Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/G6NCzGw8qdjlWVgdduZmeROeuNU.roa
File: G6NCzGw8qdjlWVgdduZmeROeuNU.roa (raw, json)
Hash identifier: WYMsIZ8CynK/Ycm5jGTzPGYkJ3gr/XpscsjSamBl4eo=
Subject key identifier: 1B:A3:42:CC:6C:3C:A9:D8:E5:59:58:1D:76:E6:66:79:13:9E:B8:D5
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 019796E1657DE9A30A8AA22C7CF6349B4AC6
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/G6NCzGw8qdjlWVgdduZmeROeuNU.roa
Signing time: Sun 22 Jun 2025 09:04:03 +0000
ROA not before: Sun 22 Jun 2025 09:04:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
2001:67c:64:ffff:0:197:96e1:5512/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 22 Jun 2025 09:14:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:96:e1:65:7d:e9:a3:0a:8a:a2:2c:7c:f6:34:9b:4a:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 22 09:04:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1ba342cc6c3ca9d8e559581d76e66679139eb8d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:be:8c:c7:fe:fb:1b:9c:f9:88:dc:c7:17:e2:
3c:9d:b0:c1:07:47:fa:c0:f3:17:30:34:0d:a2:10:
d5:75:27:d8:e0:8b:6c:08:42:dc:bf:82:c7:11:c4:
03:c9:fa:8d:09:73:ab:bc:9f:c1:de:06:6e:4e:b9:
76:6b:ed:f3:8c:0e:7d:1c:48:2b:6c:16:6a:9a:f2:
f5:87:e9:4f:cd:b4:a8:3a:0d:6c:ee:0c:d7:21:d0:
e0:3e:a3:15:f6:3a:bd:1b:f9:2c:f7:0b:dc:ed:8b:
e7:f9:2e:21:43:73:aa:7f:e3:a2:82:e2:24:7b:0e:
2b:29:a4:6d:fe:79:20:ca:61:16:79:c1:81:76:af:
23:4d:03:43:1b:f5:34:c0:e8:22:2b:43:cf:03:d8:
f8:f2:a2:e6:79:28:0e:bc:83:db:ef:42:82:71:6f:
ea:c1:e2:8c:7d:c9:d7:0f:1c:9f:e0:2b:68:cd:93:
4d:e4:30:ef:bc:0f:94:1c:5a:4a:bb:7c:80:64:5b:
76:c9:18:e0:7e:1b:25:70:a2:3a:09:d6:36:40:05:
43:e5:cd:9e:ab:53:be:ae:95:16:ab:06:3e:01:46:
98:8b:72:d2:86:3a:af:60:9e:05:44:5a:35:81:65:
25:25:57:f2:d8:09:af:fa:78:de:cc:2a:48:a6:b7:
05:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:A3:42:CC:6C:3C:A9:D8:E5:59:58:1D:76:E6:66:79:13:9E:B8:D5
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/G6NCzGw8qdjlWVgdduZmeROeuNU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
2001:67c:64:ffff:0:197:96e1:5512/128
Signature Algorithm: sha256WithRSAEncryption
03:2e:d6:3e:45:98:7c:6e:ec:d1:29:7e:f7:93:b3:fe:61:27:
1d:cd:d2:b2:a6:51:86:c5:3e:fa:c0:16:b4:0f:b8:4d:3b:50:
db:81:a4:4f:b6:a6:29:50:84:87:ae:d5:ad:c4:99:a5:2f:a9:
91:f3:32:a2:91:aa:c1:ae:5e:50:38:90:87:b0:6d:c3:0e:99:
79:f1:03:97:42:95:6c:58:65:de:25:06:1d:9b:06:c1:d5:ba:
39:a9:95:73:a8:27:ea:ff:58:60:13:28:4a:6b:c7:5e:70:3f:
e2:4c:80:a4:fe:f3:e1:09:e3:f0:4b:8d:ba:ac:7c:70:c5:ad:
fd:43:fb:fc:f8:c3:76:db:e9:d5:6e:39:b5:8b:b4:80:fc:f8:
ea:06:81:07:92:89:d2:9b:01:d5:1a:36:c4:d4:23:ca:24:aa:
51:7c:79:47:b7:f6:e3:7c:f6:34:0c:3e:d0:b1:24:37:02:5a:
1c:0e:40:73:34:7c:17:0a:bd:63:a3:85:54:ef:f7:8a:42:b7:
d9:2b:62:c0:a5:11:10:8f:12:0f:1b:2a:01:ee:b1:9b:9f:a0:
6f:c3:2b:57:09:5d:bd:73:8f:f3:ac:a8:4b:63:bf:6b:81:46:
99:87:ce:fc:77:88:42:f8:fd:28:4f:43:45:b0:41:0d:fe:67:
15:70:0b:85
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZeW4WV96aMKiqIsfPY0m0rGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjIyMDkwNDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmEzNDJjYzZjM2NhOWQ4ZTU1OTU4MWQ3NmU2NjY3OTEzOWViOGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxb6Mx/77G5z5iNzHF+I8nbDBB0f6
wPMXMDQNohDVdSfY4ItsCELcv4LHEcQDyfqNCXOrvJ/B3gZuTrl2a+3zjA59HEgr
bBZqmvL1h+lPzbSoOg1s7gzXIdDgPqMV9jq9G/ks9wvc7Yvn+S4hQ3Oqf+OiguIk
ew4rKaRt/nkgymEWecGBdq8jTQNDG/U0wOgiK0PPA9j48qLmeSgOvIPb70KCcW/q
weKMfcnXDxyf4CtozZNN5DDvvA+UHFpKu3yAZFt2yRjgfhslcKI6CdY2QAVD5c2e
q1O+rpUWqwY+AUaYi3LShjqvYJ4FRFo1gWUlJVfy2Amv+njezCpIprcFnQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFBujQsxsPKnY5VlYHXbmZnkTnrjVMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvRzZOQ3pHdzhxZGpsV1ZnZGR1Wm1lUk9ldU5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGXaFF4nAMRACABBnwAZP//AAABl5bhVRIwDQYJKoZIhvcNAQELBQADggEB
AAMu1j5FmHxu7NEpfveTs/5hJx3N0rKmUYbFPvrAFrQPuE07UNuBpE+2pilQhIeu
1a3EmaUvqZHzMqKRqsGuXlA4kIewbcMOmXnxA5dClWxYZd4lBh2bBsHVujmplXOo
J+r/WGATKEprx15wP+JMgKT+8+EJ4/BLjbqsfHDFrf1D+/z4w3bb6dVuObWLtID8
+OoGgQeSidKbAdUaNsTUI8okqlF8eUe39uN89jQMPtCxJDcCWhwOQHM0fBcKvWOj
hVTv94pCt9krYsClERCPEg8bKgHusZufoG/DK1cJXb1zj/OsqEtjv2uBRpmHzvx3
iEL4/ShPQ0WwQQ3+ZxVwC4U=
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:50:53 2025 by rpki-client