Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/5dyGf6eot3TgdigfSdKdWBq_FxQ.roa
File: 5dyGf6eot3TgdigfSdKdWBq_FxQ.roa (raw, json)
Hash identifier: qd6PymDK5Bya+9r4rAODv5FvhRzuXukkgCu5O2YAuJ0=
Subject key identifier: E5:DC:86:7F:A7:A8:B7:74:E0:76:28:1F:49:D2:9D:58:1A:BF:17:14
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 01979C47D730AF16B1B809F10CFFD7596AFC
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/5dyGf6eot3TgdigfSdKdWBq_FxQ.roa
Signing time: Mon 23 Jun 2025 10:14:03 +0000
ROA not before: Mon 23 Jun 2025 10:14:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 23 Jun 2025 11:04:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:9c:47:d7:30:af:16:b1:b8:09:f1:0c:ff:d7:59:6a:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 23 10:14:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e5dc867fa7a8b774e076281f49d29d581abf1714
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:fd:d9:02:bf:d7:0e:e5:1e:e4:9e:01:4c:e3:
b4:37:a3:92:09:d5:e7:66:a9:86:00:d5:49:50:70:
fc:46:28:53:04:30:05:5c:43:4b:b2:e3:e5:31:8a:
b0:9c:75:3f:8c:10:55:73:af:eb:7b:2a:99:e3:6d:
7b:bf:4d:2f:34:48:24:c2:b2:c3:e0:ba:21:2d:5e:
9a:2b:32:82:bb:d9:2c:ce:3c:3c:a2:15:46:34:e3:
1a:f0:ed:e5:be:71:e0:eb:f8:fc:ee:c0:86:80:b0:
01:9c:41:4e:23:fb:b3:e4:f0:f3:11:5c:cc:34:8a:
06:80:08:07:4b:fe:a7:4e:e1:93:31:b6:63:1c:b5:
e5:4f:8b:e4:c0:ba:ce:39:2f:91:c7:6d:94:63:8a:
f0:6f:bc:4c:ec:ba:59:bc:d2:52:cd:6c:d1:80:04:
18:bd:86:e5:f1:51:25:41:a5:6b:73:71:1a:8e:23:
93:89:7c:34:4f:21:a3:bd:56:9e:12:e5:05:84:9e:
70:85:2f:67:cf:33:70:44:2e:be:59:72:9a:9a:3a:
9c:a1:67:bd:69:06:77:01:a8:c2:39:c9:a1:ae:ec:
6d:7c:fb:8a:bf:b6:24:84:28:b3:01:ee:e8:b1:c9:
19:b6:cc:bd:42:be:3c:de:fb:29:b8:4b:c4:f5:d8:
6d:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:DC:86:7F:A7:A8:B7:74:E0:76:28:1F:49:D2:9D:58:1A:BF:17:14
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/5dyGf6eot3TgdigfSdKdWBq_FxQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
1b:8f:a7:c9:ae:1f:60:6b:e3:3a:e9:a0:78:7a:20:a4:9e:a6:
f4:be:ac:33:d0:c2:55:72:de:d2:87:9d:b9:f5:fb:e9:30:71:
27:4d:70:34:6b:63:e8:78:ac:76:7e:b8:a0:17:d1:1f:96:7c:
b9:34:67:e4:a3:dc:c4:98:d1:49:58:d3:44:41:de:a7:0a:37:
ea:70:53:a8:19:22:db:c3:23:c8:49:27:c3:ca:a6:67:fe:06:
60:2a:b5:ac:fe:51:65:fb:cd:a5:19:eb:54:fb:88:90:1d:f6:
53:d1:e9:9b:96:63:91:47:eb:94:4f:1e:11:bc:8b:f9:ed:82:
e3:58:07:cb:cf:66:3b:0d:fc:89:8e:ba:43:52:4a:de:45:9b:
c7:e1:88:2f:25:89:b5:97:8b:b8:0d:60:66:51:e2:ef:d5:49:
db:ad:81:2f:c1:9a:76:47:34:bf:1e:e0:b4:32:65:47:98:19:
9d:e1:c5:47:4e:fb:e6:b9:3d:25:b3:0a:35:1d:1f:99:16:e2:
0a:72:d6:32:0e:d4:ff:3f:ac:b8:fa:85:72:b9:61:44:9a:ff:
f1:e2:ad:32:cd:0d:c8:45:f9:f0:8f:32:22:79:8c:52:be:4c:
27:30:d8:a9:33:a6:15:0d:8d:be:e9:c0:99:e9:44:26:26:fc:
86:21:7c:76
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZecR9cwrxaxuAnxDP/XWWr8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjIzMTAxNDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWRjODY3ZmE3YThiNzc0ZTA3NjI4MWY0OWQyOWQ1ODFhYmYxNzE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk/3ZAr/XDuUe5J4BTOO0N6OSCdXn
ZqmGANVJUHD8RihTBDAFXENLsuPlMYqwnHU/jBBVc6/reyqZ4217v00vNEgkwrLD
4LohLV6aKzKCu9kszjw8ohVGNOMa8O3lvnHg6/j87sCGgLABnEFOI/uz5PDzEVzM
NIoGgAgHS/6nTuGTMbZjHLXlT4vkwLrOOS+Rx22UY4rwb7xM7LpZvNJSzWzRgAQY
vYbl8VElQaVrc3EajiOTiXw0TyGjvVaeEuUFhJ5whS9nzzNwRC6+WXKamjqcoWe9
aQZ3AajCOcmhruxtfPuKv7YkhCizAe7osckZtsy9Qr483vspuEvE9dht4QIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFOXchn+nqLd04HYoH0nSnVgavxcUMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvNWR5R2Y2ZW90M1RnZGlnZlNkS2RXQnFfRnhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAG4+nya4fYGvjOumgeHogpJ6m
9L6sM9DCVXLe0oedufX76TBxJ01wNGtj6Hisdn64oBfRH5Z8uTRn5KPcxJjRSVjT
REHepwo36nBTqBki28MjyEknw8qmZ/4GYCq1rP5RZfvNpRnrVPuIkB32U9Hpm5Zj
kUfrlE8eEbyL+e2C41gHy89mOw38iY66Q1JK3kWbx+GILyWJtZeLuA1gZlHi79VJ
262BL8Gadkc0vx7gtDJlR5gZneHFR0775rk9JbMKNR0fmRbiCnLWMg7U/z+suPqF
crlhRJr/8eKtMs0NyEX58I8yInmMUr5MJzDYqTOmFQ2NvunAmelEJib8hiF8dg==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:50:15 2025 by rpki-client