Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ZfZoRU0NkRZOGz9IHqvYSqU2vOc.roa
File: ZfZoRU0NkRZOGz9IHqvYSqU2vOc.roa (raw, json)
Hash identifier: TRbHUyApCG9mHvV8J7XNOx+317MYpLIFwMYD+vng/Bo=
Subject key identifier: 65:F6:68:45:4D:0D:91:16:4E:1B:3F:48:1E:AB:D8:4A:A5:36:BC:E7
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 0197A5827A56FD4C70306E126CC86E46578D
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ZfZoRU0NkRZOGz9IHqvYSqU2vOc.roa
Signing time: Wed 25 Jun 2025 05:14:40 +0000
ROA not before: Wed 25 Jun 2025 05:14:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 25 Jun 2025 06:04:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a5:82:7a:56:fd:4c:70:30:6e:12:6c:c8:6e:46:57:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 25 05:14:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=65f668454d0d91164e1b3f481eabd84aa536bce7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:99:fd:93:71:22:67:6f:53:c4:70:73:e3:cc:
19:13:66:6d:61:56:84:c6:c7:13:54:bd:9e:66:1a:
a7:23:08:72:17:0c:8b:c5:d2:f6:76:e6:a6:5c:48:
c0:6c:da:e3:86:59:8f:eb:a7:a6:c6:4d:b7:5b:c0:
31:e0:6d:4a:10:ae:4d:2b:cb:2a:be:30:f5:ef:0a:
46:a7:bc:80:07:f7:ce:f8:94:e2:1a:cc:e5:ce:b2:
f6:74:c4:85:a7:a7:e1:96:72:09:31:de:dc:88:e1:
d6:d9:17:71:2f:f4:76:d6:c0:f1:1c:75:76:6d:b7:
95:64:25:a8:16:0e:41:ba:1a:f7:a5:da:52:ef:16:
46:d5:fa:34:59:fe:44:c4:d5:2c:d0:c4:fd:e3:fe:
ce:f2:ff:99:f6:71:09:b8:9d:29:ab:76:02:87:1e:
ad:fa:79:57:be:1c:eb:6d:d6:cd:59:8e:0a:3f:ee:
78:fc:bc:7e:11:15:0d:e3:e6:a2:b5:51:1f:f3:3d:
f8:6d:30:b2:ef:d0:63:51:54:9d:29:70:ef:ec:a5:
9b:2b:12:09:e0:ce:a0:94:f5:e8:b5:81:7e:b0:fe:
6b:af:8d:ce:96:40:cd:ca:0e:43:d5:4a:3e:e8:2d:
2c:cb:b2:83:91:8d:9a:77:6f:d9:ca:30:ca:df:b3:
8b:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:F6:68:45:4D:0D:91:16:4E:1B:3F:48:1E:AB:D8:4A:A5:36:BC:E7
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ZfZoRU0NkRZOGz9IHqvYSqU2vOc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
5b:cf:17:ab:e1:9c:55:a7:e1:fb:c9:22:e7:75:a4:3a:ef:66:
fb:5e:6e:5d:d6:d5:9c:7a:5f:5e:7b:e4:0a:26:56:75:d9:dd:
da:1f:06:68:90:c9:43:0d:63:b2:65:fb:d0:fc:77:b6:a9:08:
3f:27:1d:bb:0c:3d:93:f8:b6:7a:3e:e3:b7:9b:cf:f0:93:27:
2c:f8:39:9a:f9:dd:4d:3e:10:1e:60:cd:74:78:c3:db:1d:46:
75:2f:bd:cf:3a:d5:13:a5:8e:d0:c5:c0:ef:a5:40:cc:42:7a:
67:99:29:90:1b:97:5c:2b:a3:6f:5b:62:6a:61:4d:da:f8:cd:
7d:35:21:42:67:16:2f:e4:ed:b0:fb:0e:0c:89:04:50:5f:d1:
2b:10:67:dc:24:9c:8b:de:5b:b3:97:bc:a7:db:8b:de:09:07:
0f:8a:da:28:79:9b:63:8f:74:95:c3:2e:7e:94:26:70:4c:62:
ee:5e:7d:b4:25:a5:77:49:21:0e:50:f2:da:bb:f6:37:31:52:
bb:5e:f2:6c:27:a8:8e:ec:ff:a5:8b:40:d0:70:1e:1f:fe:f2:
d9:cb:9f:8e:96:43:0d:5f:96:76:4e:7b:46:1c:63:18:d7:b4:
e4:04:f6:22:e7:64:ba:25:97:65:b8:1b:6d:7b:26:89:89:de:
4c:fa:85:9b
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZelgnpW/UxwMG4SbMhuRleNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjI1MDUxNDQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWY2Njg0NTRkMGQ5MTE2NGUxYjNmNDgxZWFiZDg0YWE1MzZiY2U3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt5n9k3EiZ29TxHBz48wZE2ZtYVaE
xscTVL2eZhqnIwhyFwyLxdL2duamXEjAbNrjhlmP66emxk23W8Ax4G1KEK5NK8sq
vjD17wpGp7yAB/fO+JTiGszlzrL2dMSFp6fhlnIJMd7ciOHW2RdxL/R21sDxHHV2
bbeVZCWoFg5Buhr3pdpS7xZG1fo0Wf5ExNUs0MT94/7O8v+Z9nEJuJ0pq3YChx6t
+nlXvhzrbdbNWY4KP+54/Lx+ERUN4+aitVEf8z34bTCy79BjUVSdKXDv7KWbKxIJ
4M6glPXotYF+sP5rr43OlkDNyg5D1Uo+6C0sy7KDkY2ad2/ZyjDK37OLvwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFGX2aEVNDZEWThs/SB6r2EqlNrznMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvWmZab1JVME5rUlpPR3o5SUhxdllTcVUydk9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAW88Xq+GcVafh+8ki53WkOu9m
+15uXdbVnHpfXnvkCiZWddnd2h8GaJDJQw1jsmX70Px3tqkIPycduww9k/i2ej7j
t5vP8JMnLPg5mvndTT4QHmDNdHjD2x1GdS+9zzrVE6WO0MXA76VAzEJ6Z5kpkBuX
XCujb1tiamFN2vjNfTUhQmcWL+TtsPsODIkEUF/RKxBn3CSci95bs5e8p9uL3gkH
D4raKHmbY490lcMufpQmcExi7l59tCWld0khDlDy2rv2NzFSu17ybCeojuz/pYtA
0HAeH/7y2cufjpZDDV+Wdk57RhxjGNe05AT2IudkuiWXZbgbbXsmiYneTPqFmw==
-----END CERTIFICATE-----
Generated at Sat Jul 5 16:26:01 2025 by rpki-client