Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/TkH1qiXo04xiuqy2jrVc0zobtLo.roa
File: TkH1qiXo04xiuqy2jrVc0zobtLo.roa (raw, json)
Hash identifier: Z1nWve6khlI45WVUSwazz4yX5DHbyc+llyjnzgLAMzY=
Subject key identifier: 4E:41:F5:AA:25:E8:D3:8C:62:BA:AC:B6:8E:B5:5C:D3:3A:1B:B4:BA
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 0197832C2535856F6BD25C7A7385987B6C6C
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/TkH1qiXo04xiuqy2jrVc0zobtLo.roa
Signing time: Wed 18 Jun 2025 13:13:17 +0000
ROA not before: Wed 18 Jun 2025 13:13:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 18 Jun 2025 14:04:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:83:2c:25:35:85:6f:6b:d2:5c:7a:73:85:98:7b:6c:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 18 13:13:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4e41f5aa25e8d38c62baacb68eb55cd33a1bb4ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:39:9e:41:d9:4e:8d:66:af:25:c0:3e:3d:03:
3d:5a:26:c5:11:a8:95:b5:d4:41:33:25:e5:6e:f8:
c6:37:fa:b3:7e:e2:3a:50:80:93:a8:66:fc:c7:81:
98:9f:81:09:6d:6a:02:db:17:63:c5:05:a1:aa:e1:
fd:ce:6c:51:32:54:62:ce:fd:b9:9a:d9:1b:39:ee:
cf:11:6f:e5:83:b0:e5:ae:24:a1:7c:fc:40:31:65:
dd:67:63:35:2e:31:e9:03:2e:1a:5a:6d:24:ce:0b:
e9:20:53:3b:cb:95:fc:78:ce:30:d7:9b:b0:f3:51:
cb:1d:fc:91:f6:2e:c2:de:57:d0:3b:76:1a:3a:b6:
2d:cf:6e:40:7f:6b:18:e1:c8:e5:76:78:18:d7:2d:
c5:8b:03:cc:aa:c8:17:18:04:54:ac:48:41:b4:6a:
d1:7d:cd:ef:80:01:36:f4:99:7a:bf:fd:65:48:ad:
fe:0a:31:61:36:57:f9:83:db:f9:ff:fa:cb:16:b6:
31:3e:9a:79:d4:76:a4:72:f3:72:08:cd:df:32:61:
f8:65:0a:21:66:14:f9:2b:98:ed:0d:0f:d4:93:dd:
42:3d:01:7f:59:a9:8e:95:62:9c:b6:92:12:16:4c:
32:26:05:3d:6f:47:46:7b:9b:73:d3:f7:40:22:72:
6c:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:41:F5:AA:25:E8:D3:8C:62:BA:AC:B6:8E:B5:5C:D3:3A:1B:B4:BA
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/TkH1qiXo04xiuqy2jrVc0zobtLo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
74:f4:a0:16:17:4e:c2:09:65:8f:27:59:96:be:5e:d9:18:ad:
3f:72:34:11:14:11:32:ad:af:8b:cc:3b:0f:a7:e8:c9:6c:5e:
e5:ce:e6:01:0d:35:37:95:62:d6:76:5b:58:29:66:9e:3f:55:
3a:ba:f7:70:a6:09:ef:30:97:b3:45:4c:40:57:97:27:e1:9b:
3f:db:d6:fc:80:27:84:9c:4c:5b:6b:b5:3d:7d:9d:92:72:db:
f7:d6:45:ce:35:cd:74:5d:23:52:53:39:38:57:f9:7f:ad:ee:
ed:b0:36:9a:33:61:1f:c0:64:1e:2a:c3:5b:5d:1c:76:c8:75:
15:e3:82:4b:ab:82:f8:8e:ce:86:29:01:77:88:41:d4:ca:81:
b6:8e:b2:d5:1c:08:e5:99:f0:7c:e8:f7:9c:20:76:97:6d:77:
d0:bf:f0:2b:05:54:d7:9c:ef:29:3c:9a:38:63:fe:db:ab:17:
62:1d:3e:8a:de:7b:4a:df:f0:f0:95:b7:b9:6d:f6:02:36:3d:
63:c3:f3:3c:58:67:ce:eb:42:a5:f8:9c:40:a7:0b:26:95:94:
bd:b2:db:76:73:50:50:34:3e:e6:a7:87:12:1a:12:34:fc:b1:
8b:6d:7b:73:46:95:0e:1e:de:be:f1:c7:43:e4:85:f2:17:f0:
9b:cc:5a:70
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZeDLCU1hW9r0lx6c4WYe2xsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjE4MTMxMzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTQxZjVhYTI1ZThkMzhjNjJiYWFjYjY4ZWI1NWNkMzNhMWJiNGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjmeQdlOjWavJcA+PQM9WibFEaiV
tdRBMyXlbvjGN/qzfuI6UICTqGb8x4GYn4EJbWoC2xdjxQWhquH9zmxRMlRizv25
mtkbOe7PEW/lg7DlriShfPxAMWXdZ2M1LjHpAy4aWm0kzgvpIFM7y5X8eM4w15uw
81HLHfyR9i7C3lfQO3YaOrYtz25Af2sY4cjldngY1y3FiwPMqsgXGARUrEhBtGrR
fc3vgAE29Jl6v/1lSK3+CjFhNlf5g9v5//rLFrYxPpp51HakcvNyCM3fMmH4ZQoh
ZhT5K5jtDQ/Uk91CPQF/WamOlWKctpISFkwyJgU9b0dGe5tz0/dAInJs6QIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFE5B9aol6NOMYrqsto61XNM6G7S6MB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvVGtIMXFpWG8wNHhpdXF5MmpyVmMwem9idExvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAdPSgFhdOwglljydZlr5e2Rit
P3I0ERQRMq2vi8w7D6foyWxe5c7mAQ01N5Vi1nZbWClmnj9VOrr3cKYJ7zCXs0VM
QFeXJ+GbP9vW/IAnhJxMW2u1PX2dknLb99ZFzjXNdF0jUlM5OFf5f63u7bA2mjNh
H8BkHirDW10cdsh1FeOCS6uC+I7OhikBd4hB1MqBto6y1RwI5ZnwfOj3nCB2l213
0L/wKwVU15zvKTyaOGP+26sXYh0+it57St/w8JW3uW32AjY9Y8PzPFhnzutCpfic
QKcLJpWUvbLbdnNQUDQ+5qeHEhoSNPyxi217c0aVDh7evvHHQ+SF8hfwm8xacA==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:13:41 2025 by rpki-client