Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/KjyE467qkaNZAqwWULGIuYQxQC8.roa
File: KjyE467qkaNZAqwWULGIuYQxQC8.roa (raw, json)
Hash identifier: vLr5+f+YFF9aa3M90surmBv9GkKysF9HUCSOoelbIp8=
Subject key identifier: 2A:3C:84:E3:AE:EA:91:A3:59:02:AC:16:50:B1:88:B9:84:31:40:2F
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 0197A136EB751F6894B27BE2104D8B0F60D2
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/KjyE467qkaNZAqwWULGIuYQxQC8.roa
Signing time: Tue 24 Jun 2025 09:13:40 +0000
ROA not before: Tue 24 Jun 2025 09:13:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 24 Jun 2025 10:04:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a1:36:eb:75:1f:68:94:b2:7b:e2:10:4d:8b:0f:60:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 24 09:13:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2a3c84e3aeea91a35902ac1650b188b98431402f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:ad:91:7a:c5:4e:27:49:5e:4f:83:ad:56:9b:
7a:9e:6c:e5:c4:9a:8b:80:c5:2b:2f:2e:a2:64:c6:
ed:32:d1:af:9d:16:7d:34:05:2d:b1:bf:d4:bf:4d:
0a:95:8c:88:d2:1a:42:22:da:0b:4d:05:40:5d:15:
7a:05:5e:c6:1f:ad:b0:15:b1:d9:38:64:bb:a7:5d:
24:4b:9a:68:3d:15:ce:be:1e:5c:8c:c8:1e:3d:fe:
af:23:63:cb:de:d2:16:19:3a:97:cc:fd:0e:61:4d:
eb:95:78:af:96:b3:5e:f6:e5:54:02:c5:d9:06:11:
fc:a2:e4:13:6f:3e:7f:e7:cb:a9:d1:8d:00:e0:22:
aa:4a:9c:c6:da:61:d3:b4:1f:c9:f0:d2:da:5b:89:
73:58:d2:ac:7f:cd:88:0f:d3:e0:17:c0:25:cb:cd:
54:41:fd:55:82:ba:16:ef:2b:4b:16:4e:fe:bd:90:
2d:45:b0:4f:fe:75:69:13:a0:f5:3b:26:78:2d:75:
cd:09:1a:7f:ad:1c:bc:0e:5d:0b:b7:0c:38:09:ae:
ca:27:68:9f:26:6d:c8:e8:0b:d9:10:18:01:70:7e:
43:3b:ea:ea:5e:0d:c4:ca:93:11:e3:cb:83:63:37:
64:be:4e:4a:40:cb:9d:a2:59:e6:91:74:71:c9:37:
2d:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:3C:84:E3:AE:EA:91:A3:59:02:AC:16:50:B1:88:B9:84:31:40:2F
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/KjyE467qkaNZAqwWULGIuYQxQC8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
24:f4:ef:45:d8:52:51:bb:ec:73:ce:7e:de:47:f5:61:8a:c4:
0e:44:8c:da:a7:ba:76:26:db:5b:ff:3d:87:de:b5:58:3f:c7:
41:0b:df:fa:c6:7e:11:f6:48:09:bc:4e:2d:d8:00:fc:80:2f:
ac:a1:5b:49:c1:67:05:1d:51:1e:e4:98:1f:f6:6f:00:41:c2:
0d:30:32:64:7c:af:63:32:6e:1c:df:3e:cb:7a:09:ba:b8:16:
1e:e7:71:5a:ca:3d:cb:48:2e:05:2f:b7:de:73:9f:00:b6:dc:
72:e2:b4:ed:63:7d:9c:7f:c0:7b:2d:9e:8a:22:de:26:60:fb:
30:08:21:3c:c4:3d:40:9a:a2:55:db:97:95:30:90:7c:3d:c9:
45:9a:36:e3:32:23:43:c4:4d:f1:5d:81:c4:cd:f6:3a:31:49:
8f:4a:4a:7d:01:80:f2:7b:69:27:ba:57:59:7b:ac:fb:ba:a7:
4d:6e:82:7f:b7:53:54:d2:c8:51:e3:30:cc:df:69:34:ea:d1:
d7:df:11:a1:9b:ea:34:48:6e:50:f2:70:c3:a0:a4:d5:70:c6:
c9:e9:98:91:42:fa:dc:d4:02:ac:14:2f:1b:4b:cf:2b:f6:0b:
4c:d8:f3:f3:e0:49:fa:e8:ae:1b:df:1d:68:d0:0c:ab:79:96:
c2:3b:0d:fb
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZehNut1H2iUsnviEE2LD2DSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjI0MDkxMzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTNjODRlM2FlZWE5MWEzNTkwMmFjMTY1MGIxODhiOTg0MzE0MDJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk62ResVOJ0leT4OtVpt6nmzlxJqL
gMUrLy6iZMbtMtGvnRZ9NAUtsb/Uv00KlYyI0hpCItoLTQVAXRV6BV7GH62wFbHZ
OGS7p10kS5poPRXOvh5cjMgePf6vI2PL3tIWGTqXzP0OYU3rlXivlrNe9uVUAsXZ
BhH8ouQTbz5/58up0Y0A4CKqSpzG2mHTtB/J8NLaW4lzWNKsf82ID9PgF8Aly81U
Qf1VgroW7ytLFk7+vZAtRbBP/nVpE6D1OyZ4LXXNCRp/rRy8Dl0Ltww4Ca7KJ2if
Jm3I6AvZEBgBcH5DO+rqXg3EypMR48uDYzdkvk5KQMudolnmkXRxyTctBQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFCo8hOOu6pGjWQKsFlCxiLmEMUAvMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvS2p5RTQ2N3FrYU5aQXF3V1VMR0l1WVF4UUM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAJPTvRdhSUbvsc85+3kf1YYrE
DkSM2qe6dibbW/89h961WD/HQQvf+sZ+EfZICbxOLdgA/IAvrKFbScFnBR1RHuSY
H/ZvAEHCDTAyZHyvYzJuHN8+y3oJurgWHudxWso9y0guBS+33nOfALbccuK07WN9
nH/Aey2eiiLeJmD7MAghPMQ9QJqiVduXlTCQfD3JRZo24zIjQ8RN8V2BxM32OjFJ
j0pKfQGA8ntpJ7pXWXus+7qnTW6Cf7dTVNLIUeMwzN9pNOrR198RoZvqNEhuUPJw
w6Ck1XDGyemYkUL63NQCrBQvG0vPK/YLTNjz8+BJ+uiuG98daNAMq3mWwjsN+w==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:54:27 2025 by rpki-client