Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/KMFz0CinFTQZf2ygivKuzQA9v7E.roa
File: KMFz0CinFTQZf2ygivKuzQA9v7E.roa (raw, json)
Hash identifier: 7k9w3UMBg47S8pEwiSkSatZ19fu9NlawEQcHLlCrd30=
Subject key identifier: 28:C1:73:D0:28:A7:15:34:19:7F:6C:A0:8A:F2:AE:CD:00:3D:BF:B1
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 01979E6EFD3FCD821A297D9AD6CAEFE2C601
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/KMFz0CinFTQZf2ygivKuzQA9v7E.roa
Signing time: Mon 23 Jun 2025 20:16:03 +0000
ROA not before: Mon 23 Jun 2025 20:16:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 23 Jun 2025 21:05:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:9e:6e:fd:3f:cd:82:1a:29:7d:9a:d6:ca:ef:e2:c6:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 23 20:16:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=28c173d028a71534197f6ca08af2aecd003dbfb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:22:32:b2:b9:1f:67:fb:49:44:7d:fc:4e:a4:
25:1b:59:45:7f:78:c2:1d:33:7b:ad:e4:fb:85:1a:
25:6f:18:36:a6:f5:db:8e:8f:c0:21:91:b9:e6:05:
ae:1a:63:ad:c2:37:b5:93:9a:20:06:1b:72:fb:41:
7e:10:0c:ad:74:f5:80:3b:bc:46:d7:24:54:05:ef:
0d:86:e7:21:3b:c2:ee:af:59:b2:0e:c1:3e:fe:23:
40:6c:48:58:01:25:6d:94:c1:e0:35:3d:00:a3:2d:
95:c2:64:0d:5a:de:78:39:ea:12:ed:aa:e3:a0:27:
f3:bc:e5:ed:c4:bd:da:1a:91:32:5a:55:c5:73:e5:
19:aa:21:a9:74:2b:be:12:c4:d1:70:6a:4a:99:d1:
e6:bc:02:b6:1c:8f:d5:51:29:48:ff:6e:59:2a:82:
65:e7:6e:8e:01:46:ef:90:9b:b7:56:44:ff:31:fb:
97:bc:63:0c:38:67:2d:88:fd:ef:67:90:7f:ed:e2:
b6:a8:4a:0a:4a:2c:f2:c6:04:b4:59:9b:7f:bf:96:
09:c0:37:55:a3:c6:8a:63:00:6d:e3:eb:ef:e5:b6:
85:ca:15:77:0b:64:cd:1c:3a:c0:77:e2:09:48:f3:
f3:c4:8e:dd:66:2c:c0:24:7d:c1:35:91:e6:98:c7:
80:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:C1:73:D0:28:A7:15:34:19:7F:6C:A0:8A:F2:AE:CD:00:3D:BF:B1
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/KMFz0CinFTQZf2ygivKuzQA9v7E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
62:7c:e6:1d:1c:80:8c:4c:f6:ed:98:20:0e:58:60:e7:cc:b1:
66:16:1e:be:77:2a:90:f7:75:0c:86:5a:95:02:eb:50:67:af:
aa:6f:8b:fc:24:a0:61:56:a4:ff:78:4a:50:38:08:61:c4:c2:
c1:b5:40:88:ea:bf:0f:61:ff:3b:b2:50:99:c8:f7:90:e3:70:
f6:f8:45:8f:cf:7a:34:39:8d:c1:da:3f:d4:77:fc:1c:3b:fa:
86:8a:89:21:19:bc:2c:72:91:c4:38:0b:4d:60:a5:00:e9:44:
48:b1:2e:e6:b3:b4:b3:ad:50:5a:7c:2d:6d:83:87:08:2d:10:
e3:5b:a7:54:44:11:fa:54:01:00:a3:ca:c4:42:48:99:b2:15:
16:0f:3f:01:b6:9e:48:6e:40:1e:31:9e:77:5b:41:13:be:91:
57:83:eb:31:26:84:ed:dc:ce:76:62:7a:d9:3c:84:db:7c:b3:
d4:6b:5d:13:6b:4f:db:71:41:55:fb:80:0d:38:a6:89:08:58:
f8:39:6c:95:b0:e5:01:f3:8b:04:37:64:32:18:31:aa:a7:88:
17:34:95:d0:20:f1:8c:39:41:2f:42:61:e2:b7:9c:ef:cb:7f:
7e:c8:ac:3c:2b:28:fd:04:1e:91:09:6b:68:79:ce:ee:69:1c:
72:12:73:c2
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZeebv0/zYIaKX2a1srv4sYBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjIzMjAxNjAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGMxNzNkMDI4YTcxNTM0MTk3ZjZjYTA4YWYyYWVjZDAwM2RiZmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2iIysrkfZ/tJRH38TqQlG1lFf3jC
HTN7reT7hRolbxg2pvXbjo/AIZG55gWuGmOtwje1k5ogBhty+0F+EAytdPWAO7xG
1yRUBe8NhuchO8Lur1myDsE+/iNAbEhYASVtlMHgNT0Aoy2VwmQNWt54OeoS7arj
oCfzvOXtxL3aGpEyWlXFc+UZqiGpdCu+EsTRcGpKmdHmvAK2HI/VUSlI/25ZKoJl
526OAUbvkJu3VkT/MfuXvGMMOGctiP3vZ5B/7eK2qEoKSizyxgS0WZt/v5YJwDdV
o8aKYwBt4+vv5baFyhV3C2TNHDrAd+IJSPPzxI7dZizAJH3BNZHmmMeAcQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFCjBc9AopxU0GX9soIryrs0APb+xMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvS01GejBDaW5GVFFaZjJ5Z2l2S3V6UUE5djdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAYnzmHRyAjEz27ZggDlhg58yx
ZhYevncqkPd1DIZalQLrUGevqm+L/CSgYVak/3hKUDgIYcTCwbVAiOq/D2H/O7JQ
mcj3kONw9vhFj896NDmNwdo/1Hf8HDv6hoqJIRm8LHKRxDgLTWClAOlESLEu5rO0
s61QWnwtbYOHCC0Q41unVEQR+lQBAKPKxEJImbIVFg8/AbaeSG5AHjGed1tBE76R
V4PrMSaE7dzOdmJ62TyE23yz1GtdE2tP23FBVfuADTimiQhY+DlslbDlAfOLBDdk
MhgxqqeIFzSV0CDxjDlBL0Jh4rec78t/fsisPCso/QQekQlraHnO7mkcchJzwg==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:53:01 2025 by rpki-client