Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/1ZhgJSUtY6eo7jeJZOLtLPCPg-0.roa
File: 1ZhgJSUtY6eo7jeJZOLtLPCPg-0.roa (raw, json)
Hash identifier: EWAMSRkkaLWjFWOmaYlHQ870eB3seVg31m0h0HRYo8k=
Subject key identifier: D5:98:60:25:25:2D:63:A7:A8:EE:37:89:64:E2:ED:2C:F0:8F:83:ED
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 01977192D5D72570F4ED201704DE2EE5C041
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/1ZhgJSUtY6eo7jeJZOLtLPCPg-0.roa
Signing time: Sun 15 Jun 2025 03:12:17 +0000
ROA not before: Sun 15 Jun 2025 03:12:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 15 Jun 2025 04:04:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:71:92:d5:d7:25:70:f4:ed:20:17:04:de:2e:e5:c0:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 15 03:12:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d5986025252d63a7a8ee378964e2ed2cf08f83ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:83:21:1b:86:84:77:5c:dd:bd:1b:92:f9:e2:
70:6c:f0:95:ca:a2:52:b3:79:ea:3c:cb:25:c0:0a:
86:06:bc:ad:ea:32:63:ad:cc:70:d1:64:27:46:6e:
71:2f:68:a5:5d:d1:f8:b7:96:da:ce:89:14:6c:2e:
2a:6c:d0:19:18:78:f0:d6:94:fe:86:90:3d:39:ff:
c5:95:ae:d6:1a:8c:e1:c5:84:ac:89:e9:ed:60:d4:
fd:6c:ea:80:26:0d:8c:13:57:e3:7b:53:b0:32:81:
4d:ed:bb:59:8e:af:64:f5:17:d5:c4:46:cd:8b:64:
28:67:44:d8:79:55:68:1f:a5:18:e8:9a:3c:a0:fe:
e5:16:10:ab:c7:22:37:16:eb:69:3f:0d:58:32:c6:
4b:d5:ec:8e:eb:04:20:40:05:cc:36:56:5d:2d:7e:
1f:1b:21:fd:96:3f:7f:e2:3c:c1:18:8d:3d:9d:92:
3a:7f:60:99:29:89:20:58:66:1f:38:57:c6:44:83:
10:29:ee:13:eb:0a:45:74:9d:36:2e:74:0f:b8:63:
f3:0b:33:9e:1d:67:af:47:f1:3e:8a:cf:ff:25:7f:
3e:23:ce:17:c4:81:7c:21:dd:ca:0c:1c:2b:f7:79:
88:b1:f8:9e:6a:1f:b3:36:c8:97:77:03:32:cb:0c:
86:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:98:60:25:25:2D:63:A7:A8:EE:37:89:64:E2:ED:2C:F0:8F:83:ED
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/1ZhgJSUtY6eo7jeJZOLtLPCPg-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
5f:ed:52:bd:04:7d:fc:bf:5f:6a:d9:d4:4c:3a:ce:03:79:53:
7e:1a:fb:02:02:1b:ed:27:7d:bc:8f:5c:55:7f:53:ea:18:b7:
58:91:74:5d:4f:55:60:a3:03:6e:52:47:a2:60:c5:42:cd:df:
e7:6a:78:70:bc:6f:a0:c5:99:2b:9e:48:a2:05:50:92:55:cc:
cc:d6:b2:5b:18:53:26:11:34:b8:77:85:1b:18:ad:c7:9a:28:
a1:8a:0d:23:13:86:87:28:ba:0b:d1:5c:43:7b:bd:6e:76:e1:
f7:c4:96:83:ad:2a:20:e6:4d:87:62:fb:99:44:7b:9e:21:4c:
f2:ce:d1:d9:7a:72:60:fc:2e:65:bd:9c:8e:13:3c:c7:fe:ab:
9d:3b:a4:31:c1:99:7c:d0:93:7e:11:84:3e:ed:ae:ca:4a:16:
1e:07:ef:2d:92:17:ad:dd:93:90:4e:29:55:69:ac:c2:3d:d1:
70:46:d6:3b:40:75:48:f8:14:83:8d:3f:f1:15:c3:86:39:d7:
58:e7:1a:a9:cd:d6:4c:07:e4:85:49:1e:79:1a:44:16:28:4e:
7b:e1:f6:93:c5:fc:96:a6:cb:6f:62:ea:0c:bb:8a:6d:9c:cf:
43:d6:0d:06:55:86:23:31:ce:89:59:dc:54:07:f6:af:74:16:
93:3b:02:05
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZdxktXXJXD07SAXBN4u5cBBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjE1MDMxMjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTk4NjAyNTI1MmQ2M2E3YThlZTM3ODk2NGUyZWQyY2YwOGY4M2VkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoYMhG4aEd1zdvRuS+eJwbPCVyqJS
s3nqPMslwAqGBryt6jJjrcxw0WQnRm5xL2ilXdH4t5bazokUbC4qbNAZGHjw1pT+
hpA9Of/Fla7WGozhxYSsientYNT9bOqAJg2ME1fje1OwMoFN7btZjq9k9RfVxEbN
i2QoZ0TYeVVoH6UY6Jo8oP7lFhCrxyI3FutpPw1YMsZL1eyO6wQgQAXMNlZdLX4f
GyH9lj9/4jzBGI09nZI6f2CZKYkgWGYfOFfGRIMQKe4T6wpFdJ02LnQPuGPzCzOe
HWevR/E+is//JX8+I84XxIF8Id3KDBwr93mIsfieah+zNsiXdwMyywyGPwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFNWYYCUlLWOnqO43iWTi7Szwj4PtMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvMVpoZ0pTVXRZNmVvN2plSlpPTHRMUENQZy0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAX+1SvQR9/L9fatnUTDrOA3lT
fhr7AgIb7Sd9vI9cVX9T6hi3WJF0XU9VYKMDblJHomDFQs3f52p4cLxvoMWZK55I
ogVQklXMzNayWxhTJhE0uHeFGxitx5oooYoNIxOGhyi6C9FcQ3u9bnbh98SWg60q
IOZNh2L7mUR7niFM8s7R2XpyYPwuZb2cjhM8x/6rnTukMcGZfNCTfhGEPu2uykoW
HgfvLZIXrd2TkE4pVWmswj3RcEbWO0B1SPgUg40/8RXDhjnXWOcaqc3WTAfkhUke
eRpEFihOe+H2k8X8lqbLb2LqDLuKbZzPQ9YNBlWGIzHOiVncVAf2r3QWkzsCBQ==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:02:45 2025 by rpki-client