Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/a3TjAzlF-BCgA1H-k4G2HrH10hU.roa
File: a3TjAzlF-BCgA1H-k4G2HrH10hU.roa (raw, json)
Hash identifier: MFiZpjN32Y8+A78DF+s/TZNnmRswJCAVrhEeQ21eq4U=
Subject key identifier: 6B:74:E3:03:39:45:F8:10:A0:03:51:FE:93:81:B6:1E:B1:F5:D2:15
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 01977E079DB77FC2E238A173BA6D968320FE
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/a3TjAzlF-BCgA1H-k4G2HrH10hU.roa
Signing time: Tue 17 Jun 2025 13:15:17 +0000
ROA not before: Tue 17 Jun 2025 13:15:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 17 Jun 2025 14:05:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:7e:07:9d:b7:7f:c2:e2:38:a1:73:ba:6d:96:83:20:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 17 13:15:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6b74e3033945f810a00351fe9381b61eb1f5d215
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:ce:4e:20:51:ac:7c:f6:33:dd:2f:16:81:b1:
2c:00:b9:2b:61:58:ed:53:90:58:98:3e:49:a1:04:
ef:3a:bc:7f:a1:9f:66:5b:6a:07:c8:be:57:fc:e5:
88:f2:81:be:00:72:da:98:25:53:17:59:3e:f1:49:
92:c3:c9:fc:10:92:e6:dd:3f:b1:e7:b4:05:aa:de:
c6:34:82:71:71:4c:78:96:e4:35:a4:3d:5e:4a:ac:
88:fa:a0:2e:7f:33:8e:4c:70:24:db:f3:9b:1c:91:
15:72:cb:78:36:e6:a3:51:b2:8c:8c:1c:b1:0f:61:
9a:49:a6:57:8d:6a:2a:1c:d0:49:50:83:b9:87:01:
44:52:9f:1f:59:db:f4:ac:55:47:6a:57:0d:04:2c:
a8:73:17:0c:5f:fe:a7:4f:b0:23:75:83:93:68:86:
28:f4:ac:73:55:b0:5b:50:7d:88:c4:e3:1e:6c:41:
d3:8b:d0:a3:cf:4d:b7:00:cc:10:a4:c7:d0:7e:9b:
d8:f9:4b:29:79:7e:38:a7:23:90:0c:fa:f7:97:3d:
a1:c0:9d:0c:a7:c1:64:37:60:2b:28:39:ff:9a:f8:
15:60:ed:4b:3c:e6:1f:b9:87:c6:7b:91:f0:ce:9a:
05:6a:67:24:27:d1:76:a1:c7:3a:60:2a:73:ef:96:
f3:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:74:E3:03:39:45:F8:10:A0:03:51:FE:93:81:B6:1E:B1:F5:D2:15
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/a3TjAzlF-BCgA1H-k4G2HrH10hU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
6a:07:2f:36:bb:17:5e:09:e6:d5:be:4d:14:3d:d3:f1:19:b2:
c1:c0:d4:cd:f5:bf:20:db:cc:93:d7:0d:34:07:ce:8c:ed:74:
39:89:09:3b:84:f2:5e:01:a3:19:22:80:79:9d:08:de:8e:88:
4e:37:5b:1d:1e:b5:a5:e4:6a:0d:2d:35:79:20:99:bb:04:c4:
08:43:b2:53:52:cc:1f:2c:7d:7c:7f:22:f2:5c:36:e5:2b:f2:
a1:25:be:d0:31:f6:8d:bc:14:95:6a:b7:a8:b9:eb:83:3a:2b:
88:49:87:eb:41:2d:0b:ae:64:ce:f2:16:79:99:e2:b1:e1:4f:
f2:db:6e:02:1e:db:ef:99:81:39:84:4d:fe:b1:47:90:15:a4:
9a:de:16:b5:4f:02:b7:23:05:9c:d8:d8:6f:72:53:5c:5d:d7:
db:72:fe:36:6e:5b:d6:8e:96:03:bc:c6:f1:c2:5b:b5:6b:3e:
32:ca:d2:3e:b0:77:54:a4:7f:c1:cf:74:4d:69:95:db:57:bc:
3d:52:cf:8d:e3:48:0d:29:e3:26:6d:2c:08:a9:ac:66:49:4e:
85:e5:80:49:8c:91:70:22:25:bd:da:7a:14:3b:d3:bd:9e:f5:
5d:7f:ca:e7:dc:1f:e7:d0:bd:a9:1e:5a:47:84:82:68:9f:6f:
70:76:ec:83
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZd+B523f8LiOKFzum2WgyD+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjE3MTMxNTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Yjc0ZTMwMzM5NDVmODEwYTAwMzUxZmU5MzgxYjYxZWIxZjVkMjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoc5OIFGsfPYz3S8WgbEsALkrYVjt
U5BYmD5JoQTvOrx/oZ9mW2oHyL5X/OWI8oG+AHLamCVTF1k+8UmSw8n8EJLm3T+x
57QFqt7GNIJxcUx4luQ1pD1eSqyI+qAufzOOTHAk2/ObHJEVcst4NuajUbKMjByx
D2GaSaZXjWoqHNBJUIO5hwFEUp8fWdv0rFVHalcNBCyocxcMX/6nT7AjdYOTaIYo
9KxzVbBbUH2IxOMebEHTi9Cjz023AMwQpMfQfpvY+UspeX44pyOQDPr3lz2hwJ0M
p8FkN2ArKDn/mvgVYO1LPOYfuYfGe5HwzpoFamckJ9F2occ6YCpz75bzAwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFGt04wM5RfgQoANR/pOBth6x9dIVMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvYTNUakF6bEYtQkNnQTFILWs0RzJIckgxMGhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAagcvNrsXXgnm1b5NFD3T8Rmy
wcDUzfW/INvMk9cNNAfOjO10OYkJO4TyXgGjGSKAeZ0I3o6ITjdbHR61peRqDS01
eSCZuwTECEOyU1LMHyx9fH8i8lw25SvyoSW+0DH2jbwUlWq3qLnrgzoriEmH60Et
C65kzvIWeZniseFP8ttuAh7b75mBOYRN/rFHkBWkmt4WtU8CtyMFnNjYb3JTXF3X
23L+Nm5b1o6WA7zG8cJbtWs+MsrSPrB3VKR/wc90TWmV21e8PVLPjeNIDSnjJm0s
CKmsZklOheWASYyRcCIlvdp6FDvTvZ71XX/K59wf59C9qR5aR4SCaJ9vcHbsgw==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:27:07 2025 by rpki-client