Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ALKsMraCnURiPAZz7FMtl5y_MGE.roa
File: ALKsMraCnURiPAZz7FMtl5y_MGE.roa (raw, json)
Hash identifier: gIj+mthIKR6yAHpD5oSG/uWt3Ej6cC9SHxHoPHeHT8I=
Subject key identifier: 00:B2:AC:32:B6:82:9D:44:62:3C:06:73:EC:53:2D:97:9C:BF:30:61
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 0197C924D0801A4FF40DEB07EF681795D54D
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ALKsMraCnURiPAZz7FMtl5y_MGE.roa
Signing time: Wed 02 Jul 2025 03:18:42 +0000
ROA not before: Wed 02 Jul 2025 03:18:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 02 Jul 2025 04:05:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c9:24:d0:80:1a:4f:f4:0d:eb:07:ef:68:17:95:d5:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jul 2 03:18:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=00b2ac32b6829d44623c0673ec532d979cbf3061
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:d5:3b:ac:c6:8d:1d:53:a1:fa:57:bd:e1:08:
0c:1b:a5:a6:8b:68:a1:13:55:ae:fc:18:c8:16:20:
eb:11:68:77:7d:ac:b0:20:fe:5b:ab:8b:3d:a3:26:
d2:43:6e:de:b5:cf:78:7b:e4:ab:47:fe:49:38:df:
0b:63:ef:15:14:69:27:de:0e:4f:b4:c8:76:df:98:
ff:8b:c6:06:e1:8f:56:63:8f:2c:68:37:07:de:e9:
58:ec:a1:9e:4f:a3:54:34:89:20:90:74:d9:a9:07:
b2:a4:c4:97:4e:2a:9d:a1:48:1e:6f:a8:88:50:06:
78:c3:f1:07:56:ec:7e:48:56:32:f2:56:01:44:6b:
fa:17:76:e5:c5:ab:ce:a1:e8:e4:92:3a:b0:88:7d:
29:70:4f:5c:15:40:b8:45:e6:dd:de:0b:14:33:2b:
ab:11:31:81:9d:92:07:0a:1c:44:45:0d:39:c3:61:
7f:d0:16:f1:d6:2d:6b:af:1a:34:c1:f2:e1:6c:d6:
38:f4:47:f7:ce:71:b3:04:0e:a3:c8:8f:7e:15:51:
b2:46:2d:7b:d6:03:21:ff:bc:90:09:a1:fe:4f:c2:
a2:81:35:94:9d:d2:c4:d9:18:12:62:d8:2f:db:35:
46:f8:68:2a:80:38:d8:b6:9e:ed:03:d3:94:78:a0:
82:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:B2:AC:32:B6:82:9D:44:62:3C:06:73:EC:53:2D:97:9C:BF:30:61
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ALKsMraCnURiPAZz7FMtl5y_MGE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
1c:a0:b2:51:37:0e:45:df:bb:0c:8c:05:59:d0:61:96:6e:fb:
ef:80:03:9b:bd:c0:a0:d0:bd:05:d9:17:2a:10:2d:1a:d8:4a:
41:db:a5:ee:43:a9:c7:1a:42:59:4a:87:0f:2d:ab:9a:3e:9a:
1b:82:5c:80:38:fc:7b:20:10:07:88:ec:c3:19:d8:d5:6c:e1:
ea:da:93:97:e7:da:06:9a:69:14:40:69:f4:0a:d4:37:6e:25:
40:69:33:03:50:32:36:a4:f2:0c:13:e3:cf:6c:ea:1f:ce:2a:
59:dc:bb:90:0c:b7:3e:3e:e8:97:a2:e2:06:29:52:a0:12:aa:
79:41:11:a5:e2:d4:49:cc:62:c5:fd:93:21:9c:88:7a:af:da:
45:55:b8:05:e1:a4:da:bd:95:25:29:e2:a4:c3:97:33:d3:4e:
4f:2f:f6:cd:b5:ff:ca:2d:9a:2c:4f:84:62:62:89:23:9d:78:
de:4d:79:12:f5:41:da:34:e6:94:85:2f:04:48:8e:e0:2f:21:
59:d9:a0:14:e0:67:28:bc:19:ac:c9:74:b3:78:fd:a4:47:03:
5f:9a:a7:27:83:16:f2:ef:6c:f4:e3:ca:d7:cd:2e:44:6d:f5:
c7:5f:77:33:6e:f5:7c:72:d4:a4:44:2f:56:f7:7c:82:5b:9b:
19:ba:11:97
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZfJJNCAGk/0DesH72gXldVNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNzAyMDMxODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGIyYWMzMmI2ODI5ZDQ0NjIzYzA2NzNlYzUzMmQ5NzljYmYzMDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxNU7rMaNHVOh+le94QgMG6Wmi2ih
E1Wu/BjIFiDrEWh3faywIP5bq4s9oybSQ27etc94e+SrR/5JON8LY+8VFGkn3g5P
tMh235j/i8YG4Y9WY48saDcH3ulY7KGeT6NUNIkgkHTZqQeypMSXTiqdoUgeb6iI
UAZ4w/EHVux+SFYy8lYBRGv6F3blxavOoejkkjqwiH0pcE9cFUC4Rebd3gsUMyur
ETGBnZIHChxERQ05w2F/0Bbx1i1rrxo0wfLhbNY49Ef3znGzBA6jyI9+FVGyRi17
1gMh/7yQCaH+T8KigTWUndLE2RgSYtgv2zVG+GgqgDjYtp7tA9OUeKCCIQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFACyrDK2gp1EYjwGc+xTLZecvzBhMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvQUxLc01yYUNuVVJpUEFaejdGTXRsNXlfTUdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAHKCyUTcORd+7DIwFWdBhlm77
74ADm73AoNC9BdkXKhAtGthKQdul7kOpxxpCWUqHDy2rmj6aG4JcgDj8eyAQB4js
wxnY1Wzh6tqTl+faBpppFEBp9ArUN24lQGkzA1AyNqTyDBPjz2zqH84qWdy7kAy3
Pj7ol6LiBilSoBKqeUERpeLUScxixf2TIZyIeq/aRVW4BeGk2r2VJSnipMOXM9NO
Ty/2zbX/yi2aLE+EYmKJI5143k15EvVB2jTmlIUvBEiO4C8hWdmgFOBnKLwZrMl0
s3j9pEcDX5qnJ4MW8u9s9OPK180uRG31x193M271fHLUpEQvVvd8glubGboRlw==
-----END CERTIFICATE-----
Generated at Sat Jul 5 16:07:23 2025 by rpki-client