Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/2Q4onZMC_hZcJKGC8mM5mKJkQeY.roa
File: 2Q4onZMC_hZcJKGC8mM5mKJkQeY.roa (raw, json)
Hash identifier: /gmVkMBQ1PYL/IZipAGjJVZPGzwCErS05t/ExvB5QbM=
Subject key identifier: D9:0E:28:9D:93:02:FE:16:5C:24:A1:82:F2:63:39:98:A2:64:41:E6
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 0197AEBBA53A12287FFE2CC434F17A23BEBE
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/2Q4onZMC_hZcJKGC8mM5mKJkQeY.roa
Signing time: Fri 27 Jun 2025 00:13:42 +0000
ROA not before: Fri 27 Jun 2025 00:13:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 27 Jun 2025 01:04:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ae:bb:a5:3a:12:28:7f:fe:2c:c4:34:f1:7a:23:be:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 27 00:13:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d90e289d9302fe165c24a182f2633998a26441e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:e5:59:74:cc:ca:e3:37:23:76:ba:28:ed:8f:
b2:32:b3:93:eb:16:8b:d9:f0:ed:3d:ce:ac:f2:1f:
19:9a:88:02:21:cc:c7:ff:67:37:15:ba:5c:a6:fe:
d3:48:50:5e:7c:af:9c:7f:4a:a7:d6:ea:89:9b:66:
9b:db:23:7a:61:41:e8:cb:11:87:c1:2d:51:bb:15:
ab:2e:d8:eb:32:e7:1e:4e:6b:61:dc:d0:e5:bb:92:
06:c5:15:2d:da:3f:aa:69:14:b5:78:1e:fa:21:11:
7b:51:fc:8d:00:e3:0c:22:67:11:30:99:91:d5:09:
ea:ba:2a:09:41:ac:56:2e:77:8f:4f:c8:e7:cb:47:
6b:dd:dd:f8:d4:99:18:46:fe:b5:21:53:81:17:ad:
c5:5e:59:dd:8c:a0:80:31:25:6a:f6:a6:bf:be:96:
68:35:1e:18:f3:ac:21:2c:0f:45:c8:9b:3d:53:d6:
54:d7:6c:0a:50:22:be:7a:10:e6:d1:e0:b8:38:d9:
2e:69:09:9b:17:dd:16:f5:dc:02:2d:34:3f:08:81:
a4:08:a0:c8:59:70:fd:28:50:89:7c:66:89:a5:5d:
46:1e:78:a3:bb:70:be:82:8d:50:14:c2:11:a0:9c:
04:87:6a:8f:37:a8:bf:d3:69:c2:de:6a:57:9a:fe:
c9:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:0E:28:9D:93:02:FE:16:5C:24:A1:82:F2:63:39:98:A2:64:41:E6
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/2Q4onZMC_hZcJKGC8mM5mKJkQeY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
6e:32:13:7a:e9:70:8b:1d:d5:88:29:29:83:3e:16:f4:3d:09:
30:67:2c:20:d6:59:1f:48:d7:bd:8a:d8:23:f2:51:da:61:32:
10:dc:ed:d1:79:e9:6f:b2:f9:1d:df:63:a3:eb:a5:82:ed:a8:
83:12:78:1b:6f:76:10:aa:c4:eb:63:62:6d:2f:f6:2d:94:8d:
ba:48:af:21:44:b5:37:05:c0:07:86:9f:34:da:7c:14:f9:b4:
21:b5:dd:38:85:9a:7c:d8:e9:fc:01:ae:92:69:dd:9c:ec:c0:
88:72:1e:38:fe:1e:8c:2b:50:9c:fe:02:27:5b:27:21:e8:c6:
e7:09:af:89:3c:fe:3a:26:d5:b1:fa:e3:56:9f:e2:7f:72:a3:
19:fa:61:7f:9d:28:c9:3e:42:3b:64:eb:4d:41:12:d1:61:e8:
ec:72:68:38:e0:88:e3:89:49:39:fe:40:e1:55:3d:2f:57:7a:
33:39:a9:43:64:b4:fe:20:d1:e7:de:a4:2b:02:38:7c:d5:d1:
d7:a8:48:38:72:0b:bb:a9:85:44:19:f0:15:03:de:80:06:99:
a5:ca:e2:37:ef:2d:6b:07:eb:fc:6f:c3:ef:9a:7a:03:26:96:
1c:c5:65:58:a7:94:03:d0:da:c4:9c:11:2d:4c:a8:1b:d0:6c:
7d:fd:a8:58
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZeuu6U6Eih//izENPF6I76+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjI3MDAxMzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTBlMjg5ZDkzMDJmZTE2NWMyNGExODJmMjYzMzk5OGEyNjQ0MWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1+VZdMzK4zcjdroo7Y+yMrOT6xaL
2fDtPc6s8h8ZmogCIczH/2c3Fbpcpv7TSFBefK+cf0qn1uqJm2ab2yN6YUHoyxGH
wS1RuxWrLtjrMuceTmth3NDlu5IGxRUt2j+qaRS1eB76IRF7UfyNAOMMImcRMJmR
1QnquioJQaxWLnePT8jny0dr3d341JkYRv61IVOBF63FXlndjKCAMSVq9qa/vpZo
NR4Y86whLA9FyJs9U9ZU12wKUCK+ehDm0eC4ONkuaQmbF90W9dwCLTQ/CIGkCKDI
WXD9KFCJfGaJpV1GHniju3C+go1QFMIRoJwEh2qPN6i/02nC3mpXmv7JRQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFNkOKJ2TAv4WXCShgvJjOZiiZEHmMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvMlE0b25aTUNfaFpjSktHQzhtTTVtS0prUWVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAbjITeulwix3ViCkpgz4W9D0J
MGcsINZZH0jXvYrYI/JR2mEyENzt0Xnpb7L5Hd9jo+ulgu2ogxJ4G292EKrE62Ni
bS/2LZSNukivIUS1NwXAB4afNNp8FPm0IbXdOIWafNjp/AGukmndnOzAiHIeOP4e
jCtQnP4CJ1snIejG5wmviTz+OibVsfrjVp/if3KjGfphf50oyT5CO2TrTUES0WHo
7HJoOOCI44lJOf5A4VU9L1d6MzmpQ2S0/iDR596kKwI4fNXR16hIOHILu6mFRBnw
FQPegAaZpcriN+8tawfr/G/D75p6AyaWHMVlWKeUA9DaxJwRLUyoG9Bsff2oWA==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:43:42 2025 by rpki-client