Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/I0SxxuFNPm1M7i31IJUuqedoGlw.roa
File: I0SxxuFNPm1M7i31IJUuqedoGlw.roa (raw, json)
Hash identifier: kRQfm9FUB7A0TE7G+tdSsPQJOunZ480lGqYG+jRQaO8=
Subject key identifier: 23:44:B1:C6:E1:4D:3E:6D:4C:EE:2D:F5:20:95:2E:A9:E7:68:1A:5C
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 01978E1F44E666385C6E078601D1573240C3
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/I0SxxuFNPm1M7i31IJUuqedoGlw.roa
Signing time: Fri 20 Jun 2025 16:15:03 +0000
ROA not before: Fri 20 Jun 2025 16:15:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 20 Jun 2025 17:05:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:8e:1f:44:e6:66:38:5c:6e:07:86:01:d1:57:32:40:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 20 16:15:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2344b1c6e14d3e6d4cee2df520952ea9e7681a5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:b9:aa:b2:50:bf:85:96:cb:45:aa:ef:5e:50:
2d:d4:3a:8d:e5:ba:6f:f2:3b:26:4b:9d:e8:52:c5:
54:24:e6:fe:d7:d9:cb:71:fe:ab:f8:23:e7:c7:ce:
32:36:c0:74:fc:ae:3c:4b:6f:e1:c4:08:9e:8b:d8:
24:ee:08:b4:93:db:82:14:cb:dc:99:fa:9a:dd:4c:
4b:ee:b6:23:fc:8a:8f:c7:4f:e9:d2:5f:a8:81:67:
1b:29:31:a2:c3:7d:7d:f7:8c:58:e5:df:0e:35:89:
13:b7:b2:1a:54:3f:aa:50:2d:bc:8d:2d:8f:6e:ad:
7a:25:d7:7f:95:45:59:fb:12:26:fa:a3:f8:f0:17:
57:ec:0d:19:53:d6:47:c4:72:31:a2:1d:ab:ea:6e:
1a:14:b6:b2:85:69:f1:5a:28:69:a5:63:1e:67:c1:
cf:db:e1:d1:8a:d5:4b:7b:ff:35:88:80:10:13:be:
a6:bd:0f:2d:9c:8b:ba:5e:94:a9:b7:8b:66:6d:e9:
8b:f2:3b:3e:75:ca:c6:75:58:97:ef:82:d8:e7:07:
f0:db:ea:38:af:64:1a:60:82:fa:b2:bc:6d:b8:01:
65:a1:c0:52:36:95:7b:52:54:f0:61:ba:f9:bc:6b:
e9:36:bf:c1:32:d1:50:c7:90:70:e4:79:87:a0:df:
19:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:44:B1:C6:E1:4D:3E:6D:4C:EE:2D:F5:20:95:2E:A9:E7:68:1A:5C
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/I0SxxuFNPm1M7i31IJUuqedoGlw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
69:23:e4:aa:28:b8:8b:33:ae:7f:7d:9f:77:1b:b9:9e:18:c3:
18:53:22:c8:16:36:44:4b:20:4a:02:9a:80:31:bc:ae:66:71:
4d:ab:c3:01:76:44:1b:22:11:38:cf:6e:3f:86:27:e1:64:31:
45:ce:4a:0a:0c:48:5f:c3:5d:95:ac:fb:b3:13:f3:6a:84:47:
4d:79:11:eb:79:1b:03:15:7a:59:43:58:5f:9d:81:7a:d0:02:
90:af:54:64:b2:95:95:68:d6:2b:3e:d7:4d:65:02:17:d0:db:
d4:97:15:81:36:5b:ff:ef:d1:49:83:88:93:24:6d:20:d4:5f:
f8:34:df:f5:2a:ac:b1:1b:bd:1d:fc:b4:29:f2:05:64:2e:b2:
ec:b8:42:46:89:54:03:98:56:3f:7f:75:8c:74:af:57:b1:bf:
7f:2d:f7:3b:0c:32:96:88:f8:f3:4b:36:c2:a3:53:29:b1:40:
a4:fd:0a:59:09:b0:0a:d9:78:04:41:31:6f:75:d8:e8:25:93:
44:2b:3e:09:5e:d8:e6:ac:1f:21:fe:e6:c0:cd:ed:84:3d:b5:
1d:50:c0:81:78:ed:f8:87:03:f7:04:0d:24:e0:3c:04:af:88:
03:c2:3f:bd:c6:88:4c:e4:29:21:ca:4e:b9:c1:44:e7:5d:ef:
80:c4:26:ba
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZeOH0TmZjhcbgeGAdFXMkDDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjIwMTYxNTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzQ0YjFjNmUxNGQzZTZkNGNlZTJkZjUyMDk1MmVhOWU3NjgxYTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAurmqslC/hZbLRarvXlAt1DqN5bpv
8jsmS53oUsVUJOb+19nLcf6r+CPnx84yNsB0/K48S2/hxAiei9gk7gi0k9uCFMvc
mfqa3UxL7rYj/IqPx0/p0l+ogWcbKTGiw31994xY5d8ONYkTt7IaVD+qUC28jS2P
bq16Jdd/lUVZ+xIm+qP48BdX7A0ZU9ZHxHIxoh2r6m4aFLayhWnxWihppWMeZ8HP
2+HRitVLe/81iIAQE76mvQ8tnIu6XpSpt4tmbemL8js+dcrGdViX74LY5wfw2+o4
r2QaYIL6srxtuAFlocBSNpV7UlTwYbr5vGvpNr/BMtFQx5Bw5HmHoN8ZdwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFCNEscbhTT5tTO4t9SCVLqnnaBpcMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvSTBTeHh1Rk5QbTFNN2kzMUlKVXVxZWRvR2x3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAaSPkqii4izOuf32fdxu5nhjD
GFMiyBY2REsgSgKagDG8rmZxTavDAXZEGyIROM9uP4Yn4WQxRc5KCgxIX8Ndlaz7
sxPzaoRHTXkR63kbAxV6WUNYX52BetACkK9UZLKVlWjWKz7XTWUCF9Db1JcVgTZb
/+/RSYOIkyRtINRf+DTf9SqssRu9Hfy0KfIFZC6y7LhCRolUA5hWP391jHSvV7G/
fy33Owwyloj480s2wqNTKbFApP0KWQmwCtl4BEExb3XY6CWTRCs+CV7Y5qwfIf7m
wM3thD21HVDAgXjt+IcD9wQNJOA8BK+IA8I/vcaITOQpIcpOucFE513vgMQmug==
-----END CERTIFICATE-----
Generated at Sat Jul 5 16:05:24 2025 by rpki-client