Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/SxhKd51T0Utwfqzj6dQCw10fhlE.roa
File: SxhKd51T0Utwfqzj6dQCw10fhlE.roa (raw, json)
Hash identifier: U1FmtY0HonKeRlVjLgMtm60r79igZHYi4PiLXyO/cUI=
Subject key identifier: 4B:18:4A:77:9D:53:D1:4B:70:7E:AC:E3:E9:D4:02:C3:5D:1F:86:51
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 0197C80D9423913CF7C881258716E634A578
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/SxhKd51T0Utwfqzj6dQCw10fhlE.roa
Signing time: Tue 01 Jul 2025 22:13:42 +0000
ROA not before: Tue 01 Jul 2025 22:13:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 01 Jul 2025 23:04:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c8:0d:94:23:91:3c:f7:c8:81:25:87:16:e6:34:a5:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jul 1 22:13:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4b184a779d53d14b707eace3e9d402c35d1f8651
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:83:64:93:fa:18:a7:ec:e1:41:c6:f2:c1:41:
44:18:00:a6:cf:2b:3a:43:0d:17:b5:d3:93:0a:49:
85:04:bb:03:ae:83:fa:1f:d5:77:74:49:08:80:3d:
4d:e9:8c:af:13:5c:8f:ce:d1:2a:b6:e9:cd:f6:1d:
55:8f:36:63:89:93:e6:00:42:1b:20:d2:b2:05:fb:
a4:23:f2:7a:c9:b7:e2:2b:b4:8f:75:89:63:00:4b:
b5:ce:e0:8e:96:15:cb:5f:89:3f:5d:1a:6a:31:f9:
c6:94:3e:03:72:7f:6d:29:99:e1:4e:0d:92:c3:ff:
3a:e2:d9:8c:8f:06:78:76:c9:ef:74:b6:c3:3a:66:
d3:94:d5:70:6f:48:eb:78:cb:fd:28:59:d6:6f:6c:
91:d8:9b:47:42:cf:44:fe:61:ba:e2:e3:da:a3:d6:
26:b1:29:a4:c6:9a:3b:92:fb:80:e6:3f:89:41:e2:
b9:fb:99:6d:64:36:e3:a4:d6:f9:5b:15:99:fd:30:
f9:e6:49:1c:5f:8f:b0:53:d9:71:1a:fe:64:5d:fb:
fb:e9:ff:7a:57:18:de:28:ed:fd:55:64:52:f8:af:
65:63:e4:6c:7a:da:15:1e:64:40:94:46:83:33:b0:
a9:0c:66:ec:8a:7c:65:ec:2c:e0:6e:3c:6f:bb:e8:
45:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:18:4A:77:9D:53:D1:4B:70:7E:AC:E3:E9:D4:02:C3:5D:1F:86:51
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/SxhKd51T0Utwfqzj6dQCw10fhlE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
5e:20:87:46:85:bf:6d:4d:cc:aa:a3:04:3e:26:c4:34:cb:02:
d1:2e:0c:41:14:61:f0:67:1a:ab:55:ad:45:45:96:84:26:3d:
25:37:05:1b:2a:2b:2b:05:b8:8e:e0:82:1e:0c:d6:8b:d6:20:
c6:00:36:59:f3:d7:e9:6d:a7:59:11:87:67:40:49:0f:17:96:
6d:7c:76:84:9b:cf:7c:28:9b:5c:35:32:f0:e5:d1:83:0f:84:
b5:32:fb:ff:89:2c:87:e7:ca:10:38:47:40:1c:dc:ae:d1:8e:
14:fb:74:03:f7:49:b4:15:d0:0c:34:01:f9:89:1a:1b:d8:c1:
fb:1f:03:1f:88:5c:e0:58:50:d3:3e:c9:c2:2d:61:3a:fc:17:
35:a9:45:2a:e2:a8:f5:a0:3e:56:af:80:ed:8e:eb:95:93:55:
04:01:de:3d:1d:bf:9f:9a:bd:4b:9b:a2:1d:d6:53:f4:94:11:
a0:fa:c8:f9:fb:c7:62:b5:e6:cf:ca:a5:2d:9d:b9:d2:64:1d:
db:b1:5f:1b:a1:72:3c:e0:dc:22:75:9f:7b:32:ff:03:37:f0:
8c:32:09:35:eb:4f:d6:bd:43:be:f3:22:44:78:14:1d:29:7b:
81:ed:c7:ef:8e:67:74:33:42:46:cd:66:65:92:fc:10:9a:02:
b2:07:c0:21
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZfIDZQjkTz3yIElhxbmNKV4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNzAxMjIxMzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjE4NGE3NzlkNTNkMTRiNzA3ZWFjZTNlOWQ0MDJjMzVkMWY4NjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwINkk/oYp+zhQcbywUFEGACmzys6
Qw0XtdOTCkmFBLsDroP6H9V3dEkIgD1N6YyvE1yPztEqtunN9h1VjzZjiZPmAEIb
INKyBfukI/J6ybfiK7SPdYljAEu1zuCOlhXLX4k/XRpqMfnGlD4Dcn9tKZnhTg2S
w/864tmMjwZ4dsnvdLbDOmbTlNVwb0jreMv9KFnWb2yR2JtHQs9E/mG64uPao9Ym
sSmkxpo7kvuA5j+JQeK5+5ltZDbjpNb5WxWZ/TD55kkcX4+wU9lxGv5kXfv76f96
VxjeKO39VWRS+K9lY+RsetoVHmRAlEaDM7CpDGbsinxl7Czgbjxvu+hFtwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFEsYSnedU9FLcH6s4+nUAsNdH4ZRMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvU3hoS2Q1MVQwVXR3ZnF6ajZkUUN3MTBmaGxFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAXiCHRoW/bU3MqqMEPibENMsC
0S4MQRRh8Gcaq1WtRUWWhCY9JTcFGyorKwW4juCCHgzWi9YgxgA2WfPX6W2nWRGH
Z0BJDxeWbXx2hJvPfCibXDUy8OXRgw+EtTL7/4ksh+fKEDhHQBzcrtGOFPt0A/dJ
tBXQDDQB+YkaG9jB+x8DH4hc4FhQ0z7Jwi1hOvwXNalFKuKo9aA+Vq+A7Y7rlZNV
BAHePR2/n5q9S5uiHdZT9JQRoPrI+fvHYrXmz8qlLZ250mQd27FfG6FyPODcInWf
ezL/AzfwjDIJNetP1r1DvvMiRHgUHSl7ge3H745ndDNCRs1mZZL8EJoCsgfAIQ==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:22:27 2025 by rpki-client