Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/DZDScVseJJtqUlmRQymugLz2eyA.roa
File: DZDScVseJJtqUlmRQymugLz2eyA.roa (raw, json)
Hash identifier: 220XKaI1oYvxsrEuT4bbKGWX5HLMrQj6mdthDm8qUfI=
Subject key identifier: 0D:90:D2:71:5B:1E:24:9B:6A:52:59:91:43:29:AE:80:BC:F6:7B:20
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 01979B361912251680477781130C4982FBB7
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/DZDScVseJJtqUlmRQymugLz2eyA.roa
Signing time: Mon 23 Jun 2025 05:15:03 +0000
ROA not before: Mon 23 Jun 2025 05:15:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 23 Jun 2025 06:06:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:9b:36:19:12:25:16:80:47:77:81:13:0c:49:82:fb:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 23 05:15:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0d90d2715b1e249b6a5259914329ae80bcf67b20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:db:da:4a:ac:82:8a:79:c5:6e:5b:fb:d1:70:
14:87:a3:ee:ac:84:54:4b:cf:fb:03:c9:c4:e5:92:
1c:6e:f8:46:fc:80:c9:62:4f:7b:61:4d:52:f9:61:
8d:97:11:66:e7:9c:77:8d:67:22:50:45:66:39:56:
a0:a1:6a:cd:2f:a4:10:2a:b1:ce:a9:28:c6:1f:cf:
eb:ae:54:b1:f6:5c:2d:c4:89:41:ca:5d:35:1a:6e:
64:ac:d6:bb:52:92:63:f8:d5:70:39:d4:83:62:57:
43:f2:2c:fe:48:56:e5:fb:9d:15:85:ae:80:15:cf:
0f:5a:84:bc:27:83:93:59:3e:19:1b:e9:eb:02:9a:
6e:24:07:fc:7b:1d:91:2a:6f:cf:4f:22:45:82:1e:
61:dd:d0:6f:00:b4:34:66:6d:6d:78:f1:18:cd:c2:
7e:13:95:54:84:46:07:e9:d1:15:dd:45:bb:d3:4f:
91:2c:a2:51:43:1e:61:0e:1b:15:8f:fd:fa:39:26:
30:e7:bc:ad:4c:3c:92:67:ae:54:f0:5c:99:83:b6:
2c:5c:b3:f2:9a:3e:5b:c6:9e:96:70:a4:13:b7:10:
fe:90:b3:9d:a3:0f:0c:40:af:77:e6:59:09:04:d7:
96:9e:ab:e1:51:cc:e1:cd:e8:de:5d:b6:c9:48:87:
c3:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:90:D2:71:5B:1E:24:9B:6A:52:59:91:43:29:AE:80:BC:F6:7B:20
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/DZDScVseJJtqUlmRQymugLz2eyA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
04:e8:91:81:d4:85:23:8d:fa:c3:11:a9:36:25:78:74:55:e5:
db:97:b4:29:1a:cf:ab:38:3d:96:17:a1:84:dd:fb:0b:2d:92:
63:8a:0b:21:b4:99:0e:c3:a9:8f:7c:6d:df:d5:27:e1:0e:64:
c4:20:a1:17:bc:f6:6c:1a:14:15:c1:ae:0c:0f:03:cc:c5:4b:
ff:77:96:66:71:23:36:3b:f2:a7:a6:f3:4d:a0:3f:6a:3d:cd:
1e:4f:84:b7:c0:58:84:a3:08:8e:a7:58:3a:d5:28:0c:0d:0a:
cb:88:70:5d:d5:d6:4a:79:21:79:54:5b:c4:7c:ca:b1:89:ab:
c8:f1:d0:30:1b:ca:fc:30:1e:fd:7b:cd:33:67:30:6b:12:31:
da:48:49:47:2a:ef:94:e5:5a:9d:ea:a6:7c:77:ad:0c:4e:2b:
b0:31:5c:5b:88:9e:b6:e3:b1:c3:d5:5d:13:f4:2e:ac:22:32:
93:22:67:26:63:90:3d:04:63:49:37:1e:be:ab:7f:3b:9e:da:
45:c8:b1:55:c5:49:38:1a:73:c1:04:9a:a0:f4:eb:73:9f:e1:
6b:90:7f:ba:e0:9c:b4:5c:ef:cf:70:11:b2:3b:f1:6b:9a:83:
46:cd:29:da:2e:76:51:d0:13:a9:e8:6e:fa:b8:48:3b:9e:0e:
86:f5:8b:d7
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZebNhkSJRaAR3eBEwxJgvu3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjIzMDUxNTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDkwZDI3MTViMWUyNDliNmE1MjU5OTE0MzI5YWU4MGJjZjY3YjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzdvaSqyCinnFblv70XAUh6PurIRU
S8/7A8nE5ZIcbvhG/IDJYk97YU1S+WGNlxFm55x3jWciUEVmOVagoWrNL6QQKrHO
qSjGH8/rrlSx9lwtxIlByl01Gm5krNa7UpJj+NVwOdSDYldD8iz+SFbl+50Vha6A
Fc8PWoS8J4OTWT4ZG+nrAppuJAf8ex2RKm/PTyJFgh5h3dBvALQ0Zm1tePEYzcJ+
E5VUhEYH6dEV3UW700+RLKJRQx5hDhsVj/36OSYw57ytTDySZ65U8FyZg7YsXLPy
mj5bxp6WcKQTtxD+kLOdow8MQK935lkJBNeWnqvhUczhzejeXbbJSIfDvQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFA2Q0nFbHiSbalJZkUMproC89nsgMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvRFpEU2NWc2VKSnRxVWxtUlF5bXVnTHoyZXlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEABOiRgdSFI436wxGpNiV4dFXl
25e0KRrPqzg9lhehhN37Cy2SY4oLIbSZDsOpj3xt39Un4Q5kxCChF7z2bBoUFcGu
DA8DzMVL/3eWZnEjNjvyp6bzTaA/aj3NHk+Et8BYhKMIjqdYOtUoDA0Ky4hwXdXW
SnkheVRbxHzKsYmryPHQMBvK/DAe/XvNM2cwaxIx2khJRyrvlOVaneqmfHetDE4r
sDFcW4ietuOxw9VdE/QurCIykyJnJmOQPQRjSTcevqt/O57aRcixVcVJOBpzwQSa
oPTrc5/ha5B/uuCctFzvz3ARsjvxa5qDRs0p2i52UdATqehu+rhIO54OhvWL1w==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:30:13 2025 by rpki-client