Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/YKLQsncj8PT71EJOrY-cwpChIeU.roa
File: YKLQsncj8PT71EJOrY-cwpChIeU.roa (raw, json)
Hash identifier: pq1sdYpw+DU4YtEs2+zzsateHFvq4StMcZmYqH29ARg=
Subject key identifier: 60:A2:D0:B2:77:23:F0:F4:FB:D4:42:4E:AD:8F:9C:C2:90:A1:21:E5
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 01977F864EE8534452DB1A5A7C484A6A8204
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/YKLQsncj8PT71EJOrY-cwpChIeU.roa
Signing time: Tue 17 Jun 2025 20:13:17 +0000
ROA not before: Tue 17 Jun 2025 20:13:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 17 Jun 2025 21:04:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:7f:86:4e:e8:53:44:52:db:1a:5a:7c:48:4a:6a:82:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 17 20:13:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=60a2d0b27723f0f4fbd4424ead8f9cc290a121e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:bd:98:5f:33:47:0e:91:a3:53:1b:ab:e2:3e:
d7:70:8d:73:94:0e:bb:90:77:6c:86:82:cd:b1:21:
08:c0:60:a4:30:8e:1d:18:24:be:ef:d5:a2:b3:0f:
e4:9e:1d:33:1e:ca:36:77:c6:af:2e:90:ff:da:20:
e1:84:c1:90:b7:82:97:bc:9f:a7:d5:35:f1:60:e4:
f9:36:11:9d:82:7c:d9:ed:25:01:37:c4:3a:ca:3a:
9f:e0:8c:a2:b9:be:2c:df:12:13:36:c9:76:0a:85:
78:fc:70:51:bb:09:48:21:af:92:78:a1:5f:97:88:
a2:26:b4:28:c3:a3:ea:0c:fb:18:22:72:15:77:f6:
24:4b:6e:8f:4d:01:ee:9e:20:fd:09:5d:7a:fc:95:
d8:ad:be:b3:0d:e8:26:32:8a:47:33:54:d5:52:bf:
50:5c:92:d0:c1:4b:85:b5:55:fb:4b:e6:ac:c3:21:
96:03:12:90:37:1d:86:4f:ba:fc:dc:61:5a:de:0d:
21:b3:78:3f:35:8a:29:15:17:0e:bb:c6:50:46:c0:
58:e0:90:50:32:ce:f7:03:9a:75:2d:d6:d1:8f:9c:
25:63:80:f0:75:60:c2:97:7b:81:46:0c:55:d4:8c:
0c:73:68:54:d5:43:28:98:20:4f:f2:bb:a5:f9:ff:
e5:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:A2:D0:B2:77:23:F0:F4:FB:D4:42:4E:AD:8F:9C:C2:90:A1:21:E5
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/YKLQsncj8PT71EJOrY-cwpChIeU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
4d:2b:5a:13:f4:6e:07:82:af:4e:27:d8:52:48:aa:9e:a7:ad:
31:f0:21:c0:c0:49:23:7b:7f:38:80:87:d1:be:28:05:f5:1f:
11:4e:f9:5c:f5:a6:20:7d:45:6e:4a:bd:87:49:ee:31:e7:01:
a8:93:58:bf:18:95:d7:51:8c:52:7d:db:e3:96:61:04:07:78:
6d:93:e9:01:2f:7b:d8:23:6c:1a:24:32:50:ec:5a:31:f0:1c:
e4:f9:44:81:db:2d:41:42:4d:32:16:f4:9b:b4:f8:93:b7:8f:
d5:14:08:9c:d7:69:f2:51:dc:d4:99:22:05:ba:7d:b1:71:5c:
34:ed:94:cf:f7:a6:1d:67:e2:60:87:df:bd:80:e6:d9:8c:90:
4c:ce:2e:93:e6:63:0c:7a:9a:4e:bd:03:b8:e8:80:e9:d7:5d:
a4:e8:7f:dd:18:e1:a5:23:19:40:20:15:7e:a4:c3:b7:20:5a:
71:07:dc:df:60:d6:a8:87:43:2e:5c:b8:39:37:4c:86:f1:77:
2c:90:ff:d9:31:e3:08:df:d5:f0:65:dc:be:17:e4:ef:00:44:
8a:8b:c8:d5:c6:96:72:75:91:ba:be:16:cd:35:2e:c9:a0:41:
12:b2:31:3f:05:df:ff:50:72:28:b4:71:cd:cd:ff:f1:4b:33:
e0:52:fb:a3
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZd/hk7oU0RS2xpafEhKaoIEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjE3MjAxMzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGEyZDBiMjc3MjNmMGY0ZmJkNDQyNGVhZDhmOWNjMjkwYTEyMWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqb2YXzNHDpGjUxur4j7XcI1zlA67
kHdshoLNsSEIwGCkMI4dGCS+79Wisw/knh0zHso2d8avLpD/2iDhhMGQt4KXvJ+n
1TXxYOT5NhGdgnzZ7SUBN8Q6yjqf4Iyiub4s3xITNsl2CoV4/HBRuwlIIa+SeKFf
l4iiJrQow6PqDPsYInIVd/YkS26PTQHuniD9CV16/JXYrb6zDegmMopHM1TVUr9Q
XJLQwUuFtVX7S+aswyGWAxKQNx2GT7r83GFa3g0hs3g/NYopFRcOu8ZQRsBY4JBQ
Ms73A5p1LdbRj5wlY4DwdWDCl3uBRgxV1IwMc2hU1UMomCBP8rul+f/laQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFGCi0LJ3I/D0+9RCTq2PnMKQoSHlMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvWUtMUXNuY2o4UFQ3MUVKT3JZLWN3cENoSWVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEATStaE/RuB4KvTifYUkiqnqet
MfAhwMBJI3t/OICH0b4oBfUfEU75XPWmIH1Fbkq9h0nuMecBqJNYvxiV11GMUn3b
45ZhBAd4bZPpAS972CNsGiQyUOxaMfAc5PlEgdstQUJNMhb0m7T4k7eP1RQInNdp
8lHc1JkiBbp9sXFcNO2Uz/emHWfiYIffvYDm2YyQTM4uk+ZjDHqaTr0DuOiA6ddd
pOh/3RjhpSMZQCAVfqTDtyBacQfc32DWqIdDLly4OTdMhvF3LJD/2THjCN/V8GXc
vhfk7wBEiovI1caWcnWRur4WzTUuyaBBErIxPwXf/1ByKLRxzc3/8Usz4FL7ow==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:42:16 2025 by rpki-client