Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/2tm_eDemQEFk5DJ8lPSRF5GdCD4.roa
File: 2tm_eDemQEFk5DJ8lPSRF5GdCD4.roa (raw, json)
Hash identifier: x8bEJAo/W3aoWWNf9nBRQsXmAz5jYNITFl85Pa781t0=
Subject key identifier: DA:D9:BF:78:37:A6:40:41:64:E4:32:7C:94:F4:91:17:91:9D:08:3E
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 0197C054F4C051AC6C383D6E3823EF44FFAD
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/2tm_eDemQEFk5DJ8lPSRF5GdCD4.roa
Signing time: Mon 30 Jun 2025 10:14:42 +0000
ROA not before: Mon 30 Jun 2025 10:14:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 30 Jun 2025 11:04:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c0:54:f4:c0:51:ac:6c:38:3d:6e:38:23:ef:44:ff:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 30 10:14:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dad9bf7837a6404164e4327c94f49117919d083e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:c6:ea:5a:fb:d9:f0:c2:f5:96:88:dd:58:46:
2c:15:0d:ec:d7:97:29:c4:ab:d3:8d:49:b3:cc:66:
65:ed:a5:90:55:87:62:e6:e0:75:26:51:39:6a:e2:
0a:fd:ed:72:e1:f5:46:0c:bb:0d:6a:d7:0e:00:df:
58:89:ce:44:e5:74:5a:c7:08:39:50:e4:e0:75:2a:
90:50:d1:08:cf:26:5c:d2:a2:54:f7:ae:00:bb:d8:
68:6f:32:9c:51:b9:37:d3:56:44:62:57:fe:a8:38:
35:bd:7f:4d:a9:9a:a4:4f:ed:ce:2f:f5:f4:f1:6e:
38:68:96:ae:0d:57:d1:db:28:9f:32:e0:41:9e:1c:
05:1b:fb:b4:49:f3:68:03:df:5c:00:9b:b0:13:aa:
6f:bf:d5:bb:38:22:82:a3:22:a7:e9:c6:ed:6d:89:
38:f3:33:70:dc:0f:82:e9:d3:48:d0:bf:5f:01:7c:
17:92:35:65:8f:95:7e:25:f1:84:36:6e:b6:44:72:
ba:03:7e:53:b4:d6:f4:7f:ff:40:de:47:c5:04:a1:
0d:79:e3:b1:38:e2:82:9a:c4:53:27:5a:ba:99:83:
b3:5d:df:8b:ea:1c:b3:f4:5f:13:c9:7b:e4:ab:a9:
18:08:c0:b3:5d:77:0d:47:ff:39:fc:f9:0e:06:61:
6d:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:D9:BF:78:37:A6:40:41:64:E4:32:7C:94:F4:91:17:91:9D:08:3E
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/2tm_eDemQEFk5DJ8lPSRF5GdCD4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
54:f4:e7:5e:b5:e1:e3:ea:bf:ab:7d:5f:cf:ba:ec:19:52:8c:
d8:c6:75:5e:c1:cb:f7:e0:63:d5:d6:0e:f4:df:68:12:c0:c3:
5b:8b:3f:a2:60:a1:5f:d2:b2:3e:a6:73:14:da:fd:9e:71:43:
38:de:7e:20:b7:46:9f:75:19:c2:4c:13:17:64:ad:df:b1:64:
e2:47:f7:34:51:41:83:ce:7e:6d:85:4c:b3:00:90:a7:3a:29:
7c:dc:99:7a:59:57:5e:ee:ad:b7:3f:ea:25:eb:c5:3c:70:90:
3a:78:04:ea:3e:33:11:61:9f:e5:fe:f4:6c:7a:cd:31:1d:6c:
d7:aa:94:fa:e2:29:22:af:cc:bb:d0:9e:b9:e6:2d:f7:18:4b:
5c:d6:f5:39:4a:33:75:ee:4e:3b:cc:80:9e:d0:0e:71:46:b9:
bf:aa:00:06:4b:c4:9d:15:fd:83:08:4e:95:f3:96:8a:a7:9a:
c9:38:b7:76:0e:64:35:c1:c1:66:3c:d3:2b:9f:fe:ed:a6:29:
29:c1:47:12:37:d4:87:da:8c:52:19:a9:cb:05:ee:06:d2:fd:
e1:31:5b:02:ed:28:a9:28:07:f4:72:a7:d1:a0:1c:53:a0:ce:
84:57:4e:0e:d2:cb:6d:b4:f6:52:00:02:6e:79:60:9a:b6:04:
ad:89:0a:5d
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZfAVPTAUaxsOD1uOCPvRP+tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjMwMTAxNDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWQ5YmY3ODM3YTY0MDQxNjRlNDMyN2M5NGY0OTExNzkxOWQwODNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1cbqWvvZ8ML1lojdWEYsFQ3s15cp
xKvTjUmzzGZl7aWQVYdi5uB1JlE5auIK/e1y4fVGDLsNatcOAN9Yic5E5XRaxwg5
UOTgdSqQUNEIzyZc0qJU964Au9hobzKcUbk301ZEYlf+qDg1vX9NqZqkT+3OL/X0
8W44aJauDVfR2yifMuBBnhwFG/u0SfNoA99cAJuwE6pvv9W7OCKCoyKn6cbtbYk4
8zNw3A+C6dNI0L9fAXwXkjVlj5V+JfGENm62RHK6A35TtNb0f/9A3kfFBKENeeOx
OOKCmsRTJ1q6mYOzXd+L6hyz9F8TyXvkq6kYCMCzXXcNR/85/PkOBmFt+wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFNrZv3g3pkBBZOQyfJT0kReRnQg+MB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvMnRtX2VEZW1RRUZrNURKOGxQU1JGNUdkQ0Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAVPTnXrXh4+q/q31fz7rsGVKM
2MZ1XsHL9+Bj1dYO9N9oEsDDW4s/omChX9KyPqZzFNr9nnFDON5+ILdGn3UZwkwT
F2St37Fk4kf3NFFBg85+bYVMswCQpzopfNyZellXXu6ttz/qJevFPHCQOngE6j4z
EWGf5f70bHrNMR1s16qU+uIpIq/Mu9CeueYt9xhLXNb1OUozde5OO8yAntAOcUa5
v6oABkvEnRX9gwhOlfOWiqeayTi3dg5kNcHBZjzTK5/+7aYpKcFHEjfUh9qMUhmp
ywXuBtL94TFbAu0oqSgH9HKn0aAcU6DOhFdODtLLbbT2UgACbnlgmrYErYkKXQ==
-----END CERTIFICATE-----
Generated at Sat Jul 5 14:59:37 2025 by rpki-client