Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/JJykHf45wAoD_CRKmPyDJQoyeqo.roa
File: JJykHf45wAoD_CRKmPyDJQoyeqo.roa (raw, json)
Hash identifier: DlCGZqRv4UBqS41aSqTuqYKHV6YoElaWsK3a+o0+gn4=
Subject key identifier: 24:9C:A4:1D:FE:39:C0:0A:03:FC:24:4A:98:FC:83:25:0A:32:7A:AA
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 0197956BDC448D5CBD976DC4AB3B090F6565
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/JJykHf45wAoD_CRKmPyDJQoyeqo.roa
Signing time: Sun 22 Jun 2025 02:16:03 +0000
ROA not before: Sun 22 Jun 2025 02:16:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 22 Jun 2025 03:05:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:95:6b:dc:44:8d:5c:bd:97:6d:c4:ab:3b:09:0f:65:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 22 02:16:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=249ca41dfe39c00a03fc244a98fc83250a327aaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:12:fd:56:6d:c4:da:1a:ed:08:7d:61:c5:f8:
8f:80:9d:dd:7c:33:cf:bd:c8:7d:b1:78:99:0a:28:
2c:b0:da:a7:6b:49:e6:4e:5d:bf:35:ce:d0:80:ba:
d4:3a:4d:0b:96:8c:5e:81:7a:86:52:86:8d:c0:81:
1d:5a:55:fb:6f:e6:ea:48:c0:6e:76:92:f9:37:aa:
23:10:e2:30:2f:9f:01:ed:25:1a:fe:85:f4:e7:55:
41:b9:fb:f5:88:4f:8e:ca:1d:fa:0a:ad:2d:6a:e0:
fe:d5:47:5c:5d:9d:a9:e7:f1:26:d9:9e:a4:24:2f:
33:33:8f:a2:28:ee:09:28:54:b3:a5:aa:1e:3e:a7:
10:17:b6:65:4a:0c:fa:9e:c3:cc:76:ac:de:8a:af:
d3:51:d2:23:9a:3d:54:f9:68:e3:db:72:4d:be:fb:
85:dc:48:85:91:c4:25:67:58:55:56:7a:0e:af:c6:
11:ea:aa:15:59:53:c4:1c:f8:25:79:2f:44:43:ef:
6c:5a:e1:8b:bd:ed:59:eb:f6:a2:6d:23:31:05:af:
a8:12:51:6e:2f:a3:03:08:8e:aa:f8:a7:ee:c0:a7:
a0:3f:ea:5c:57:84:04:23:43:57:76:2a:22:76:d5:
3b:3c:ac:6f:0e:7e:27:16:de:a2:7b:85:ab:ce:7e:
04:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:9C:A4:1D:FE:39:C0:0A:03:FC:24:4A:98:FC:83:25:0A:32:7A:AA
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/JJykHf45wAoD_CRKmPyDJQoyeqo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
22:51:04:92:e3:55:cd:db:02:2b:71:8b:f5:e5:06:d9:6c:61:
18:29:6e:49:af:0d:36:fd:65:73:bf:97:d2:40:77:e1:9a:e7:
54:0e:d1:31:51:2b:a7:9d:03:63:92:36:14:0a:0a:3f:57:9a:
ea:f2:34:0b:6b:b4:45:0e:c0:67:81:07:94:d9:1e:ee:0c:9c:
6c:73:eb:df:4d:66:67:a4:7a:47:e2:f8:7f:da:18:d8:4c:87:
fe:b7:45:8e:df:6e:f1:59:ff:d4:14:f1:66:a8:bd:2f:3f:39:
e7:64:98:2e:00:21:a5:6b:8d:17:54:f8:18:db:27:1e:12:49:
c6:6e:e1:c6:60:39:ca:e3:13:40:bf:b2:59:35:2a:fd:80:f7:
b6:b0:dd:cc:99:df:7e:59:9a:56:0d:e8:93:fd:06:40:4f:d8:
34:05:07:11:b4:3d:fe:4b:17:8e:1d:74:66:9a:24:d8:c2:91:
e9:fd:26:b9:82:8f:9a:06:75:e9:44:97:73:5c:72:38:e8:4a:
05:45:0a:52:35:01:d8:bb:a0:6e:ac:58:27:3a:31:da:3e:fc:
0f:9c:ce:7e:35:80:c7:19:80:26:af:a9:75:fe:85:21:4a:04:
bb:18:cf:f7:7c:29:6a:75:33:ec:cc:4f:88:01:ac:a6:4e:b9:
79:dc:6d:d2
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZeVa9xEjVy9l23EqzsJD2VlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjIyMDIxNjAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDljYTQxZGZlMzljMDBhMDNmYzI0NGE5OGZjODMyNTBhMzI3YWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtRL9Vm3E2hrtCH1hxfiPgJ3dfDPP
vch9sXiZCigssNqna0nmTl2/Nc7QgLrUOk0LloxegXqGUoaNwIEdWlX7b+bqSMBu
dpL5N6ojEOIwL58B7SUa/oX051VBufv1iE+Oyh36Cq0tauD+1UdcXZ2p5/Em2Z6k
JC8zM4+iKO4JKFSzpaoePqcQF7ZlSgz6nsPMdqzeiq/TUdIjmj1U+Wjj23JNvvuF
3EiFkcQlZ1hVVnoOr8YR6qoVWVPEHPgleS9EQ+9sWuGLve1Z6/aibSMxBa+oElFu
L6MDCI6q+KfuwKegP+pcV4QEI0NXdioidtU7PKxvDn4nFt6ie4Wrzn4EVwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFCScpB3+OcAKA/wkSpj8gyUKMnqqMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvSkp5a0hmNDV3QW9EX0NSS21QeURKUW95ZXFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAIlEEkuNVzdsCK3GL9eUG2Wxh
GCluSa8NNv1lc7+X0kB34ZrnVA7RMVErp50DY5I2FAoKP1ea6vI0C2u0RQ7AZ4EH
lNke7gycbHPr301mZ6R6R+L4f9oY2EyH/rdFjt9u8Vn/1BTxZqi9Lz8552SYLgAh
pWuNF1T4GNsnHhJJxm7hxmA5yuMTQL+yWTUq/YD3trDdzJnfflmaVg3ok/0GQE/Y
NAUHEbQ9/ksXjh10Zpok2MKR6f0muYKPmgZ16USXc1xyOOhKBUUKUjUB2LugbqxY
Jzox2j78D5zOfjWAxxmAJq+pdf6FIUoEuxjP93wpanUz7MxPiAGspk65edxt0g==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:21:37 2025 by rpki-client