Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/HOsMgMpptuBQPiFLWtDWPlMQpnI.roa
File: HOsMgMpptuBQPiFLWtDWPlMQpnI.roa (raw, json)
Hash identifier: MGoeTQLH/4aPN19goEvay/CBhaZjqYxzXrqJBX1/9Fs=
Subject key identifier: 1C:EB:0C:80:CA:69:B6:E0:50:3E:21:4B:5A:D0:D6:3E:53:10:A6:72
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 019793B37DCD2B52B2C20E56B77CB6FA38E9
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/HOsMgMpptuBQPiFLWtDWPlMQpnI.roa
Signing time: Sat 21 Jun 2025 18:15:03 +0000
ROA not before: Sat 21 Jun 2025 18:15:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 21 Jun 2025 19:04:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:93:b3:7d:cd:2b:52:b2:c2:0e:56:b7:7c:b6:fa:38:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 21 18:15:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1ceb0c80ca69b6e0503e214b5ad0d63e5310a672
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:95:13:8d:2d:ba:f1:6b:30:33:65:b8:aa:10:
21:93:e5:f2:64:b2:87:bf:35:4f:af:bd:8b:ba:c0:
2a:8b:10:5f:f2:d0:e4:a0:b2:fd:fe:64:60:be:40:
2e:f3:eb:44:92:97:6c:db:0a:6a:d1:80:b7:b9:35:
a2:8a:f6:76:7d:7e:66:87:ee:cb:d0:69:fb:20:61:
15:2c:37:ed:25:61:eb:15:09:41:1d:ff:4f:12:74:
32:d8:e0:be:7b:74:16:47:fb:52:b7:54:f1:90:0f:
e3:27:65:4a:64:9c:21:15:23:41:67:33:bc:f5:67:
bd:5c:95:bb:51:b1:ea:fd:f1:68:1b:2f:b3:a4:a5:
29:19:5b:88:0d:c0:93:b1:17:60:78:0d:1f:89:af:
21:71:38:b5:b8:19:a7:20:45:4c:f5:68:56:c3:85:
3a:08:9a:72:fc:22:3c:08:90:04:aa:14:2a:88:2e:
92:f4:17:71:02:81:2c:0e:bf:b9:8a:0c:ff:73:18:
b3:17:71:46:9c:7f:ef:c0:dc:d0:52:0c:0f:e1:ca:
8e:0e:80:fd:7b:17:17:06:5b:72:37:79:53:2c:b9:
04:17:5b:f0:5d:2e:0d:93:8d:f7:0a:d8:77:ff:f6:
df:52:3f:cc:f5:d2:54:67:96:93:ed:d9:40:9a:bc:
7e:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:EB:0C:80:CA:69:B6:E0:50:3E:21:4B:5A:D0:D6:3E:53:10:A6:72
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/HOsMgMpptuBQPiFLWtDWPlMQpnI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
1f:d6:5a:b7:a1:dc:3c:02:46:31:cd:b3:91:81:0d:cb:b6:fe:
fc:01:a0:6a:fa:75:9c:78:a2:49:12:f2:66:d1:e5:c2:77:0a:
78:11:11:b6:09:ed:4e:f5:ee:6b:2c:e1:75:42:b5:44:86:9e:
ba:71:2e:64:1d:7b:77:76:40:7a:e4:87:11:70:72:6b:f5:2b:
16:7e:e2:84:8c:c3:c3:4f:25:a4:6e:c8:b1:99:1f:48:30:4d:
61:ef:d9:a6:6b:64:06:d4:04:23:bc:4f:72:ba:99:01:23:00:
30:e0:a4:74:2a:f0:40:a3:ee:dc:50:3b:8f:5f:ba:3b:0c:86:
be:7d:95:98:ad:86:64:82:8c:be:e8:c0:26:e7:82:1d:a8:95:
aa:07:3f:35:3e:3d:e6:dd:6c:e7:63:cd:8d:61:2b:08:13:3c:
39:be:57:cb:ab:9d:02:a5:0c:21:44:0c:fc:e1:33:3f:e7:aa:
3a:2c:c2:60:e8:36:85:03:27:71:6e:33:5c:58:7d:70:83:4c:
82:06:74:56:8b:d1:2d:97:10:1c:45:39:75:d4:aa:71:f1:eb:
fb:db:57:7c:f6:76:ce:c7:8c:09:d2:4e:0a:10:5f:3c:1c:e4:
9d:5e:1b:2d:d7:91:ce:dd:8b:1d:a9:f9:ab:03:26:c7:c9:ef:
75:29:bf:8c
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZeTs33NK1Kywg5Wt3y2+jjpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjIxMTgxNTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2ViMGM4MGNhNjliNmUwNTAzZTIxNGI1YWQwZDYzZTUzMTBhNjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJUTjS268WswM2W4qhAhk+XyZLKH
vzVPr72LusAqixBf8tDkoLL9/mRgvkAu8+tEkpds2wpq0YC3uTWiivZ2fX5mh+7L
0Gn7IGEVLDftJWHrFQlBHf9PEnQy2OC+e3QWR/tSt1TxkA/jJ2VKZJwhFSNBZzO8
9We9XJW7UbHq/fFoGy+zpKUpGVuIDcCTsRdgeA0fia8hcTi1uBmnIEVM9WhWw4U6
CJpy/CI8CJAEqhQqiC6S9BdxAoEsDr+5igz/cxizF3FGnH/vwNzQUgwP4cqODoD9
excXBltyN3lTLLkEF1vwXS4Nk433Cth3//bfUj/M9dJUZ5aT7dlAmrx+wQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFBzrDIDKabbgUD4hS1rQ1j5TEKZyMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvSE9zTWdNcHB0dUJRUGlGTFd0RFdQbE1RcG5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAH9Zat6HcPAJGMc2zkYENy7b+
/AGgavp1nHiiSRLyZtHlwncKeBERtgntTvXuayzhdUK1RIaeunEuZB17d3ZAeuSH
EXBya/UrFn7ihIzDw08lpG7IsZkfSDBNYe/ZpmtkBtQEI7xPcrqZASMAMOCkdCrw
QKPu3FA7j1+6OwyGvn2VmK2GZIKMvujAJueCHaiVqgc/NT495t1s52PNjWErCBM8
Ob5Xy6udAqUMIUQM/OEzP+eqOizCYOg2hQMncW4zXFh9cINMggZ0VovRLZcQHEU5
ddSqcfHr+9tXfPZ2zseMCdJOChBfPBzknV4bLdeRzt2LHan5qwMmx8nvdSm/jA==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:40:32 2025 by rpki-client