Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/_bI0Y2s5maGiHvhc7QDEgKN0pG8.roa
File: _bI0Y2s5maGiHvhc7QDEgKN0pG8.roa (raw, json)
Hash identifier: NOQUHd5UQxnZWXyK9gz46cf6eb6WvSb7wH6zGcWEynQ=
Subject key identifier: FD:B2:34:63:6B:39:99:A1:A2:1E:F8:5C:ED:00:C4:80:A3:74:A4:6F
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 0197A2816C42BC321D85026F04318E32E90E
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/_bI0Y2s5maGiHvhc7QDEgKN0pG8.roa
Signing time: Tue 24 Jun 2025 15:14:40 +0000
ROA not before: Tue 24 Jun 2025 15:14:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 24 Jun 2025 16:04:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a2:81:6c:42:bc:32:1d:85:02:6f:04:31:8e:32:e9:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 24 15:14:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fdb234636b3999a1a21ef85ced00c480a374a46f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:26:a1:30:1a:6d:58:55:49:6d:13:f3:ce:73:
19:15:0d:52:92:cf:e8:9e:1d:0a:67:89:7d:fc:ff:
b1:81:02:bb:44:cb:f2:39:88:9a:9e:7d:b9:a5:3b:
d9:ce:86:b9:35:8a:61:fb:2b:30:72:2a:6d:c1:0c:
9d:c3:e0:c0:7a:cc:03:a5:6b:69:9e:72:e6:d6:d5:
01:42:e5:d9:2b:6e:4c:f3:53:5b:7b:39:4b:d6:00:
16:50:75:b4:be:cf:c5:cd:7d:9e:30:84:06:c0:c8:
79:f3:bd:ff:a4:c9:5e:2d:46:43:86:8a:09:45:ab:
36:c3:47:58:df:c7:44:bb:48:3e:d1:5f:59:ad:84:
16:0d:94:83:83:7d:21:f8:6a:1d:d7:3b:32:de:30:
bd:0c:a5:df:cc:99:7f:54:04:1a:1d:18:04:ad:df:
66:b3:7d:fe:c8:51:4f:62:63:1b:30:73:dd:5e:30:
8b:69:3a:c0:dc:fa:8d:04:e4:c6:d3:96:99:5f:c1:
1e:42:d6:18:44:1e:db:67:30:2d:14:dd:90:3d:0b:
83:08:3e:52:91:b2:3c:33:34:8a:35:61:22:40:23:
71:47:fc:cc:9c:56:8c:49:7c:55:3b:51:5b:ee:26:
b0:db:0d:cc:9e:3f:31:96:89:ed:78:4e:e6:57:62:
c3:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:B2:34:63:6B:39:99:A1:A2:1E:F8:5C:ED:00:C4:80:A3:74:A4:6F
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/_bI0Y2s5maGiHvhc7QDEgKN0pG8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
00:5c:77:f1:79:ac:0f:66:e1:76:ee:d3:07:a8:3b:dd:fa:17:
c9:ec:35:5d:95:40:3b:3d:fe:4e:f0:2f:b7:36:02:51:e6:b1:
b0:91:44:33:aa:f9:ea:a0:96:af:f1:21:1e:8d:2d:d2:ec:19:
46:44:be:e1:61:a5:3b:5b:28:6e:b2:e9:fb:9f:d2:1d:26:83:
f8:54:b4:17:0c:b7:21:e1:61:1e:05:f8:51:a7:3e:5f:dd:6f:
d3:d8:53:99:40:8e:85:19:c8:5f:67:fb:47:74:e5:0e:8a:0e:
40:f1:a5:f0:9c:20:9d:5c:c3:30:4a:37:1e:e2:51:71:ba:b1:
1d:40:ce:cf:8d:d2:9f:51:cf:d5:bd:e3:8f:86:16:0b:ad:fa:
08:b3:ef:c1:fa:e2:ee:48:c8:f3:0f:ca:01:d2:28:71:c4:f4:
36:48:ec:86:cf:19:db:73:1d:8e:8f:64:c9:f4:28:50:29:81:
b6:ac:df:ea:82:44:17:c8:47:6a:53:c1:df:f0:0c:1a:73:ff:
20:09:0b:fc:92:6c:16:cc:0a:8d:9c:fe:78:de:0c:e1:3d:9a:
f4:6f:2a:73:bf:c6:73:46:49:d6:94:b8:47:ed:a7:99:90:7e:
87:cd:72:e4:6c:fa:46:aa:61:44:6b:ec:92:3a:e7:89:f6:24:
c5:ed:61:1e
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZeigWxCvDIdhQJvBDGOMukOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjI0MTUxNDQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGIyMzQ2MzZiMzk5OWExYTIxZWY4NWNlZDAwYzQ4MGEzNzRhNDZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiCahMBptWFVJbRPzznMZFQ1Sks/o
nh0KZ4l9/P+xgQK7RMvyOYiann25pTvZzoa5NYph+yswciptwQydw+DAeswDpWtp
nnLm1tUBQuXZK25M81NbezlL1gAWUHW0vs/FzX2eMIQGwMh5873/pMleLUZDhooJ
Ras2w0dY38dEu0g+0V9ZrYQWDZSDg30h+God1zsy3jC9DKXfzJl/VAQaHRgErd9m
s33+yFFPYmMbMHPdXjCLaTrA3PqNBOTG05aZX8EeQtYYRB7bZzAtFN2QPQuDCD5S
kbI8MzSKNWEiQCNxR/zMnFaMSXxVO1Fb7iaw2w3Mnj8xlonteE7mV2LDdwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFP2yNGNrOZmhoh74XO0AxICjdKRvMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvX2JJMFkyczVtYUdpSHZoYzdRREVnS04wcEc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAAFx38XmsD2bhdu7TB6g73foX
yew1XZVAOz3+TvAvtzYCUeaxsJFEM6r56qCWr/EhHo0t0uwZRkS+4WGlO1sobrLp
+5/SHSaD+FS0Fwy3IeFhHgX4Uac+X91v09hTmUCOhRnIX2f7R3TlDooOQPGl8Jwg
nVzDMEo3HuJRcbqxHUDOz43Sn1HP1b3jj4YWC636CLPvwfri7kjI8w/KAdIoccT0
Nkjshs8Z23Mdjo9kyfQoUCmBtqzf6oJEF8hHalPB3/AMGnP/IAkL/JJsFswKjZz+
eN4M4T2a9G8qc7/Gc0ZJ1pS4R+2nmZB+h81y5Gz6RqphRGvskjrnifYkxe1hHg==
-----END CERTIFICATE-----
Generated at Sat Jul 5 16:01:05 2025 by rpki-client