Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/9ahcTe1W5D2ssWchoKk8LTj-MWg.roa
File: 9ahcTe1W5D2ssWchoKk8LTj-MWg.roa (raw, json)
Hash identifier: aFe+e69+4TtMGmQKvn/E8/5g18VlHSDxdyqXiMTORKA=
Subject key identifier: F5:A8:5C:4D:ED:56:E4:3D:AC:B1:67:21:A0:A9:3C:2D:38:FE:31:68
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 0197AE15EF3EF43AAF52BAECC594F8A1F528
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/9ahcTe1W5D2ssWchoKk8LTj-MWg.roa
Signing time: Thu 26 Jun 2025 21:12:42 +0000
ROA not before: Thu 26 Jun 2025 21:12:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 26 Jun 2025 22:04:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ae:15:ef:3e:f4:3a:af:52:ba:ec:c5:94:f8:a1:f5:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 26 21:12:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f5a85c4ded56e43dacb16721a0a93c2d38fe3168
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:88:09:73:12:27:95:d4:b7:f7:d5:4d:5b:e5:
e2:9c:74:1f:08:2d:4f:62:33:40:63:57:1a:32:bb:
d3:42:82:67:f2:aa:77:a0:50:11:b4:3b:38:5a:57:
83:15:06:a2:7b:ac:b9:2c:f6:e9:86:f6:fa:e7:de:
67:bc:62:75:b2:ed:f4:0d:26:89:3f:bd:66:aa:e8:
89:a1:46:d9:ae:d1:87:06:53:ea:ae:14:0c:cf:83:
ca:c2:31:22:b7:21:ae:ec:89:f1:54:80:ea:d2:4a:
d8:ae:bd:02:ec:35:29:51:5d:2e:b7:58:61:f6:8a:
96:7b:93:a7:e0:4d:25:ea:18:f6:49:93:13:b6:f6:
0e:86:97:7c:ff:f5:e3:24:e9:77:ee:f4:2b:bd:75:
1e:fb:eb:52:61:df:d8:fb:45:af:26:0b:5e:98:4b:
94:33:0c:bd:13:e2:9f:02:47:bd:69:90:15:81:a0:
08:c1:54:0d:ba:31:18:b3:bd:32:8c:1a:3d:89:a5:
17:0f:b7:63:5c:f2:22:b8:83:63:b7:dc:17:8e:c0:
3b:a6:2d:50:17:04:8a:f6:30:8a:84:b8:72:ec:94:
ff:49:df:e5:5e:ca:86:2c:ba:49:6a:60:ee:eb:94:
22:cb:dc:c0:bc:66:67:6b:e5:f4:d9:48:ad:43:ce:
df:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:A8:5C:4D:ED:56:E4:3D:AC:B1:67:21:A0:A9:3C:2D:38:FE:31:68
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/9ahcTe1W5D2ssWchoKk8LTj-MWg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
28:d5:33:70:5c:c5:e3:1c:12:57:19:53:6d:64:a0:0d:54:c2:
70:11:b2:48:53:5b:e1:13:ce:8a:44:3d:7f:bd:b2:d0:cb:dc:
b9:a6:d0:fa:bf:54:fa:b4:0e:e9:3b:0f:b3:f9:4d:b1:98:09:
0b:54:e1:6d:38:75:e4:19:d5:fa:f0:66:87:e8:25:ef:64:52:
f2:56:09:d0:23:3c:a2:83:b7:fc:69:73:21:ea:e2:37:a6:42:
47:8e:0b:e1:82:41:08:9d:c5:64:01:95:61:0f:d7:29:82:1c:
d2:25:5d:1c:73:6e:a1:02:95:ed:7f:ea:77:35:2e:91:a6:79:
f2:67:cb:32:f0:55:20:36:7b:95:d4:10:a0:b8:b8:f0:1c:7c:
d1:09:9e:b1:83:65:39:ef:db:36:d5:42:6e:5f:a9:64:ed:ce:
c3:cb:4b:13:cc:35:18:bf:c4:1e:41:4b:9d:d1:02:03:f9:5d:
45:b4:a6:08:3e:f4:ab:7c:85:bf:61:a6:35:e9:50:2e:f7:04:
c5:b9:91:4e:15:b8:8b:0f:2f:a8:ef:aa:9a:a8:c1:89:a1:37:
3e:61:05:6d:58:a0:cc:db:29:69:45:7d:c5:84:f1:64:70:5d:
b9:05:f7:fd:17:9e:0c:03:5b:34:e2:76:f9:de:74:df:07:59:
f6:86:98:17
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZeuFe8+9DqvUrrsxZT4ofUoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjI2MjExMjQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWE4NWM0ZGVkNTZlNDNkYWNiMTY3MjFhMGE5M2MyZDM4ZmUzMTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjIgJcxInldS399VNW+XinHQfCC1P
YjNAY1caMrvTQoJn8qp3oFARtDs4WleDFQaie6y5LPbphvb6595nvGJ1su30DSaJ
P71mquiJoUbZrtGHBlPqrhQMz4PKwjEityGu7InxVIDq0krYrr0C7DUpUV0ut1hh
9oqWe5On4E0l6hj2SZMTtvYOhpd8//XjJOl37vQrvXUe++tSYd/Y+0WvJgtemEuU
Mwy9E+KfAke9aZAVgaAIwVQNujEYs70yjBo9iaUXD7djXPIiuINjt9wXjsA7pi1Q
FwSK9jCKhLhy7JT/Sd/lXsqGLLpJamDu65Qiy9zAvGZna+X02UitQ87f+QIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPWoXE3tVuQ9rLFnIaCpPC04/jFoMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvOWFoY1RlMVc1RDJzc1djaG9LazhMVGotTVdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAKNUzcFzF4xwSVxlTbWSgDVTC
cBGySFNb4RPOikQ9f72y0MvcuabQ+r9U+rQO6TsPs/lNsZgJC1ThbTh15BnV+vBm
h+gl72RS8lYJ0CM8ooO3/GlzIeriN6ZCR44L4YJBCJ3FZAGVYQ/XKYIc0iVdHHNu
oQKV7X/qdzUukaZ58mfLMvBVIDZ7ldQQoLi48Bx80QmesYNlOe/bNtVCbl+pZO3O
w8tLE8w1GL/EHkFLndECA/ldRbSmCD70q3yFv2GmNelQLvcExbmRThW4iw8vqO+q
mqjBiaE3PmEFbVigzNspaUV9xYTxZHBduQX3/ReeDANbNOJ2+d503wdZ9oaYFw==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:33:10 2025 by rpki-client