Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/IdfmOpm6oXKttPCouYUL3xh5RCM.roa
File: IdfmOpm6oXKttPCouYUL3xh5RCM.roa (raw, json)
Hash identifier: MrSlG4IY8Cz5I1RYUvGOZSL18S0kmTxhVwX93nkEtmU=
Subject key identifier: 21:D7:E6:3A:99:BA:A1:72:AD:B4:F0:A8:B9:85:0B:DF:18:79:44:23
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 0197A16C0498C80A97EDC3BBB227C00B25BB
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/IdfmOpm6oXKttPCouYUL3xh5RCM.roa
Signing time: Tue 24 Jun 2025 10:11:40 +0000
ROA not before: Tue 24 Jun 2025 10:11:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 24 Jun 2025 11:04:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a1:6c:04:98:c8:0a:97:ed:c3:bb:b2:27:c0:0b:25:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 24 10:11:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=21d7e63a99baa172adb4f0a8b9850bdf18794423
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:68:8f:ef:e7:5c:f1:1c:66:07:29:e6:d4:82:
76:22:fe:57:fe:ee:ab:8c:0b:6f:74:b0:69:e9:f5:
ad:13:de:af:f9:47:ba:55:2c:66:f1:8b:91:d7:e0:
84:14:dd:7e:1b:b4:31:e2:ba:41:ed:09:19:28:91:
bf:50:fc:35:59:da:50:dc:78:75:dc:37:f7:84:18:
f4:0a:51:f3:ad:11:2f:18:d2:2b:c4:7b:ce:36:b6:
03:a7:14:fa:69:26:f6:cc:b4:78:8b:05:17:c7:35:
1f:80:d1:39:1e:14:4c:c3:04:5c:57:52:a2:c8:78:
f6:56:3b:dc:26:4d:97:cc:0a:e9:64:b8:c0:79:89:
df:4c:63:e5:9e:c9:ab:d4:8c:d9:36:fd:31:1d:b8:
2a:16:9a:13:ff:3e:cf:0d:b2:f8:2d:71:f9:c4:3d:
eb:40:0d:5b:95:31:78:e1:f3:e7:e9:93:e5:38:6e:
92:71:e4:29:2f:40:10:5f:9f:b7:82:fd:cc:44:48:
8b:5b:2b:57:38:5d:a1:31:23:3c:46:32:31:4f:1f:
05:f9:c4:79:ce:73:13:49:da:bd:f5:37:7e:92:9f:
21:d2:7c:da:f8:c2:de:2c:76:99:aa:77:39:84:3e:
be:91:db:51:a8:4b:f7:54:7e:c7:2c:50:99:1f:09:
e6:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:D7:E6:3A:99:BA:A1:72:AD:B4:F0:A8:B9:85:0B:DF:18:79:44:23
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/IdfmOpm6oXKttPCouYUL3xh5RCM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
1d:c6:32:19:16:0d:cc:b9:02:3a:dc:a2:5b:4b:ad:13:3d:59:
79:39:ec:23:b4:8b:b6:d6:e2:4b:cc:e8:2b:3f:b9:0c:60:44:
76:c4:80:90:52:54:82:35:0a:fd:9f:b0:f2:2b:f4:b7:bb:b3:
14:c9:10:ce:2b:ea:0f:c5:00:67:de:66:69:11:69:f9:49:32:
3b:a4:80:78:29:c2:cb:cd:c8:85:52:d0:fa:1d:44:db:6c:7d:
6d:6f:98:a1:4d:50:b8:85:9a:8e:26:da:c0:7a:0d:0a:e3:50:
ef:c3:02:65:29:50:f8:13:03:d5:81:16:f3:dd:29:6c:5b:e3:
ae:54:04:4a:5e:22:29:59:dd:f7:e4:eb:4d:63:5a:d9:18:b2:
97:ae:4f:8f:36:bc:63:13:04:e9:3c:d9:5f:d7:46:16:b9:9b:
b9:ec:f0:df:03:50:ee:9b:18:c5:86:98:9e:3a:cc:f6:80:36:
0f:4d:e3:5a:dc:03:f3:71:55:3c:95:a6:cf:b8:03:11:8d:11:
fc:50:bf:5e:a0:8a:42:43:00:a4:dd:a8:88:b4:8f:4d:1d:56:
59:85:42:a1:3d:8d:36:ec:c2:03:04:55:02:b2:60:2c:09:e2:
22:c0:d4:4b:e3:20:5c:c3:70:cd:15:6a:29:9c:c5:96:45:1b:
24:54:1c:42
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZehbASYyAqX7cO7sifACyW7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjI0MTAxMTQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWQ3ZTYzYTk5YmFhMTcyYWRiNGYwYThiOTg1MGJkZjE4Nzk0NDIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn2iP7+dc8RxmBynm1IJ2Iv5X/u6r
jAtvdLBp6fWtE96v+Ue6VSxm8YuR1+CEFN1+G7Qx4rpB7QkZKJG/UPw1WdpQ3Hh1
3Df3hBj0ClHzrREvGNIrxHvONrYDpxT6aSb2zLR4iwUXxzUfgNE5HhRMwwRcV1Ki
yHj2VjvcJk2XzArpZLjAeYnfTGPlnsmr1IzZNv0xHbgqFpoT/z7PDbL4LXH5xD3r
QA1blTF44fPn6ZPlOG6SceQpL0AQX5+3gv3MREiLWytXOF2hMSM8RjIxTx8F+cR5
znMTSdq99Td+kp8h0nza+MLeLHaZqnc5hD6+kdtRqEv3VH7HLFCZHwnmxwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFCHX5jqZuqFyrbTwqLmFC98YeUQjMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvSWRmbU9wbTZvWEt0dFBDb3VZVUwzeGg1UkNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAHcYyGRYNzLkCOtyiW0utEz1Z
eTnsI7SLttbiS8zoKz+5DGBEdsSAkFJUgjUK/Z+w8iv0t7uzFMkQzivqD8UAZ95m
aRFp+UkyO6SAeCnCy83IhVLQ+h1E22x9bW+YoU1QuIWajibawHoNCuNQ78MCZSlQ
+BMD1YEW890pbFvjrlQESl4iKVnd9+TrTWNa2Riyl65Pjza8YxME6TzZX9dGFrmb
uezw3wNQ7psYxYaYnjrM9oA2D03jWtwD83FVPJWmz7gDEY0R/FC/XqCKQkMApN2o
iLSPTR1WWYVCoT2NNuzCAwRVArJgLAniIsDUS+MgXMNwzRVqKZzFlkUbJFQcQg==
-----END CERTIFICATE-----
Generated at Sat Jul 5 16:14:06 2025 by rpki-client