Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/P-N8ICvVCKtWVDoDJwfbGd1vAlE.roa
File: P-N8ICvVCKtWVDoDJwfbGd1vAlE.roa (raw, json)
Hash identifier: 4rUPRfapHrOAAPYp2iuU7/0xyHHmpVPfh2G96vrs0uw=
Subject key identifier: 3F:E3:7C:20:2B:D5:08:AB:56:54:3A:03:27:07:DB:19:DD:6F:02:51
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 0197A1A4C88EB7AE0BE297FB7DDC592A763C
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/P-N8ICvVCKtWVDoDJwfbGd1vAlE.roa
Signing time: Tue 24 Jun 2025 11:13:40 +0000
ROA not before: Tue 24 Jun 2025 11:13:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 24 Jun 2025 12:04:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a1:a4:c8:8e:b7:ae:0b:e2:97:fb:7d:dc:59:2a:76:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 24 11:13:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3fe37c202bd508ab56543a032707db19dd6f0251
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:79:68:44:02:27:7b:ca:f8:5a:3e:8d:5b:5c:
ab:4a:a3:db:12:b7:e6:1c:ee:fe:9f:aa:3b:51:5f:
cd:9e:0d:3f:77:21:c4:f5:1d:76:d0:20:e1:38:21:
94:a1:b2:f8:08:c7:fd:ea:76:fa:2c:e8:2f:66:d0:
2f:76:6c:70:9f:20:65:d6:9a:95:7d:14:ec:aa:4b:
bc:c9:ca:67:0f:24:14:b0:4d:7b:e3:4c:b1:6f:31:
f0:da:7d:3a:65:f1:f1:4e:71:aa:83:5f:bf:68:cf:
8d:cc:db:85:5b:b2:85:78:e8:b9:e2:11:05:f6:c6:
32:06:2a:a9:2a:4f:1d:6e:60:35:ab:9e:db:60:15:
a3:c7:63:48:33:e3:10:7b:95:54:d1:c3:00:b6:2b:
b0:21:5b:8e:bd:1f:17:f0:55:5f:c4:79:15:51:9b:
5f:bb:4d:8a:6e:ef:81:d7:f7:9b:25:8b:89:d0:2d:
01:b7:13:d7:23:7b:1f:4b:10:73:9d:38:e5:f3:b4:
c2:5b:db:c6:fe:86:6d:32:8c:83:dd:6f:94:7c:f9:
65:2a:85:8f:1f:c1:6a:a3:49:4a:aa:1b:db:0e:69:
7f:10:2a:2b:e2:e3:71:0f:d5:2b:f0:9c:db:ff:70:
bf:6c:d4:54:21:39:9c:55:c9:25:76:6f:65:52:b0:
ed:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:E3:7C:20:2B:D5:08:AB:56:54:3A:03:27:07:DB:19:DD:6F:02:51
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/P-N8ICvVCKtWVDoDJwfbGd1vAlE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
14:97:20:9d:50:ec:8a:bc:9d:09:e6:e1:c4:08:80:ca:01:0c:
a1:a8:9b:d7:1e:f4:84:94:ee:00:9c:20:13:c5:19:20:eb:0e:
43:01:7b:5c:4f:a1:dc:7d:22:e7:a0:be:a9:82:d7:89:8a:d2:
79:a7:7d:97:43:65:11:28:3f:09:d4:3c:62:ed:4d:47:29:18:
5c:39:c2:82:86:98:5d:e1:c5:36:9e:b6:af:29:79:bf:bc:18:
4c:60:7d:02:3e:5a:b2:5e:3b:87:9f:46:11:c0:5a:ae:f8:a7:
80:a6:5a:95:77:35:cc:11:7c:a6:81:dc:41:04:65:08:5d:b8:
11:bf:da:33:5d:c0:b1:45:bf:a9:52:14:98:62:bc:ea:2c:7b:
58:24:09:16:86:89:7a:45:90:26:a4:73:b1:03:a8:c3:d4:8e:
55:4d:d4:9d:52:ae:d2:ff:1b:c5:76:fb:33:bf:5b:70:d2:98:
be:6d:04:70:8a:6b:37:0b:25:de:07:c9:4a:78:33:3a:71:3e:
22:ff:52:b0:82:ad:fb:04:06:7d:b8:23:6a:62:d8:53:2f:fa:
86:6a:c4:56:cf:d9:97:20:57:a6:53:98:93:19:2d:6f:05:35:
8e:2b:02:b4:c1:0a:14:ff:f8:10:f6:8c:25:2e:c2:51:da:ec:
e5:52:eb:1e
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZehpMiOt64L4pf7fdxZKnY8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjI0MTExMzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmUzN2MyMDJiZDUwOGFiNTY1NDNhMDMyNzA3ZGIxOWRkNmYwMjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3loRAIne8r4Wj6NW1yrSqPbErfm
HO7+n6o7UV/Nng0/dyHE9R120CDhOCGUobL4CMf96nb6LOgvZtAvdmxwnyBl1pqV
fRTsqku8ycpnDyQUsE1740yxbzHw2n06ZfHxTnGqg1+/aM+NzNuFW7KFeOi54hEF
9sYyBiqpKk8dbmA1q57bYBWjx2NIM+MQe5VU0cMAtiuwIVuOvR8X8FVfxHkVUZtf
u02Kbu+B1/ebJYuJ0C0BtxPXI3sfSxBznTjl87TCW9vG/oZtMoyD3W+UfPllKoWP
H8Fqo0lKqhvbDml/ECor4uNxD9Ur8Jzb/3C/bNRUITmcVckldm9lUrDt0wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFD/jfCAr1QirVlQ6AycH2xndbwJRMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvUC1OOElDdlZDS3RXVkRvREp3ZmJHZDF2QWxFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAFJcgnVDsirydCebhxAiAygEM
oaib1x70hJTuAJwgE8UZIOsOQwF7XE+h3H0i56C+qYLXiYrSead9l0NlESg/CdQ8
Yu1NRykYXDnCgoaYXeHFNp62ryl5v7wYTGB9Aj5asl47h59GEcBarvingKZalXc1
zBF8poHcQQRlCF24Eb/aM13AsUW/qVIUmGK86ix7WCQJFoaJekWQJqRzsQOow9SO
VU3UnVKu0v8bxXb7M79bcNKYvm0EcIprNwsl3gfJSngzOnE+Iv9SsIKt+wQGfbgj
amLYUy/6hmrEVs/ZlyBXplOYkxktbwU1jisCtMEKFP/4EPaMJS7CUdrs5VLrHg==
-----END CERTIFICATE-----
Generated at Sat Jul 5 14:59:37 2025 by rpki-client