Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/XenlBKdomrd5EGA9SO24gfl3z4s.roa
File: XenlBKdomrd5EGA9SO24gfl3z4s.roa (raw, json)
Hash identifier: o6qibZJic0RdkLAUm5fhEwooZTSnjatHPzTli1Lc0Dw=
Subject key identifier: 5D:E9:E5:04:A7:68:9A:B7:79:10:60:3D:48:ED:B8:81:F9:77:CF:8B
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 01977ACCE5542BCE3E76FBD0A191CA31024E
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/XenlBKdomrd5EGA9SO24gfl3z4s.roa
Signing time: Mon 16 Jun 2025 22:12:17 +0000
ROA not before: Mon 16 Jun 2025 22:12:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 16 Jun 2025 23:04:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:7a:cc:e5:54:2b:ce:3e:76:fb:d0:a1:91:ca:31:02:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 16 22:12:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5de9e504a7689ab77910603d48edb881f977cf8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:c4:39:c5:f9:7e:5c:4d:a6:e1:fe:f5:7a:37:
cf:38:49:41:37:10:fd:7a:d0:09:4f:33:da:ef:0f:
0c:03:d0:47:81:68:2d:d8:39:d2:41:4a:f2:54:c0:
e1:6b:eb:64:39:02:72:9d:4d:90:f9:45:a4:e8:c2:
ec:35:41:e6:4e:a0:99:4e:cf:48:59:c6:3d:0c:91:
62:ac:ef:3b:28:8f:dc:c3:6a:66:65:bd:83:b0:bc:
2a:3a:8c:3a:82:7b:7d:7e:f5:12:81:36:95:92:50:
fb:b3:ff:8f:e8:bc:f4:5b:9e:41:df:74:5a:95:16:
fe:28:df:a3:65:e8:3c:49:41:3c:bd:0a:54:a6:c8:
c7:05:ae:fc:36:b7:7e:68:72:9c:0c:14:d1:48:6b:
aa:8a:a9:c4:c9:53:6c:ca:ab:94:a5:39:8f:65:f8:
f2:19:ab:fb:46:4c:1a:96:8c:5b:62:db:47:7b:e5:
ab:80:2b:1e:b9:e5:24:24:c0:0d:65:37:af:cf:09:
c7:cc:10:6a:74:05:33:fe:41:e2:55:f8:0d:07:7a:
17:11:bc:25:d4:f4:dd:85:69:c6:ee:8d:14:62:5e:
0f:50:80:b4:31:ae:74:d4:93:f9:26:26:5a:c6:d6:
5b:88:d4:a3:47:1e:33:e9:10:4b:17:5e:b8:b8:de:
ae:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:E9:E5:04:A7:68:9A:B7:79:10:60:3D:48:ED:B8:81:F9:77:CF:8B
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/XenlBKdomrd5EGA9SO24gfl3z4s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
3e:e1:51:32:c5:8c:3d:18:58:c0:ca:b2:d3:04:64:bb:a6:60:
9f:79:2c:22:c9:4c:50:50:e8:08:14:21:22:f0:18:ac:e8:a4:
24:ce:4f:24:28:b9:02:5e:f7:8a:6c:15:1c:cb:fe:d8:86:5d:
10:10:b5:c7:88:1e:41:00:4a:b5:24:ee:0f:3d:16:41:1a:64:
15:ba:0a:52:54:6e:16:00:11:57:e0:b6:52:2b:a9:2a:41:be:
d9:bd:db:6e:b0:0b:52:e8:0d:ce:e2:d5:81:10:53:36:8c:4a:
79:ce:e6:80:a6:46:62:3a:80:fb:af:1a:ef:7c:64:9a:a3:e8:
8d:0a:6e:4e:06:91:02:7d:d1:2a:4e:66:ba:11:f8:5e:b9:59:
01:75:99:94:a1:c6:f4:57:4e:b6:44:19:eb:70:8c:41:3b:dd:
87:92:ee:57:30:95:b8:52:a2:e5:25:47:7b:ee:13:b3:f0:87:
37:ee:0c:fd:06:a6:2d:e8:a1:2b:4b:41:e2:15:8d:2c:31:2b:
49:ab:ca:06:77:3c:17:2b:d3:1a:39:d6:f6:7d:e5:ed:48:50:
42:46:de:a0:51:d5:a4:9a:a9:dd:d3:10:5d:5e:a9:0b:1e:00:
8c:5e:79:d5:77:53:d0:1f:cf:de:d5:b4:a6:85:68:cf:3b:b5:
50:34:9c:1d
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZd6zOVUK84+dvvQoZHKMQJOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjE2MjIxMjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGU5ZTUwNGE3Njg5YWI3NzkxMDYwM2Q0OGVkYjg4MWY5NzdjZjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqcQ5xfl+XE2m4f71ejfPOElBNxD9
etAJTzPa7w8MA9BHgWgt2DnSQUryVMDha+tkOQJynU2Q+UWk6MLsNUHmTqCZTs9I
WcY9DJFirO87KI/cw2pmZb2DsLwqOow6gnt9fvUSgTaVklD7s/+P6Lz0W55B33Ra
lRb+KN+jZeg8SUE8vQpUpsjHBa78Nrd+aHKcDBTRSGuqiqnEyVNsyquUpTmPZfjy
Gav7RkwaloxbYttHe+WrgCseueUkJMANZTevzwnHzBBqdAUz/kHiVfgNB3oXEbwl
1PTdhWnG7o0UYl4PUIC0Ma501JP5JiZaxtZbiNSjRx4z6RBLF164uN6u3QIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFF3p5QSnaJq3eRBgPUjtuIH5d8+LMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvWGVubEJLZG9tcmQ1RUdBOVNPMjRnZmwzejRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAPuFRMsWMPRhYwMqy0wRku6Zg
n3ksIslMUFDoCBQhIvAYrOikJM5PJCi5Al73imwVHMv+2IZdEBC1x4geQQBKtSTu
Dz0WQRpkFboKUlRuFgARV+C2UiupKkG+2b3bbrALUugNzuLVgRBTNoxKec7mgKZG
YjqA+68a73xkmqPojQpuTgaRAn3RKk5muhH4XrlZAXWZlKHG9FdOtkQZ63CMQTvd
h5LuVzCVuFKi5SVHe+4Ts/CHN+4M/QamLeihK0tB4hWNLDErSavKBnc8FyvTGjnW
9n3l7UhQQkbeoFHVpJqp3dMQXV6pCx4AjF551XdT0B/P3tW0poVozzu1UDScHQ==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:24:34 2025 by rpki-client