Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/XwsDdDQ2b0f5VMFFqNX3dUOSL9E.roa
File: XwsDdDQ2b0f5VMFFqNX3dUOSL9E.roa (raw, json)
Hash identifier: mWlDEFZM/MaXczAyjQZtXLZajcdXClpI9OgZkC9Va+4=
Subject key identifier: 5F:0B:03:74:34:36:6F:47:F9:54:C1:45:A8:D5:F7:75:43:92:2F:D1
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 0197B2995447191EE96C99C4C7D7B8535C60
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/XwsDdDQ2b0f5VMFFqNX3dUOSL9E.roa
Signing time: Fri 27 Jun 2025 18:14:42 +0000
ROA not before: Fri 27 Jun 2025 18:14:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 27 Jun 2025 19:04:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b2:99:54:47:19:1e:e9:6c:99:c4:c7:d7:b8:53:5c:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 27 18:14:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5f0b037434366f47f954c145a8d5f77543922fd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:46:19:82:78:fc:c3:e5:6a:fc:e3:11:4d:fb:
2f:5e:f9:ef:13:53:6c:01:f6:07:71:d5:c7:43:ab:
8e:50:b4:7f:45:3d:43:e0:50:75:62:17:91:e6:46:
06:38:36:d2:6a:a2:33:2f:41:cb:87:ec:97:a1:07:
aa:85:ee:29:3b:5e:73:0c:7f:f3:7e:68:db:38:39:
fa:d6:58:5e:17:79:45:96:4c:b9:48:be:41:96:2b:
07:b5:5b:f9:e7:02:d1:fa:fd:e4:c5:75:ba:53:72:
3f:59:d7:35:c4:0b:6a:78:79:cc:f2:52:e9:08:47:
29:9b:6d:e8:89:b6:38:93:c7:72:89:de:40:43:b6:
a5:9a:4c:dc:a6:4f:7a:3e:a5:46:30:1b:0f:12:e3:
cc:e8:3d:23:81:2a:84:cd:38:84:dd:8c:44:36:e5:
bd:d9:78:aa:39:6b:2a:ba:b1:74:2b:d0:ed:1d:91:
d4:cf:79:bb:a3:85:1f:f1:ff:c3:75:2e:29:c7:00:
92:1f:27:e0:e5:5a:89:e5:c7:63:49:d6:8e:11:5d:
a1:40:61:a9:d5:64:5a:f3:a4:99:f2:e8:aa:84:f1:
52:92:66:aa:40:91:30:da:a8:17:fb:46:5a:bb:2b:
49:25:6c:47:2e:65:a4:0c:d7:4e:0c:39:e9:74:03:
3c:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:0B:03:74:34:36:6F:47:F9:54:C1:45:A8:D5:F7:75:43:92:2F:D1
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/XwsDdDQ2b0f5VMFFqNX3dUOSL9E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
38:f5:49:81:4f:d7:d6:ba:20:9f:b5:85:e7:70:5c:48:41:68:
52:90:8c:8a:c7:d0:96:ce:12:c2:f3:ed:1c:1f:cd:a9:1e:ef:
db:64:68:5d:78:ea:23:f1:03:72:58:52:a8:d7:34:d7:e7:e4:
56:dc:a3:2a:e7:fe:6f:02:b8:8c:5e:18:1e:4e:a6:b1:6c:83:
dd:87:60:d6:fe:fa:8d:73:92:e6:c6:8f:fb:b0:7c:28:b6:0b:
91:a2:74:33:91:dd:35:a2:b7:1b:a4:37:15:5b:4d:47:9d:dc:
c1:6a:6f:07:53:ba:2c:69:b7:ed:24:66:42:e6:e7:25:c1:58:
c1:56:f6:3d:16:3b:a8:85:2a:5f:49:9c:e9:87:36:d8:fd:8b:
b9:c2:9c:0a:64:44:34:d3:ba:c2:a3:4f:c0:ba:eb:8a:36:d7:
c9:2a:f3:d8:5c:3a:43:45:0f:0d:49:2a:d9:b0:a7:a3:8c:33:
67:29:07:e6:09:d6:b9:19:6d:ca:e4:1b:45:cc:8b:b2:42:04:
69:8a:42:bc:d7:d0:68:e4:94:a8:05:23:11:ae:07:db:e4:69:
f8:0f:d4:30:37:f9:34:ca:82:38:c8:fb:da:b1:99:a9:2b:87:
6c:0f:cd:5d:be:51:04:0a:5c:26:97:da:c7:f0:df:67:73:9e:
08:bb:9a:d0
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZeymVRHGR7pbJnEx9e4U1xgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjI3MTgxNDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjBiMDM3NDM0MzY2ZjQ3Zjk1NGMxNDVhOGQ1Zjc3NTQzOTIyZmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApkYZgnj8w+Vq/OMRTfsvXvnvE1Ns
AfYHcdXHQ6uOULR/RT1D4FB1YheR5kYGODbSaqIzL0HLh+yXoQeqhe4pO15zDH/z
fmjbODn61lheF3lFlky5SL5BlisHtVv55wLR+v3kxXW6U3I/Wdc1xAtqeHnM8lLp
CEcpm23oibY4k8dyid5AQ7almkzcpk96PqVGMBsPEuPM6D0jgSqEzTiE3YxENuW9
2XiqOWsqurF0K9DtHZHUz3m7o4Uf8f/DdS4pxwCSHyfg5VqJ5cdjSdaOEV2hQGGp
1WRa86SZ8uiqhPFSkmaqQJEw2qgX+0ZauytJJWxHLmWkDNdODDnpdAM8pwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFF8LA3Q0Nm9H+VTBRajV93VDki/RMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvWHdzRGREUTJiMGY1Vk1GRnFOWDNkVU9TTDlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAOPVJgU/X1rogn7WF53BcSEFo
UpCMisfQls4SwvPtHB/NqR7v22RoXXjqI/EDclhSqNc01+fkVtyjKuf+bwK4jF4Y
Hk6msWyD3Ydg1v76jXOS5saP+7B8KLYLkaJ0M5HdNaK3G6Q3FVtNR53cwWpvB1O6
LGm37SRmQubnJcFYwVb2PRY7qIUqX0mc6Yc22P2LucKcCmRENNO6wqNPwLrrijbX
ySrz2Fw6Q0UPDUkq2bCno4wzZykH5gnWuRltyuQbRcyLskIEaYpCvNfQaOSUqAUj
Ea4H2+Rp+A/UMDf5NMqCOMj72rGZqSuHbA/NXb5RBApcJpfax/DfZ3OeCLua0A==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:01:55 2025 by rpki-client