Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/IwOZdAvuZGzq0GbPeyzR-vk4h84.roa
File: IwOZdAvuZGzq0GbPeyzR-vk4h84.roa (raw, json)
Hash identifier: jPlF4EObsqgqtyF0BwtrWdSpIzraZchufaOXU+hFN04=
Subject key identifier: 23:03:99:74:0B:EE:64:6C:EA:D0:66:CF:7B:2C:D1:FA:F9:38:87:CE
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 019795A00B991F69AD0E72820CF55FAD831F
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/IwOZdAvuZGzq0GbPeyzR-vk4h84.roa
Signing time: Sun 22 Jun 2025 03:13:03 +0000
ROA not before: Sun 22 Jun 2025 03:13:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 22 Jun 2025 04:06:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:95:a0:0b:99:1f:69:ad:0e:72:82:0c:f5:5f:ad:83:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 22 03:13:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=230399740bee646cead066cf7b2cd1faf93887ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:92:89:de:b6:6b:a8:67:f8:48:9b:47:0a:25:
1e:56:23:12:3a:80:91:6d:5f:fe:4d:1a:74:a4:c4:
ee:18:67:d7:7e:98:87:84:84:55:d7:ca:2e:e5:ac:
1f:41:3b:4c:80:a7:ed:56:88:06:27:d2:31:10:31:
7e:ca:7a:df:3d:02:6d:0f:47:32:f0:e0:f8:1c:b7:
59:84:61:04:7f:7d:3c:8c:46:26:0e:28:1e:4d:84:
b3:6f:28:93:b9:ce:56:29:2b:13:a4:72:39:27:91:
76:83:d7:2c:56:59:61:28:6d:ea:08:2d:16:ca:5b:
12:91:04:3f:c6:54:fa:af:88:46:c6:17:47:c8:99:
73:b4:fd:f3:9a:ef:cc:50:8e:b6:61:23:22:0f:19:
b2:30:ae:d1:f8:ee:cd:53:99:e5:83:35:b7:34:63:
24:d4:c1:04:0c:69:dc:56:e5:f8:82:81:1c:7e:3a:
4a:d8:6e:cb:c6:dc:17:84:f1:00:27:8c:47:d3:48:
98:1f:18:19:27:93:16:51:37:68:db:71:f1:12:84:
63:14:f7:7f:a8:5b:9c:79:1f:4a:4f:b6:c5:79:3e:
ef:f4:52:63:cb:21:5d:9d:fa:e0:c0:02:c1:23:0c:
50:fe:c0:a9:8b:ab:a1:e1:0c:eb:88:10:88:fd:84:
03:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:03:99:74:0B:EE:64:6C:EA:D0:66:CF:7B:2C:D1:FA:F9:38:87:CE
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/IwOZdAvuZGzq0GbPeyzR-vk4h84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
73:c7:7a:dd:ca:6e:b4:36:96:3a:90:56:3a:05:a5:fe:3b:5f:
f9:4b:84:c0:5b:70:aa:de:a5:7f:40:bb:d9:b2:a7:3f:ae:be:
33:78:17:f9:ea:12:b5:6f:e9:a6:32:c5:2a:69:2f:01:2b:93:
20:4e:eb:ca:d5:0e:23:12:d2:88:af:5f:a3:1f:a5:07:3e:be:
5b:d8:67:69:cb:cd:d1:c9:3e:8b:28:5a:fd:82:e8:e1:2a:bb:
42:29:24:52:26:c0:2f:19:c5:81:17:f6:97:37:64:35:a5:18:
9f:82:f8:24:93:50:d1:d9:8f:56:8a:8f:60:6d:bc:90:ef:ed:
3a:bf:68:dc:e7:45:2b:c9:e4:95:2a:c9:19:07:17:f4:2e:5c:
f3:76:f0:fa:69:5b:b2:8f:9a:33:80:84:43:09:09:aa:13:55:
65:b0:07:94:09:7e:bb:aa:1a:df:d0:56:03:ac:3b:3d:b4:f6:
8c:18:cc:57:7a:17:d4:8c:d1:f0:89:67:43:77:39:f6:bd:0e:
24:54:d3:a7:7e:d7:88:22:76:4e:99:18:31:61:4e:09:7c:44:
0a:2b:6c:b2:54:3d:6c:32:63:e8:ba:68:41:ac:63:f4:fa:41:
8e:54:d8:01:cd:41:f3:0f:70:e5:a9:c2:93:5b:86:21:bc:7a:
59:f0:d7:2c
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZeVoAuZH2mtDnKCDPVfrYMfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjIyMDMxMzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzAzOTk3NDBiZWU2NDZjZWFkMDY2Y2Y3YjJjZDFmYWY5Mzg4N2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5JKJ3rZrqGf4SJtHCiUeViMSOoCR
bV/+TRp0pMTuGGfXfpiHhIRV18ou5awfQTtMgKftVogGJ9IxEDF+ynrfPQJtD0cy
8OD4HLdZhGEEf308jEYmDigeTYSzbyiTuc5WKSsTpHI5J5F2g9csVllhKG3qCC0W
ylsSkQQ/xlT6r4hGxhdHyJlztP3zmu/MUI62YSMiDxmyMK7R+O7NU5nlgzW3NGMk
1MEEDGncVuX4goEcfjpK2G7LxtwXhPEAJ4xH00iYHxgZJ5MWUTdo23HxEoRjFPd/
qFuceR9KT7bFeT7v9FJjyyFdnfrgwALBIwxQ/sCpi6uh4QzriBCI/YQDGwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFCMDmXQL7mRs6tBmz3ss0fr5OIfOMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvSXdPWmRBdnVaR3pxMEdiUGV5elItdms0aDg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAc8d63cputDaWOpBWOgWl/jtf
+UuEwFtwqt6lf0C72bKnP66+M3gX+eoStW/ppjLFKmkvASuTIE7rytUOIxLSiK9f
ox+lBz6+W9hnacvN0ck+iyha/YLo4Sq7QikkUibALxnFgRf2lzdkNaUYn4L4JJNQ
0dmPVoqPYG28kO/tOr9o3OdFK8nklSrJGQcX9C5c83bw+mlbso+aM4CEQwkJqhNV
ZbAHlAl+u6oa39BWA6w7PbT2jBjMV3oX1IzR8IlnQ3c59r0OJFTTp37XiCJ2TpkY
MWFOCXxECitsslQ9bDJj6LpoQaxj9PpBjlTYAc1B8w9w5anCk1uGIbx6WfDXLA==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:31:08 2025 by rpki-client