qc2145QZ2+Im4U/+jb9NMkFEs4dfN0wS4ytIBFmPTa
gfSeCFKD+hgdSypwSqyH0OHyYGAgvFwn78mrUZKI+sTIGbR2HPwJM2esolUHxgi2
fv/PhR5fXbBtawyRqBkdFCsd70do8SSEiUpBhPRSlEziYB2nVDm9scrkc8n7s+3f
2FUx8SKbbcVsEUafIksxj5qAmDSb7Yup8LMleHtYNLfFaoTPJKbZ9Bschf2ZriwO
IEouN1n2jhDg+FwUs1kMHlhgx/HxBxgncAnvzDBFO8WlAVFBfJ3c371Zh5XoLw==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:31:08 2025 by rpki-client