Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/TfDf-UTYw7Cp0nZwbldQkgo2vL0.roa
File: TfDf-UTYw7Cp0nZwbldQkgo2vL0.roa (raw, json)
Hash identifier: /ZealNIct8gly9tSOXKvzAr7sY8O4OGnGVfXYRYZg6E=
Subject key identifier: 4D:F0:DF:F9:44:D8:C3:B0:A9:D2:76:70:6E:57:50:92:0A:36:BC:BD
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 01977B3AC28025FDE1315CE599CBF146AD99
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/TfDf-UTYw7Cp0nZwbldQkgo2vL0.roa
Signing time: Tue 17 Jun 2025 00:12:17 +0000
ROA not before: Tue 17 Jun 2025 00:12:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 17 Jun 2025 01:05:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:7b:3a:c2:80:25:fd:e1:31:5c:e5:99:cb:f1:46:ad:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 17 00:12:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4df0dff944d8c3b0a9d276706e5750920a36bcbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:f5:0f:41:ab:4c:53:9f:83:28:a0:c0:07:bc:
90:44:e3:8d:73:0f:61:5d:4f:4e:6e:e0:92:02:e1:
14:dc:e6:8c:4b:29:58:b1:0e:05:8d:44:eb:9b:35:
e2:71:82:b4:3c:fc:68:21:45:f4:dc:9b:a0:b2:50:
b5:4d:a6:63:ed:5c:1c:b5:61:3a:5b:59:6e:e1:8d:
d0:31:fb:30:d4:a3:9c:55:f8:f1:c0:0d:8b:dc:b2:
2c:7d:90:de:09:96:60:ae:58:7d:63:95:29:8c:f3:
38:f9:77:66:ca:d5:d0:ad:54:53:d1:f8:d6:28:c5:
04:d5:83:9e:8b:28:d4:7f:1f:96:3f:69:44:c4:ef:
eb:4c:df:76:b0:85:c2:1c:c7:0c:cf:a9:f7:09:0e:
9b:70:c8:59:13:88:24:89:18:9d:f0:39:97:6c:51:
65:f6:fd:22:9e:07:66:6c:61:93:d6:91:8d:c0:4c:
fb:f5:55:65:8d:03:6e:e5:d3:7e:b9:bd:50:92:3c:
19:a4:aa:1d:61:7b:7b:2d:90:d2:e9:77:69:c2:a9:
06:3a:08:4f:f7:52:5d:41:70:2c:1b:df:54:33:d0:
94:69:93:83:a7:78:9e:f1:f5:ab:46:81:b4:69:a1:
6e:0a:8f:ab:62:2f:1d:95:4e:d6:99:56:25:7d:fc:
36:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:F0:DF:F9:44:D8:C3:B0:A9:D2:76:70:6E:57:50:92:0A:36:BC:BD
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/TfDf-UTYw7Cp0nZwbldQkgo2vL0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
07:a2:ce:84:bc:46:df:2b:31:26:02:6c:34:47:6a:99:35:da:
41:a2:96:04:f2:dd:a1:67:5a:b6:9e:26:7a:5f:d8:e6:22:10:
48:ef:f1:96:9f:4a:76:d0:18:a0:40:8f:9b:7c:28:a5:f8:a4:
51:84:9c:10:8b:51:eb:b3:42:88:1c:86:8f:0d:ed:24:b7:49:
88:5a:a6:73:bf:49:0d:dc:1e:a7:c9:2b:6d:21:53:7f:7b:ea:
fb:81:8d:39:42:79:ed:a6:1c:13:6f:ce:8c:a9:1d:a4:f1:a7:
7f:46:5e:1a:50:b6:6a:f2:5d:73:a6:5d:33:39:01:66:f7:19:
96:8e:1f:2f:85:a8:51:91:8b:ba:2a:bb:c5:e4:34:ce:38:c0:
99:b3:73:43:b2:db:11:73:1f:7b:bf:f1:05:9d:2f:05:90:59:
4a:cf:76:41:44:d3:80:43:c6:35:10:a9:3b:e9:14:60:01:87:
f2:63:7d:db:e8:22:90:bd:69:dc:8e:69:4f:62:3a:b7:09:1c:
cd:42:eb:7c:3f:20:b1:37:cc:77:ea:56:c9:78:ea:45:5c:f3:
58:3b:4c:87:e2:2a:81:05:da:29:54:2e:2b:39:78:11:0d:5e:
2a:34:91:56:b2:09:57:55:15:2e:1a:29:9c:b7:16:99:5b:43:
9c:76:d9:34
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZd7OsKAJf3hMVzlmcvxRq2ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjE3MDAxMjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGYwZGZmOTQ0ZDhjM2IwYTlkMjc2NzA2ZTU3NTA5MjBhMzZiY2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0vUPQatMU5+DKKDAB7yQROONcw9h
XU9ObuCSAuEU3OaMSylYsQ4FjUTrmzXicYK0PPxoIUX03JugslC1TaZj7VwctWE6
W1lu4Y3QMfsw1KOcVfjxwA2L3LIsfZDeCZZgrlh9Y5UpjPM4+XdmytXQrVRT0fjW
KMUE1YOeiyjUfx+WP2lExO/rTN92sIXCHMcMz6n3CQ6bcMhZE4gkiRid8DmXbFFl
9v0ingdmbGGT1pGNwEz79VVljQNu5dN+ub1QkjwZpKodYXt7LZDS6XdpwqkGOghP
91JdQXAsG99UM9CUaZODp3ie8fWrRoG0aaFuCo+rYi8dlU7WmVYlffw2XQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFE3w3/lE2MOwqdJ2cG5XUJIKNry9MB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvVGZEZi1VVFl3N0NwMG5ad2JsZFFrZ28ydkwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAB6LOhLxG3ysxJgJsNEdqmTXa
QaKWBPLdoWdatp4mel/Y5iIQSO/xlp9KdtAYoECPm3wopfikUYScEItR67NCiByG
jw3tJLdJiFqmc79JDdwep8krbSFTf3vq+4GNOUJ57aYcE2/OjKkdpPGnf0ZeGlC2
avJdc6ZdMzkBZvcZlo4fL4WoUZGLuiq7xeQ0zjjAmbNzQ7LbEXMfe7/xBZ0vBZBZ
Ss92QUTTgEPGNRCpO+kUYAGH8mN92+gikL1p3I5pT2I6twkczULrfD8gsTfMd+pW
yXjqRVzzWDtMh+IqgQXaKVQuKzl4EQ1eKjSRVrIJV1UVLhopnLcWmVtDnHbZNA==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:42:49 2025 by rpki-client