Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/Y6YKM6VwgaFPRwdMPS_eWu4g9AA.roa
File: Y6YKM6VwgaFPRwdMPS_eWu4g9AA.roa (raw, json)
Hash identifier: LXrswcrD5SHuyhCBgCMrHKQnKgi2yoWEZ9neQr1jueI=
Subject key identifier: 63:A6:0A:33:A5:70:81:A1:4F:47:07:4C:3D:2F:DE:5A:EE:20:F4:00
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 0197B71BD117221B895DBDD5DA4F882F0D86
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/Y6YKM6VwgaFPRwdMPS_eWu4g9AA.roa
Signing time: Sat 28 Jun 2025 15:15:42 +0000
ROA not before: Sat 28 Jun 2025 15:15:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 28 Jun 2025 16:04:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b7:1b:d1:17:22:1b:89:5d:bd:d5:da:4f:88:2f:0d:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 28 15:15:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=63a60a33a57081a14f47074c3d2fde5aee20f400
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:65:fc:9c:33:5b:e1:a9:98:1e:74:b8:35:24:
b2:45:b1:5d:50:85:c8:8c:5a:e8:21:24:82:13:8f:
17:8f:23:06:d5:97:3a:c8:07:d2:d3:d1:e1:d5:48:
66:46:23:3c:dc:41:12:aa:ed:48:df:ac:b3:18:11:
ea:81:b4:ac:3f:b2:3c:69:86:91:7e:73:81:5f:e6:
82:89:b3:c9:86:67:b7:df:bc:0d:e7:02:9f:44:18:
55:fe:27:5a:55:91:bc:f4:c5:33:2a:1a:a4:8d:79:
70:90:49:ec:b6:6e:93:47:57:fb:ac:a0:2c:64:ff:
3b:7b:bd:79:2b:68:5e:87:48:b9:d4:b9:63:8c:59:
61:e1:4f:d2:51:e3:84:52:a5:66:a4:93:8c:0e:d1:
1f:54:b5:8d:91:5c:2e:af:89:9c:a4:88:2b:89:b9:
24:b0:a3:df:06:dc:19:f0:1c:9f:f6:66:2d:60:27:
8b:2b:6c:ff:aa:50:0f:b5:46:34:e8:3c:7d:f3:71:
88:bb:c0:e7:c4:0e:f6:c0:b1:45:59:63:ab:8d:bf:
b6:71:51:f4:b3:2e:bf:95:57:73:61:ab:8b:e7:4b:
3a:a0:3f:7b:52:58:e2:e3:8b:45:06:ca:da:2d:a6:
34:91:85:19:22:78:ab:ba:6c:43:66:2a:16:43:18:
93:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:A6:0A:33:A5:70:81:A1:4F:47:07:4C:3D:2F:DE:5A:EE:20:F4:00
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/Y6YKM6VwgaFPRwdMPS_eWu4g9AA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
6e:64:9d:6b:bb:f8:19:64:f0:5f:6c:0f:06:0b:11:23:d1:e5:
3d:03:f1:6e:6d:57:cb:26:6c:8a:29:cd:fc:3b:b1:ab:31:84:
a5:bb:bb:dc:c6:7f:be:f9:98:0d:47:2b:86:5a:e9:5b:45:06:
0d:dd:1e:6d:e0:b1:6b:0e:d2:25:2e:6b:c5:ca:5b:1e:0e:5c:
5d:e2:ea:91:f9:a3:aa:dd:76:80:85:59:e6:68:91:c5:85:cd:
03:00:0a:93:69:8d:23:d9:c6:3d:4f:27:3c:8d:e2:1a:1c:1e:
0c:d5:4b:13:67:ba:e6:15:2e:95:49:e0:65:92:0c:39:95:fc:
fd:3a:13:9e:da:d6:cf:5d:a9:7b:0a:a8:cf:16:4f:7a:c3:1f:
e6:1b:8e:9f:89:88:e7:45:e1:6a:4c:a7:36:39:3c:eb:9a:30:
76:c4:4d:d9:21:82:51:80:69:43:86:2b:b8:17:ac:8c:fa:7a:
f0:fd:9d:35:66:ff:9c:d1:6e:57:33:a6:40:8d:70:9e:1e:05:
92:db:07:48:ae:ab:ea:ff:ed:54:20:01:b9:8f:aa:ea:dc:7b:
70:c6:cd:25:7d:b3:1c:7d:7c:c4:9c:0a:07:5f:05:a4:c1:c1:
65:be:4a:15:ce:8b:22:e9:34:cf:ef:0d:e4:3c:39:0b:48:b1:
b4:b7:b9:c6
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZe3G9EXIhuJXb3V2k+ILw2GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjI4MTUxNTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2E2MGEzM2E1NzA4MWExNGY0NzA3NGMzZDJmZGU1YWVlMjBmNDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsWX8nDNb4amYHnS4NSSyRbFdUIXI
jFroISSCE48XjyMG1Zc6yAfS09Hh1UhmRiM83EESqu1I36yzGBHqgbSsP7I8aYaR
fnOBX+aCibPJhme337wN5wKfRBhV/idaVZG89MUzKhqkjXlwkEnstm6TR1f7rKAs
ZP87e715K2heh0i51LljjFlh4U/SUeOEUqVmpJOMDtEfVLWNkVwur4mcpIgribkk
sKPfBtwZ8Byf9mYtYCeLK2z/qlAPtUY06Dx983GIu8DnxA72wLFFWWOrjb+2cVH0
sy6/lVdzYauL50s6oD97Ulji44tFBsraLaY0kYUZInirumxDZioWQxiTPQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFGOmCjOlcIGhT0cHTD0v3lruIPQAMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvWTZZS002VndnYUZQUndkTVBTX2VXdTRnOUFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAbmSda7v4GWTwX2wPBgsRI9Hl
PQPxbm1XyyZsiinN/DuxqzGEpbu73MZ/vvmYDUcrhlrpW0UGDd0ebeCxaw7SJS5r
xcpbHg5cXeLqkfmjqt12gIVZ5miRxYXNAwAKk2mNI9nGPU8nPI3iGhweDNVLE2e6
5hUulUngZZIMOZX8/ToTntrWz12pewqozxZPesMf5huOn4mI50XhakynNjk865ow
dsRN2SGCUYBpQ4YruBesjPp68P2dNWb/nNFuVzOmQI1wnh4FktsHSK6r6v/tVCAB
uY+q6tx7cMbNJX2zHH18xJwKB18FpMHBZb5KFc6LIuk0z+8N5Dw5C0ixtLe5xg==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:36:52 2025 by rpki-client