Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/INHDazKZLXCsJgxDCWyj_y8zRJs.roa
File: INHDazKZLXCsJgxDCWyj_y8zRJs.roa (raw, json)
Hash identifier: kezFU4Afo6xPzZYIbz60YMEsFcXUy3XXfiaz7Re9QAk=
Subject key identifier: 20:D1:C3:6B:32:99:2D:70:AC:26:0C:43:09:6C:A3:FF:2F:33:44:9B
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 0197AE4CDD83E72AB435EDDF1C8E10D3A5DC
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/INHDazKZLXCsJgxDCWyj_y8zRJs.roa
Signing time: Thu 26 Jun 2025 22:12:42 +0000
ROA not before: Thu 26 Jun 2025 22:12:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 26 Jun 2025 23:04:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ae:4c:dd:83:e7:2a:b4:35:ed:df:1c:8e:10:d3:a5:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 26 22:12:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=20d1c36b32992d70ac260c43096ca3ff2f33449b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:96:2a:22:86:a1:c5:a3:6e:c9:b9:a7:e8:9e:
91:a3:7d:ea:f6:bc:4a:7e:b2:9a:7c:d4:26:70:36:
c9:1f:5b:c5:72:c3:4a:da:82:e1:81:6d:d9:dc:aa:
65:ff:c4:56:ba:a9:1d:2e:d6:ee:c4:cc:27:c8:3c:
3b:e0:9a:c0:50:8c:58:71:93:8c:81:22:ce:3e:8d:
86:b2:96:78:3a:32:89:a7:ea:e6:9c:2b:87:ac:f3:
0d:bf:c6:b7:47:7d:43:5d:7e:85:93:a1:60:cf:20:
07:b9:1b:b4:47:f7:a9:ff:47:3a:f8:e3:56:a2:25:
90:7e:59:7a:94:e1:aa:ac:3a:01:46:eb:21:e6:52:
b5:0e:28:f1:ad:97:25:38:ba:c2:71:d7:0c:c1:e3:
91:df:41:0d:31:c4:51:5f:d1:f1:7c:16:8a:c6:f4:
ce:2d:67:c4:76:1f:c9:55:5f:cf:d8:02:44:a2:4d:
e4:ba:d2:12:70:77:0f:1f:b3:a8:a3:a7:be:9a:95:
ca:63:a9:d7:00:08:6e:99:9a:9f:27:a5:44:4c:e0:
6c:8d:6a:a3:c8:dd:c8:2b:65:d3:1c:d7:46:57:0f:
d0:b3:fe:a4:73:26:ee:47:1c:92:84:4e:ba:06:48:
44:2b:60:c3:6f:41:17:72:1b:29:08:8a:ff:54:80:
01:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:D1:C3:6B:32:99:2D:70:AC:26:0C:43:09:6C:A3:FF:2F:33:44:9B
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/INHDazKZLXCsJgxDCWyj_y8zRJs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
24:8b:92:12:8c:cb:ce:e3:d5:73:12:3a:a2:cf:ca:74:8e:91:
31:3c:6d:fc:50:1a:a0:48:e1:fb:5d:2c:6e:fb:55:df:db:e8:
6e:6c:84:80:5d:0c:84:86:6d:26:b3:21:68:93:39:7d:79:c0:
d3:fb:00:05:6a:09:8a:ff:41:8c:c1:f4:af:76:03:f2:93:1f:
ca:65:ef:d1:37:de:13:dd:00:fb:9c:6c:6f:12:65:cf:43:e6:
b0:cb:45:78:43:74:c3:cc:e4:7a:09:d3:9e:20:df:bb:65:c5:
49:ef:a0:52:00:80:41:1a:b1:1b:1c:3e:47:d9:59:87:f0:1f:
85:b7:58:e9:cd:79:3f:d6:27:35:d4:c7:a1:9b:03:aa:59:8b:
58:b9:c2:67:a3:74:b8:bd:60:fa:04:83:dd:9f:0f:4d:c9:55:
f0:bd:76:98:91:40:02:04:94:ee:5b:8c:26:22:39:66:36:6f:
a3:0c:26:ff:4b:2f:0b:93:63:2b:66:84:3f:6a:5e:d3:3d:c0:
7f:29:1d:a5:a4:c0:c9:67:fd:c5:3c:29:ff:48:3c:40:4a:02:
59:5b:8d:bd:0d:61:d2:4e:3b:c7:5b:c3:93:64:f1:6b:57:e0:
fd:9c:54:a6:49:cd:02:d1:4b:be:80:10:1d:75:e6:97:64:80:
8a:7f:4f:b2
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZeuTN2D5yq0Ne3fHI4Q06XcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjI2MjIxMjQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGQxYzM2YjMyOTkyZDcwYWMyNjBjNDMwOTZjYTNmZjJmMzM0NDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlJYqIoahxaNuybmn6J6Ro33q9rxK
frKafNQmcDbJH1vFcsNK2oLhgW3Z3Kpl/8RWuqkdLtbuxMwnyDw74JrAUIxYcZOM
gSLOPo2GspZ4OjKJp+rmnCuHrPMNv8a3R31DXX6Fk6FgzyAHuRu0R/ep/0c6+ONW
oiWQfll6lOGqrDoBRush5lK1DijxrZclOLrCcdcMweOR30ENMcRRX9HxfBaKxvTO
LWfEdh/JVV/P2AJEok3kutIScHcPH7Ooo6e+mpXKY6nXAAhumZqfJ6VETOBsjWqj
yN3IK2XTHNdGVw/Qs/6kcybuRxyShE66BkhEK2DDb0EXchspCIr/VIAB8wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFCDRw2symS1wrCYMQwlso/8vM0SbMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvSU5IRGF6S1pMWENzSmd4RENXeWpfeTh6UkpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAJIuSEozLzuPVcxI6os/KdI6R
MTxt/FAaoEjh+10sbvtV39vobmyEgF0MhIZtJrMhaJM5fXnA0/sABWoJiv9BjMH0
r3YD8pMfymXv0TfeE90A+5xsbxJlz0PmsMtFeEN0w8zkegnTniDfu2XFSe+gUgCA
QRqxGxw+R9lZh/AfhbdY6c15P9YnNdTHoZsDqlmLWLnCZ6N0uL1g+gSD3Z8PTclV
8L12mJFAAgSU7luMJiI5ZjZvowwm/0svC5NjK2aEP2pe0z3AfykdpaTAyWf9xTwp
/0g8QEoCWVuNvQ1h0k47x1vDk2Txa1fg/ZxUpknNAtFLvoAQHXXml2SAin9Psg==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:13:09 2025 by rpki-client