Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/L4o9XEW18XQomrc5ar9H7cbtXxs.roa
File: L4o9XEW18XQomrc5ar9H7cbtXxs.roa (raw, json)
Hash identifier: PVAXfNdbRr0eVMoB+eZhnf/TCmHBDRTOfXrLA11xPwI=
Subject key identifier: 2F:8A:3D:5C:45:B5:F1:74:28:9A:B7:39:6A:BF:47:ED:C6:ED:5F:1B
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 0197B48A768ACC9A23AE794AE69C8CEBBB7E
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/L4o9XEW18XQomrc5ar9H7cbtXxs.roa
Signing time: Sat 28 Jun 2025 03:17:42 +0000
ROA not before: Sat 28 Jun 2025 03:17:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 28 Jun 2025 04:04:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b4:8a:76:8a:cc:9a:23:ae:79:4a:e6:9c:8c:eb:bb:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 28 03:17:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2f8a3d5c45b5f174289ab7396abf47edc6ed5f1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:14:37:6d:58:59:b9:b6:07:cb:1a:cd:dd:04:
c2:b5:d6:d0:65:7b:8a:0a:08:3a:e9:59:7e:e6:a5:
2b:60:8c:6e:ed:04:28:6c:25:7c:ee:78:7f:99:be:
c7:27:48:56:9c:85:20:e3:70:f8:34:95:3d:26:de:
5e:2d:e3:0a:bf:eb:91:40:83:be:94:9a:b1:26:16:
39:0a:c6:96:97:ac:4b:5e:ce:8a:ac:e5:66:b1:0b:
e0:d4:04:d4:f2:34:08:c8:4b:2c:35:ff:e9:af:f0:
bb:c1:14:84:f7:ca:1d:87:e0:78:d2:9a:21:27:5a:
01:2a:ca:78:06:91:f6:b3:78:1c:12:38:16:63:24:
e5:01:b5:1e:c1:61:0d:57:e4:cb:cc:0a:48:ac:59:
9f:5a:7b:93:8a:fd:f7:03:18:d8:40:8b:46:e4:9d:
3a:b2:07:2f:7f:f0:4f:0b:14:a3:26:4b:57:35:f6:
b8:97:f8:69:6e:9e:ac:53:f6:44:e3:53:98:94:c9:
c0:7b:a6:fc:90:19:b5:a7:5b:f8:a3:ab:9a:ec:5a:
3d:4c:20:fe:cf:d8:36:23:02:e3:45:e1:a0:ea:7f:
e3:2f:63:80:21:26:58:b3:d5:46:f1:09:0a:0f:8b:
a5:1b:d4:1a:65:04:91:b1:08:5e:97:c1:79:fe:f6:
6c:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:8A:3D:5C:45:B5:F1:74:28:9A:B7:39:6A:BF:47:ED:C6:ED:5F:1B
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/L4o9XEW18XQomrc5ar9H7cbtXxs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
7f:89:d9:d3:36:91:d6:bb:d9:27:fb:65:e0:2e:8f:94:f0:a1:
6c:56:41:c9:93:de:37:ad:ce:95:19:ce:47:c4:74:5c:61:52:
9d:74:cb:bd:01:29:82:90:4e:8a:a5:fe:c2:72:a5:9c:e9:9c:
1f:f6:2a:b7:fb:67:d3:76:af:c2:e0:f9:0c:7f:66:f8:9f:2c:
45:90:3d:a6:2c:97:b8:88:87:1e:82:08:cd:fe:04:71:5b:e6:
46:0f:9c:50:43:4b:74:99:91:94:36:05:f7:dc:9d:06:24:d6:
05:bc:76:40:b1:23:ca:18:48:71:b4:2d:69:3f:79:e6:a2:32:
50:5d:93:91:95:9d:28:be:e8:98:7b:72:90:0b:e7:ab:49:57:
9a:fe:cd:1f:e8:16:34:d9:22:f2:1d:c8:4a:6a:40:29:2f:d6:
2e:36:2d:cf:49:d0:a5:dd:8e:ca:82:77:0e:3c:30:94:73:3c:
50:e0:7c:cf:4e:da:8d:d4:80:2d:aa:d2:be:66:7c:56:5a:84:
e9:52:30:31:5d:b2:30:b4:2d:0f:01:16:69:32:b7:d8:4a:6f:
b7:9f:d2:bb:08:50:3f:dc:1e:f8:3b:44:6f:3b:e0:15:16:01:
ee:ee:e3:c5:74:5c:fe:dd:01:23:b5:30:a5:5f:1b:94:6d:21:
5a:4b:bc:05
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZe0inaKzJojrnlK5pyM67t+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjI4MDMxNzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjhhM2Q1YzQ1YjVmMTc0Mjg5YWI3Mzk2YWJmNDdlZGM2ZWQ1ZjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtxQ3bVhZubYHyxrN3QTCtdbQZXuK
Cgg66Vl+5qUrYIxu7QQobCV87nh/mb7HJ0hWnIUg43D4NJU9Jt5eLeMKv+uRQIO+
lJqxJhY5CsaWl6xLXs6KrOVmsQvg1ATU8jQIyEssNf/pr/C7wRSE98odh+B40poh
J1oBKsp4BpH2s3gcEjgWYyTlAbUewWENV+TLzApIrFmfWnuTiv33AxjYQItG5J06
sgcvf/BPCxSjJktXNfa4l/hpbp6sU/ZE41OYlMnAe6b8kBm1p1v4o6ua7Fo9TCD+
z9g2IwLjReGg6n/jL2OAISZYs9VG8QkKD4ulG9QaZQSRsQhel8F5/vZsdwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFC+KPVxFtfF0KJq3OWq/R+3G7V8bMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvTDRvOVhFVzE4WFFvbXJjNWFyOUg3Y2J0WHhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAf4nZ0zaR1rvZJ/tl4C6PlPCh
bFZByZPeN63OlRnOR8R0XGFSnXTLvQEpgpBOiqX+wnKlnOmcH/Yqt/tn03avwuD5
DH9m+J8sRZA9piyXuIiHHoIIzf4EcVvmRg+cUENLdJmRlDYF99ydBiTWBbx2QLEj
yhhIcbQtaT955qIyUF2TkZWdKL7omHtykAvnq0lXmv7NH+gWNNki8h3ISmpAKS/W
LjYtz0nQpd2OyoJ3DjwwlHM8UOB8z07ajdSALarSvmZ8VlqE6VIwMV2yMLQtDwEW
aTK32Epvt5/SuwhQP9we+DtEbzvgFRYB7u7jxXRc/t0BI7UwpV8blG0hWku8BQ==
-----END CERTIFICATE-----
Generated at Sat Jul 5 16:01:05 2025 by rpki-client