Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/YgnNEXzHgpsUwjTPIfHBYyX8HlI.roa
File: YgnNEXzHgpsUwjTPIfHBYyX8HlI.roa (raw, json)
Hash identifier: HY6/JLUXUJkDu23YMLp9Hu0LdzZl3yMFIzyjh6YdZ+c=
Subject key identifier: 62:09:CD:11:7C:C7:82:9B:14:C2:34:CF:21:F1:C1:63:25:FC:1E:52
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 0197AEF1A9A1A01F44F6D16232432791A6B0
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/YgnNEXzHgpsUwjTPIfHBYyX8HlI.roa
Signing time: Fri 27 Jun 2025 01:12:42 +0000
ROA not before: Fri 27 Jun 2025 01:12:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 27 Jun 2025 02:04:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ae:f1:a9:a1:a0:1f:44:f6:d1:62:32:43:27:91:a6:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 27 01:12:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6209cd117cc7829b14c234cf21f1c16325fc1e52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:7e:ea:8e:2a:2e:e6:42:82:eb:93:42:33:de:
57:f2:91:42:d7:63:5a:13:a5:df:c1:d2:11:69:8e:
91:72:c0:c9:4b:db:1a:c8:4b:1f:b4:a1:18:5d:6f:
c9:fa:ec:5f:f9:61:4e:ed:d3:10:78:28:ba:da:84:
1a:ac:d4:d4:b8:7d:b0:08:dd:19:eb:70:5f:c6:4d:
8f:e5:c3:68:2c:2b:5a:23:30:11:02:5b:3a:2c:59:
12:98:b7:64:bc:4f:08:58:e2:35:56:2a:f7:55:9b:
1b:43:97:a8:27:db:8f:a8:22:c6:be:55:d5:d3:c8:
3a:43:5d:0e:25:96:7c:23:5e:fa:b6:09:1d:c2:71:
b9:09:e0:0c:52:3e:44:c5:f2:26:f4:7e:e3:39:48:
95:64:e7:05:44:ec:01:ec:f9:68:7d:7d:d2:61:a1:
e2:be:73:e3:b4:f2:1b:17:39:af:e1:be:7e:26:bf:
2e:ba:3e:9f:ca:76:be:38:4f:85:42:96:a5:ee:cc:
c1:34:fe:f0:fa:6d:61:6e:b2:a0:73:09:dd:74:e0:
2d:20:ab:a0:99:2c:e0:f2:f3:ce:54:24:2e:92:53:
19:ee:ba:4a:00:9b:3c:79:22:97:ab:6c:d7:1e:e4:
3b:88:81:ee:b0:75:ad:81:f2:12:f4:69:6e:bf:27:
5d:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:09:CD:11:7C:C7:82:9B:14:C2:34:CF:21:F1:C1:63:25:FC:1E:52
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/YgnNEXzHgpsUwjTPIfHBYyX8HlI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
00:2a:cf:f2:df:64:0d:e9:ee:a1:72:cc:20:62:a9:6e:80:12:
db:3d:e9:b6:da:dc:b2:b1:81:6c:b0:50:ca:3e:67:33:5c:e8:
c9:6b:1e:05:27:bf:a9:03:1c:c2:63:00:76:86:6f:2a:a0:8f:
86:04:1a:90:dd:1e:a4:7e:bc:cc:3a:c1:ea:56:df:ba:f6:33:
b9:ad:bc:e4:6a:17:04:df:3f:bf:9a:36:2c:64:1e:20:db:4c:
bb:3e:68:f5:58:8d:32:c8:74:b5:e4:68:5a:76:65:a5:1f:7c:
ee:7d:05:05:e1:57:86:e3:f6:08:ec:7a:95:ff:36:31:64:8c:
6d:46:cb:82:e2:5a:74:ca:76:f4:36:b5:a1:28:71:91:75:a0:
0f:6c:2e:01:45:c5:1c:50:e5:41:f5:f0:cb:12:31:6c:ad:72:
ce:f0:1a:9b:12:f5:37:e2:8e:ca:77:b3:8b:83:b0:e3:0b:96:
50:9d:21:f5:81:a1:6d:ff:ff:3b:ea:97:66:78:3b:be:4a:6b:
27:1d:7c:c6:e5:82:6f:08:e0:bd:3a:8c:12:88:c9:d7:d3:c8:
49:12:fd:64:03:b9:c5:b1:48:b1:1a:a5:c7:4d:fc:dc:74:29:
d1:ec:82:1d:8a:a4:22:16:ec:1c:9c:ae:06:24:e3:5d:6f:82:
1a:24:bc:16
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZeu8amhoB9E9tFiMkMnkaawMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjI3MDExMjQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjA5Y2QxMTdjYzc4MjliMTRjMjM0Y2YyMWYxYzE2MzI1ZmMxZTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx37qjiou5kKC65NCM95X8pFC12Na
E6XfwdIRaY6RcsDJS9sayEsftKEYXW/J+uxf+WFO7dMQeCi62oQarNTUuH2wCN0Z
63Bfxk2P5cNoLCtaIzARAls6LFkSmLdkvE8IWOI1Vir3VZsbQ5eoJ9uPqCLGvlXV
08g6Q10OJZZ8I176tgkdwnG5CeAMUj5ExfIm9H7jOUiVZOcFROwB7PlofX3SYaHi
vnPjtPIbFzmv4b5+Jr8uuj6fyna+OE+FQpal7szBNP7w+m1hbrKgcwnddOAtIKug
mSzg8vPOVCQuklMZ7rpKAJs8eSKXq2zXHuQ7iIHusHWtgfIS9GluvyddCwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFGIJzRF8x4KbFMI0zyHxwWMl/B5SMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvWWduTkVYekhncHNVd2pUUElmSEJZeVg4SGxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAACrP8t9kDenuoXLMIGKpboAS
2z3pttrcsrGBbLBQyj5nM1zoyWseBSe/qQMcwmMAdoZvKqCPhgQakN0epH68zDrB
6lbfuvYzua285GoXBN8/v5o2LGQeINtMuz5o9ViNMsh0teRoWnZlpR987n0FBeFX
huP2COx6lf82MWSMbUbLguJadMp29Da1oShxkXWgD2wuAUXFHFDlQfXwyxIxbK1y
zvAamxL1N+KOynezi4Ow4wuWUJ0h9YGhbf//O+qXZng7vkprJx18xuWCbwjgvTqM
EojJ19PISRL9ZAO5xbFIsRqlx0383HQp0eyCHYqkIhbsHJyuBiTjXW+CGiS8Fg==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:20:11 2025 by rpki-client