Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/J-97Q4gen7VzIBz9eMaD5YP-Rco.roa
File: J-97Q4gen7VzIBz9eMaD5YP-Rco.roa (raw, json)
Hash identifier: bIymKu40+zL6h0ei8jZErBu+Kz1EAHwv7xG+LrPrapE=
Subject key identifier: 27:EF:7B:43:88:1E:9F:B5:73:20:1C:FD:78:C6:83:E5:83:FE:45:CA
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 019792628BAEC448881A11B4135B3317EBA5
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/J-97Q4gen7VzIBz9eMaD5YP-Rco.roa
Signing time: Sat 21 Jun 2025 12:07:01 +0000
ROA not before: Sat 21 Jun 2025 12:07:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
2001:67c:64:ffff:0:197:9260:1c93/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 21 Jun 2025 12:14:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:92:62:8b:ae:c4:48:88:1a:11:b4:13:5b:33:17:eb:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 21 12:07:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=27ef7b43881e9fb573201cfd78c683e583fe45ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:61:01:ad:be:2a:87:11:99:62:75:78:82:c5:
45:d1:bc:83:95:d6:b3:d6:9d:0b:99:b8:1f:c1:f8:
88:f3:f8:a9:02:00:b8:c4:f3:1a:f5:88:be:79:13:
da:53:87:ae:05:a4:a2:bd:23:28:34:7c:a0:ce:4d:
9b:a3:7f:ff:71:bf:5c:60:f7:12:cc:cb:ef:9b:58:
97:f8:fd:0a:1c:ee:cb:ff:fe:ee:35:84:0a:ad:40:
08:5b:8d:7b:24:f8:e0:5f:f6:cb:f2:59:c2:f0:2a:
44:0a:49:6e:84:71:b4:31:17:5e:b6:d3:8b:fd:71:
52:81:2f:fa:56:b4:c5:52:0a:36:1b:87:b7:59:23:
16:ee:f2:b6:d5:b0:d8:8b:0f:60:de:fd:14:64:2e:
dd:7b:c9:95:29:4b:6f:87:6b:50:af:b9:05:ed:aa:
68:e7:03:49:63:54:47:3a:ec:48:3c:87:12:1c:35:
51:c8:9a:20:ee:cc:e0:64:05:dd:e1:ee:88:a1:44:
26:f6:54:50:3f:8d:4c:86:64:8f:d2:6e:5f:ad:8c:
e8:37:02:32:42:e7:6c:5e:e5:6f:64:42:b3:99:87:
f2:4c:e5:e1:1c:20:02:94:a6:1e:53:c7:13:d9:ca:
8e:6a:40:c3:d4:46:e5:1b:1d:35:a1:0a:aa:86:4d:
5b:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:EF:7B:43:88:1E:9F:B5:73:20:1C:FD:78:C6:83:E5:83:FE:45:CA
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/J-97Q4gen7VzIBz9eMaD5YP-Rco.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
2001:67c:64:ffff:0:197:9260:1c93/128
Signature Algorithm: sha256WithRSAEncryption
50:27:77:5c:98:c7:a0:34:07:bf:a7:1c:d9:81:1b:d7:33:87:
5d:52:de:42:99:bd:e9:bf:d5:1e:b7:b2:04:f8:13:9d:c8:56:
65:35:5f:87:4a:86:a2:e2:b3:57:a5:4e:c6:d5:83:2a:4b:8b:
50:89:1d:a4:c0:38:71:00:ff:60:5d:4e:04:c3:2c:c5:61:b8:
6a:9d:78:15:ce:3e:29:03:82:da:db:c5:7e:58:22:18:f0:26:
45:5a:3d:7a:cf:99:50:89:22:36:b9:b4:1c:4b:21:a6:78:fc:
6c:60:a2:1d:53:02:4e:15:5d:7b:0a:f5:b8:8d:67:a0:89:53:
9d:b6:fa:be:6a:95:51:b5:b3:71:d9:cc:e9:b9:4f:d1:6f:93:
13:58:bc:68:5f:f9:17:1d:4c:dd:b0:5f:b8:95:37:bb:71:8c:
c2:35:b6:00:e1:7a:57:0b:d8:ea:92:74:58:11:ac:74:d6:7c:
d8:18:07:a2:cf:6e:70:49:3b:01:c3:8c:76:7f:ba:c3:f3:9b:
6a:50:c7:b6:c9:8d:80:2f:f0:5d:58:7f:db:93:6c:b0:04:c6:
80:1a:a2:42:28:06:85:d1:15:a6:1c:5e:da:d4:b8:6c:ea:3e:
63:b2:0e:88:a0:7a:ed:f4:ea:95:a6:31:d7:f3:e7:ee:7a:ba:
7a:c4:1a:e5
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZeSYouuxEiIGhG0E1szF+ulMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjIxMTIwNzAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2VmN2I0Mzg4MWU5ZmI1NzMyMDFjZmQ3OGM2ODNlNTgzZmU0NWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2EBrb4qhxGZYnV4gsVF0byDldaz
1p0LmbgfwfiI8/ipAgC4xPMa9Yi+eRPaU4euBaSivSMoNHygzk2bo3//cb9cYPcS
zMvvm1iX+P0KHO7L//7uNYQKrUAIW417JPjgX/bL8lnC8CpECkluhHG0MRdettOL
/XFSgS/6VrTFUgo2G4e3WSMW7vK21bDYiw9g3v0UZC7de8mVKUtvh2tQr7kF7apo
5wNJY1RHOuxIPIcSHDVRyJog7szgZAXd4e6IoUQm9lRQP41MhmSP0m5frYzoNwIy
QudsXuVvZEKzmYfyTOXhHCAClKYeU8cT2cqOakDD1EblGx01oQqqhk1bVQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFCfve0OIHp+1cyAc/XjGg+WD/kXKMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvSi05N1E0Z2VuN1Z6SUJ6OWVNYUQ1WVAtUmNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGXaFF4nAMRACABBnwAZP//AAABl5JgHJMwDQYJKoZIhvcNAQELBQADggEB
AFAnd1yYx6A0B7+nHNmBG9czh11S3kKZvem/1R63sgT4E53IVmU1X4dKhqLis1el
TsbVgypLi1CJHaTAOHEA/2BdTgTDLMVhuGqdeBXOPikDgtrbxX5YIhjwJkVaPXrP
mVCJIja5tBxLIaZ4/Gxgoh1TAk4VXXsK9biNZ6CJU522+r5qlVG1s3HZzOm5T9Fv
kxNYvGhf+RcdTN2wX7iVN7txjMI1tgDhelcL2OqSdFgRrHTWfNgYB6LPbnBJOwHD
jHZ/usPzm2pQx7bJjYAv8F1Yf9uTbLAExoAaokIoBoXRFaYcXtrUuGzqPmOyDoig
eu306pWmMdfz5+56unrEGuU=
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:23:31 2025 by rpki-client