Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/TiXZdXNUWG2FKyeot6Lt2Pj9SQE.roa
File: TiXZdXNUWG2FKyeot6Lt2Pj9SQE.roa (raw, json)
Hash identifier: +snRsn3212h5bKfOhxPjBu0Mb+s97GNS8Hi8Tr90evk=
Subject key identifier: 4E:25:D9:75:73:54:58:6D:85:2B:27:A8:B7:A2:ED:D8:F8:FD:49:01
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 0197BE9AC2D19A5DBCF970BEB1049B94646D
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/TiXZdXNUWG2FKyeot6Lt2Pj9SQE.roa
Signing time: Mon 30 Jun 2025 02:11:42 +0000
ROA not before: Mon 30 Jun 2025 02:11:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 30 Jun 2025 03:04:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:be:9a:c2:d1:9a:5d:bc:f9:70:be:b1:04:9b:94:64:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 30 02:11:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4e25d9757354586d852b27a8b7a2edd8f8fd4901
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:bc:ae:b5:5e:c4:96:f1:07:ef:20:11:77:86:
b2:b9:60:cb:e6:d2:a7:e4:b4:c7:77:f9:96:83:96:
3a:d6:57:43:bc:1b:62:ff:da:c8:f6:55:bd:82:03:
e6:66:8e:37:f0:f8:1f:5a:c1:be:fa:bb:de:c2:a0:
72:ad:88:ea:93:76:3b:1f:64:57:e8:a8:41:14:e8:
15:27:89:63:dc:f2:7c:f8:ec:b5:55:0a:67:1d:e0:
05:db:ee:3e:90:ef:bf:f6:6d:bb:d8:9f:37:9e:bd:
24:0f:55:29:36:b5:f6:69:65:99:8a:f5:f8:ab:f2:
d2:61:5e:d4:90:30:f4:6b:9e:66:39:38:f8:47:a4:
18:b4:b5:4e:23:29:f3:e4:60:43:b8:b3:1c:12:5d:
c2:46:09:9b:7d:33:89:a8:49:74:b3:71:2e:f4:e1:
1e:7a:e7:ca:90:d3:b6:51:4e:13:51:8b:9e:d5:da:
bc:b6:82:8a:2d:ae:c4:74:d0:0e:95:c7:70:00:ca:
bc:92:01:d1:83:2f:22:90:ae:61:67:12:2f:8d:8b:
c5:e0:aa:c4:c3:74:50:24:e2:aa:8e:74:19:4b:6e:
ea:b8:41:2d:36:99:f8:52:21:fd:01:fd:58:d4:12:
91:ef:19:ab:b6:12:09:e8:25:a8:d2:43:b0:1a:81:
9b:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:25:D9:75:73:54:58:6D:85:2B:27:A8:B7:A2:ED:D8:F8:FD:49:01
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/TiXZdXNUWG2FKyeot6Lt2Pj9SQE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
20:49:98:d2:dc:1f:b9:bb:1b:fe:1f:0c:b1:71:86:04:1a:02:
e1:d4:23:1b:65:19:c2:e9:9a:96:cb:ed:fa:14:10:e4:d6:b7:
73:ef:13:94:22:a2:08:1b:fa:6d:a5:0e:ca:64:a9:3a:d4:89:
e9:df:8f:c1:d3:f5:58:e8:e7:7b:48:a7:2d:9b:ff:7f:bb:b4:
bc:85:45:64:f9:9d:c5:0f:aa:aa:50:f8:56:45:c7:e6:78:b1:
cb:0e:63:10:95:16:ed:c8:2b:a0:2b:ad:c8:57:d3:c8:f2:3b:
44:a4:62:91:77:e2:09:5a:1d:ac:fc:47:52:83:f3:04:fc:e2:
85:66:4d:f3:f2:49:b8:8f:bc:d8:37:92:c6:2f:ec:b4:38:7d:
7f:c1:71:a2:41:6a:39:76:a2:ee:59:59:5a:70:94:62:a8:10:
a8:51:b7:5d:cf:5d:2b:d5:43:89:43:6e:63:57:f8:fc:16:6c:
b1:de:cc:64:c4:03:ae:58:7b:ec:d4:03:04:98:8a:dc:cd:66:
63:1a:1d:08:63:23:bc:64:d3:63:e3:a5:12:83:05:9b:38:48:
61:80:66:a3:3c:cd:67:93:30:71:0a:0b:45:1a:99:de:67:d9:
3e:8d:74:72:55:55:3b:74:9e:7a:61:66:35:03:74:98:b5:ae:
28:d1:08:f3
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZe+msLRml28+XC+sQSblGRtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjMwMDIxMTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTI1ZDk3NTczNTQ1ODZkODUyYjI3YThiN2EyZWRkOGY4ZmQ0OTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtbyutV7ElvEH7yARd4ayuWDL5tKn
5LTHd/mWg5Y61ldDvBti/9rI9lW9ggPmZo438PgfWsG++rvewqByrYjqk3Y7H2RX
6KhBFOgVJ4lj3PJ8+Oy1VQpnHeAF2+4+kO+/9m272J83nr0kD1UpNrX2aWWZivX4
q/LSYV7UkDD0a55mOTj4R6QYtLVOIynz5GBDuLMcEl3CRgmbfTOJqEl0s3Eu9OEe
eufKkNO2UU4TUYue1dq8toKKLa7EdNAOlcdwAMq8kgHRgy8ikK5hZxIvjYvF4KrE
w3RQJOKqjnQZS27quEEtNpn4UiH9Af1Y1BKR7xmrthIJ6CWo0kOwGoGblQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFE4l2XVzVFhthSsnqLei7dj4/UkBMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvVGlYWmRYTlVXRzJGS3llb3Q2THQyUGo5U1FFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAIEmY0twfubsb/h8MsXGGBBoC
4dQjG2UZwumalsvt+hQQ5Na3c+8TlCKiCBv6baUOymSpOtSJ6d+PwdP1WOjne0in
LZv/f7u0vIVFZPmdxQ+qqlD4VkXH5nixyw5jEJUW7cgroCutyFfTyPI7RKRikXfi
CVodrPxHUoPzBPzihWZN8/JJuI+82DeSxi/stDh9f8FxokFqOXai7llZWnCUYqgQ
qFG3Xc9dK9VDiUNuY1f4/BZssd7MZMQDrlh77NQDBJiK3M1mYxodCGMjvGTTY+Ol
EoMFmzhIYYBmozzNZ5MwcQoLRRqZ3mfZPo10clVVO3SeemFmNQN0mLWuKNEI8w==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:22:26 2025 by rpki-client