Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/POGH59xQ1YQ2hhmrxIwFcxSEjwk.roa
File: POGH59xQ1YQ2hhmrxIwFcxSEjwk.roa (raw, json)
Hash identifier: pOpO7Kj0V+PIfFnNeEpzK/NaP2XQvZf3y8CfOwBk0EM=
Subject key identifier: 3C:E1:87:E7:DC:50:D5:84:36:86:19:AB:C4:8C:05:73:14:84:8F:09
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 01978F9DF5D52EB10169674F7D969B36EE00
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/POGH59xQ1YQ2hhmrxIwFcxSEjwk.roa
Signing time: Fri 20 Jun 2025 23:13:03 +0000
ROA not before: Fri 20 Jun 2025 23:13:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 21 Jun 2025 00:07:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:8f:9d:f5:d5:2e:b1:01:69:67:4f:7d:96:9b:36:ee:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 20 23:13:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3ce187e7dc50d584368619abc48c057314848f09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:3b:22:91:da:a6:c5:b6:53:fb:84:a7:34:11:
ef:43:ce:8a:a9:93:c8:f8:75:b3:5e:18:22:5a:e9:
98:0a:6a:54:04:4a:f4:98:90:f8:25:4e:39:ab:b8:
cb:82:2e:f5:66:5d:99:22:0c:55:ff:a0:05:c6:60:
cb:c7:c6:ff:ae:61:be:f6:94:04:ad:29:a6:ad:1a:
1e:09:c5:ba:bd:74:07:9b:6b:84:28:44:28:d0:43:
63:36:ce:63:33:3c:7a:c9:d5:38:12:14:30:e0:21:
f1:d8:fb:16:1f:66:75:55:00:d5:ed:b1:18:59:0a:
f0:a7:77:10:9c:58:8f:36:87:eb:5b:99:29:bb:99:
7c:fd:66:e8:db:81:3d:a5:cc:ca:62:36:be:03:a3:
c6:2f:16:08:c3:07:3f:6c:a2:08:84:2e:d9:75:19:
81:98:aa:1a:4c:fa:31:61:9f:51:2e:2a:a1:41:9c:
22:73:38:29:7f:c4:b9:6d:b7:f6:cc:06:ff:ef:ca:
44:fc:54:7c:d3:61:b5:ca:aa:5a:15:88:f1:13:0c:
01:d2:c7:36:26:0a:c0:1b:e9:00:8b:1d:c3:53:99:
fd:ea:62:99:18:0f:06:61:61:ca:e6:e3:08:7b:94:
e5:09:61:e7:3b:8c:26:08:f6:cc:7b:ae:85:02:22:
f7:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:E1:87:E7:DC:50:D5:84:36:86:19:AB:C4:8C:05:73:14:84:8F:09
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/POGH59xQ1YQ2hhmrxIwFcxSEjwk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
2f:2c:d0:01:e3:af:ac:43:cf:59:47:96:3c:9c:c1:62:f9:4a:
73:9d:08:a1:de:04:ef:d5:d5:c6:83:91:01:31:07:1b:d6:05:
fe:79:da:52:0f:10:9b:16:b0:6c:11:2f:f2:b5:7d:2f:65:21:
b7:61:83:34:bd:c3:4b:38:9e:ff:81:d6:af:6f:9c:fe:e3:a8:
eb:3f:ea:d5:00:4f:2c:1b:23:c0:c3:04:43:86:5f:65:e3:56:
47:82:ef:2e:57:b9:84:1c:38:4d:19:dc:e0:d0:46:ac:4a:77:
b0:dd:2c:f5:b8:77:74:68:9b:7d:4d:fb:d9:1a:0a:f2:22:ac:
2a:59:b6:be:e3:43:95:a2:bf:c5:48:15:dc:1a:83:21:27:d1:
1c:b5:08:87:52:e9:cf:b6:f6:d3:b5:ff:b9:bd:e4:f9:ea:70:
1f:2d:25:15:82:4d:f3:c1:8d:d2:25:3b:8f:31:03:96:8c:56:
ff:2b:9e:dc:7e:6f:9e:8b:09:6c:91:d4:eb:b5:64:f8:52:a0:
c9:f3:1f:8e:6b:a7:a2:a0:37:0b:08:13:ce:78:4c:d1:6c:7c:
3b:b8:0d:11:69:0e:16:33:b8:0d:6d:97:39:b6:e3:9a:0a:cd:
c7:7c:ee:13:8f:ea:ad:17:d8:19:d6:2b:7f:c4:6f:5f:c2:df:
d5:b8:76:e7
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZePnfXVLrEBaWdPfZabNu4AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjIwMjMxMzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2UxODdlN2RjNTBkNTg0MzY4NjE5YWJjNDhjMDU3MzE0ODQ4ZjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnTsikdqmxbZT+4SnNBHvQ86KqZPI
+HWzXhgiWumYCmpUBEr0mJD4JU45q7jLgi71Zl2ZIgxV/6AFxmDLx8b/rmG+9pQE
rSmmrRoeCcW6vXQHm2uEKEQo0ENjNs5jMzx6ydU4EhQw4CHx2PsWH2Z1VQDV7bEY
WQrwp3cQnFiPNofrW5kpu5l8/Wbo24E9pczKYja+A6PGLxYIwwc/bKIIhC7ZdRmB
mKoaTPoxYZ9RLiqhQZwiczgpf8S5bbf2zAb/78pE/FR802G1yqpaFYjxEwwB0sc2
JgrAG+kAix3DU5n96mKZGA8GYWHK5uMIe5TlCWHnO4wmCPbMe66FAiL34QIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFDzhh+fcUNWENoYZq8SMBXMUhI8JMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvUE9HSDU5eFExWVEyaGhtcnhJd0ZjeFNFandrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEALyzQAeOvrEPPWUeWPJzBYvlK
c50Iod4E79XVxoORATEHG9YF/nnaUg8QmxawbBEv8rV9L2Uht2GDNL3DSzie/4HW
r2+c/uOo6z/q1QBPLBsjwMMEQ4ZfZeNWR4LvLle5hBw4TRnc4NBGrEp3sN0s9bh3
dGibfU372RoK8iKsKlm2vuNDlaK/xUgV3BqDISfRHLUIh1Lpz7b207X/ub3k+epw
Hy0lFYJN88GN0iU7jzEDloxW/yue3H5vnosJbJHU67Vk+FKgyfMfjmunoqA3CwgT
znhM0Wx8O7gNEWkOFjO4DW2XObbjmgrNx3zuE4/qrRfYGdYrf8RvX8Lf1bh25w==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:17:55 2025 by rpki-client