Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/PU6zR_vAQVqxll4yah5k4poYE6k.roa
File: PU6zR_vAQVqxll4yah5k4poYE6k.roa (raw, json)
Hash identifier: ZphDhOFPrSEhABaj5eTByD/ZjpqTfA1B32UGAa7Drbw=
Subject key identifier: 3D:4E:B3:47:FB:C0:41:5A:B1:96:5E:32:6A:1E:64:E2:9A:18:13:A9
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 0197930EB34E3D3D1A50BC5E39EB593DC3CE
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/PU6zR_vAQVqxll4yah5k4poYE6k.roa
Signing time: Sat 21 Jun 2025 15:15:03 +0000
ROA not before: Sat 21 Jun 2025 15:15:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 21 Jun 2025 16:06:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:93:0e:b3:4e:3d:3d:1a:50:bc:5e:39:eb:59:3d:c3:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 21 15:15:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3d4eb347fbc0415ab1965e326a1e64e29a1813a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:fd:8d:ab:18:89:e4:c9:57:ba:5a:57:79:f7:
4a:ec:6a:cb:6f:69:21:c8:58:84:c1:45:ba:a0:ab:
df:85:35:91:75:31:f6:2f:5e:07:be:e0:b2:80:a9:
7a:24:da:80:1f:6b:33:92:3f:72:82:db:03:08:e8:
11:ba:3b:4d:d5:f7:2b:db:db:37:9d:60:e0:6e:66:
72:6d:dd:4a:14:71:33:16:d3:3c:23:b7:55:53:7e:
dd:f1:a8:71:cf:aa:0f:86:36:a6:b0:28:7e:44:da:
23:23:ab:94:25:b6:33:da:47:d6:f9:17:94:c8:17:
23:78:39:8a:c6:06:1e:f7:aa:66:1a:19:09:d7:f5:
bb:dd:d3:f3:8e:e5:06:73:7a:2f:10:d0:1c:47:1a:
78:11:1c:3f:0d:b9:e4:ce:cb:ac:16:ba:47:d2:dd:
1b:0e:60:f9:2f:74:f9:83:e6:7f:05:7d:70:14:d4:
bd:04:6a:d8:8b:bf:2c:5e:39:6f:2f:d7:d2:f7:0f:
c2:5c:b6:5a:e6:ff:d8:a9:10:41:d7:92:91:b5:5b:
3b:c2:a9:51:df:60:a0:9f:3c:57:a8:fc:30:fe:3f:
c7:3d:c0:58:bf:5f:e6:8b:73:30:7c:9d:2e:fb:6b:
d1:0a:b6:17:b0:b3:f5:d9:e2:4c:69:e4:28:28:fb:
af:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:4E:B3:47:FB:C0:41:5A:B1:96:5E:32:6A:1E:64:E2:9A:18:13:A9
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/PU6zR_vAQVqxll4yah5k4poYE6k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
1f:bb:50:81:42:eb:62:52:74:1a:7c:d9:33:67:1a:e4:26:18:
18:5f:43:2d:8d:05:a0:b1:ea:59:23:a5:e3:74:36:3f:00:91:
50:96:c9:e0:7b:5b:cb:a3:41:bb:a3:40:d5:cf:55:1a:f6:3e:
7e:f4:4d:3d:c0:30:79:15:2c:21:2f:32:ea:c7:7c:4c:2f:f2:
cb:c3:05:48:5d:ec:79:e0:b6:5c:f3:c2:5a:cd:53:37:38:3c:
13:07:1c:a2:27:0d:fc:3a:78:d3:b4:e8:e2:20:03:b0:f7:6a:
c8:42:32:5d:55:91:27:23:28:a5:1d:1a:3e:56:68:2d:3d:c8:
3c:d9:5d:ab:16:58:e2:d6:cb:ea:2e:1b:c5:1d:84:a0:16:07:
a2:da:37:1a:9e:73:14:a2:ae:9d:9a:8e:fd:20:7b:08:5b:c3:
8c:ef:f2:82:19:ac:08:eb:a9:57:37:91:ee:e0:e0:8d:c4:73:
c7:a0:50:cb:f9:be:41:8e:9e:2c:84:81:cd:9e:60:f9:02:5c:
c6:04:63:de:a5:86:51:04:f9:57:66:ae:da:7f:62:e7:67:8d:
25:a2:ed:55:c5:7c:7e:e9:a0:89:df:0a:01:c7:21:0e:b7:3d:
13:b0:35:1e:00:c6:ca:4f:40:0c:68:ec:5c:86:d6:b3:b3:c5:
16:e6:8a:ea
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZeTDrNOPT0aULxeOetZPcPOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjIxMTUxNTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDRlYjM0N2ZiYzA0MTVhYjE5NjVlMzI2YTFlNjRlMjlhMTgxM2E5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzP2NqxiJ5MlXulpXefdK7GrLb2kh
yFiEwUW6oKvfhTWRdTH2L14HvuCygKl6JNqAH2szkj9ygtsDCOgRujtN1fcr29s3
nWDgbmZybd1KFHEzFtM8I7dVU37d8ahxz6oPhjamsCh+RNojI6uUJbYz2kfW+ReU
yBcjeDmKxgYe96pmGhkJ1/W73dPzjuUGc3ovENAcRxp4ERw/DbnkzsusFrpH0t0b
DmD5L3T5g+Z/BX1wFNS9BGrYi78sXjlvL9fS9w/CXLZa5v/YqRBB15KRtVs7wqlR
32CgnzxXqPww/j/HPcBYv1/mi3MwfJ0u+2vRCrYXsLP12eJMaeQoKPuvHwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFD1Os0f7wEFasZZeMmoeZOKaGBOpMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvUFU2elJfdkFRVnF4bGw0eWFoNWs0cG9ZRTZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAH7tQgULrYlJ0GnzZM2ca5CYY
GF9DLY0FoLHqWSOl43Q2PwCRUJbJ4Htby6NBu6NA1c9VGvY+fvRNPcAweRUsIS8y
6sd8TC/yy8MFSF3seeC2XPPCWs1TNzg8EwccoicN/Dp407To4iADsPdqyEIyXVWR
JyMopR0aPlZoLT3IPNldqxZY4tbL6i4bxR2EoBYHoto3Gp5zFKKunZqO/SB7CFvD
jO/yghmsCOupVzeR7uDgjcRzx6BQy/m+QY6eLISBzZ5g+QJcxgRj3qWGUQT5V2au
2n9i52eNJaLtVcV8fumgid8KAcchDrc9E7A1HgDGyk9ADGjsXIbWs7PFFuaK6g==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:55:54 2025 by rpki-client