Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/DfYvYg_JXuZRzmDmALlqTeSY6S0.roa
File: DfYvYg_JXuZRzmDmALlqTeSY6S0.roa (raw, json)
Hash identifier: ZreDvd6FwsDFgabbYWDqJjSk8Jyr4Lh0RMCTUaAHVfg=
Subject key identifier: 0D:F6:2F:62:0F:C9:5E:E6:51:CE:60:E6:00:B9:6A:4D:E4:98:E9:2D
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 0197B6066901E3F294968CCC646279B45589
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/DfYvYg_JXuZRzmDmALlqTeSY6S0.roa
Signing time: Sat 28 Jun 2025 10:12:42 +0000
ROA not before: Sat 28 Jun 2025 10:12:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 28 Jun 2025 11:04:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b6:06:69:01:e3:f2:94:96:8c:cc:64:62:79:b4:55:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 28 10:12:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0df62f620fc95ee651ce60e600b96a4de498e92d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:b5:8d:5c:45:b2:e4:5e:14:84:3b:ef:0a:da:
71:a1:95:82:96:38:d0:8a:f0:0c:4b:6a:cd:6c:f4:
c3:e0:d9:00:e0:ba:d0:63:b4:2a:a4:b9:51:e5:77:
74:01:a4:69:54:b5:38:e5:c3:6d:22:a7:42:7f:78:
48:85:bb:5d:1b:c1:0c:b3:74:9e:29:5a:24:3b:67:
0a:2d:e4:c8:d5:46:25:d8:aa:87:c0:6d:37:3f:67:
c5:41:71:b1:a5:f6:ac:ee:96:b3:f1:94:39:9f:60:
a8:a0:e6:71:81:be:45:af:ae:ee:75:b7:9e:a1:c6:
5f:27:83:f7:cd:c1:4e:1d:f7:92:53:78:13:bb:69:
d8:71:d5:51:9b:9e:93:08:0d:94:5d:ef:e3:a7:03:
91:1d:37:d5:1c:bd:8f:2e:12:91:d6:3a:9c:71:71:
53:82:74:06:dd:9c:c4:3e:39:4f:f9:50:63:8c:2a:
75:ea:6d:05:dc:53:43:3c:7c:73:d9:25:47:11:a5:
6f:37:6a:26:ba:00:a8:ab:3a:65:ec:36:ed:92:ee:
de:5f:b0:cd:01:b0:9a:80:99:5b:ae:05:26:bc:a7:
e0:b8:b2:03:c2:9e:da:8c:81:7a:90:4a:7e:42:a8:
72:f8:1f:f3:2e:8b:c7:8a:ac:3a:de:33:92:2e:62:
25:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:F6:2F:62:0F:C9:5E:E6:51:CE:60:E6:00:B9:6A:4D:E4:98:E9:2D
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/DfYvYg_JXuZRzmDmALlqTeSY6S0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
67:ff:f6:f3:36:ea:4e:e6:e6:fe:99:07:87:68:3d:3b:13:d5:
67:50:b1:f4:1d:b2:38:6f:1b:4a:1d:eb:80:4f:b3:cf:5d:4b:
6f:e7:36:05:82:b1:c5:16:7b:4e:f1:68:64:f8:f4:15:63:2d:
ae:54:4c:ed:d7:d8:04:63:04:ad:12:15:2f:2a:e4:72:f7:68:
fb:4f:2e:eb:9e:6a:5d:7b:ae:5b:64:12:53:80:3a:f9:dc:fb:
50:0d:b4:c6:ef:c3:f8:b7:32:a1:ec:80:9e:0a:89:21:2c:e8:
ab:b9:cd:fe:1a:15:41:62:ea:6f:10:35:02:1e:66:3e:97:aa:
3e:88:0e:0b:c0:4b:fc:55:03:30:9e:89:23:58:46:4a:27:b3:
34:f5:ab:59:4d:f1:05:c8:dd:54:47:a3:53:ea:9a:41:7e:e2:
8d:07:9d:2f:44:71:03:e3:2b:95:a2:79:f8:c5:1b:f9:d5:67:
fc:51:74:8f:24:51:4d:48:c9:22:34:90:b0:5a:90:d5:e7:a7:
34:e2:f0:68:fb:66:38:84:3b:b5:ce:46:5d:88:e6:f5:3b:bb:
03:a9:42:3c:45:2b:b4:73:c2:58:c5:ca:6e:5a:c6:80:ec:d8:
fc:71:38:23:6b:8f:98:37:7f:c5:d4:e0:cc:a4:34:e2:08:3e:
80:29:b0:4a
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZe2BmkB4/KUlozMZGJ5tFWJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjI4MTAxMjQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGY2MmY2MjBmYzk1ZWU2NTFjZTYwZTYwMGI5NmE0ZGU0OThlOTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAorWNXEWy5F4UhDvvCtpxoZWCljjQ
ivAMS2rNbPTD4NkA4LrQY7QqpLlR5Xd0AaRpVLU45cNtIqdCf3hIhbtdG8EMs3Se
KVokO2cKLeTI1UYl2KqHwG03P2fFQXGxpfas7paz8ZQ5n2CooOZxgb5Fr67udbee
ocZfJ4P3zcFOHfeSU3gTu2nYcdVRm56TCA2UXe/jpwORHTfVHL2PLhKR1jqccXFT
gnQG3ZzEPjlP+VBjjCp16m0F3FNDPHxz2SVHEaVvN2omugCoqzpl7Dbtku7eX7DN
AbCagJlbrgUmvKfguLIDwp7ajIF6kEp+Qqhy+B/zLovHiqw63jOSLmIlYwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFA32L2IPyV7mUc5g5gC5ak3kmOktMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvRGZZdllnX0pYdVpSem1EbUFMbHFUZVNZNlMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAZ//28zbqTubm/pkHh2g9OxPV
Z1Cx9B2yOG8bSh3rgE+zz11Lb+c2BYKxxRZ7TvFoZPj0FWMtrlRM7dfYBGMErRIV
Lyrkcvdo+08u655qXXuuW2QSU4A6+dz7UA20xu/D+LcyoeyAngqJISzoq7nN/hoV
QWLqbxA1Ah5mPpeqPogOC8BL/FUDMJ6JI1hGSiezNPWrWU3xBcjdVEejU+qaQX7i
jQedL0RxA+MrlaJ5+MUb+dVn/FF0jyRRTUjJIjSQsFqQ1eenNOLwaPtmOIQ7tc5G
XYjm9Tu7A6lCPEUrtHPCWMXKblrGgOzY/HE4I2uPmDd/xdTgzKQ04gg+gCmwSg==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:43:42 2025 by rpki-client