Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/DzmZrNWSpUTIfBbnS7Gs9ajWJTQ.roa
File: DzmZrNWSpUTIfBbnS7Gs9ajWJTQ.roa (raw, json)
Hash identifier: gPx7OC+klRxO35X1r4sr2kB2n+4dQE1maLgrrfXjmTQ=
Subject key identifier: 0F:39:99:AC:D5:92:A5:44:C8:7C:16:E7:4B:B1:AC:F5:A8:D6:25:34
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 0197967E852437EB566B8B099BE17736BBF3
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/DzmZrNWSpUTIfBbnS7Gs9ajWJTQ.roa
Signing time: Sun 22 Jun 2025 07:16:03 +0000
ROA not before: Sun 22 Jun 2025 07:16:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 22 Jun 2025 08:06:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:96:7e:85:24:37:eb:56:6b:8b:09:9b:e1:77:36:bb:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 22 07:16:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0f3999acd592a544c87c16e74bb1acf5a8d62534
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:6d:8a:1b:02:fd:d2:d0:84:19:49:98:75:7a:
48:7f:8d:83:b7:34:cf:64:47:38:83:03:10:e6:f3:
5a:41:09:a1:7a:0b:be:d8:f6:f9:0f:2d:e2:61:32:
ba:f8:68:d9:7a:cb:a8:53:1b:ed:00:1a:95:32:64:
56:21:41:48:8e:aa:78:79:2b:a4:2d:f3:85:ba:18:
bc:61:2b:fc:9f:5e:bb:3a:86:b0:e2:37:20:23:17:
e9:52:05:99:6c:2b:8f:ad:88:86:62:2e:ac:9d:de:
a3:1b:b0:e9:89:11:9a:c0:39:e9:83:fe:4a:b7:df:
fb:6f:67:05:ef:48:11:48:17:b0:4c:98:4b:a5:eb:
43:97:e5:71:37:63:8c:7b:b5:a8:01:0c:1b:23:79:
22:17:70:7a:4a:da:e6:37:3e:ae:08:77:91:59:2d:
da:8e:04:e4:4a:06:2d:62:5c:4d:49:6a:b6:cf:fc:
c3:04:43:06:19:24:99:03:c4:bd:49:49:02:93:a4:
20:b4:38:62:32:62:83:a5:ab:2e:6f:ac:ae:fb:69:
6b:23:06:e2:c2:a6:ac:e4:ca:98:23:52:af:20:a8:
31:95:ff:e8:4a:c0:26:eb:d5:dd:51:90:c2:54:6e:
38:0e:c5:f1:7d:9e:ea:e6:f4:ae:18:71:1d:8a:95:
e9:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:39:99:AC:D5:92:A5:44:C8:7C:16:E7:4B:B1:AC:F5:A8:D6:25:34
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/DzmZrNWSpUTIfBbnS7Gs9ajWJTQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
70:b4:78:f7:d1:39:1c:43:84:54:e4:d1:c4:e1:39:8a:ad:65:
3d:62:b2:2f:60:24:b1:cb:66:c4:88:7e:29:dd:10:3e:ae:0b:
c1:c2:82:a3:9e:03:16:60:ef:68:94:01:75:77:c2:f6:39:aa:
fb:2b:26:f1:23:b8:09:1f:63:e1:42:7c:05:c2:8a:07:07:d6:
ce:82:ea:cf:19:78:af:18:b9:d3:c3:ca:e2:e8:a8:ee:7a:f0:
4a:14:0e:e7:fe:6f:65:3a:4b:ca:37:6c:c8:ad:5f:c0:b3:6c:
2d:04:cd:6c:39:83:ee:ba:82:46:09:fa:6e:74:12:97:f9:37:
81:a4:d0:ca:f8:3e:09:5b:88:12:7f:08:17:df:e5:c9:5d:f0:
53:60:97:c4:f2:82:6e:f2:10:7f:87:3b:ee:e6:84:2f:24:92:
f3:94:2e:55:62:06:65:c7:da:3c:d8:78:ad:3d:7a:68:5d:5c:
ba:66:fe:2c:89:c9:82:17:de:ca:53:3c:53:3b:87:2a:a5:88:
a6:87:b4:15:e1:e8:da:19:1b:b1:d4:30:cd:6c:31:93:07:6a:
00:27:5b:07:ea:5b:f5:e3:ab:27:ba:87:af:e6:dd:29:d2:73:
12:0a:e0:df:14:d7:2d:4b:d1:e9:59:19:fc:56:51:85:fa:12:
0c:be:41:e9
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZeWfoUkN+tWa4sJm+F3NrvzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjIyMDcxNjAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjM5OTlhY2Q1OTJhNTQ0Yzg3YzE2ZTc0YmIxYWNmNWE4ZDYyNTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAum2KGwL90tCEGUmYdXpIf42DtzTP
ZEc4gwMQ5vNaQQmhegu+2Pb5Dy3iYTK6+GjZesuoUxvtABqVMmRWIUFIjqp4eSuk
LfOFuhi8YSv8n167Ooaw4jcgIxfpUgWZbCuPrYiGYi6snd6jG7DpiRGawDnpg/5K
t9/7b2cF70gRSBewTJhLpetDl+VxN2OMe7WoAQwbI3kiF3B6StrmNz6uCHeRWS3a
jgTkSgYtYlxNSWq2z/zDBEMGGSSZA8S9SUkCk6QgtDhiMmKDpasub6yu+2lrIwbi
wqas5MqYI1KvIKgxlf/oSsAm69XdUZDCVG44DsXxfZ7q5vSuGHEdipXpawIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFA85mazVkqVEyHwW50uxrPWo1iU0MB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvRHptWnJOV1NwVVRJZkJiblM3R3M5YWpXSlRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAcLR499E5HEOEVOTRxOE5iq1l
PWKyL2AksctmxIh+Kd0QPq4LwcKCo54DFmDvaJQBdXfC9jmq+ysm8SO4CR9j4UJ8
BcKKBwfWzoLqzxl4rxi508PK4uio7nrwShQO5/5vZTpLyjdsyK1fwLNsLQTNbDmD
7rqCRgn6bnQSl/k3gaTQyvg+CVuIEn8IF9/lyV3wU2CXxPKCbvIQf4c77uaELySS
85QuVWIGZcfaPNh4rT16aF1cumb+LInJghfeylM8UzuHKqWIpoe0FeHo2hkbsdQw
zWwxkwdqACdbB+pb9eOrJ7qHr+bdKdJzEgrg3xTXLUvR6VkZ/FZRhfoSDL5B6Q==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:52:16 2025 by rpki-client