Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/Kot8pud0h6tsdZh51x7ul353Ol0.roa
File: Kot8pud0h6tsdZh51x7ul353Ol0.roa (raw, json)
Hash identifier: kkqMb+GrRQYzj771kh58ldEOMxxc3xNRtyit6gZzOS8=
Subject key identifier: 2A:8B:7C:A6:E7:74:87:AB:6C:75:98:79:D7:1E:EE:97:7E:77:3A:5D
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 01978E537490FB222CE36ABB9FDBB12C6DD5
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/Kot8pud0h6tsdZh51x7ul353Ol0.roa
Signing time: Fri 20 Jun 2025 17:12:03 +0000
ROA not before: Fri 20 Jun 2025 17:12:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 20 Jun 2025 18:06:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:8e:53:74:90:fb:22:2c:e3:6a:bb:9f:db:b1:2c:6d:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 20 17:12:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2a8b7ca6e77487ab6c759879d71eee977e773a5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:f7:64:43:c3:13:09:1a:99:58:78:01:d0:fb:
30:d2:66:ed:db:73:ea:61:4e:74:d6:fb:44:a4:6f:
09:2f:fa:cf:f6:14:5d:72:18:5f:38:55:cd:2b:8a:
21:b4:c3:38:95:c3:7d:44:17:89:48:0d:06:4f:c4:
20:d3:f8:72:47:91:84:b5:f3:c3:c9:84:82:1c:6c:
27:d9:b3:0a:85:38:9b:ff:7f:35:18:49:cc:25:79:
1f:7b:a1:7e:03:80:32:20:87:5e:1f:c0:0e:e3:b1:
64:11:8f:7d:76:8e:70:6c:52:bf:47:4e:5d:b8:e9:
06:9b:d7:e4:fd:d3:e7:3b:5f:65:ce:95:b8:81:d6:
c0:27:f4:31:54:78:0c:8f:61:f9:47:c1:5a:4c:47:
16:72:00:f0:57:58:9d:44:79:d1:b9:27:9c:65:4d:
4f:c8:83:24:f0:02:a4:87:9d:72:82:13:55:16:29:
42:19:8b:eb:f5:25:a2:3f:c5:81:8a:cb:63:c7:e5:
1d:4d:3c:93:d5:42:89:36:79:fa:97:70:62:58:d1:
21:0a:d0:04:be:22:73:c2:54:e1:78:3b:1d:8c:ec:
75:98:0a:cd:96:a9:7d:78:90:c1:4c:2d:b2:c0:9d:
df:c7:ac:b8:2e:b3:58:38:61:80:0f:12:25:fc:dc:
6f:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:8B:7C:A6:E7:74:87:AB:6C:75:98:79:D7:1E:EE:97:7E:77:3A:5D
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/Kot8pud0h6tsdZh51x7ul353Ol0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
83:c6:d9:b7:86:3a:6c:0f:0c:c2:2a:3d:fe:96:23:8c:3f:da:
a6:52:48:30:84:a3:3d:28:23:12:92:78:90:94:ae:7c:e6:07:
4a:3c:72:a7:e2:72:a8:ec:b4:37:16:95:48:2c:a5:be:9f:68:
15:28:50:76:a1:5c:e5:9e:3b:48:af:ce:76:6a:b1:c5:62:d3:
01:fb:2a:ca:36:54:3c:68:8e:67:a1:72:ae:3b:de:a2:f2:12:
d9:30:b4:e4:fc:ba:51:32:17:89:52:6b:e0:df:e6:4e:ce:71:
a6:c8:41:e4:5f:4d:40:f1:4a:78:3d:78:50:23:b9:68:93:ff:
57:25:91:02:a5:37:fd:2d:ee:1f:d7:06:90:62:db:45:59:ba:
10:d8:56:7e:34:77:d7:96:84:68:6e:8a:9d:34:68:ae:ec:52:
db:1e:c4:c5:b6:cf:04:32:2a:d4:a1:fe:6b:c3:c9:00:a1:ca:
7d:26:3f:1e:cd:0c:08:93:41:06:7b:82:8c:1d:3a:36:97:08:
22:f1:9c:14:da:e0:7d:3c:a2:87:40:47:02:28:b4:b2:af:c5:
d0:1d:7a:dd:3a:1d:53:76:11:1d:f9:ba:a1:9e:8c:0f:b2:c6:
88:9e:e3:0e:98:69:f8:fa:55:09:fd:7e:af:4c:61:2e:82:77:
21:d9:66:b4
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZeOU3SQ+yIs42q7n9uxLG3VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjIwMTcxMjAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYThiN2NhNmU3NzQ4N2FiNmM3NTk4NzlkNzFlZWU5NzdlNzczYTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmPdkQ8MTCRqZWHgB0Psw0mbt23Pq
YU501vtEpG8JL/rP9hRdchhfOFXNK4ohtMM4lcN9RBeJSA0GT8Qg0/hyR5GEtfPD
yYSCHGwn2bMKhTib/381GEnMJXkfe6F+A4AyIIdeH8AO47FkEY99do5wbFK/R05d
uOkGm9fk/dPnO19lzpW4gdbAJ/QxVHgMj2H5R8FaTEcWcgDwV1idRHnRuSecZU1P
yIMk8AKkh51yghNVFilCGYvr9SWiP8WBistjx+UdTTyT1UKJNnn6l3BiWNEhCtAE
viJzwlTheDsdjOx1mArNlql9eJDBTC2ywJ3fx6y4LrNYOGGADxIl/NxvwQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFCqLfKbndIerbHWYedce7pd+dzpdMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvS290OHB1ZDBoNnRzZFpoNTF4N3VsMzUzT2wwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAg8bZt4Y6bA8Mwio9/pYjjD/a
plJIMISjPSgjEpJ4kJSufOYHSjxyp+JyqOy0NxaVSCylvp9oFShQdqFc5Z47SK/O
dmqxxWLTAfsqyjZUPGiOZ6FyrjveovIS2TC05Py6UTIXiVJr4N/mTs5xpshB5F9N
QPFKeD14UCO5aJP/VyWRAqU3/S3uH9cGkGLbRVm6ENhWfjR315aEaG6KnTRoruxS
2x7ExbbPBDIq1KH+a8PJAKHKfSY/Hs0MCJNBBnuCjB06NpcIIvGcFNrgfTyih0BH
Aii0sq/F0B163TodU3YRHfm6oZ6MD7LGiJ7jDphp+PpVCf1+r0xhLoJ3IdlmtA==
-----END CERTIFICATE-----
Generated at Sat Jul 5 16:08:17 2025 by rpki-client