Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/23_XL6Zy8WfT_QpJlTSZOdOvwUM.roa
File: 23_XL6Zy8WfT_QpJlTSZOdOvwUM.roa (raw, json)
Hash identifier: eUeuWQNdOjtJfT2yywnVnpSrEe8Eo3ZPJT2VguJaSyg=
Subject key identifier: DB:7F:D7:2F:A6:72:F1:67:D3:FD:0A:49:95:34:99:39:D3:AF:C1:43
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 019770B631183701053B58BCFBD5784845FC
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/23_XL6Zy8WfT_QpJlTSZOdOvwUM.roa
Signing time: Sat 14 Jun 2025 23:11:17 +0000
ROA not before: Sat 14 Jun 2025 23:11:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 15 Jun 2025 00:04:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:70:b6:31:18:37:01:05:3b:58:bc:fb:d5:78:48:45:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 14 23:11:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=db7fd72fa672f167d3fd0a4995349939d3afc143
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:33:31:e4:c6:b5:e5:d6:a2:b8:4b:04:64:9c:
6d:31:be:c1:4d:78:a1:cc:01:b6:bc:25:db:f3:5f:
bb:e1:38:75:2d:fc:29:aa:f5:92:6c:25:d2:0d:3e:
d2:db:d5:c4:0c:69:f2:c8:f7:9f:ea:1e:cb:23:2e:
07:6a:5c:d4:fc:3b:1d:3a:2a:16:f2:e2:98:20:6e:
57:1f:f9:d8:39:c3:35:e8:a2:4e:19:62:24:17:54:
85:06:20:50:3e:bf:09:be:ce:ca:6b:58:78:54:3f:
b7:97:d7:75:d0:2b:dc:e3:b3:04:f9:97:8a:82:86:
f1:30:9c:0b:5f:6a:00:06:84:f9:41:b6:db:71:d3:
97:57:56:1a:5b:d7:ce:f9:71:ef:83:ea:ec:c7:df:
aa:fc:ee:d7:23:2b:5c:9c:29:1e:03:49:16:2e:b4:
1b:40:93:b6:c0:41:d4:40:ca:fa:0e:5f:2a:24:7b:
39:a9:40:60:d3:46:05:95:08:57:d9:ad:f9:02:78:
bd:22:d2:36:77:9c:6a:33:d9:94:d3:0c:72:e1:bf:
89:cf:c7:6c:7e:9e:e4:ed:da:cc:75:ae:b4:77:9e:
f0:8d:08:c4:03:41:90:a8:2e:1f:db:ae:33:60:96:
1c:1c:c9:5d:08:5b:f7:0c:34:51:3c:96:09:22:6b:
61:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:7F:D7:2F:A6:72:F1:67:D3:FD:0A:49:95:34:99:39:D3:AF:C1:43
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/23_XL6Zy8WfT_QpJlTSZOdOvwUM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
4d:cc:13:63:be:44:92:ea:d1:51:f7:b3:23:dd:9e:62:b7:7f:
07:49:ff:eb:d7:ae:90:57:04:78:5f:02:25:62:47:2c:6d:92:
44:d4:06:d3:10:8c:57:f5:95:fc:ef:f6:20:66:ec:91:68:fd:
a4:2c:e6:d1:ee:f4:7d:75:82:e1:e3:49:99:5e:ea:fb:e3:a2:
e6:4e:c7:a6:90:fb:b9:ee:55:d8:6a:f3:b5:1f:3a:7d:e9:cc:
67:3c:d8:7d:d3:64:6e:e3:a2:8b:2b:a5:71:41:3b:15:8d:12:
4f:27:75:65:82:a7:78:76:cb:69:4b:4f:8a:70:77:a2:ea:ba:
bb:69:04:e2:c5:f3:8b:37:92:20:07:9a:6f:1f:2d:6c:56:69:
f5:df:bf:44:99:ef:8b:39:db:42:4f:f6:c7:c5:e1:a8:40:48:
ee:3a:ff:ca:9c:35:1f:77:fc:a0:5e:95:f9:22:26:70:22:3d:
05:75:54:d0:2e:2f:3e:47:96:b3:e4:07:2f:cb:15:ac:c0:05:
73:bb:1c:8f:a6:36:5f:33:e6:ed:a2:53:e7:f3:65:ab:09:13:
32:32:8f:d1:fd:70:a6:76:fb:5d:0b:81:61:be:9b:b9:db:49:
72:47:99:72:48:d9:fa:ee:76:32:08:d3:c8:29:29:ce:37:1e:
14:e4:bd:e8
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZdwtjEYNwEFO1i8+9V4SEX8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjE0MjMxMTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjdmZDcyZmE2NzJmMTY3ZDNmZDBhNDk5NTM0OTkzOWQzYWZjMTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwjMx5Ma15daiuEsEZJxtMb7BTXih
zAG2vCXb81+74Th1LfwpqvWSbCXSDT7S29XEDGnyyPef6h7LIy4HalzU/DsdOioW
8uKYIG5XH/nYOcM16KJOGWIkF1SFBiBQPr8Jvs7Ka1h4VD+3l9d10Cvc47ME+ZeK
gobxMJwLX2oABoT5QbbbcdOXV1YaW9fO+XHvg+rsx9+q/O7XIytcnCkeA0kWLrQb
QJO2wEHUQMr6Dl8qJHs5qUBg00YFlQhX2a35Ani9ItI2d5xqM9mU0wxy4b+Jz8ds
fp7k7drMda60d57wjQjEA0GQqC4f264zYJYcHMldCFv3DDRRPJYJImthVwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFNt/1y+mcvFn0/0KSZU0mTnTr8FDMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvMjNfWEw2Wnk4V2ZUX1FwSmxUU1pPZE92d1VNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEATcwTY75EkurRUfezI92eYrd/
B0n/69eukFcEeF8CJWJHLG2SRNQG0xCMV/WV/O/2IGbskWj9pCzm0e70fXWC4eNJ
mV7q++Oi5k7HppD7ue5V2GrztR86fenMZzzYfdNkbuOiiyulcUE7FY0STyd1ZYKn
eHbLaUtPinB3ouq6u2kE4sXzizeSIAeabx8tbFZp9d+/RJnviznbQk/2x8XhqEBI
7jr/ypw1H3f8oF6V+SImcCI9BXVU0C4vPkeWs+QHL8sVrMAFc7scj6Y2XzPm7aJT
5/NlqwkTMjKP0f1wpnb7XQuBYb6budtJckeZckjZ+u52MgjTyCkpzjceFOS96A==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:30:12 2025 by rpki-client