Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/IFM9ishj1m6efM6zOODc-XDtCAQ.roa
File: IFM9ishj1m6efM6zOODc-XDtCAQ.roa (raw, json)
Hash identifier: NSLcOgpPK37achEzLHBR2KkltWKESXsRNsGcWRXXW8Q=
Subject key identifier: 20:53:3D:8A:C8:63:D6:6E:9E:7C:CE:B3:38:E0:DC:F9:70:ED:08:04
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 0197C7A276682D051C1D3C03D2DE7482FE33
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/IFM9ishj1m6efM6zOODc-XDtCAQ.roa
Signing time: Tue 01 Jul 2025 20:16:42 +0000
ROA not before: Tue 01 Jul 2025 20:16:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 01 Jul 2025 21:04:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c7:a2:76:68:2d:05:1c:1d:3c:03:d2:de:74:82:fe:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jul 1 20:16:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=20533d8ac863d66e9e7cceb338e0dcf970ed0804
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:f7:11:c4:ad:f5:3e:81:27:21:93:68:98:72:
51:40:2e:52:63:bb:02:85:56:3c:e7:19:8f:78:b0:
2f:e6:df:dc:d9:f0:9e:bf:82:42:10:00:2d:24:3a:
71:b5:7d:e5:b4:f1:88:fe:69:51:42:fe:fb:d2:d1:
25:62:10:60:7d:7a:f2:aa:6e:2e:0f:7a:98:a6:f7:
a6:21:42:6d:9f:cc:5d:9e:e7:8f:e4:a8:7c:ae:68:
0c:51:14:f8:2e:ee:ee:87:83:7e:ff:5d:51:e2:24:
41:21:da:c4:16:90:1e:f3:cf:72:a5:da:cf:1d:06:
23:fb:56:30:cf:d5:85:e3:8b:2f:67:be:ae:10:19:
62:e1:2b:aa:51:5f:7b:1e:05:15:9b:67:48:34:e3:
af:93:47:f5:f2:a4:8b:c6:32:85:2f:22:9d:b8:8b:
51:fc:d2:5d:2e:b7:f6:24:8d:c7:b7:1a:06:69:16:
aa:ea:91:57:4b:d0:60:f4:5b:7b:22:d9:8d:30:dd:
54:c6:22:7c:fe:8e:2a:69:51:09:1f:70:19:9b:ff:
ed:d6:4e:59:5b:a1:9e:e4:ec:ac:20:b9:af:fc:c7:
ba:46:c8:f0:11:71:c1:ac:d1:aa:85:ef:7a:40:a0:
21:7c:e2:d4:fc:40:e3:95:dd:5e:a5:13:ff:84:36:
3c:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:53:3D:8A:C8:63:D6:6E:9E:7C:CE:B3:38:E0:DC:F9:70:ED:08:04
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/IFM9ishj1m6efM6zOODc-XDtCAQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
14:45:50:7a:eb:df:27:2d:2b:71:c5:d2:c4:d5:51:06:44:1a:
fa:f0:39:e4:09:75:a4:c4:5f:30:be:ce:1c:ae:e1:62:ee:bd:
36:e4:ae:06:a2:1a:3c:74:9d:f3:59:f2:b3:b7:fa:56:10:1d:
a2:2c:92:9b:d7:cd:b6:36:d5:61:ca:31:43:c6:8a:8f:cf:2a:
aa:3f:80:2f:b8:3b:38:12:91:c6:28:e2:de:e9:6b:7e:6f:92:
f1:8c:a9:a6:71:8c:e6:6e:6e:62:62:42:6a:29:85:0c:07:ca:
48:25:97:8c:15:88:04:10:ef:37:03:05:6d:7d:cd:6a:e5:b9:
22:65:79:b6:65:3d:d3:5f:3b:01:ca:18:d0:93:de:0d:9f:38:
68:ad:b4:55:32:0d:b2:45:c5:cc:2b:f5:96:3f:74:1f:30:2c:
d8:3b:1b:43:62:5c:29:fd:8e:09:06:58:e9:c9:24:80:92:60:
82:b2:10:1b:4b:53:0b:be:4d:3e:b0:8d:6d:9d:33:15:fe:93:
42:a7:ef:43:ee:32:ee:01:66:f1:e6:ab:d6:72:aa:2d:6d:c2:
d0:86:dd:00:ca:57:e3:14:38:43:0c:0a:d1:61:85:dd:be:a4:
a5:71:ef:a2:11:c7:3a:6e:c7:df:83:83:69:b1:44:8b:b5:b9:
78:bf:ab:6c
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZfHonZoLQUcHTwD0t50gv4zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNzAxMjAxNjQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDUzM2Q4YWM4NjNkNjZlOWU3Y2NlYjMzOGUwZGNmOTcwZWQwODA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjvcRxK31PoEnIZNomHJRQC5SY7sC
hVY85xmPeLAv5t/c2fCev4JCEAAtJDpxtX3ltPGI/mlRQv770tElYhBgfXryqm4u
D3qYpvemIUJtn8xdnueP5Kh8rmgMURT4Lu7uh4N+/11R4iRBIdrEFpAe889ypdrP
HQYj+1Ywz9WF44svZ76uEBli4SuqUV97HgUVm2dINOOvk0f18qSLxjKFLyKduItR
/NJdLrf2JI3HtxoGaRaq6pFXS9Bg9Ft7ItmNMN1UxiJ8/o4qaVEJH3AZm//t1k5Z
W6Ge5OysILmv/Me6RsjwEXHBrNGqhe96QKAhfOLU/EDjld1epRP/hDY8LwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFCBTPYrIY9ZunnzOszjg3Plw7QgEMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvSUZNOWlzaGoxbTZlZk02ek9PRGMtWER0Q0FRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAFEVQeuvfJy0rccXSxNVRBkQa
+vA55Al1pMRfML7OHK7hYu69NuSuBqIaPHSd81nys7f6VhAdoiySm9fNtjbVYcox
Q8aKj88qqj+AL7g7OBKRxiji3ulrfm+S8YyppnGM5m5uYmJCaimFDAfKSCWXjBWI
BBDvNwMFbX3NauW5ImV5tmU90187AcoY0JPeDZ84aK20VTINskXFzCv1lj90HzAs
2DsbQ2JcKf2OCQZY6ckkgJJggrIQG0tTC75NPrCNbZ0zFf6TQqfvQ+4y7gFm8ear
1nKqLW3C0IbdAMpX4xQ4QwwK0WGF3b6kpXHvohHHOm7H34ODabFEi7W5eL+rbA==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:26:09 2025 by rpki-client