Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/HKxQDN5vgHMJzp6iNPPgFfDJsps.roa
File: HKxQDN5vgHMJzp6iNPPgFfDJsps.roa (raw, json)
Hash identifier: SHAfaRtNVY7NX0BawC5jJgWf1EfpEzZl0JsqdSww/D0=
Subject key identifier: 1C:AC:50:0C:DE:6F:80:73:09:CE:9E:A2:34:F3:E0:15:F0:C9:B2:9B
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 0197C68D0EA0F8C502551612EE95D89A08F4
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/HKxQDN5vgHMJzp6iNPPgFfDJsps.roa
Signing time: Tue 01 Jul 2025 15:13:42 +0000
ROA not before: Tue 01 Jul 2025 15:13:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 01 Jul 2025 16:04:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c6:8d:0e:a0:f8:c5:02:55:16:12:ee:95:d8:9a:08:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jul 1 15:13:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1cac500cde6f807309ce9ea234f3e015f0c9b29b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:da:a4:99:bc:b4:c6:7b:ee:3f:f0:d1:99:ef:
43:38:63:c7:23:9b:8a:e3:f5:71:15:11:2a:25:3d:
e7:09:c9:8c:d2:28:04:29:3c:d4:76:13:53:fb:ff:
c9:99:cd:5a:80:12:7c:13:f9:cb:99:b6:9b:ca:ec:
78:38:2f:4b:24:d9:c7:05:2a:60:0b:e9:3b:4b:1c:
ee:55:96:20:6b:45:0c:89:df:10:5c:13:df:48:a6:
ee:87:11:49:a5:35:2e:27:0e:65:94:a1:a2:73:b0:
75:4c:44:b8:a2:18:72:d9:07:33:e2:4c:50:16:17:
5a:02:63:63:1e:de:97:e9:5a:5e:c3:92:e8:3c:43:
cc:18:27:ee:c1:f8:f4:82:a3:c7:27:90:e9:02:cc:
97:8b:7c:e4:b1:4e:74:81:58:13:6d:c5:30:e8:2a:
67:ca:14:4c:03:7d:81:99:cf:a0:7f:cc:1c:55:d2:
07:3a:45:38:ab:dd:e4:fd:e8:e7:a0:f4:12:08:3d:
d7:ac:f5:42:3d:f0:f9:c7:1b:10:35:c4:8a:d8:44:
28:48:e5:be:5e:0d:fc:14:5f:ca:98:ad:6d:43:ec:
19:8e:25:2e:41:d5:24:57:30:7e:bf:12:03:9d:52:
65:dc:af:dd:21:d4:5d:1f:8a:d0:6e:2c:9e:ed:70:
50:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:AC:50:0C:DE:6F:80:73:09:CE:9E:A2:34:F3:E0:15:F0:C9:B2:9B
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/HKxQDN5vgHMJzp6iNPPgFfDJsps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
1c:d3:2a:b3:99:e7:de:4f:96:ca:63:0b:50:85:e0:c0:c0:c7:
be:7a:c3:b8:ee:bd:3c:80:af:98:cb:c3:e5:b7:1e:62:ea:17:
0c:78:c7:53:49:52:ab:ec:17:9b:a8:01:17:db:ad:e8:05:02:
d6:5d:0b:73:64:67:45:98:ca:77:54:f7:44:11:58:fa:76:f1:
c1:e2:0c:cc:a0:91:cc:d5:0d:ed:70:98:5a:71:73:73:a3:6d:
df:91:59:4b:2e:dc:09:ec:a6:4e:d2:96:b2:b9:83:c5:fa:bb:
9e:f3:09:5b:4f:18:de:be:dd:12:48:3d:e6:b0:71:21:0e:31:
74:00:fd:f8:33:98:e6:3e:77:bd:16:b8:76:45:d4:27:6f:38:
99:fe:93:c9:d7:f8:bc:63:33:c5:56:74:31:0a:ab:32:50:91:
09:ba:84:70:64:ff:07:d8:1d:f3:fe:94:90:91:64:00:de:67:
1d:12:3a:88:99:d0:94:5b:10:2f:23:fc:79:c8:27:74:37:bf:
07:a4:31:c5:6a:9c:14:1b:cb:87:79:1d:9b:6d:0d:c6:e7:80:
fc:c8:83:97:de:25:3a:08:42:4a:27:ef:6e:79:58:d9:05:ca:
4c:cf:90:bf:bd:3c:47:be:a5:ae:37:9b:74:0e:ef:4f:78:e5:
ee:b5:30:7f
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZfGjQ6g+MUCVRYS7pXYmgj0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNzAxMTUxMzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2FjNTAwY2RlNmY4MDczMDljZTllYTIzNGYzZTAxNWYwYzliMjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArNqkmby0xnvuP/DRme9DOGPHI5uK
4/VxFREqJT3nCcmM0igEKTzUdhNT+//Jmc1agBJ8E/nLmbabyux4OC9LJNnHBSpg
C+k7SxzuVZYga0UMid8QXBPfSKbuhxFJpTUuJw5llKGic7B1TES4ohhy2Qcz4kxQ
FhdaAmNjHt6X6Vpew5LoPEPMGCfuwfj0gqPHJ5DpAsyXi3zksU50gVgTbcUw6Cpn
yhRMA32Bmc+gf8wcVdIHOkU4q93k/ejnoPQSCD3XrPVCPfD5xxsQNcSK2EQoSOW+
Xg38FF/KmK1tQ+wZjiUuQdUkVzB+vxIDnVJl3K/dIdRdH4rQbiye7XBQAQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFBysUAzeb4BzCc6eojTz4BXwybKbMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvSEt4UURONXZnSE1KenA2aU5QUGdGZkRKc3BzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAHNMqs5nn3k+WymMLUIXgwMDH
vnrDuO69PICvmMvD5bceYuoXDHjHU0lSq+wXm6gBF9ut6AUC1l0Lc2RnRZjKd1T3
RBFY+nbxweIMzKCRzNUN7XCYWnFzc6Nt35FZSy7cCeymTtKWsrmDxfq7nvMJW08Y
3r7dEkg95rBxIQ4xdAD9+DOY5j53vRa4dkXUJ284mf6Tydf4vGMzxVZ0MQqrMlCR
CbqEcGT/B9gd8/6UkJFkAN5nHRI6iJnQlFsQLyP8ecgndDe/B6QxxWqcFBvLh3kd
m20NxueA/MiDl94lOghCSifvbnlY2QXKTM+Qv708R76lrjebdA7vT3jl7rUwfw==
-----END CERTIFICATE-----
Generated at Sat Jul 5 16:07:22 2025 by rpki-client