Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/Xk85mgVw47Y1LvxIhllUhrqVbFU.roa
File: Xk85mgVw47Y1LvxIhllUhrqVbFU.roa (raw, json)
Hash identifier: Qbk1IsTLg9lsWjix0Tf4XllZa0qp0lEy80lDxb6yzxY=
Subject key identifier: 5E:4F:39:9A:05:70:E3:B6:35:2E:FC:48:86:59:54:86:BA:95:6C:55
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 0197B22B77487767C64699E7A2176E74E334
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/Xk85mgVw47Y1LvxIhllUhrqVbFU.roa
Signing time: Fri 27 Jun 2025 16:14:42 +0000
ROA not before: Fri 27 Jun 2025 16:14:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 27 Jun 2025 17:04:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b2:2b:77:48:77:67:c6:46:99:e7:a2:17:6e:74:e3:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 27 16:14:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5e4f399a0570e3b6352efc4886595486ba956c55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:5f:b5:c8:ad:6d:ab:ef:88:d9:33:d2:e0:3a:
45:f0:64:41:7f:30:01:46:0a:e4:f6:86:45:b2:66:
79:d9:91:00:ca:cd:d7:97:5a:9e:f6:7f:72:d7:dd:
46:06:19:86:3d:7e:98:ac:87:c2:23:c2:ab:46:cd:
1e:84:f2:23:c0:1a:8b:eb:fb:9f:81:96:ae:e5:9c:
ac:cb:08:ed:95:72:21:f2:e3:11:a1:e9:a2:13:87:
6b:4d:4d:ed:36:be:be:21:12:90:68:b0:42:43:c4:
f7:b3:e7:05:1d:12:f1:d5:70:50:32:7a:e9:8c:44:
9c:6e:58:65:ea:06:fe:90:dc:96:48:d0:a8:fb:ee:
77:10:03:88:e7:4e:29:23:b2:18:c0:0d:5e:9e:96:
65:f9:96:04:ff:ee:5a:a7:aa:da:c9:31:58:85:45:
2a:51:8a:a9:18:3e:e2:0f:80:7c:47:6f:17:86:e5:
ae:ee:73:f7:b1:7d:73:23:a4:3f:f6:e1:15:b0:c7:
3a:b2:1a:ee:c7:5a:1e:fc:b8:f0:01:3e:41:e9:3b:
10:b1:19:0e:75:c9:90:d8:9a:41:06:58:41:04:dc:
ad:ce:a8:13:42:d9:fd:a2:be:af:96:e2:2a:a3:85:
12:a8:f1:53:93:5a:71:d1:7b:13:94:2b:55:5e:8c:
28:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:4F:39:9A:05:70:E3:B6:35:2E:FC:48:86:59:54:86:BA:95:6C:55
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/Xk85mgVw47Y1LvxIhllUhrqVbFU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
45:2a:15:f0:e5:f9:24:59:e3:25:97:e1:ba:90:ff:2f:0d:0c:
46:d2:43:bd:e6:82:1f:14:b1:45:61:8e:19:62:90:e2:f5:b4:
5e:d4:fe:51:f5:a2:8f:a8:fb:7d:2b:c3:b4:7b:77:10:87:19:
b5:e9:c5:17:49:53:1c:9a:ae:4c:86:ff:2e:e4:d4:b4:76:77:
22:4c:a1:83:96:07:6b:7d:bf:5f:0e:fd:65:8f:b1:e2:ae:aa:
1c:19:af:b0:6d:d5:b1:41:ab:c3:99:39:2b:d0:72:cc:bd:bf:
a0:dc:5d:49:fd:38:0d:fa:d7:22:35:66:d9:e4:30:9b:f0:13:
42:2e:8f:7d:d9:77:9f:ab:e8:e9:60:cc:ab:27:eb:50:7d:30:
bf:c4:77:a3:11:f4:84:52:34:38:42:0e:4a:14:f1:a7:2a:ad:
0d:8b:90:4a:f7:cd:80:58:3c:d7:73:a0:31:f6:6c:68:9d:65:
ea:05:e9:a1:98:29:c3:63:15:48:96:a0:94:9e:ad:b8:52:fa:
aa:64:eb:ef:84:8d:29:8d:8d:97:61:47:6c:90:5b:b2:d1:7c:
fa:3c:17:a4:c3:ba:ee:e4:ae:e5:8b:fa:18:59:a8:93:42:f2:
58:0e:33:41:50:d6:e0:49:c2:32:32:50:8f:09:06:4d:67:5c:
ab:32:39:75
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZeyK3dId2fGRpnnohdudOM0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjI3MTYxNDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTRmMzk5YTA1NzBlM2I2MzUyZWZjNDg4NjU5NTQ4NmJhOTU2YzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6V+1yK1tq++I2TPS4DpF8GRBfzAB
Rgrk9oZFsmZ52ZEAys3Xl1qe9n9y191GBhmGPX6YrIfCI8KrRs0ehPIjwBqL6/uf
gZau5ZysywjtlXIh8uMRoemiE4drTU3tNr6+IRKQaLBCQ8T3s+cFHRLx1XBQMnrp
jEScblhl6gb+kNyWSNCo++53EAOI504pI7IYwA1enpZl+ZYE/+5ap6rayTFYhUUq
UYqpGD7iD4B8R28XhuWu7nP3sX1zI6Q/9uEVsMc6shrux1oe/LjwAT5B6TsQsRkO
dcmQ2JpBBlhBBNytzqgTQtn9or6vluIqo4USqPFTk1px0XsTlCtVXowoaQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFF5POZoFcOO2NS78SIZZVIa6lWxVMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvWGs4NW1nVnc0N1kxTHZ4SWhsbFVocnFWYkZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEARSoV8OX5JFnjJZfhupD/Lw0M
RtJDveaCHxSxRWGOGWKQ4vW0XtT+UfWij6j7fSvDtHt3EIcZtenFF0lTHJquTIb/
LuTUtHZ3Ikyhg5YHa32/Xw79ZY+x4q6qHBmvsG3VsUGrw5k5K9ByzL2/oNxdSf04
DfrXIjVm2eQwm/ATQi6Pfdl3n6vo6WDMqyfrUH0wv8R3oxH0hFI0OEIOShTxpyqt
DYuQSvfNgFg813OgMfZsaJ1l6gXpoZgpw2MVSJaglJ6tuFL6qmTr74SNKY2Nl2FH
bJBbstF8+jwXpMO67uSu5Yv6GFmok0LyWA4zQVDW4EnCMjJQjwkGTWdcqzI5dQ==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:56:55 2025 by rpki-client