Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/EfHHDlLH3y2EYb-YK8lfNLQnrIk.roa
File: EfHHDlLH3y2EYb-YK8lfNLQnrIk.roa (raw, json)
Hash identifier: xCVB2vegM6J97kccazsY6rV26brOrAnqLg2QOx0l4E8=
Subject key identifier: 11:F1:C7:0E:52:C7:DF:2D:84:61:BF:98:2B:C9:5F:34:B4:27:AC:89
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 0197AA69AFF2B3D8BD41DDD170AEF44B585C
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/EfHHDlLH3y2EYb-YK8lfNLQnrIk.roa
Signing time: Thu 26 Jun 2025 04:05:42 +0000
ROA not before: Thu 26 Jun 2025 04:05:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
2001:67c:64:ffff:0:197:aa69:4606/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 26 Jun 2025 04:14:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:aa:69:af:f2:b3:d8:bd:41:dd:d1:70:ae:f4:4b:58:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 26 04:05:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=11f1c70e52c7df2d8461bf982bc95f34b427ac89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:93:e8:01:db:bb:be:5f:78:21:a2:3a:d7:05:
73:77:88:74:a6:e5:aa:30:d1:9d:7f:da:b2:11:fd:
68:1d:b9:05:6a:63:11:7d:98:63:61:5b:a3:17:71:
0b:59:ef:1d:3b:ef:4d:7c:32:4d:a5:6d:2d:f6:da:
3b:f2:2d:f1:64:51:b3:f1:55:39:1b:96:17:c4:24:
6b:f0:a0:41:1d:66:33:e6:fc:33:0a:d9:c9:32:c7:
92:ba:42:21:f0:7f:dd:f8:96:de:e9:73:4b:c5:de:
66:78:65:52:0f:f2:e7:d0:64:c2:21:23:a9:78:e5:
58:cb:0e:66:75:0e:77:54:cb:c2:1c:94:61:c2:e9:
4f:81:20:ca:fe:f6:92:b3:18:b7:03:f9:81:61:83:
80:84:36:0c:d4:d7:1a:f6:57:98:03:37:dd:f3:bb:
56:69:27:71:e0:6e:0f:58:8b:d3:5b:66:08:eb:24:
ac:29:6d:15:27:b3:73:6a:ce:b0:c6:b9:3c:66:64:
b9:91:36:5c:2c:b3:f4:82:32:59:32:35:fb:1d:43:
47:02:77:ce:b1:ca:69:1e:4a:0b:9d:50:98:48:e3:
b7:7d:cb:c1:31:f6:60:92:0b:aa:df:90:22:45:d8:
bf:b7:82:5e:8c:2b:6d:25:7d:a7:08:e4:a0:17:a0:
2d:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:F1:C7:0E:52:C7:DF:2D:84:61:BF:98:2B:C9:5F:34:B4:27:AC:89
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/EfHHDlLH3y2EYb-YK8lfNLQnrIk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
2001:67c:64:ffff:0:197:aa69:4606/128
Signature Algorithm: sha256WithRSAEncryption
34:65:ff:3e:7f:73:3c:fa:58:a5:d0:31:52:0d:53:66:a6:e7:
e3:79:f9:f1:3e:74:d6:b6:a1:2a:d9:09:f3:f3:f8:02:d8:c8:
f2:fa:28:d1:ad:4b:74:8c:6b:b1:d2:7a:76:ab:d0:b9:43:89:
ea:fc:02:fd:97:7a:5d:9e:ec:16:aa:9d:79:25:cb:df:ac:a8:
7b:44:2c:3e:a9:a8:10:34:ef:aa:a6:9d:53:e8:26:57:50:bf:
0a:81:ad:ee:91:3b:ba:4f:f6:60:f7:62:ec:15:e7:76:9a:4b:
49:be:4d:0b:e5:83:e4:a5:f3:56:a9:30:4b:21:fb:47:ae:31:
e1:7e:34:5d:65:27:94:55:99:89:dd:f9:48:ea:52:2a:4f:d5:
ba:da:1d:6c:31:37:af:83:16:d5:7e:e9:be:bd:89:6f:ca:93:
63:c9:88:67:f2:6d:d1:49:4f:7c:57:51:c6:82:54:ef:b3:aa:
95:bc:17:29:83:3f:76:57:14:66:3f:77:cd:50:12:6b:a9:75:
9e:73:38:5e:4e:b5:d4:cf:5b:66:4c:d4:6a:02:76:04:41:79:
2c:b8:27:c2:e9:13:e8:6b:74:48:25:05:03:15:6c:3d:18:22:
c6:a5:17:09:f5:db:3d:71:38:b9:30:5e:62:a8:fc:52:8f:1b:
1e:3a:f9:4d
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZeqaa/ys9i9Qd3RcK70S1hcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjI2MDQwNTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWYxYzcwZTUyYzdkZjJkODQ2MWJmOTgyYmM5NWYzNGI0MjdhYzg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzpPoAdu7vl94IaI61wVzd4h0puWq
MNGdf9qyEf1oHbkFamMRfZhjYVujF3ELWe8dO+9NfDJNpW0t9to78i3xZFGz8VU5
G5YXxCRr8KBBHWYz5vwzCtnJMseSukIh8H/d+Jbe6XNLxd5meGVSD/Ln0GTCISOp
eOVYyw5mdQ53VMvCHJRhwulPgSDK/vaSsxi3A/mBYYOAhDYM1Nca9leYAzfd87tW
aSdx4G4PWIvTW2YI6ySsKW0VJ7Nzas6wxrk8ZmS5kTZcLLP0gjJZMjX7HUNHAnfO
scppHkoLnVCYSOO3fcvBMfZgkguq35AiRdi/t4JejCttJX2nCOSgF6AtvQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFBHxxw5Sx98thGG/mCvJXzS0J6yJMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvRWZISERsTEgzeTJFWWItWUs4bGZOTFFucklrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGXaFF4nAMRACABBnwAZP//AAABl6ppRgYwDQYJKoZIhvcNAQELBQADggEB
ADRl/z5/czz6WKXQMVINU2am5+N5+fE+dNa2oSrZCfPz+ALYyPL6KNGtS3SMa7HS
enar0LlDier8Av2Xel2e7BaqnXkly9+sqHtELD6pqBA076qmnVPoJldQvwqBre6R
O7pP9mD3YuwV53aaS0m+TQvlg+Sl81apMEsh+0euMeF+NF1lJ5RVmYnd+UjqUipP
1braHWwxN6+DFtV+6b69iW/Kk2PJiGfybdFJT3xXUcaCVO+zqpW8FymDP3ZXFGY/
d81QEmupdZ5zOF5OtdTPW2ZM1GoCdgRBeSy4J8LpE+hrdEglBQMVbD0YIsalFwn1
2z1xOLkwXmKo/FKPGx46+U0=
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:39:32 2025 by rpki-client