Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/BzKbdUfRL2OIfm4ctipahHOgOe8.roa
File: BzKbdUfRL2OIfm4ctipahHOgOe8.roa (raw, json)
Hash identifier: D7I+/qobGRk5nqDmDqkRNiligkgbm8BekTgiL5jwZe8=
Subject key identifier: 07:32:9B:75:47:D1:2F:63:88:7E:6E:1C:B6:2A:5A:84:73:A0:39:EF
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 0197B118CF9205E904583BE972FF55EB206B
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/BzKbdUfRL2OIfm4ctipahHOgOe8.roa
Signing time: Fri 27 Jun 2025 11:14:42 +0000
ROA not before: Fri 27 Jun 2025 11:14:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 27 Jun 2025 12:04:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b1:18:cf:92:05:e9:04:58:3b:e9:72:ff:55:eb:20:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 27 11:14:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=07329b7547d12f63887e6e1cb62a5a8473a039ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:90:c9:13:17:0d:bd:78:c5:cd:0c:84:83:5e:
7e:b9:74:d5:92:fc:25:65:56:51:b7:71:ba:0c:e0:
45:f4:3b:00:21:4d:25:05:cb:a4:0f:0a:79:25:21:
28:ea:b2:f7:b0:c7:26:8a:ba:39:47:a5:ec:ab:fc:
f4:9f:ce:60:f4:14:68:2e:7a:0f:c6:db:cf:cc:5a:
c1:5b:4b:bc:f9:15:38:b4:b0:4b:ac:d0:09:3d:44:
38:79:94:a4:2a:f7:14:b5:d6:58:9c:b6:48:6d:4c:
66:44:3b:63:86:ce:a8:4e:2a:48:77:37:07:b0:ac:
17:a7:b7:47:92:0b:a7:b2:14:82:9a:dd:90:3e:a3:
46:2d:ee:0a:ea:6f:69:87:f1:57:92:1e:45:24:19:
28:48:35:c6:c6:ea:89:73:76:c7:6e:32:0c:66:b3:
31:9f:ce:2c:c2:a0:5e:04:d8:38:3b:65:5b:79:cd:
30:10:ad:5d:bb:71:32:2f:7e:9f:04:c1:59:82:fb:
b4:4c:12:29:97:5b:df:48:b8:5c:f2:c6:17:6c:1b:
56:93:45:b6:3a:8a:29:af:c4:81:33:4c:e9:c2:96:
bf:d6:d0:c6:c0:b7:a4:28:34:48:bc:b1:d3:79:9b:
b7:89:1a:83:06:7d:33:c5:66:db:73:d6:f4:39:d0:
fe:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:32:9B:75:47:D1:2F:63:88:7E:6E:1C:B6:2A:5A:84:73:A0:39:EF
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/BzKbdUfRL2OIfm4ctipahHOgOe8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
4b:31:37:a1:3a:d8:d6:1f:6d:66:48:8e:03:11:7a:66:4b:bf:
5b:df:13:ca:ef:16:f7:3b:c2:85:07:29:1e:4d:52:c2:67:d2:
99:20:dd:83:55:09:4b:96:f0:1b:c5:0e:0b:b6:a1:46:01:51:
ae:27:f8:b5:a5:8e:ca:e5:31:b6:8c:a2:3d:05:39:9f:f4:19:
1a:b4:42:0d:30:f1:90:2c:8d:06:c9:d7:ed:ff:6b:80:03:6a:
62:d3:35:f6:90:18:d5:f7:94:2c:20:57:1c:5b:40:2a:bd:76:
07:7a:93:b5:02:e1:25:3f:4a:ba:5f:3f:c3:f8:57:c7:25:a0:
0f:dd:b1:a0:d9:9a:4d:58:fb:71:a4:ad:3a:e3:20:e8:30:ea:
c7:4d:9a:13:6b:15:f5:d6:25:17:24:22:1f:e9:9a:0d:3b:6a:
02:3c:6a:71:53:47:9d:81:f2:f2:c6:37:9c:ef:56:ea:80:a0:
c4:64:9e:74:dd:1f:72:a1:db:50:50:c9:f6:de:2e:22:ef:5d:
09:c1:8e:09:98:87:40:46:96:05:f3:f2:45:fe:3c:53:59:08:
e0:45:e0:2d:48:e0:9c:c1:fc:7b:86:51:9d:b6:8b:57:b0:12:
6f:8d:a5:da:2c:d4:65:d3:41:07:8d:4a:36:22:60:53:5a:e8:
1a:b4:c8:bc
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZexGM+SBekEWDvpcv9V6yBrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjI3MTExNDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzMyOWI3NTQ3ZDEyZjYzODg3ZTZlMWNiNjJhNWE4NDczYTAzOWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvpDJExcNvXjFzQyEg15+uXTVkvwl
ZVZRt3G6DOBF9DsAIU0lBcukDwp5JSEo6rL3sMcmiro5R6Xsq/z0n85g9BRoLnoP
xtvPzFrBW0u8+RU4tLBLrNAJPUQ4eZSkKvcUtdZYnLZIbUxmRDtjhs6oTipIdzcH
sKwXp7dHkgunshSCmt2QPqNGLe4K6m9ph/FXkh5FJBkoSDXGxuqJc3bHbjIMZrMx
n84swqBeBNg4O2Vbec0wEK1du3EyL36fBMFZgvu0TBIpl1vfSLhc8sYXbBtWk0W2
Ooopr8SBM0zpwpa/1tDGwLekKDRIvLHTeZu3iRqDBn0zxWbbc9b0OdD+JwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFAcym3VH0S9jiH5uHLYqWoRzoDnvMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvQnpLYmRVZlJMMk9JZm00Y3RpcGFoSE9nT2U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEASzE3oTrY1h9tZkiOAxF6Zku/
W98Tyu8W9zvChQcpHk1SwmfSmSDdg1UJS5bwG8UOC7ahRgFRrif4taWOyuUxtoyi
PQU5n/QZGrRCDTDxkCyNBsnX7f9rgANqYtM19pAY1feULCBXHFtAKr12B3qTtQLh
JT9Kul8/w/hXxyWgD92xoNmaTVj7caStOuMg6DDqx02aE2sV9dYlFyQiH+maDTtq
AjxqcVNHnYHy8sY3nO9W6oCgxGSedN0fcqHbUFDJ9t4uIu9dCcGOCZiHQEaWBfPy
Rf48U1kI4EXgLUjgnMH8e4ZRnbaLV7ASb42l2izUZdNBB41KNiJgU1roGrTIvA==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:20:58 2025 by rpki-client