Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/Kes8Cv2CYe5PBvtIBomUg0ORo0I.roa
File: Kes8Cv2CYe5PBvtIBomUg0ORo0I.roa (raw, json)
Hash identifier: Yh2kyEYR6H9IVoVYy/mlapIF4f7sE0wfEcNWUFrRT4s=
Subject key identifier: 29:EB:3C:0A:FD:82:61:EE:4F:06:FB:48:06:89:94:83:43:91:A3:42
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 01978D0BB2F3B79DEFA07C9742CC9AD5CDE3
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/Kes8Cv2CYe5PBvtIBomUg0ORo0I.roa
Signing time: Fri 20 Jun 2025 11:14:03 +0000
ROA not before: Fri 20 Jun 2025 11:14:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 20 Jun 2025 12:06:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:8d:0b:b2:f3:b7:9d:ef:a0:7c:97:42:cc:9a:d5:cd:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 20 11:14:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=29eb3c0afd8261ee4f06fb48068994834391a342
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:b2:b0:47:f6:b6:28:2e:42:57:e1:2f:78:69:
65:83:57:f9:ad:13:14:8b:3d:f3:4a:ea:88:f3:df:
99:95:e5:99:7e:45:95:bd:29:3d:2c:60:fc:d4:e7:
67:5b:c5:a9:1f:97:75:58:1a:aa:d1:a1:e8:10:c1:
af:c1:31:29:0c:2f:ab:0e:74:d1:42:03:cb:52:b7:
ab:91:ef:3d:28:72:6f:a5:0f:f1:3f:a9:30:cf:f7:
ac:4e:68:7a:5f:75:2f:ff:1b:83:47:24:49:93:98:
49:61:f6:a5:19:53:a7:9c:4b:3c:a6:09:d9:8f:e8:
fb:db:47:4e:d5:cf:e0:2a:3c:bc:5f:e5:3a:aa:2d:
ef:31:70:dc:2a:9c:a0:31:25:b6:60:a7:34:58:88:
80:28:f9:74:d6:92:44:36:34:ac:15:e5:80:2d:11:
0c:37:fd:65:aa:d1:bd:a3:8d:8b:1e:7f:e5:21:ec:
63:cd:29:27:d7:d4:12:a2:47:73:f6:f5:46:5d:6c:
2b:93:60:5f:2e:1b:02:b7:64:a1:e2:80:35:d5:7b:
2c:34:98:ab:f3:be:59:10:df:88:83:a5:bb:4e:ac:
c0:4e:2d:6a:bc:17:44:c7:66:11:97:44:43:88:90:
5f:e0:40:7c:7e:1c:37:d6:8e:a7:e3:64:4b:95:21:
30:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:EB:3C:0A:FD:82:61:EE:4F:06:FB:48:06:89:94:83:43:91:A3:42
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/Kes8Cv2CYe5PBvtIBomUg0ORo0I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
80:66:51:ef:88:ed:38:f5:d3:25:73:8e:73:f5:f7:6d:bf:b6:
55:16:7e:fe:e0:12:cc:3d:88:6f:2e:ea:ce:b7:22:0a:6a:5b:
8e:0b:68:45:24:ad:71:e9:6a:33:36:4f:46:b6:b0:a8:b0:49:
52:c7:d8:f0:fa:6f:8d:e8:d6:b0:4a:f3:49:79:65:c7:35:91:
33:70:5d:7c:2d:54:6a:54:e4:86:c3:9a:9f:0c:5f:ec:f2:aa:
11:2b:a9:82:97:13:14:f0:2f:e6:2d:dd:ee:80:7f:d5:16:93:
24:c1:2e:d9:20:94:fa:5c:da:ea:c2:bb:b9:05:52:d7:32:9c:
c7:18:77:1a:e1:98:92:e6:9c:f0:13:2d:dd:ff:be:d2:72:8c:
39:b0:49:a8:75:65:d5:c7:4e:7a:c8:33:cb:a4:fd:f9:bf:a7:
19:b9:11:1c:64:32:1f:01:17:04:43:4e:56:b5:61:1d:16:76:
2e:d6:a3:ac:ad:c1:52:e6:eb:5c:d1:43:f1:f6:14:d0:3b:d1:
84:35:2f:f4:a2:4a:36:9c:37:7b:8e:ca:89:e6:f1:ce:23:43:
af:75:13:ca:e9:d2:5f:fa:f3:16:3b:df:8e:77:6a:d7:76:cf:
bf:2b:0d:bb:f1:b6:b6:90:b4:79:30:03:07:93:04:45:8f:37:
02:9a:c1:87
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZeNC7Lzt53voHyXQsya1c3jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjIwMTExNDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWViM2MwYWZkODI2MWVlNGYwNmZiNDgwNjg5OTQ4MzQzOTFhMzQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz7KwR/a2KC5CV+EveGllg1f5rRMU
iz3zSuqI89+ZleWZfkWVvSk9LGD81OdnW8WpH5d1WBqq0aHoEMGvwTEpDC+rDnTR
QgPLUrerke89KHJvpQ/xP6kwz/esTmh6X3Uv/xuDRyRJk5hJYfalGVOnnEs8pgnZ
j+j720dO1c/gKjy8X+U6qi3vMXDcKpygMSW2YKc0WIiAKPl01pJENjSsFeWALREM
N/1lqtG9o42LHn/lIexjzSkn19QSokdz9vVGXWwrk2BfLhsCt2Sh4oA11XssNJir
875ZEN+Ig6W7TqzATi1qvBdEx2YRl0RDiJBf4EB8fhw31o6n42RLlSEwTwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFCnrPAr9gmHuTwb7SAaJlINDkaNCMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvS2VzOEN2MkNZZTVQQnZ0SUJvbVVnME9SbzBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAgGZR74jtOPXTJXOOc/X3bb+2
VRZ+/uASzD2Iby7qzrciCmpbjgtoRSStcelqMzZPRrawqLBJUsfY8PpvjejWsErz
SXllxzWRM3BdfC1UalTkhsOanwxf7PKqESupgpcTFPAv5i3d7oB/1RaTJMEu2SCU
+lza6sK7uQVS1zKcxxh3GuGYkuac8BMt3f++0nKMObBJqHVl1cdOesgzy6T9+b+n
GbkRHGQyHwEXBENOVrVhHRZ2LtajrK3BUubrXNFD8fYU0DvRhDUv9KJKNpw3e47K
iebxziNDr3UTyunSX/rzFjvfjndq13bPvysNu/G2tpC0eTADB5MERY83AprBhw==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:02:45 2025 by rpki-client