Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/OLZTOAEr6Hfdf5004PiIY0k6JD0.roa
File: OLZTOAEr6Hfdf5004PiIY0k6JD0.roa (raw, json)
Hash identifier: 8yEp9bbvWIcwpQNyDMwAZ/Wc6Y5pRMX2BGE4DfS/+WA=
Subject key identifier: 38:B6:53:38:01:2B:E8:77:DD:7F:9D:34:E0:F8:88:63:49:3A:24:3D
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 019787768EA4A5DE81DCC413315DA90D0798
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/OLZTOAEr6Hfdf5004PiIY0k6JD0.roa
Signing time: Thu 19 Jun 2025 09:13:03 +0000
ROA not before: Thu 19 Jun 2025 09:13:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 19 Jun 2025 10:06:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:87:76:8e:a4:a5:de:81:dc:c4:13:31:5d:a9:0d:07:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 19 09:13:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=38b65338012be877dd7f9d34e0f88863493a243d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:f4:b6:35:fa:aa:c2:0b:ef:0d:85:40:49:d7:
94:b4:18:91:9b:ca:38:34:db:d2:25:d6:d6:99:54:
e4:ba:57:83:22:99:ad:ab:d3:36:b3:ed:ef:fd:3e:
04:27:f1:43:81:61:e3:f7:20:52:44:02:ff:88:ac:
f9:b3:f9:b5:75:8d:86:fb:d5:70:40:b8:e9:30:19:
4c:34:bb:79:75:0c:a2:ca:9e:03:af:26:25:7e:e3:
94:12:2c:5d:71:82:9c:32:63:3c:4b:16:ab:53:9c:
1a:e1:bc:52:1f:a2:2b:13:19:16:e4:ad:e8:ef:c4:
fb:39:8d:ab:8c:4c:c6:72:ba:ba:65:de:df:8d:ae:
ba:e0:7e:02:e4:0e:14:a3:45:22:f4:f2:7e:f9:b6:
34:4a:f6:6e:99:50:56:e6:44:e1:f1:1f:04:95:30:
4c:0c:a3:0c:da:4b:b1:a3:77:6c:9f:76:ba:fb:0f:
f4:6e:0b:ff:f4:c0:d2:29:52:04:a1:a3:4c:bb:07:
af:43:c0:20:49:45:bd:16:d9:91:79:b2:cf:45:01:
1b:4a:ae:d5:79:07:12:43:10:b7:ae:c3:3e:06:0a:
b1:2a:49:45:94:47:3d:5f:dc:18:1b:ca:40:5a:66:
c3:61:59:3f:cd:fc:82:06:e0:8f:6b:0e:a8:c5:b2:
e7:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:B6:53:38:01:2B:E8:77:DD:7F:9D:34:E0:F8:88:63:49:3A:24:3D
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/OLZTOAEr6Hfdf5004PiIY0k6JD0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
07:0f:17:83:8d:1e:d8:9b:fc:a0:c3:33:db:25:76:03:8d:44:
46:3a:1b:77:3f:d4:ec:75:38:c4:05:f9:5e:2c:2d:8d:d5:e4:
87:d3:f7:1e:3c:bb:ee:aa:fe:17:9f:dd:44:91:0f:ff:d3:64:
36:e7:96:9f:bc:58:de:60:5c:de:2e:99:cb:3d:65:ad:43:85:
98:5f:a2:fe:6f:c6:a2:b8:75:07:05:ff:61:43:1e:80:97:29:
ee:c9:a0:5a:1f:a6:01:2c:d5:07:20:4e:82:c0:ec:5b:6d:59:
89:78:c8:59:5b:3e:08:fd:b3:60:5a:a6:3c:a1:c7:b8:fa:65:
ed:3b:cc:b3:07:0e:cf:09:3b:47:1f:83:69:15:2e:90:8f:26:
f6:10:6f:40:01:0f:84:58:1c:b8:58:4f:3a:1d:d8:5e:c3:18:
33:a1:a2:85:04:05:ba:cb:c8:c3:a1:d8:ac:0d:d1:a3:89:d3:
0e:f7:da:4c:87:4e:a3:61:99:40:44:0a:17:8f:7e:0c:57:43:
22:58:9f:8a:fe:b8:b3:a9:c3:85:ac:c2:67:46:22:bf:32:56:
d2:20:84:73:20:b1:ea:76:e1:a0:18:18:ae:0e:60:67:ad:dc:
86:60:c0:49:1a:b0:e1:27:06:28:18:ba:0d:ba:ae:9e:d7:2c:
f7:bc:a4:2c
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZeHdo6kpd6B3MQTMV2pDQeYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjE5MDkxMzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGI2NTMzODAxMmJlODc3ZGQ3ZjlkMzRlMGY4ODg2MzQ5M2EyNDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxPS2NfqqwgvvDYVASdeUtBiRm8o4
NNvSJdbWmVTkuleDIpmtq9M2s+3v/T4EJ/FDgWHj9yBSRAL/iKz5s/m1dY2G+9Vw
QLjpMBlMNLt5dQyiyp4DryYlfuOUEixdcYKcMmM8SxarU5wa4bxSH6IrExkW5K3o
78T7OY2rjEzGcrq6Zd7fja664H4C5A4Uo0Ui9PJ++bY0SvZumVBW5kTh8R8ElTBM
DKMM2kuxo3dsn3a6+w/0bgv/9MDSKVIEoaNMuwevQ8AgSUW9FtmRebLPRQEbSq7V
eQcSQxC3rsM+BgqxKklFlEc9X9wYG8pAWmbDYVk/zfyCBuCPaw6oxbLn0QIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFDi2UzgBK+h33X+dNOD4iGNJOiQ9MB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvT0xaVE9BRXI2SGZkZjUwMDRQaUlZMGs2SkQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEABw8Xg40e2Jv8oMMz2yV2A41E
Rjobdz/U7HU4xAX5XiwtjdXkh9P3Hjy77qr+F5/dRJEP/9NkNueWn7xY3mBc3i6Z
yz1lrUOFmF+i/m/Gorh1BwX/YUMegJcp7smgWh+mASzVByBOgsDsW21ZiXjIWVs+
CP2zYFqmPKHHuPpl7TvMswcOzwk7Rx+DaRUukI8m9hBvQAEPhFgcuFhPOh3YXsMY
M6GihQQFusvIw6HYrA3Ro4nTDvfaTIdOo2GZQEQKF49+DFdDIlifiv64s6nDhazC
Z0YivzJW0iCEcyCx6nbhoBgYrg5gZ63chmDASRqw4ScGKBi6Dbquntcs97ykLA==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:12:22 2025 by rpki-client