Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/IuUXNS4so6FRULBEY6D2-60hPe4.roa
File: IuUXNS4so6FRULBEY6D2-60hPe4.roa (raw, json)
Hash identifier: VYAvoCWDraYy70ZRGleZ3rB0C3oOBMfc+vN8+aDN2VY=
Subject key identifier: 22:E5:17:35:2E:2C:A3:A1:51:50:B0:44:63:A0:F6:FB:AD:21:3D:EE
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 0197A35D271EDD424ED5FE4DACADCF0873FC
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/IuUXNS4so6FRULBEY6D2-60hPe4.roa
Signing time: Tue 24 Jun 2025 19:14:40 +0000
ROA not before: Tue 24 Jun 2025 19:14:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 24 Jun 2025 20:04:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a3:5d:27:1e:dd:42:4e:d5:fe:4d:ac:ad:cf:08:73:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 24 19:14:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=22e517352e2ca3a15150b04463a0f6fbad213dee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:a1:f1:8f:67:f1:cd:73:30:ba:06:e1:99:5d:
e5:b1:7f:7c:ab:80:e6:7f:8a:09:ae:03:25:53:b8:
f4:03:88:40:e2:1c:25:53:52:bd:3d:e1:ae:4f:53:
23:92:df:23:b2:8f:69:25:a6:ef:25:5a:5d:35:41:
74:54:94:fd:d3:ff:ed:32:40:2a:ac:34:63:9d:69:
5a:37:cf:a2:46:b1:01:7d:89:34:7c:ad:cc:01:d5:
95:46:43:94:14:0c:f6:77:0b:3e:0f:d3:98:67:b2:
b1:21:10:41:59:82:b0:0d:37:68:61:db:bc:13:15:
9e:a0:96:bc:d5:41:86:0a:b0:aa:07:72:3a:36:08:
09:a0:5d:be:66:af:70:84:84:a0:6e:59:ea:51:bf:
92:d5:53:88:76:a2:41:58:ed:88:87:e5:b4:d6:43:
0a:84:e6:83:6b:d0:ef:2e:32:47:7b:6d:7b:f8:3f:
fa:07:9c:58:fb:3f:39:1f:bd:01:5c:56:c7:2c:8c:
47:68:b2:34:d3:62:a9:13:03:44:ac:74:21:2a:24:
87:49:fe:3c:07:90:41:81:f9:75:3b:b3:07:ec:17:
f2:58:9b:bd:0c:42:41:0e:de:c4:2c:ca:c4:02:94:
e7:a2:27:06:03:89:b1:8c:d7:d3:64:f2:45:77:98:
77:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:E5:17:35:2E:2C:A3:A1:51:50:B0:44:63:A0:F6:FB:AD:21:3D:EE
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/IuUXNS4so6FRULBEY6D2-60hPe4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
88:e3:03:75:0d:63:ea:7c:9b:58:7c:be:e9:22:e3:eb:0f:b2:
40:66:d3:58:89:8a:e8:6b:27:00:fd:19:53:3c:d7:b4:79:e0:
40:3c:0c:c1:f5:6c:f7:4b:a4:67:81:7c:48:ae:92:ca:06:81:
8e:29:93:cc:c2:24:59:cc:78:71:1b:9f:07:30:77:d4:99:43:
1c:de:07:86:31:24:5b:3b:df:db:84:27:f4:d0:e8:11:d2:c9:
75:09:79:ee:79:cb:3a:1f:ae:82:76:63:c7:36:f7:e0:84:92:
9d:b6:5e:c3:d0:0d:8c:3f:d7:20:bb:56:07:71:9d:c1:63:18:
60:c0:d7:cd:57:e6:fe:61:1b:41:3e:8e:d6:b2:21:48:fb:b3:
be:db:a8:5f:8f:d2:5a:be:9e:db:72:da:e7:4c:ed:30:26:36:
57:6c:56:89:d0:85:53:1d:73:f7:40:35:7b:57:b0:0b:5c:f2:
8f:8d:18:9e:64:65:cd:5c:5a:76:58:f7:0e:07:12:6b:b4:f7:
e5:38:fc:d6:83:01:94:f9:a1:83:3b:c4:ec:5d:11:d9:7f:1d:
ee:64:8a:22:d1:e5:b3:36:e7:51:08:66:ca:7d:2f:30:9a:2b:
01:2d:79:78:4b:8a:31:0e:3c:55:3b:f8:7e:de:32:fc:9e:59:
36:2b:c5:4c
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZejXSce3UJO1f5NrK3PCHP8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjI0MTkxNDQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmU1MTczNTJlMmNhM2ExNTE1MGIwNDQ2M2EwZjZmYmFkMjEzZGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvqHxj2fxzXMwugbhmV3lsX98q4Dm
f4oJrgMlU7j0A4hA4hwlU1K9PeGuT1Mjkt8jso9pJabvJVpdNUF0VJT90//tMkAq
rDRjnWlaN8+iRrEBfYk0fK3MAdWVRkOUFAz2dws+D9OYZ7KxIRBBWYKwDTdoYdu8
ExWeoJa81UGGCrCqB3I6NggJoF2+Zq9whISgblnqUb+S1VOIdqJBWO2Ih+W01kMK
hOaDa9DvLjJHe217+D/6B5xY+z85H70BXFbHLIxHaLI002KpEwNErHQhKiSHSf48
B5BBgfl1O7MH7BfyWJu9DEJBDt7ELMrEApTnoicGA4mxjNfTZPJFd5h3/wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFCLlFzUuLKOhUVCwRGOg9vutIT3uMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvSXVVWE5TNHNvNkZSVUxCRVk2RDItNjBoUGU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAiOMDdQ1j6nybWHy+6SLj6w+y
QGbTWImK6GsnAP0ZUzzXtHngQDwMwfVs90ukZ4F8SK6SygaBjimTzMIkWcx4cRuf
BzB31JlDHN4HhjEkWzvf24Qn9NDoEdLJdQl57nnLOh+ugnZjxzb34ISSnbZew9AN
jD/XILtWB3GdwWMYYMDXzVfm/mEbQT6O1rIhSPuzvtuoX4/SWr6e23La50ztMCY2
V2xWidCFUx1z90A1e1ewC1zyj40YnmRlzVxadlj3DgcSa7T35Tj81oMBlPmhgzvE
7F0R2X8d7mSKItHlszbnUQhmyn0vMJorAS15eEuKMQ48VTv4ft4y/J5ZNivFTA==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:28:33 2025 by rpki-client