Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/a-HzgdpmLfqadZmmJJVgYQ1BvUs.roa
File: a-HzgdpmLfqadZmmJJVgYQ1BvUs.roa (raw, json)
Hash identifier: H2/NgBeyA9H3zOhykBZIq99INrLjIQqKvS0gfQ28AUg=
Subject key identifier: 6B:E1:F3:81:DA:66:2D:FA:9A:75:99:A6:24:95:60:61:0D:41:BD:4B
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 01977FBB687ACA9D9961DAF9D016E9D06076
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/a-HzgdpmLfqadZmmJJVgYQ1BvUs.roa
Signing time: Tue 17 Jun 2025 21:11:17 +0000
ROA not before: Tue 17 Jun 2025 21:11:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 17 Jun 2025 22:04:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:7f:bb:68:7a:ca:9d:99:61:da:f9:d0:16:e9:d0:60:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 17 21:11:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6be1f381da662dfa9a7599a6249560610d41bd4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:25:ca:d2:0e:29:35:e7:5f:b1:c5:7d:70:95:
19:1a:88:ec:a5:c0:c7:95:f0:c1:5e:12:05:f0:72:
ac:17:72:79:09:d4:02:85:bb:69:e5:11:fd:cc:4d:
52:57:77:7f:50:2d:f0:c7:d4:f6:c7:be:63:df:fc:
bc:a8:f2:35:dc:77:09:d9:45:0a:a7:29:76:0f:08:
f3:89:de:d0:e3:e2:03:68:56:a5:f2:46:b9:30:53:
1e:64:4c:9b:26:82:42:d9:ed:ed:7c:72:78:8d:49:
de:b7:95:f6:8c:23:06:da:17:40:14:51:7a:1f:23:
a3:cc:c0:0c:8c:56:92:2e:3c:f9:e1:0a:a8:9c:ee:
8e:b1:f1:e1:bf:c7:8d:5e:95:bf:9f:cc:d2:f4:c1:
9b:92:f8:bf:16:46:67:ba:37:98:7c:04:68:78:16:
a7:f7:a1:0b:d0:63:3f:e3:d7:bc:85:a1:d2:29:97:
0b:7c:89:40:ff:96:fa:01:e5:f5:d3:1f:5b:f3:2c:
89:5c:df:40:a7:8d:79:c6:c4:fd:30:ee:65:5d:7f:
06:e2:51:8e:92:6a:d7:de:d2:7a:c5:63:05:f9:81:
c7:4e:3d:04:45:06:6c:64:4f:34:90:e1:84:16:c5:
11:21:c2:f2:7b:31:cf:2c:9b:60:42:37:70:8c:fb:
34:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:E1:F3:81:DA:66:2D:FA:9A:75:99:A6:24:95:60:61:0D:41:BD:4B
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/a-HzgdpmLfqadZmmJJVgYQ1BvUs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
19:3b:a6:48:47:24:db:b0:8f:07:e9:1d:89:07:99:e7:4b:f1:
a1:56:6e:57:44:aa:64:0f:02:3d:e1:ae:f2:53:61:7d:14:27:
da:7d:32:ff:c6:10:a8:86:d3:86:25:ae:06:ee:d7:ef:cd:5c:
cb:0d:1a:14:19:dd:5f:b4:29:3e:8c:22:01:24:12:e1:a6:a7:
a8:21:fb:8b:87:28:fb:00:ea:e8:7b:b1:a7:5c:3b:b7:f0:26:
55:2f:52:de:d9:d4:ce:87:ff:d1:a6:8a:92:d9:9e:99:46:9f:
f8:13:71:3b:1d:5c:d4:04:67:5f:8b:e5:0d:d4:d6:13:5f:65:
b3:00:e7:8c:8f:88:98:43:5a:10:46:61:fc:d1:35:39:9f:bb:
ef:13:67:53:9a:41:9f:cf:18:c1:80:6b:36:56:34:3c:23:54:
d7:ef:cb:b0:16:6b:86:9a:52:1a:ad:0a:0b:09:b1:61:f8:93:
7e:68:80:7b:9c:0f:b7:21:25:98:39:3a:7b:14:42:7b:a9:d0:
e1:11:70:b9:6c:65:9a:41:da:5f:f8:f3:e1:67:6c:91:97:bd:
b8:76:84:91:6a:4c:fe:31:72:82:0c:f9:39:43:67:0e:5c:eb:
b1:88:b8:23:17:26:21:6c:6f:ac:d3:e8:1a:d7:c2:18:03:bb:
38:c7:43:aa
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZd/u2h6yp2ZYdr50Bbp0GB2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjE3MjExMTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmUxZjM4MWRhNjYyZGZhOWE3NTk5YTYyNDk1NjA2MTBkNDFiZDRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5yXK0g4pNedfscV9cJUZGojspcDH
lfDBXhIF8HKsF3J5CdQChbtp5RH9zE1SV3d/UC3wx9T2x75j3/y8qPI13HcJ2UUK
pyl2Dwjzid7Q4+IDaFal8ka5MFMeZEybJoJC2e3tfHJ4jUnet5X2jCMG2hdAFFF6
HyOjzMAMjFaSLjz54QqonO6OsfHhv8eNXpW/n8zS9MGbkvi/FkZnujeYfARoeBan
96EL0GM/49e8haHSKZcLfIlA/5b6AeX10x9b8yyJXN9Ap415xsT9MO5lXX8G4lGO
kmrX3tJ6xWMF+YHHTj0ERQZsZE80kOGEFsURIcLyezHPLJtgQjdwjPs0VQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFGvh84HaZi36mnWZpiSVYGENQb1LMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvYS1IemdkcG1MZnFhZFptbUpKVmdZUTFCdlVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAGTumSEck27CPB+kdiQeZ50vx
oVZuV0SqZA8CPeGu8lNhfRQn2n0y/8YQqIbThiWuBu7X781cyw0aFBndX7QpPowi
ASQS4aanqCH7i4co+wDq6Huxp1w7t/AmVS9S3tnUzof/0aaKktmemUaf+BNxOx1c
1ARnX4vlDdTWE19lswDnjI+ImENaEEZh/NE1OZ+77xNnU5pBn88YwYBrNlY0PCNU
1+/LsBZrhppSGq0KCwmxYfiTfmiAe5wPtyElmDk6exRCe6nQ4RFwuWxlmkHaX/jz
4WdskZe9uHaEkWpM/jFyggz5OUNnDlzrsYi4IxcmIWxvrNPoGtfCGAO7OMdDqg==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:36:52 2025 by rpki-client