Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/BtImu78Zfq3LCbBja7zTYCboO3k.roa
File: BtImu78Zfq3LCbBja7zTYCboO3k.roa (raw, json)
Hash identifier: jC374rms5nsjI9zbT/5kYVQHzkGmm5OBRKCVzsAfm8w=
Subject key identifier: 06:D2:26:BB:BF:19:7E:AD:CB:09:B0:63:6B:BC:D3:60:26:E8:3B:79
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 0197C45F81AAF0E9F082DA8B194594369526
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/BtImu78Zfq3LCbBja7zTYCboO3k.roa
Signing time: Tue 01 Jul 2025 05:04:42 +0000
ROA not before: Tue 01 Jul 2025 05:04:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
2001:67c:64:ffff:0:197:c45e:eaad/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 01 Jul 2025 05:15:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c4:5f:81:aa:f0:e9:f0:82:da:8b:19:45:94:36:95:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jul 1 05:04:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=06d226bbbf197eadcb09b0636bbcd36026e83b79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:2a:c6:24:85:7f:15:f7:09:b7:17:de:10:09:
1d:d9:33:6c:0b:34:f8:74:fb:d3:19:3b:ef:f1:18:
bd:e5:e3:2f:9d:ce:9c:69:8f:02:93:5e:af:4a:f2:
ae:8d:8a:96:92:df:dd:ad:e5:12:2e:d3:58:d9:d7:
38:5a:e2:36:32:0e:86:56:1f:12:4c:de:a6:b7:a9:
e2:87:5d:45:75:d3:a3:e7:85:30:e2:aa:99:19:3d:
a6:34:f9:a4:90:51:96:7f:12:60:c3:0d:30:9e:99:
af:b3:95:c3:a2:ee:7f:1d:0d:2f:4a:77:4d:85:6d:
75:56:42:fd:a6:b3:1b:56:9a:5a:a8:d7:b9:99:44:
d9:99:a1:8b:af:be:a5:94:5c:c0:be:e8:6a:b5:5b:
9a:50:27:07:b6:d1:cb:5d:aa:6f:fc:26:50:21:9c:
1d:55:3a:b1:9a:4f:f4:90:7e:05:67:ea:cd:9c:07:
9b:e3:e3:0b:4c:e9:76:f2:64:23:1c:ab:63:2b:2b:
ca:38:64:c9:52:af:24:a8:db:e5:94:4b:df:99:8a:
57:37:3e:6e:38:2c:7d:b7:ee:7c:a6:ab:36:2f:aa:
d7:5f:2c:15:93:49:b6:27:24:44:41:46:0e:5d:06:
5a:a4:56:cd:d5:1e:f0:f8:97:52:1d:f5:2d:f5:67:
dd:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:D2:26:BB:BF:19:7E:AD:CB:09:B0:63:6B:BC:D3:60:26:E8:3B:79
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/BtImu78Zfq3LCbBja7zTYCboO3k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
2001:67c:64:ffff:0:197:c45e:eaad/128
Signature Algorithm: sha256WithRSAEncryption
14:ac:a0:a2:b5:d8:25:94:41:d6:3f:23:a8:aa:6d:ce:57:4c:
24:2d:af:ad:4f:26:e0:db:6f:f1:d9:6f:d5:9e:fa:36:83:f6:
6c:0c:22:67:65:84:f7:52:5d:8b:5e:7e:99:34:3e:bc:34:7f:
2d:e2:da:2b:fc:6e:7b:a6:79:ad:8d:be:a5:9b:a7:da:de:31:
05:6b:9d:e0:2c:b9:63:07:86:b5:60:23:21:d8:64:c7:83:fb:
5e:cd:6a:f0:1e:8b:ca:4c:cd:ee:39:4d:85:53:8a:a6:ee:4c:
23:ee:23:e3:f0:ed:fc:83:ff:9a:67:ed:f9:e4:f4:f7:db:3a:
7b:07:c1:8e:f0:6e:23:f3:15:1d:e3:58:33:10:d7:3c:7f:fb:
3f:37:1e:07:e5:7a:2e:69:f4:4e:eb:db:e7:1b:fd:88:7b:23:
db:38:26:8c:64:9c:d6:5e:62:4d:a2:8a:f3:95:b3:9f:29:b0:
00:47:c8:9e:d5:d7:33:9b:dc:ef:97:f9:ad:ae:03:b6:2e:ba:
53:03:e4:35:15:1d:3c:70:3a:fa:13:83:cf:7a:65:f8:2e:57:
69:2a:09:7d:e1:d0:cf:eb:f5:61:3d:d4:08:8e:31:09:e3:dc:
1a:bb:5c:5e:5e:4b:b3:ba:25:fb:ea:bc:6e:8a:06:c9:af:41:
f0:30:4f:02
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZfEX4Gq8OnwgtqLGUWUNpUmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNzAxMDUwNDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmQyMjZiYmJmMTk3ZWFkY2IwOWIwNjM2YmJjZDM2MDI2ZTgzYjc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyrGJIV/FfcJtxfeEAkd2TNsCzT4
dPvTGTvv8Ri95eMvnc6caY8Ck16vSvKujYqWkt/dreUSLtNY2dc4WuI2Mg6GVh8S
TN6mt6nih11FddOj54Uw4qqZGT2mNPmkkFGWfxJgww0wnpmvs5XDou5/HQ0vSndN
hW11VkL9prMbVppaqNe5mUTZmaGLr76llFzAvuhqtVuaUCcHttHLXapv/CZQIZwd
VTqxmk/0kH4FZ+rNnAeb4+MLTOl28mQjHKtjKyvKOGTJUq8kqNvllEvfmYpXNz5u
OCx9t+58pqs2L6rXXywVk0m2JyREQUYOXQZapFbN1R7w+JdSHfUt9WfddwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFAbSJru/GX6tywmwY2u802Am6Dt5MB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvQnRJbXU3OFpmcTNMQ2JCamE3elRZQ2JvTzNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGXaFF4nAMRACABBnwAZP//AAABl8Re6q0wDQYJKoZIhvcNAQELBQADggEB
ABSsoKK12CWUQdY/I6iqbc5XTCQtr61PJuDbb/HZb9We+jaD9mwMImdlhPdSXYte
fpk0Prw0fy3i2iv8bnumea2NvqWbp9reMQVrneAsuWMHhrVgIyHYZMeD+17NavAe
i8pMze45TYVTiqbuTCPuI+Pw7fyD/5pn7fnk9PfbOnsHwY7wbiPzFR3jWDMQ1zx/
+z83Hgflei5p9E7r2+cb/Yh7I9s4JoxknNZeYk2iivOVs58psABHyJ7V1zOb3O+X
+a2uA7YuulMD5DUVHTxwOvoTg896ZfguV2kqCX3h0M/r9WE91AiOMQnj3Bq7XF5e
S7O6JfvqvG6KBsmvQfAwTwI=
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:20:59 2025 by rpki-client