Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/CRfhNQCxUDjbWbc-cJlEzv4CYo4.roa
File: CRfhNQCxUDjbWbc-cJlEzv4CYo4.roa (raw, json)
Hash identifier: 784uKKmxpyPqUOjy+nvZcROICPK/SI6ClErCKEQCUqA=
Subject key identifier: 09:17:E1:35:00:B1:50:38:DB:59:B7:3E:70:99:44:CE:FE:02:62:8E
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 01977CF32092A1902B56D98CDE2F7CB65061
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/CRfhNQCxUDjbWbc-cJlEzv4CYo4.roa
Signing time: Tue 17 Jun 2025 08:13:17 +0000
ROA not before: Tue 17 Jun 2025 08:13:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 17 Jun 2025 09:04:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:7c:f3:20:92:a1:90:2b:56:d9:8c:de:2f:7c:b6:50:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 17 08:13:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0917e13500b15038db59b73e709944cefe02628e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:43:7d:3a:91:03:30:5b:5f:35:64:4d:e5:57:
6c:6e:18:1c:d9:4c:e7:df:13:3e:c3:d1:f0:48:75:
d0:d2:94:e5:66:c4:b6:e2:05:09:c0:83:ae:d4:63:
6b:b7:61:00:4b:97:da:75:46:b3:fe:e2:c2:35:59:
73:93:e5:dc:ce:36:a8:7b:58:91:f0:b1:02:06:10:
db:de:cc:9a:15:ca:f5:f9:e2:17:09:f5:78:12:ea:
6e:77:65:9c:f3:68:05:9b:5d:d1:72:af:f0:7b:5e:
15:d6:2f:da:c0:27:9d:9f:ff:37:5f:ce:5a:17:46:
64:a0:a8:79:25:06:e7:69:76:e9:ba:2e:e5:a5:ad:
55:00:44:4a:c5:9d:63:e7:0c:e6:5f:b3:4d:30:1a:
c3:a0:ac:87:0f:0f:e1:34:74:5e:97:2a:5d:1a:91:
3b:93:7b:cc:ee:98:75:dc:43:cb:69:dd:1b:1a:ce:
9e:5d:01:be:d9:39:fe:40:30:c3:df:4d:bf:b5:f6:
1e:2e:f9:fb:7d:b9:5a:0a:87:c1:33:50:49:c4:d0:
1b:38:17:8a:e5:4f:fb:bf:0b:aa:26:f0:bf:36:04:
6c:af:ae:9e:f8:c5:93:47:2c:d1:62:bb:83:1b:f0:
be:ae:fa:cc:b8:fd:39:a4:37:c3:57:90:a4:82:90:
aa:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:17:E1:35:00:B1:50:38:DB:59:B7:3E:70:99:44:CE:FE:02:62:8E
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/CRfhNQCxUDjbWbc-cJlEzv4CYo4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
20:f6:d2:dd:b9:bf:8d:43:3d:3b:1f:a2:03:4a:31:f5:15:b2:
6f:30:31:dd:4c:e7:f8:f9:cb:eb:ba:29:73:9d:98:5c:a8:6d:
4f:a5:42:25:a2:65:76:95:56:f3:16:05:be:5f:b7:b3:9c:34:
4e:f3:a6:4d:f0:b3:00:01:5c:1b:bd:07:22:51:58:59:b5:02:
e4:64:05:92:67:86:dd:cd:43:00:e0:d3:54:89:c1:d3:9e:7e:
a0:bc:ba:c1:e9:7e:a7:1c:25:55:9f:06:ac:8b:f6:39:bc:8d:
2b:30:53:bd:ef:63:ef:e4:c4:80:1a:f0:6f:6a:cb:76:2a:66:
21:26:c2:a0:22:70:dd:83:de:9b:fe:82:f2:ca:e2:32:87:66:
95:c4:25:36:72:8a:fe:3f:c8:9d:5c:05:d5:b6:0b:8b:5a:8d:
0e:c0:80:23:e6:ab:e6:c3:c2:50:48:69:92:7a:aa:64:81:28:
3e:5e:4e:34:41:bc:6c:e8:ed:0f:91:81:d6:ad:64:68:87:41:
7c:c9:9d:ba:96:a5:f6:f9:86:de:ca:f6:5d:de:52:0f:31:47:
35:bb:d8:30:fb:60:7a:c8:00:ba:9e:2c:99:d7:f6:71:95:aa:
83:d4:47:4c:2f:49:be:3f:de:cb:97:26:24:44:0b:85:cf:fa:
56:a3:3f:19
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZd88yCSoZArVtmM3i98tlBhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjE3MDgxMzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTE3ZTEzNTAwYjE1MDM4ZGI1OWI3M2U3MDk5NDRjZWZlMDI2MjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA50N9OpEDMFtfNWRN5Vdsbhgc2Uzn
3xM+w9HwSHXQ0pTlZsS24gUJwIOu1GNrt2EAS5fadUaz/uLCNVlzk+Xczjaoe1iR
8LECBhDb3syaFcr1+eIXCfV4Eupud2Wc82gFm13Rcq/we14V1i/awCedn/83X85a
F0ZkoKh5JQbnaXbpui7lpa1VAERKxZ1j5wzmX7NNMBrDoKyHDw/hNHRelypdGpE7
k3vM7ph13EPLad0bGs6eXQG+2Tn+QDDD302/tfYeLvn7fblaCofBM1BJxNAbOBeK
5U/7vwuqJvC/NgRsr66e+MWTRyzRYruDG/C+rvrMuP05pDfDV5CkgpCq4wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFAkX4TUAsVA421m3PnCZRM7+AmKOMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvQ1JmaE5RQ3hVRGpiV2JjLWNKbEV6djRDWW80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAIPbS3bm/jUM9Ox+iA0ox9RWy
bzAx3Uzn+PnL67opc52YXKhtT6VCJaJldpVW8xYFvl+3s5w0TvOmTfCzAAFcG70H
IlFYWbUC5GQFkmeG3c1DAODTVInB055+oLy6wel+pxwlVZ8GrIv2ObyNKzBTve9j
7+TEgBrwb2rLdipmISbCoCJw3YPem/6C8sriModmlcQlNnKK/j/InVwF1bYLi1qN
DsCAI+ar5sPCUEhpknqqZIEoPl5ONEG8bOjtD5GB1q1kaIdBfMmdupal9vmG3sr2
Xd5SDzFHNbvYMPtgesgAup4smdf2cZWqg9RHTC9Jvj/ey5cmJEQLhc/6VqM/GQ==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:13:09 2025 by rpki-client