Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/BplSssdk6BZppO6CqHtX8tBtdLA.roa
File: BplSssdk6BZppO6CqHtX8tBtdLA.roa (raw, json)
Hash identifier: NFNYWPNszdm4/JRHfBsAEb+AxXuyJOdfbybKdkMkvtE=
Subject key identifier: 06:99:52:B2:C7:64:E8:16:69:A4:EE:82:A8:7B:57:F2:D0:6D:74:B0
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 01977BA14DAB9DC045E9D3B8D33B70228FAB
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/BplSssdk6BZppO6CqHtX8tBtdLA.roa
Signing time: Tue 17 Jun 2025 02:04:18 +0000
ROA not before: Tue 17 Jun 2025 02:04:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
2001:67c:64:ffff:0:197:7ba1:3264/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 17 Jun 2025 02:14:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:7b:a1:4d:ab:9d:c0:45:e9:d3:b8:d3:3b:70:22:8f:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 17 02:04:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=069952b2c764e81669a4ee82a87b57f2d06d74b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:e3:05:b4:95:1b:3c:f0:13:92:b2:e6:e9:d8:
45:b9:9a:97:2c:17:b3:6e:fa:a9:6b:df:67:2d:a4:
0f:9b:92:e9:46:81:f9:85:2a:77:b4:d7:90:d9:06:
ec:05:79:9d:4c:f3:03:82:19:25:dc:75:be:b4:a9:
8b:32:69:66:9b:ce:e9:c8:e9:7a:23:cf:5b:19:0c:
cc:16:4c:60:1a:83:fe:46:55:6e:d7:be:29:36:11:
35:70:81:c2:e0:5c:37:2b:9c:29:94:20:f7:ec:9a:
80:ed:e2:8d:c9:0c:ff:20:58:51:62:40:df:a4:9d:
d2:57:93:a9:aa:ef:d9:30:16:ed:31:19:8c:d3:cd:
89:2d:94:4f:2c:c1:33:93:11:51:cf:d0:d9:31:7f:
78:0f:a5:02:cf:0f:35:24:48:67:27:a1:37:db:e7:
d2:7c:7a:c4:62:ce:30:a3:d2:66:0d:c9:53:59:80:
2f:2f:7e:1d:bc:73:ea:66:99:8e:d7:57:4d:63:ec:
16:33:85:26:e1:dc:0f:d5:86:7a:9c:5f:2d:53:46:
7e:35:86:2e:4b:f9:7a:57:ac:18:a0:77:8a:ad:53:
7e:0a:d9:f7:31:8c:a0:ce:88:0a:85:98:ae:31:5b:
c9:01:bb:3a:74:6f:b8:92:ee:38:ed:16:80:7a:96:
63:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:99:52:B2:C7:64:E8:16:69:A4:EE:82:A8:7B:57:F2:D0:6D:74:B0
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/BplSssdk6BZppO6CqHtX8tBtdLA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
2001:67c:64:ffff:0:197:7ba1:3264/128
Signature Algorithm: sha256WithRSAEncryption
25:ea:0f:6c:91:9b:de:ed:61:3f:83:7c:f4:1e:b9:a0:3e:55:
83:d8:34:ed:25:46:cf:a4:c7:a5:09:ba:51:6b:09:3b:b0:0c:
34:00:b6:9c:3c:8e:e3:32:c3:37:ba:6d:7b:87:cf:46:f9:e0:
ea:5e:c3:6d:57:06:10:85:09:d6:72:ca:80:d6:64:61:41:bc:
de:95:91:82:b4:47:c8:30:f8:f3:38:3b:ef:d9:93:30:b8:be:
39:b7:3a:35:79:a5:0f:dd:78:a9:9d:a4:14:30:0f:54:64:3e:
d4:30:38:7a:f3:ac:08:4b:92:61:a1:fb:ad:b7:15:26:c6:b9:
45:0f:2a:97:bf:d6:df:1e:ad:d7:79:f3:cc:99:e0:ab:b0:41:
44:1d:c4:20:25:7c:b0:56:5c:d4:3b:aa:6a:aa:02:2a:5c:c3:
ce:ed:99:68:c6:14:0c:1c:35:17:c5:7d:2c:ca:14:96:73:b2:
3f:2b:b9:33:ee:6e:02:71:09:29:bf:e5:0e:72:1e:09:b2:74:
7b:45:57:9f:57:46:95:0f:71:32:d8:d3:b3:06:71:33:41:dc:
78:5b:00:4b:e4:3e:98:cb:b5:3f:f6:97:72:ff:26:c0:c4:24:
6e:13:d5:a9:9f:d5:36:86:0b:cd:91:de:e0:95:67:69:94:9b:
2e:db:3d:e5
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZd7oU2rncBF6dO40ztwIo+rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjE3MDIwNDE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjk5NTJiMmM3NjRlODE2NjlhNGVlODJhODdiNTdmMmQwNmQ3NGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuuMFtJUbPPATkrLm6dhFuZqXLBez
bvqpa99nLaQPm5LpRoH5hSp3tNeQ2QbsBXmdTPMDghkl3HW+tKmLMmlmm87pyOl6
I89bGQzMFkxgGoP+RlVu174pNhE1cIHC4Fw3K5wplCD37JqA7eKNyQz/IFhRYkDf
pJ3SV5Opqu/ZMBbtMRmM082JLZRPLMEzkxFRz9DZMX94D6UCzw81JEhnJ6E32+fS
fHrEYs4wo9JmDclTWYAvL34dvHPqZpmO11dNY+wWM4Um4dwP1YZ6nF8tU0Z+NYYu
S/l6V6wYoHeKrVN+Ctn3MYygzogKhZiuMVvJAbs6dG+4ku447RaAepZjxQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFAaZUrLHZOgWaaTugqh7V/LQbXSwMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvQnBsU3NzZGs2QlpwcE82Q3FIdFg4dEJ0ZExBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGXaFF4nAMRACABBnwAZP//AAABl3uhMmQwDQYJKoZIhvcNAQELBQADggEB
ACXqD2yRm97tYT+DfPQeuaA+VYPYNO0lRs+kx6UJulFrCTuwDDQAtpw8juMywze6
bXuHz0b54Opew21XBhCFCdZyyoDWZGFBvN6VkYK0R8gw+PM4O+/ZkzC4vjm3OjV5
pQ/deKmdpBQwD1RkPtQwOHrzrAhLkmGh+623FSbGuUUPKpe/1t8erdd588yZ4Kuw
QUQdxCAlfLBWXNQ7qmqqAipcw87tmWjGFAwcNRfFfSzKFJZzsj8ruTPubgJxCSm/
5Q5yHgmydHtFV59XRpUPcTLY07MGcTNB3HhbAEvkPpjLtT/2l3L/JsDEJG4T1amf
1TaGC82R3uCVZ2mUmy7bPeU=
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:17:05 2025 by rpki-client