Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/7B2zsQYEnyemem4lJLflltjp6eo.roa
File: 7B2zsQYEnyemem4lJLflltjp6eo.roa (raw, json)
Hash identifier: lQmYURKeUgdmyngmq7yggsFt5xD+QOsvx9Ho1JWAeMk=
Subject key identifier: EC:1D:B3:B1:06:04:9F:27:A6:7A:6E:25:24:B7:E5:96:D8:E9:E9:EA
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 0197C731DA3B1D1D7754FEBF78FE9656A60D
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/7B2zsQYEnyemem4lJLflltjp6eo.roa
Signing time: Tue 01 Jul 2025 18:13:42 +0000
ROA not before: Tue 01 Jul 2025 18:13:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 01 Jul 2025 19:04:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c7:31:da:3b:1d:1d:77:54:fe:bf:78:fe:96:56:a6:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jul 1 18:13:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ec1db3b106049f27a67a6e2524b7e596d8e9e9ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:33:9a:33:32:b9:e4:6b:19:26:c9:9e:d0:69:
32:5b:eb:e5:c3:51:06:d7:11:4a:d0:79:41:76:4a:
ed:72:34:0a:d7:9c:b4:32:97:4d:7d:c2:60:10:51:
06:c6:32:7d:5d:fd:8f:10:c0:16:61:20:6d:69:3c:
df:d4:77:98:47:7c:71:81:c6:88:db:1e:85:10:fd:
29:52:02:a1:17:51:74:56:81:11:0f:be:57:45:b2:
a1:16:37:bd:e1:66:f9:49:8b:65:cf:59:af:62:39:
86:b4:70:8b:70:c1:97:36:20:b7:94:da:0e:1d:d8:
b1:63:63:d0:64:68:26:7c:07:36:bc:77:11:be:57:
55:c0:4a:04:11:5c:30:7a:3f:8d:cd:cc:d3:d0:1d:
16:cb:42:8a:92:aa:af:b5:44:17:9a:bc:29:30:13:
24:74:54:10:23:20:4f:c5:fa:a9:b1:ff:f8:50:22:
09:81:15:6e:1f:72:43:64:51:29:4c:7d:ee:d3:a7:
8f:18:6d:e0:1e:17:a5:7c:af:6a:c5:7c:e1:c7:0b:
dd:1b:aa:5b:c0:8e:ca:7e:1b:51:bd:33:af:c5:96:
b2:ce:c3:b0:93:71:4f:8b:2c:b1:b0:a0:39:5f:ec:
57:d8:a6:b5:8b:c7:1f:3a:ad:d4:b4:c1:f0:ab:c5:
a1:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:1D:B3:B1:06:04:9F:27:A6:7A:6E:25:24:B7:E5:96:D8:E9:E9:EA
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/7B2zsQYEnyemem4lJLflltjp6eo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
51:87:a6:f3:86:33:bb:55:fd:e8:83:0d:e6:6a:65:f2:dd:d6:
5d:62:f0:1b:25:50:54:5b:c3:ce:46:4a:4d:26:c6:23:50:1f:
35:cd:ee:a9:ca:a0:23:24:c8:c2:91:28:b8:5b:eb:1e:57:96:
f2:24:57:f1:b6:e4:c0:63:15:e8:ab:d7:d1:d8:c7:e2:76:5d:
4e:da:03:49:04:0b:e9:e9:20:81:77:0a:0d:09:26:cf:71:ff:
d8:06:a5:56:0c:8d:ef:76:0d:d7:65:34:bb:18:d8:2b:ba:15:
62:bf:83:c0:e9:16:c6:3c:74:f3:c8:9d:6d:96:b3:85:9f:00:
7c:47:39:68:15:3f:d9:74:d2:43:1f:22:fe:d9:1b:5d:6c:77:
80:6d:39:c9:b9:87:ce:64:ea:ef:fb:47:3e:5d:00:7b:33:94:
bf:e2:66:85:d4:1d:2b:d4:93:e0:c4:39:84:dc:ec:cc:32:05:
8e:ce:0b:a7:06:db:fa:41:36:84:d1:2f:cb:b1:dd:11:32:ce:
3e:35:55:b2:cd:1b:1b:78:c2:f5:fd:7b:f7:a3:7f:a0:55:fa:
f7:ae:13:fd:7c:96:88:4a:b5:29:af:0d:1b:82:01:41:9e:f0:
5f:0a:fa:e4:ff:79:16:35:e8:85:b9:6b:bd:98:15:60:d6:fa:
40:e2:93:1b
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZfHMdo7HR13VP6/eP6WVqYNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNzAxMTgxMzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzFkYjNiMTA2MDQ5ZjI3YTY3YTZlMjUyNGI3ZTU5NmQ4ZTllOWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApzOaMzK55GsZJsme0GkyW+vlw1EG
1xFK0HlBdkrtcjQK15y0MpdNfcJgEFEGxjJ9Xf2PEMAWYSBtaTzf1HeYR3xxgcaI
2x6FEP0pUgKhF1F0VoERD75XRbKhFje94Wb5SYtlz1mvYjmGtHCLcMGXNiC3lNoO
HdixY2PQZGgmfAc2vHcRvldVwEoEEVwwej+NzczT0B0Wy0KKkqqvtUQXmrwpMBMk
dFQQIyBPxfqpsf/4UCIJgRVuH3JDZFEpTH3u06ePGG3gHhelfK9qxXzhxwvdG6pb
wI7KfhtRvTOvxZayzsOwk3FPiyyxsKA5X+xX2Ka1i8cfOq3UtMHwq8WhRwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFOwds7EGBJ8npnpuJSS35ZbY6enqMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvN0IyenNRWUVueWVtZW00bEpMZmxsdGpwNmVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAUYem84Yzu1X96IMN5mpl8t3W
XWLwGyVQVFvDzkZKTSbGI1AfNc3uqcqgIyTIwpEouFvrHleW8iRX8bbkwGMV6KvX
0djH4nZdTtoDSQQL6ekggXcKDQkmz3H/2AalVgyN73YN12U0uxjYK7oVYr+DwOkW
xjx088idbZazhZ8AfEc5aBU/2XTSQx8i/tkbXWx3gG05ybmHzmTq7/tHPl0AezOU
v+JmhdQdK9ST4MQ5hNzszDIFjs4Lpwbb+kE2hNEvy7HdETLOPjVVss0bG3jC9f17
96N/oFX6964T/XyWiEq1Ka8NG4IBQZ7wXwr65P95FjXohblrvZgVYNb6QOKTGw==
-----END CERTIFICATE-----
Generated at Sat Jul 5 16:05:24 2025 by rpki-client