Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/Ym44Pf9mpjY2ehkD2H71GfMScm4.roa
File: Ym44Pf9mpjY2ehkD2H71GfMScm4.roa (raw, json)
Hash identifier: MZyaTWrnAAk4prKvmqU8CvfD35FNHZzW5zxLcVBmyLY=
Subject key identifier: 62:6E:38:3D:FF:66:A6:36:36:7A:19:03:D8:7E:F5:19:F3:12:72:6E
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 019793E6C3064F9CBBC9E9FCF55571C23E92
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/Ym44Pf9mpjY2ehkD2H71GfMScm4.roa
Signing time: Sat 21 Jun 2025 19:11:03 +0000
ROA not before: Sat 21 Jun 2025 19:11:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 21 Jun 2025 20:06:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:93:e6:c3:06:4f:9c:bb:c9:e9:fc:f5:55:71:c2:3e:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 21 19:11:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=626e383dff66a636367a1903d87ef519f312726e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:6e:1f:47:00:ae:93:97:39:ee:f8:db:14:75:
80:6b:5e:34:e7:dd:d9:af:60:ce:b4:3c:6a:8e:fd:
8e:e8:6f:98:75:77:1c:a6:c7:24:f6:fb:73:bd:54:
51:41:fa:cd:81:43:a7:b0:7a:65:53:7a:4b:fb:78:
f6:f4:cf:b3:48:85:fc:11:2e:ea:d6:39:4e:34:a3:
00:8b:8a:2b:6d:24:79:0d:a7:06:90:11:fb:2c:ab:
fa:f9:1e:3c:eb:f7:d8:e5:97:dd:49:c5:23:6e:79:
41:11:34:3d:68:c5:be:ac:87:b1:d4:56:00:9c:1a:
5b:0f:0f:3e:09:b1:c5:5b:88:93:3c:1b:7d:af:c0:
c4:20:ce:d1:30:ee:33:3a:9f:00:4c:de:51:77:07:
e8:4c:e3:c8:6d:62:84:16:4d:af:0b:7d:57:e9:01:
62:55:d5:53:29:73:c6:19:99:8a:2b:cc:a3:55:f3:
69:77:bf:c9:a6:45:2a:4d:20:e2:f3:f6:7d:18:a5:
8b:1d:1d:95:db:bd:34:6d:2b:a3:31:26:d0:d5:43:
3f:74:c3:4a:31:23:49:5d:11:00:f6:a9:3a:f0:5b:
a9:e2:67:7e:60:71:c4:38:e0:dc:76:6d:4d:fc:95:
df:7f:20:19:b5:e2:7e:af:f7:d7:d2:28:09:99:34:
42:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:6E:38:3D:FF:66:A6:36:36:7A:19:03:D8:7E:F5:19:F3:12:72:6E
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/Ym44Pf9mpjY2ehkD2H71GfMScm4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
3f:08:0d:81:c2:93:ad:51:2c:6c:cf:fd:6e:c0:8f:0a:25:a7:
0c:d4:74:7f:57:aa:49:12:f2:2f:45:e5:0b:67:0e:ad:c6:74:
9c:3d:94:36:be:cf:77:c8:8f:ab:5f:fd:fd:13:aa:d9:32:2c:
f9:58:3c:32:51:1c:6e:84:90:67:42:92:33:ae:a4:31:38:c4:
15:d9:50:c3:57:2b:b1:2a:d1:e7:e8:b6:97:8e:2d:cc:71:7f:
84:5d:ee:e5:12:a1:eb:ef:50:42:57:8c:fd:21:80:4a:2c:a0:
d0:64:dc:42:ba:89:29:6a:31:b8:fd:4f:c7:fa:50:f1:23:af:
9b:13:b3:11:3c:86:b1:63:2d:27:5e:2e:bd:9b:d5:cd:8b:66:
b9:37:17:72:78:c4:73:01:dc:de:1a:a0:8d:e9:69:e8:72:4b:
fe:5a:06:87:44:c4:45:83:d9:93:e1:94:70:9a:8b:b6:58:c6:
a4:a4:04:5d:23:4a:f5:ba:5f:17:8d:ef:7e:29:2c:cf:2c:4c:
02:05:5a:8f:6b:35:ed:93:47:af:19:40:09:40:0c:fe:82:42:
0e:7d:79:3d:9c:6a:89:66:ae:40:65:77:d1:e8:9a:a3:30:de:
53:96:05:fd:ae:b0:c7:79:50:b2:ea:75:a3:a5:e3:05:b4:15:
1e:0d:53:61
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZeT5sMGT5y7yen89VVxwj6SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjIxMTkxMTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjZlMzgzZGZmNjZhNjM2MzY3YTE5MDNkODdlZjUxOWYzMTI3MjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAym4fRwCuk5c57vjbFHWAa140593Z
r2DOtDxqjv2O6G+YdXccpsck9vtzvVRRQfrNgUOnsHplU3pL+3j29M+zSIX8ES7q
1jlONKMAi4orbSR5DacGkBH7LKv6+R486/fY5ZfdScUjbnlBETQ9aMW+rIex1FYA
nBpbDw8+CbHFW4iTPBt9r8DEIM7RMO4zOp8ATN5RdwfoTOPIbWKEFk2vC31X6QFi
VdVTKXPGGZmKK8yjVfNpd7/JpkUqTSDi8/Z9GKWLHR2V2700bSujMSbQ1UM/dMNK
MSNJXREA9qk68Fup4md+YHHEOODcdm1N/JXffyAZteJ+r/fX0igJmTRCjwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFGJuOD3/ZqY2NnoZA9h+9RnzEnJuMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvWW00NFBmOW1walkyZWhrRDJINzFHZk1TY200LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAPwgNgcKTrVEsbM/9bsCPCiWn
DNR0f1eqSRLyL0XlC2cOrcZ0nD2UNr7Pd8iPq1/9/ROq2TIs+Vg8MlEcboSQZ0KS
M66kMTjEFdlQw1crsSrR5+i2l44tzHF/hF3u5RKh6+9QQleM/SGASiyg0GTcQrqJ
KWoxuP1Px/pQ8SOvmxOzETyGsWMtJ14uvZvVzYtmuTcXcnjEcwHc3hqgjelp6HJL
/loGh0TERYPZk+GUcJqLtljGpKQEXSNK9bpfF43vfikszyxMAgVaj2s17ZNHrxlA
CUAM/oJCDn15PZxqiWauQGV30eiaozDeU5YF/a6wx3lQsup1o6XjBbQVHg1TYQ==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:19:18 2025 by rpki-client