Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ODSof3168NlZhAM_xQpwUEqfZbU.roa
File: ODSof3168NlZhAM_xQpwUEqfZbU.roa (raw, json)
Hash identifier: wFGnjxZmbWaqTFY5qnS1psTbDBpJ7l7i9TcjVXAkN7c=
Subject key identifier: 38:34:A8:7F:7D:7A:F0:D9:59:84:03:3F:C5:0A:70:50:4A:9F:65:B5
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 0197869AD494B13663E4BC9161090E8A8DA3
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ODSof3168NlZhAM_xQpwUEqfZbU.roa
Signing time: Thu 19 Jun 2025 05:13:03 +0000
ROA not before: Thu 19 Jun 2025 05:13:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 19 Jun 2025 06:06:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:86:9a:d4:94:b1:36:63:e4:bc:91:61:09:0e:8a:8d:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 19 05:13:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3834a87f7d7af0d95984033fc50a70504a9f65b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:a5:8d:3c:14:b3:6d:7c:51:c5:c2:c2:b6:11:
d5:33:e4:f3:91:d9:c8:20:7b:55:b4:b1:02:2b:b6:
2e:ff:c3:ca:6c:83:21:cf:8a:d7:46:af:0f:56:dd:
d3:49:dd:43:ed:58:12:41:78:15:0e:71:6e:22:a6:
ea:45:95:99:ed:d9:2c:1b:d7:8d:19:d2:0e:de:3b:
7d:1b:17:d8:b1:0b:78:be:69:e4:c7:2d:fc:e5:28:
4c:b3:e9:28:50:5e:4a:f6:83:33:81:5d:e6:bf:e1:
a3:b5:d0:2a:27:0e:31:d5:0f:ac:ab:27:7a:f7:a6:
c8:fd:db:15:8e:56:31:f8:1c:da:8e:f7:09:c3:c5:
36:86:b1:27:2e:fa:ac:48:19:df:2d:85:8f:05:4e:
96:25:5a:2b:03:2b:3d:4d:57:f2:4c:de:f9:53:bf:
2c:46:c1:b5:56:11:11:b0:b0:ab:1f:50:30:c8:3f:
8d:14:30:a8:04:e7:1d:c9:d8:d9:60:64:d6:db:58:
aa:c6:27:ba:0a:6b:5d:af:77:87:ea:7a:f4:21:4f:
8b:ba:05:c6:29:5d:be:5a:b7:a6:dc:70:84:cf:a0:
9c:c6:ff:2e:a3:70:56:a2:59:ba:39:9d:f6:1f:a5:
3a:1a:14:e8:66:96:77:d0:88:9e:65:b7:ed:5e:dd:
4b:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:34:A8:7F:7D:7A:F0:D9:59:84:03:3F:C5:0A:70:50:4A:9F:65:B5
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ODSof3168NlZhAM_xQpwUEqfZbU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
31:8f:d2:0b:cc:f3:00:fe:c9:e7:26:b1:6e:90:2f:5c:46:b2:
90:87:34:84:0a:e8:d3:4f:5e:fc:e5:a9:9f:d8:d2:85:51:74:
da:f1:c8:be:fd:00:df:28:90:cd:29:fe:1f:bb:fc:6c:32:1f:
56:1b:50:37:70:e8:74:b8:3b:f8:20:a1:d3:45:c2:43:cf:78:
87:c6:bc:04:73:50:41:84:c6:60:37:26:3f:8b:45:6b:b9:ff:
6c:09:af:6a:51:29:ba:86:fb:7d:4d:75:df:af:6e:e2:7f:5d:
a0:ff:f0:77:b7:58:47:2e:9b:0b:d3:76:83:02:52:db:ec:d1:
d1:eb:b0:71:43:0e:76:dd:b6:57:4f:5a:7d:9c:2c:f0:64:3b:
09:c5:a9:28:02:98:f4:a5:d1:9e:26:94:4b:81:2e:77:a3:b9:
62:ea:50:8d:35:ee:36:88:bb:1f:e0:d4:b8:5b:d3:d8:b6:37:
54:ef:b0:b6:c9:ce:77:01:49:62:4b:69:35:43:97:e1:2a:25:
ba:ca:7e:29:16:ac:de:a1:8c:df:b1:8a:39:57:38:52:f0:9a:
ee:bf:81:7c:de:7a:d1:d8:e4:1a:f9:1e:f7:3e:b4:fb:59:ac:
c5:5d:0c:c1:fa:50:61:cf:7a:a4:11:d9:db:63:fd:43:65:fd:
0b:8f:83:bf
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZeGmtSUsTZj5LyRYQkOio2jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjE5MDUxMzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODM0YTg3ZjdkN2FmMGQ5NTk4NDAzM2ZjNTBhNzA1MDRhOWY2NWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9qWNPBSzbXxRxcLCthHVM+TzkdnI
IHtVtLECK7Yu/8PKbIMhz4rXRq8PVt3TSd1D7VgSQXgVDnFuIqbqRZWZ7dksG9eN
GdIO3jt9GxfYsQt4vmnkxy385ShMs+koUF5K9oMzgV3mv+GjtdAqJw4x1Q+sqyd6
96bI/dsVjlYx+BzajvcJw8U2hrEnLvqsSBnfLYWPBU6WJVorAys9TVfyTN75U78s
RsG1VhERsLCrH1AwyD+NFDCoBOcdydjZYGTW21iqxie6Cmtdr3eH6nr0IU+LugXG
KV2+Wrem3HCEz6Ccxv8uo3BWolm6OZ32H6U6GhToZpZ30IieZbftXt1LawIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFDg0qH99evDZWYQDP8UKcFBKn2W1MB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvT0RTb2YzMTY4TmxaaEFNX3hRcHdVRXFmWmJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAMY/SC8zzAP7J5yaxbpAvXEay
kIc0hAro009e/OWpn9jShVF02vHIvv0A3yiQzSn+H7v8bDIfVhtQN3DodLg7+CCh
00XCQ894h8a8BHNQQYTGYDcmP4tFa7n/bAmvalEpuob7fU11369u4n9doP/wd7dY
Ry6bC9N2gwJS2+zR0euwcUMOdt22V09afZws8GQ7CcWpKAKY9KXRniaUS4Eud6O5
YupQjTXuNoi7H+DUuFvT2LY3VO+wtsnOdwFJYktpNUOX4Solusp+KRas3qGM37GK
OVc4UvCa7r+BfN560djkGvke9z60+1msxV0MwfpQYc96pBHZ22P9Q2X9C4+Dvw==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:28:33 2025 by rpki-client