Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/_TFrSHKpd9E7r3OLl67N-84beas.roa
File: _TFrSHKpd9E7r3OLl67N-84beas.roa (raw, json)
Hash identifier: H6F9Q8zCgkCUn6v7mxmeG34DuLSmWNkBnCaHmdoc43Y=
Subject key identifier: FD:31:6B:48:72:A9:77:D1:3B:AF:73:8B:97:AE:CD:FB:CE:1B:79:AB
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 0197B591385EF9591B94F38351BE03056981
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/_TFrSHKpd9E7r3OLl67N-84beas.roa
Signing time: Sat 28 Jun 2025 08:04:42 +0000
ROA not before: Sat 28 Jun 2025 08:04:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
2001:67c:64:ffff:0:197:b590:d795/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 28 Jun 2025 08:13:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b5:91:38:5e:f9:59:1b:94:f3:83:51:be:03:05:69:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 28 08:04:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fd316b4872a977d13baf738b97aecdfbce1b79ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:3f:bc:b1:a2:0f:1d:a8:cb:be:d4:5f:7b:a4:
53:41:7f:0d:a0:d5:ba:12:ba:03:c3:05:71:06:96:
f9:b2:74:8c:e3:d6:b2:07:cd:33:6e:36:20:2d:81:
d3:1d:60:3c:56:c0:d7:ce:1f:06:35:53:e8:72:63:
dc:62:d0:08:77:62:db:74:bd:d0:d8:cd:b4:11:7b:
6b:9e:f5:6c:e2:6e:ae:eb:31:e1:e7:82:f5:9c:0a:
b5:fc:48:b6:21:9d:5a:5a:64:13:8e:0d:01:14:7e:
ce:75:e3:96:94:89:56:97:1b:c3:aa:a3:b0:72:a7:
e2:7a:8d:da:5b:00:5a:22:ef:2b:76:06:cc:29:25:
af:93:f9:1b:66:e8:73:ae:88:1a:19:33:51:06:96:
72:11:d6:15:10:48:7e:eb:20:f6:27:c5:aa:15:e8:
fd:20:73:4c:b5:8b:e6:8f:17:e5:f0:c5:48:ec:93:
fa:db:09:a4:7b:ea:a6:88:a7:bb:fd:c5:3b:e9:c4:
bc:73:b3:f1:94:38:f8:e5:a4:2b:e8:64:5a:aa:e2:
ff:ab:7d:57:9e:1f:16:0e:a3:7c:84:a2:c5:0d:48:
13:ac:0e:ca:fb:00:63:99:44:11:7d:4b:e0:48:b0:
ec:fa:6d:39:ac:40:cc:50:52:c4:1d:f2:21:20:5e:
3c:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:31:6B:48:72:A9:77:D1:3B:AF:73:8B:97:AE:CD:FB:CE:1B:79:AB
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/_TFrSHKpd9E7r3OLl67N-84beas.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
2001:67c:64:ffff:0:197:b590:d795/128
Signature Algorithm: sha256WithRSAEncryption
48:81:2f:26:14:ff:be:b2:8d:9f:ce:24:2f:dd:d4:e0:d9:39:
2a:b0:f6:23:60:0e:3a:f1:1d:26:0d:10:14:e4:a6:80:4b:a8:
bb:05:0a:2e:23:0b:12:03:02:cb:98:6a:8f:9d:d9:bc:13:e3:
15:39:cd:f9:3e:f7:4c:d4:86:c9:cf:87:19:b2:78:bc:04:64:
ae:71:88:bc:d4:46:c1:4b:86:c0:ee:1e:32:44:88:80:22:e3:
47:51:f9:4a:bf:27:3e:98:1b:f7:22:7e:2b:49:f7:e6:a0:78:
88:7f:63:4e:ec:66:19:fc:30:ed:c0:cb:6a:88:b5:4c:75:33:
36:e6:61:79:41:b0:c9:af:c0:3d:85:e1:11:9a:14:74:dd:cb:
79:58:17:2e:86:dc:4e:80:c7:b6:34:5c:79:b2:82:79:d8:71:
3a:a0:29:d9:cf:b4:72:b5:e8:ee:22:ae:14:d8:47:34:f3:27:
48:9e:9e:93:49:73:53:04:51:81:f5:2d:09:99:ed:00:16:ef:
ad:15:80:8f:f7:aa:6c:43:b5:a3:b3:2f:e6:95:a6:e7:f6:31:
b5:51:5c:7b:bd:f5:31:2c:30:a7:01:f4:1c:0c:91:ee:51:59:
5f:eb:aa:74:49:9f:1c:c1:f9:94:62:f2:d3:ce:28:ad:f4:88:
1d:b3:6f:be
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZe1kThe+VkblPODUb4DBWmBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjI4MDgwNDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDMxNmI0ODcyYTk3N2QxM2JhZjczOGI5N2FlY2RmYmNlMWI3OWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3z+8saIPHajLvtRfe6RTQX8NoNW6
EroDwwVxBpb5snSM49ayB80zbjYgLYHTHWA8VsDXzh8GNVPocmPcYtAId2LbdL3Q
2M20EXtrnvVs4m6u6zHh54L1nAq1/Ei2IZ1aWmQTjg0BFH7OdeOWlIlWlxvDqqOw
cqfieo3aWwBaIu8rdgbMKSWvk/kbZuhzrogaGTNRBpZyEdYVEEh+6yD2J8WqFej9
IHNMtYvmjxfl8MVI7JP62wmke+qmiKe7/cU76cS8c7PxlDj45aQr6GRaquL/q31X
nh8WDqN8hKLFDUgTrA7K+wBjmUQRfUvgSLDs+m05rEDMUFLEHfIhIF48jwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFP0xa0hyqXfRO69zi5euzfvOG3mrMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvX1RGclNIS3BkOUU3cjNPTGw2N04tODRiZWFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGXaFF4nAMRACABBnwAZP//AAABl7WQ15UwDQYJKoZIhvcNAQELBQADggEB
AEiBLyYU/76yjZ/OJC/d1ODZOSqw9iNgDjrxHSYNEBTkpoBLqLsFCi4jCxIDAsuY
ao+d2bwT4xU5zfk+90zUhsnPhxmyeLwEZK5xiLzURsFLhsDuHjJEiIAi40dR+Uq/
Jz6YG/cifitJ9+ageIh/Y07sZhn8MO3Ay2qItUx1MzbmYXlBsMmvwD2F4RGaFHTd
y3lYFy6G3E6Ax7Y0XHmygnnYcTqgKdnPtHK16O4irhTYRzTzJ0ienpNJc1MEUYH1
LQmZ7QAW760VgI/3qmxDtaOzL+aVpuf2MbVRXHu99TEsMKcB9BwMke5RWV/rqnRJ
nxzB+ZRi8tPOKK30iB2zb74=
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:17:04 2025 by rpki-client