Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/JfZAnd7wS5Ojf6vD9XTFIJS9LgY.roa
File: JfZAnd7wS5Ojf6vD9XTFIJS9LgY.roa (raw, json)
Hash identifier: WO7W37v70xhYY1NeiNFKh3LEhuk9Tzb/3Ge9COrAhDE=
Subject key identifier: 25:F6:40:9D:DE:F0:4B:93:A3:7F:AB:C3:F5:74:C5:20:94:BD:2E:06
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 0197BC012A7FEE9AE2D5CF74DEC406AC1453
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/JfZAnd7wS5Ojf6vD9XTFIJS9LgY.roa
Signing time: Sun 29 Jun 2025 14:04:42 +0000
ROA not before: Sun 29 Jun 2025 14:04:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
2001:67c:64:ffff:0:197:bc00:d86f/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 29 Jun 2025 14:14:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:bc:01:2a:7f:ee:9a:e2:d5:cf:74:de:c4:06:ac:14:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 29 14:04:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=25f6409ddef04b93a37fabc3f574c52094bd2e06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:f2:56:e3:3e:ad:3e:c9:2c:7d:c2:1d:17:ac:
3a:b7:6f:c5:4c:09:04:8b:66:d9:ca:b4:7c:13:80:
7a:fc:31:78:62:13:5a:6a:59:95:2a:34:c8:26:2e:
dd:3c:e2:d3:14:9b:79:7a:a2:5b:c9:6c:59:3b:c0:
50:17:cb:6d:85:1c:ac:ed:ba:8b:13:a1:9b:3c:78:
1c:96:a5:cb:22:24:11:32:50:24:b9:e3:cc:fd:69:
d7:53:6a:94:ad:48:1f:c6:e5:dc:77:9c:b0:72:3a:
ba:ba:95:a8:23:2c:d0:6e:74:e5:8d:a5:32:94:3d:
ec:c2:81:71:58:ac:d2:2e:9d:ca:7b:8b:e4:6d:20:
b8:9e:02:c7:4f:f4:54:79:a6:a7:d8:a7:3c:0f:89:
de:ce:bc:19:95:4c:c3:e7:01:79:1c:4e:10:33:80:
19:cc:81:e6:b8:55:dd:6e:93:ec:5c:25:a7:f4:1a:
d2:2a:4a:3d:fb:f0:b0:16:8a:ce:d5:9e:b1:b1:60:
57:8d:78:90:f0:2a:d0:53:77:9b:f8:b6:57:ac:b9:
92:ad:c2:b7:f4:ae:57:ea:1d:cb:80:62:60:6d:ee:
99:e3:b6:67:ec:11:7b:da:c0:ba:bb:d7:12:87:b1:
17:5e:dd:e8:53:e3:d9:59:3a:b7:e5:23:e0:50:99:
09:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:F6:40:9D:DE:F0:4B:93:A3:7F:AB:C3:F5:74:C5:20:94:BD:2E:06
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/JfZAnd7wS5Ojf6vD9XTFIJS9LgY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
2001:67c:64:ffff:0:197:bc00:d86f/128
Signature Algorithm: sha256WithRSAEncryption
86:c6:c9:65:78:06:c1:b7:44:9f:47:8b:f9:05:3b:96:b5:85:
4c:2c:93:10:3f:f1:4b:d6:64:c1:e6:38:57:67:c7:37:34:da:
c4:58:f4:05:8d:f1:f9:fb:33:37:b9:cb:4e:96:e3:7b:2f:e9:
6e:f9:b8:29:93:28:a4:a9:ca:6d:bc:43:2f:3f:eb:df:27:16:
d4:2e:b2:b7:f6:6e:79:c0:88:24:65:df:83:28:4b:b3:9a:0c:
b2:b9:f8:95:4b:ee:59:4d:86:d5:32:88:7b:03:f7:12:5f:9f:
7b:5b:11:1a:73:d4:29:51:cc:11:3b:b1:a3:78:8e:e3:41:98:
98:04:c0:4f:4b:fc:e1:f0:90:58:5e:7b:cc:c5:61:4c:db:e3:
bf:f4:0f:38:83:2e:f2:27:63:bc:62:30:7f:36:a2:0b:ed:86:
fc:7d:1d:17:65:90:9f:59:a4:44:95:be:96:fb:9c:31:c6:6d:
2e:e2:3d:8d:d5:91:9b:f2:99:37:8a:3c:e8:0f:59:d3:23:05:
53:47:4a:ac:f8:58:54:8c:28:d1:0b:7c:71:71:ac:e2:3c:48:
8e:f9:df:29:e0:12:f5:fe:97:76:55:b1:b0:07:8e:4e:73:37:
cf:b3:9c:70:1c:5f:b0:2d:0d:0e:5b:b8:a7:49:b4:3a:b1:9e:
f5:a6:7f:04
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZe8ASp/7pri1c903sQGrBRTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjI5MTQwNDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWY2NDA5ZGRlZjA0YjkzYTM3ZmFiYzNmNTc0YzUyMDk0YmQyZTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgvJW4z6tPsksfcIdF6w6t2/FTAkE
i2bZyrR8E4B6/DF4YhNaalmVKjTIJi7dPOLTFJt5eqJbyWxZO8BQF8tthRys7bqL
E6GbPHgclqXLIiQRMlAkuePM/WnXU2qUrUgfxuXcd5ywcjq6upWoIyzQbnTljaUy
lD3swoFxWKzSLp3Ke4vkbSC4ngLHT/RUeaan2Kc8D4nezrwZlUzD5wF5HE4QM4AZ
zIHmuFXdbpPsXCWn9BrSKko9+/CwForO1Z6xsWBXjXiQ8CrQU3eb+LZXrLmSrcK3
9K5X6h3LgGJgbe6Z47Zn7BF72sC6u9cSh7EXXt3oU+PZWTq35SPgUJkJLQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFCX2QJ3e8EuTo3+rw/V0xSCUvS4GMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvSmZaQW5kN3dTNU9qZjZ2RDlYVEZJSlM5TGdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGXaFF4nAMRACABBnwAZP//AAABl7wA2G8wDQYJKoZIhvcNAQELBQADggEB
AIbGyWV4BsG3RJ9Hi/kFO5a1hUwskxA/8UvWZMHmOFdnxzc02sRY9AWN8fn7Mze5
y06W43sv6W75uCmTKKSpym28Qy8/698nFtQusrf2bnnAiCRl34MoS7OaDLK5+JVL
7llNhtUyiHsD9xJfn3tbERpz1ClRzBE7saN4juNBmJgEwE9L/OHwkFhee8zFYUzb
47/0DziDLvInY7xiMH82ogvthvx9HRdlkJ9ZpESVvpb7nDHGbS7iPY3VkZvymTeK
POgPWdMjBVNHSqz4WFSMKNELfHFxrOI8SI753yngEvX+l3ZVsbAHjk5zN8+znHAc
X7AtDQ5buKdJtDqxnvWmfwQ=
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:00:26 2025 by rpki-client