
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/MX7GPHfM3tFzrAqi54VUl76cKBU.roa
File: MX7GPHfM3tFzrAqi54VUl76cKBU.roa (raw, json)
Hash identifier: 3SN2v321t1SoU6Ftk6fOOCeBhKYobYitK2lNjjbnlBI=
Subject key identifier: 31:7E:C6:3C:77:CC:DE:D1:73:AC:0A:A2:E7:85:54:97:BE:9C:28:15
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 0197843ECE29164266CB5BB06C73FEBF635F
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/MX7GPHfM3tFzrAqi54VUl76cKBU.roa
Signing time: Wed 18 Jun 2025 18:13:17 +0000
ROA not before: Wed 18 Jun 2025 18:13:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 18 Jun 2025 19:04:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:84:3e:ce:29:16:42:66:cb:5b:b0:6c:73:fe:bf:63:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 18 18:13:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=317ec63c77ccded173ac0aa2e7855497be9c2815
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:b8:6f:51:e7:f2:b5:42:1a:37:9f:92:87:d5:
68:5c:36:38:75:12:8e:01:ad:d1:2a:5b:36:71:c3:
9f:57:d4:48:0a:5c:5d:ee:1d:1c:02:a5:4d:d7:78:
51:1b:2b:fc:97:e6:10:64:4c:bc:5b:1e:ed:e8:01:
4f:cf:ea:92:c5:8b:18:55:39:78:09:9f:48:bd:a0:
3c:10:20:33:73:92:a3:df:87:18:45:5c:96:f8:7e:
08:df:1a:43:9d:50:bd:24:e0:6b:bb:59:d6:42:08:
7d:9c:69:7d:49:33:77:56:22:68:fb:6b:8c:fb:ea:
86:b8:58:3a:d8:b8:f0:00:c1:13:5d:d7:f8:18:e3:
95:9c:1b:18:ec:51:bb:ae:3a:9b:fd:20:c2:9d:7b:
9d:53:4d:9c:1d:c3:79:62:ed:82:7c:17:9c:8b:6a:
39:e4:9f:72:2f:41:1e:08:09:ec:5e:dc:28:99:11:
34:19:8f:1c:7f:81:22:a1:38:d6:e4:bd:be:0d:18:
5f:eb:da:f5:e4:02:a0:9a:3d:af:44:0c:5d:e6:e2:
e1:dc:13:ea:76:8a:af:1c:23:82:d1:91:26:e0:9e:
97:78:f5:e0:a6:d0:7e:a8:8d:d4:36:af:37:a2:81:
f6:ea:7f:87:e4:7f:15:88:6a:89:55:d6:07:33:06:
6d:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:7E:C6:3C:77:CC:DE:D1:73:AC:0A:A2:E7:85:54:97:BE:9C:28:15
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/MX7GPHfM3tFzrAqi54VUl76cKBU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
0c:23:94:6a:f2:0b:a4:15:02:46:ed:46:84:6c:5d:04:f1:34:
a2:09:b2:01:5f:d3:89:ba:db:b3:51:7e:61:68:41:73:cb:1a:
0c:f8:c8:b0:e5:7a:23:4d:b4:f7:8c:c2:48:33:e1:19:5c:3b:
13:d6:b9:7e:59:76:99:c5:64:c5:ad:26:47:3d:0f:9d:98:7d:
ef:ed:a2:9d:76:7b:6d:56:53:a7:a0:ad:f5:ea:96:ca:d7:81:
e2:ce:48:31:e8:f4:7d:2b:27:f3:f4:28:10:37:1b:ed:b4:5b:
0e:e4:d6:b8:a6:c5:de:b7:b4:14:e5:80:b8:6e:3b:4c:a5:ea:
22:ec:88:4e:78:3d:26:90:2b:58:28:75:ab:b8:ea:02:c8:fc:
43:28:e3:b7:f5:1e:b4:39:21:67:ee:f3:4d:5e:e7:47:e2:34:
a6:a3:b4:10:53:55:0f:af:cd:ee:27:32:e2:f2:be:13:a2:4a:
32:b7:e7:61:9f:55:d8:de:9f:89:cb:62:0d:87:f8:0f:3a:de:
e0:d8:68:a6:f2:9c:a1:2f:98:1e:33:a5:91:11:0b:7b:fd:76:
92:c0:b0:a0:ed:1d:dd:00:38:6c:8f:1c:8e:6f:ac:45:e7:f6:
e5:79:b9:d3:0c:eb:c3:02:46:aa:05:97:f0:27:30:0b:ca:8d:
7c:64:6d:be
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZeEPs4pFkJmy1uwbHP+v2NfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjE4MTgxMzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTdlYzYzYzc3Y2NkZWQxNzNhYzBhYTJlNzg1NTQ5N2JlOWMyODE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2bhvUefytUIaN5+Sh9VoXDY4dRKO
Aa3RKls2ccOfV9RIClxd7h0cAqVN13hRGyv8l+YQZEy8Wx7t6AFPz+qSxYsYVTl4
CZ9IvaA8ECAzc5Kj34cYRVyW+H4I3xpDnVC9JOBru1nWQgh9nGl9STN3ViJo+2uM
++qGuFg62LjwAMETXdf4GOOVnBsY7FG7rjqb/SDCnXudU02cHcN5Yu2CfBeci2o5
5J9yL0EeCAnsXtwomRE0GY8cf4EioTjW5L2+DRhf69r15AKgmj2vRAxd5uLh3BPq
doqvHCOC0ZEm4J6XePXgptB+qI3UNq83ooH26n+H5H8ViGqJVdYHMwZtTwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFDF+xjx3zN7Rc6wKoueFVJe+nCgVMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvTVg3R1BIZk0zdEZ6ckFxaTU0VlVsNzZjS0JVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEADCOUavILpBUCRu1GhGxdBPE0
ogmyAV/Tibrbs1F+YWhBc8saDPjIsOV6I02094zCSDPhGVw7E9a5fll2mcVkxa0m
Rz0PnZh97+2inXZ7bVZTp6Ct9eqWyteB4s5IMej0fSsn8/QoEDcb7bRbDuTWuKbF
3re0FOWAuG47TKXqIuyITng9JpArWCh1q7jqAsj8Qyjjt/UetDkhZ+7zTV7nR+I0
pqO0EFNVD6/N7icy4vK+E6JKMrfnYZ9V2N6fictiDYf4Dzre4NhopvKcoS+YHjOl
kRELe/12ksCwoO0d3QA4bI8cjm+sRef25Xm50wzrwwJGqgWX8CcwC8qNfGRtvg==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:45:21 2025 by rpki-client