Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/HxsSgNyId1_NCuF-XB5xGZKC0qY.roa
File: HxsSgNyId1_NCuF-XB5xGZKC0qY.roa (raw, json)
Hash identifier: chpypa9ZLQAAiKGa1h4Fme7sS4uVcrZMRxDAzhYkvHs=
Subject key identifier: 1F:1B:12:80:DC:88:77:5F:CD:0A:E1:7E:5C:1E:71:19:92:82:D2:A6
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 0197A2B9459BE4BE03EC5D66468957769D41
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/HxsSgNyId1_NCuF-XB5xGZKC0qY.roa
Signing time: Tue 24 Jun 2025 16:15:40 +0000
ROA not before: Tue 24 Jun 2025 16:15:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 24 Jun 2025 17:04:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a2:b9:45:9b:e4:be:03:ec:5d:66:46:89:57:76:9d:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 24 16:15:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1f1b1280dc88775fcd0ae17e5c1e71199282d2a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:18:4e:6b:69:7a:c1:6e:f5:87:88:c4:42:fd:
55:ff:09:07:cc:eb:c2:3d:b4:bb:f0:79:1c:12:66:
fc:d1:a1:5b:29:25:ca:09:d9:39:87:58:7b:01:80:
33:a0:63:ca:95:f6:2d:26:02:08:3f:1d:43:c2:a0:
c3:a5:72:90:ff:c1:07:a9:23:01:59:69:ab:ca:3c:
9d:9d:ab:62:64:cd:f4:6b:77:97:f3:d3:ad:a0:f2:
ac:cb:88:38:a1:03:e5:43:21:b6:a1:72:e7:c1:f9:
a7:cb:c9:ff:15:24:09:d8:c9:c5:f7:b8:3a:96:33:
25:f6:eb:6c:0a:3c:e2:33:35:32:9b:b4:b5:94:57:
ed:f1:68:fa:13:e1:48:08:d8:87:ff:8b:bc:cf:cd:
1b:b6:c2:20:76:e3:47:21:b9:82:2e:a7:91:bb:3d:
af:96:fd:30:fb:a9:ac:c8:3c:31:15:b3:a4:ba:bc:
f2:ba:6a:95:16:77:93:1b:3f:ca:e8:d3:34:7d:9e:
98:38:3e:f9:48:8c:94:8c:de:31:bf:19:e2:85:03:
bb:6e:b2:9d:f3:b2:89:1f:4f:77:6a:e1:55:8d:95:
ef:05:3c:f7:ef:c1:e0:63:4e:1e:07:05:64:0a:00:
a3:14:a0:b7:89:db:2c:eb:61:13:4d:fb:93:39:69:
c2:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:1B:12:80:DC:88:77:5F:CD:0A:E1:7E:5C:1E:71:19:92:82:D2:A6
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/HxsSgNyId1_NCuF-XB5xGZKC0qY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
3e:15:0e:c7:6f:de:e5:48:a8:ff:50:b5:91:01:65:a3:61:56:
08:25:33:46:44:d3:34:59:64:21:8b:a1:96:37:ef:a8:83:58:
b9:f6:07:c9:b7:f9:49:9e:71:05:d3:da:41:58:e4:b5:23:47:
71:5d:15:79:13:b6:e2:14:e0:0b:ee:62:06:cf:55:63:15:2e:
98:9a:26:f2:3f:a2:b4:6c:a5:dd:da:c7:d9:63:47:fa:59:5c:
ee:1c:52:ff:5c:5b:5d:c1:74:f9:fa:74:c1:75:3b:c1:da:c0:
0c:3e:ef:8d:8a:e7:4b:b8:d6:0b:de:d1:78:72:d3:33:49:a7:
08:cc:c0:f2:34:a0:20:a8:b5:f3:42:99:03:a8:66:47:66:37:
47:1a:6f:a2:97:2a:96:de:69:4c:cf:fe:e0:62:27:7e:6e:be:
7e:18:3a:98:df:58:ba:88:91:c4:4c:1d:4c:cc:8a:f5:22:51:
9c:f0:f7:77:5b:ff:5b:77:ae:41:f5:a7:4e:37:f6:08:8c:4c:
09:d5:a1:55:37:69:93:4e:d8:b5:00:2e:be:7c:99:08:95:55:
d1:1c:95:54:fc:5a:2f:6f:3f:57:08:7d:83:39:d7:77:01:bf:
ef:23:e5:0a:ad:a5:da:68:86:03:08:8a:7b:ee:7d:a8:0d:f4:
0b:58:b4:7e
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZeiuUWb5L4D7F1mRolXdp1BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjI0MTYxNTQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjFiMTI4MGRjODg3NzVmY2QwYWUxN2U1YzFlNzExOTkyODJkMmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnhhOa2l6wW71h4jEQv1V/wkHzOvC
PbS78HkcEmb80aFbKSXKCdk5h1h7AYAzoGPKlfYtJgIIPx1DwqDDpXKQ/8EHqSMB
WWmryjydnatiZM30a3eX89OtoPKsy4g4oQPlQyG2oXLnwfmny8n/FSQJ2MnF97g6
ljMl9utsCjziMzUym7S1lFft8Wj6E+FICNiH/4u8z80btsIgduNHIbmCLqeRuz2v
lv0w+6msyDwxFbOkurzyumqVFneTGz/K6NM0fZ6YOD75SIyUjN4xvxnihQO7brKd
87KJH093auFVjZXvBTz378HgY04eBwVkCgCjFKC3idss62ETTfuTOWnCmwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFB8bEoDciHdfzQrhflwecRmSgtKmMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvSHhzU2dOeUlkMV9OQ3VGLVhCNXhHWktDMHFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAPhUOx2/e5Uio/1C1kQFlo2FW
CCUzRkTTNFlkIYuhljfvqINYufYHybf5SZ5xBdPaQVjktSNHcV0VeRO24hTgC+5i
Bs9VYxUumJom8j+itGyl3drH2WNH+llc7hxS/1xbXcF0+fp0wXU7wdrADD7vjYrn
S7jWC97ReHLTM0mnCMzA8jSgIKi180KZA6hmR2Y3Rxpvopcqlt5pTM/+4GInfm6+
fhg6mN9YuoiRxEwdTMyK9SJRnPD3d1v/W3euQfWnTjf2CIxMCdWhVTdpk07YtQAu
vnyZCJVV0RyVVPxaL28/Vwh9gznXdwG/7yPlCq2l2miGAwiKe+59qA30C1i0fg==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:32:12 2025 by rpki-client