Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/AyJtbu6hLhrfjdLr3DuqYQyTK90.roa
File: AyJtbu6hLhrfjdLr3DuqYQyTK90.roa (raw, json)
Hash identifier: uOUFp2yPFCu4QYmkveM0nU9TCpaNA4ewLdKWbVp3BQo=
Subject key identifier: 03:22:6D:6E:EE:A1:2E:1A:DF:8D:D2:EB:DC:3B:AA:61:0C:93:2B:DD
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 0197C383C66215BCAD2C93A769CA1346A89F
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/AyJtbu6hLhrfjdLr3DuqYQyTK90.roa
Signing time: Tue 01 Jul 2025 01:04:42 +0000
ROA not before: Tue 01 Jul 2025 01:04:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
2001:67c:64:ffff:0:197:c383:a7b6/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 01 Jul 2025 01:13:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c3:83:c6:62:15:bc:ad:2c:93:a7:69:ca:13:46:a8:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jul 1 01:04:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=03226d6eeea12e1adf8dd2ebdc3baa610c932bdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:04:a0:7c:dd:f4:24:f0:2b:92:8c:32:ec:b1:
5f:f5:de:76:d9:3e:df:83:82:59:4f:b1:bd:11:33:
6d:2c:56:ae:9d:43:84:31:f1:e0:91:cd:76:3e:a4:
73:f4:89:a7:d2:90:c9:15:57:34:c7:13:99:35:8c:
f5:ac:8a:78:04:e1:ea:ca:10:c0:33:62:85:0b:72:
37:cb:71:24:e1:d4:7b:24:d0:76:58:b4:b8:4f:67:
21:71:43:b5:52:f2:e8:c5:22:cb:6e:39:b8:4c:0e:
83:aa:64:1d:4a:e9:c8:ec:c0:79:54:95:16:72:7e:
89:b7:c7:0b:73:9a:a7:1b:c6:68:04:e9:2c:b5:27:
62:c9:bf:4f:aa:9a:2e:35:19:ba:49:77:c2:3e:fe:
ec:f1:b4:47:32:a1:1e:29:d5:71:16:87:a2:e8:2d:
b2:2d:5d:c9:50:cd:65:84:0a:4d:60:f6:dd:48:19:
36:05:5c:85:b2:c1:dc:0e:54:d6:ad:45:8d:92:15:
5b:c2:cc:ef:00:e7:fc:69:f8:42:4e:d5:dd:9e:fb:
c7:67:a2:64:e4:69:de:52:6f:6f:dd:16:ab:fb:79:
4e:5d:05:5d:b9:f0:5c:18:7f:5f:65:f1:4f:f5:24:
b7:12:95:30:ce:8b:d3:2b:06:c0:b6:3e:7b:b0:19:
f2:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:22:6D:6E:EE:A1:2E:1A:DF:8D:D2:EB:DC:3B:AA:61:0C:93:2B:DD
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/AyJtbu6hLhrfjdLr3DuqYQyTK90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
2001:67c:64:ffff:0:197:c383:a7b6/128
Signature Algorithm: sha256WithRSAEncryption
8b:23:d9:19:c3:75:d2:49:33:60:a0:de:c0:4c:78:f2:fb:40:
27:86:9e:0a:00:3f:41:3f:3b:94:e3:5b:fe:ff:db:79:4d:4d:
5a:b0:ab:d5:97:61:94:8b:03:c4:79:cd:b0:4e:70:a3:62:f3:
28:a4:f6:54:50:36:f6:d6:7d:e6:f6:e3:2a:6b:c6:bb:69:7c:
c9:49:a5:e4:ef:f1:5a:3d:ea:f7:61:97:7b:19:9e:e5:e8:96:
76:5f:e4:57:34:43:65:28:a5:5e:8d:92:76:b4:a8:35:c2:08:
3c:0d:87:16:bb:c6:b4:84:be:7e:5e:ae:fd:b1:84:0d:22:15:
9f:ce:e2:39:a2:fe:7a:63:8d:c8:54:06:42:7a:28:9f:2b:eb:
d4:2e:7c:6f:bf:96:72:b7:50:a9:d3:48:ea:ab:6f:2a:a0:c0:
53:6d:a0:bd:e1:8e:1e:e9:38:8f:30:f6:03:6c:a3:38:bb:60:
27:98:36:3e:68:68:dd:d9:08:48:a7:5d:37:f0:d9:a8:c7:ab:
76:6b:d3:11:9a:9a:1d:dd:42:4f:16:22:d0:7f:aa:f6:cd:8e:
24:e0:bf:91:ed:50:47:f9:00:29:bc:04:36:9c:a3:33:e8:bf:
b5:f8:84:ce:67:fc:ea:63:66:3b:0a:bc:18:38:f1:e7:81:59:
03:41:1a:ed
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZfDg8ZiFbytLJOnacoTRqifMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNzAxMDEwNDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzIyNmQ2ZWVlYTEyZTFhZGY4ZGQyZWJkYzNiYWE2MTBjOTMyYmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApASgfN30JPArkowy7LFf9d522T7f
g4JZT7G9ETNtLFaunUOEMfHgkc12PqRz9Imn0pDJFVc0xxOZNYz1rIp4BOHqyhDA
M2KFC3I3y3Ek4dR7JNB2WLS4T2chcUO1UvLoxSLLbjm4TA6DqmQdSunI7MB5VJUW
cn6Jt8cLc5qnG8ZoBOkstSdiyb9PqpouNRm6SXfCPv7s8bRHMqEeKdVxFoei6C2y
LV3JUM1lhApNYPbdSBk2BVyFssHcDlTWrUWNkhVbwszvAOf8afhCTtXdnvvHZ6Jk
5GneUm9v3Rar+3lOXQVdufBcGH9fZfFP9SS3EpUwzovTKwbAtj57sBnyrQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFAMibW7uoS4a343S69w7qmEMkyvdMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvQXlKdGJ1NmhMaHJmamRMcjNEdXFZUXlUSzkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGXaFF4nAMRACABBnwAZP//AAABl8ODp7YwDQYJKoZIhvcNAQELBQADggEB
AIsj2RnDddJJM2Cg3sBMePL7QCeGngoAP0E/O5TjW/7/23lNTVqwq9WXYZSLA8R5
zbBOcKNi8yik9lRQNvbWfeb24yprxrtpfMlJpeTv8Vo96vdhl3sZnuXolnZf5Fc0
Q2UopV6Nkna0qDXCCDwNhxa7xrSEvn5erv2xhA0iFZ/O4jmi/npjjchUBkJ6KJ8r
69QufG+/lnK3UKnTSOqrbyqgwFNtoL3hjh7pOI8w9gNsozi7YCeYNj5oaN3ZCEin
XTfw2ajHq3Zr0xGamh3dQk8WItB/qvbNjiTgv5HtUEf5ACm8BDacozPov7X4hM5n
/OpjZjsKvBg48eeBWQNBGu0=
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:50:53 2025 by rpki-client