Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/3hORlblKiezWX4RCkexCogMj7e8.roa
File: 3hORlblKiezWX4RCkexCogMj7e8.roa (raw, json)
Hash identifier: ZiChuJxDoibcbsOPiXuVhKmFXAfBBreRZuXuwrjef5Y=
Subject key identifier: DE:13:91:95:B9:4A:89:EC:D6:5F:84:42:91:EC:42:A2:03:23:ED:EF
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 01977F18716C0170EA0A8FF085E28FB7159A
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/3hORlblKiezWX4RCkexCogMj7e8.roa
Signing time: Tue 17 Jun 2025 18:13:17 +0000
ROA not before: Tue 17 Jun 2025 18:13:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 17 Jun 2025 19:04:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:7f:18:71:6c:01:70:ea:0a:8f:f0:85:e2:8f:b7:15:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 17 18:13:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=de139195b94a89ecd65f844291ec42a20323edef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:5d:c4:a5:e6:63:27:37:47:60:1e:bd:df:a1:
db:ea:e6:8e:40:9b:b0:a5:51:48:72:e0:f3:28:d2:
9e:2c:7f:08:e7:67:f7:dc:e0:49:93:6e:1a:79:f1:
15:a5:37:74:0a:15:26:4c:3c:0e:96:3d:c1:0a:bd:
e3:df:5e:0a:dc:9c:c8:7e:71:f6:06:6d:23:a2:cf:
c8:2b:40:bf:1b:07:61:5e:ea:98:0b:62:4c:f1:b0:
82:58:4c:52:5d:b5:ea:4f:c5:02:e2:1a:fb:1b:ad:
21:f9:01:96:fe:8c:8d:f3:4e:9d:d6:97:2f:c2:22:
8c:c7:e7:63:cb:22:b3:4e:64:bd:2c:d7:25:93:5a:
0a:94:89:d0:b9:91:f4:66:21:36:01:7d:69:01:6e:
a9:1b:46:96:b7:85:3b:99:45:66:88:52:3f:8c:38:
80:51:0e:30:59:60:f9:28:54:71:50:a3:f8:b1:d2:
e9:23:26:cb:ed:45:bb:94:37:02:3a:bc:96:f0:49:
da:88:8d:36:a2:18:62:d5:0e:86:93:8a:98:2c:1c:
6d:43:65:92:ba:eb:63:ed:7e:3f:e6:2e:f6:ae:23:
85:2f:bc:44:f0:35:81:e5:9f:88:0d:3d:fa:0c:99:
f4:80:64:df:40:4d:36:e5:cd:74:00:4a:55:5f:95:
c1:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:13:91:95:B9:4A:89:EC:D6:5F:84:42:91:EC:42:A2:03:23:ED:EF
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/3hORlblKiezWX4RCkexCogMj7e8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
5f:ac:21:52:ae:1b:dc:b5:86:7a:46:6a:01:6a:04:7b:07:63:
ba:2d:3b:ec:72:79:54:30:19:4a:b1:e1:67:d9:1d:31:7c:f1:
d8:7c:ca:b6:fc:24:19:c0:0f:da:e9:a2:d3:1b:3b:4e:a9:20:
9a:12:91:0b:1e:16:76:5a:f8:5b:66:49:65:75:4a:e5:6e:84:
9b:d5:55:d9:51:82:74:df:d8:9d:00:5b:14:e6:e4:14:14:18:
7b:b2:cc:38:a7:c9:9a:f3:cb:7f:fd:4c:d0:5a:98:ac:65:dc:
db:5e:2d:19:4a:b4:1d:11:34:42:e3:3e:5d:13:3a:f0:37:37:
83:44:b3:c3:29:73:ca:23:ca:c5:fd:09:cd:82:76:31:d2:51:
0d:ee:c3:46:a1:cd:de:70:2f:0e:67:c5:b2:c4:73:ba:e3:18:
14:33:28:92:b4:fb:c1:5c:61:db:52:cd:14:9c:78:ab:0d:93:
d0:25:3c:54:93:a3:21:ae:62:c7:b2:9e:36:be:67:c2:5e:da:
26:04:0d:ae:ce:48:66:67:62:08:a8:84:5c:b1:1b:1f:5f:5b:
f7:2b:b9:46:d9:55:da:53:dd:e9:98:f8:a7:3d:96:67:c5:7f:
5c:d7:90:4d:d6:9c:0e:4b:80:5d:93:aa:95:e8:1f:da:27:a3:
fb:11:4e:0b
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZd/GHFsAXDqCo/wheKPtxWaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjE3MTgxMzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTEzOTE5NWI5NGE4OWVjZDY1Zjg0NDI5MWVjNDJhMjAzMjNlZGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtl3EpeZjJzdHYB6936Hb6uaOQJuw
pVFIcuDzKNKeLH8I52f33OBJk24aefEVpTd0ChUmTDwOlj3BCr3j314K3JzIfnH2
Bm0jos/IK0C/GwdhXuqYC2JM8bCCWExSXbXqT8UC4hr7G60h+QGW/oyN806d1pcv
wiKMx+djyyKzTmS9LNclk1oKlInQuZH0ZiE2AX1pAW6pG0aWt4U7mUVmiFI/jDiA
UQ4wWWD5KFRxUKP4sdLpIybL7UW7lDcCOryW8EnaiI02ohhi1Q6Gk4qYLBxtQ2WS
uutj7X4/5i72riOFL7xE8DWB5Z+IDT36DJn0gGTfQE025c10AEpVX5XB6wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFN4TkZW5Sons1l+EQpHsQqIDI+3vMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvM2hPUmxibEtpZXpXWDRSQ2tleENvZ01qN2U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAX6whUq4b3LWGekZqAWoEewdj
ui077HJ5VDAZSrHhZ9kdMXzx2HzKtvwkGcAP2umi0xs7TqkgmhKRCx4Wdlr4W2ZJ
ZXVK5W6Em9VV2VGCdN/YnQBbFObkFBQYe7LMOKfJmvPLf/1M0FqYrGXc214tGUq0
HRE0QuM+XRM68Dc3g0SzwylzyiPKxf0JzYJ2MdJRDe7DRqHN3nAvDmfFssRzuuMY
FDMokrT7wVxh21LNFJx4qw2T0CU8VJOjIa5ix7KeNr5nwl7aJgQNrs5IZmdiCKiE
XLEbH19b9yu5RtlV2lPd6Zj4pz2WZ8V/XNeQTdacDkuAXZOqlegf2iej+xFOCw==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:14:37 2025 by rpki-client