Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/a4p66lvA8v1tIFSG6AAwE3U3HiA.roa
File: a4p66lvA8v1tIFSG6AAwE3U3HiA.roa (raw, json)
Hash identifier: j252DgFiqbWGIdDdBRfIeBZesimZhLe/KdXB84twdTA=
Subject key identifier: 6B:8A:7A:EA:5B:C0:F2:FD:6D:20:54:86:E8:00:30:13:75:37:1E:20
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 01977CBD1CD9A5D0C0593EEC6C9E1BC8EB04
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/a4p66lvA8v1tIFSG6AAwE3U3HiA.roa
Signing time: Tue 17 Jun 2025 07:14:17 +0000
ROA not before: Tue 17 Jun 2025 07:14:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 17 Jun 2025 08:05:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:7c:bd:1c:d9:a5:d0:c0:59:3e:ec:6c:9e:1b:c8:eb:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 17 07:14:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6b8a7aea5bc0f2fd6d205486e800301375371e20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:3a:7c:23:a9:12:cf:45:e1:b7:5e:51:46:34:
6f:44:19:13:22:95:93:24:37:46:b9:bf:74:df:35:
df:9b:7c:77:9b:9b:3f:ff:80:90:84:58:a4:dd:84:
d5:f3:ea:38:76:e5:b3:e0:d5:ed:03:94:63:df:a9:
e9:f1:f9:96:8b:07:02:fe:10:05:23:8d:ef:bb:5e:
d9:a3:5b:11:b4:c4:9f:bf:1a:60:82:d7:a2:d0:42:
26:fb:b3:a5:cc:57:bc:e0:a4:f5:33:36:fa:bc:2c:
13:43:88:ae:e6:33:79:7a:99:31:54:8c:a9:38:ad:
09:d1:e2:81:62:c7:93:64:18:6e:33:6b:26:06:d6:
7a:f8:52:7b:5d:cb:41:ad:ba:16:b3:8a:00:08:ec:
62:cb:b7:51:7a:99:f0:7c:fb:ed:06:50:a5:d1:79:
6f:67:2b:cd:5e:75:f4:5c:5e:9a:ef:73:ce:6d:13:
27:ac:41:cf:22:ca:60:ad:79:1f:f3:99:71:ac:b1:
3c:f1:fd:38:cb:40:65:7f:65:64:3d:99:86:4c:cc:
60:39:b4:31:a3:7e:33:0b:9b:ff:bb:ed:dc:87:f9:
29:8e:0f:55:54:db:de:8b:6d:6e:c1:37:0b:c7:ac:
0b:5c:50:ef:82:9b:77:d4:52:5b:e2:c1:10:e2:0f:
2c:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:8A:7A:EA:5B:C0:F2:FD:6D:20:54:86:E8:00:30:13:75:37:1E:20
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/a4p66lvA8v1tIFSG6AAwE3U3HiA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
65:6e:1d:ee:62:8f:b2:ba:c8:70:91:6c:68:c8:1d:07:ef:8a:
bc:64:22:96:b6:33:eb:a9:ee:f8:0c:e9:e4:2b:ed:43:9e:0d:
f3:f3:c9:9a:30:ee:f4:17:10:cb:36:f1:7b:68:39:fc:6d:d4:
c4:6b:7f:38:7d:2e:f4:cf:8f:6a:53:7a:1e:19:dd:41:d6:c5:
0f:29:3c:96:f7:19:89:3a:d7:6e:7b:7f:3a:68:53:f6:b8:57:
fa:66:80:b3:6e:b9:62:f8:1c:bf:36:a9:e2:27:c9:9c:12:55:
51:1c:bf:6f:77:54:3e:20:d7:35:7a:6e:6b:36:b9:59:5e:5f:
31:3c:3c:2d:a5:37:5a:8d:10:84:e4:df:38:04:80:28:27:d8:
fa:5f:91:9c:53:89:98:31:d4:fd:7d:00:15:68:67:b3:80:e9:
9e:0f:ef:96:e8:d9:ce:7b:1d:d1:74:eb:04:c3:98:75:15:4a:
27:f5:24:25:e7:9a:6c:21:d9:f5:5f:4a:60:88:c1:ad:4c:97:
b0:aa:63:c2:73:13:3a:be:e3:74:ce:12:3e:68:fc:f3:17:02:
36:30:da:2b:a4:4b:2e:fb:fe:17:f1:9a:df:64:18:f9:c0:45:
a6:e0:3e:d4:a3:d9:86:55:ff:cd:cc:23:67:2d:30:5b:af:25:
a6:1a:03:d3
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZd8vRzZpdDAWT7sbJ4byOsEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjE3MDcxNDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjhhN2FlYTViYzBmMmZkNmQyMDU0ODZlODAwMzAxMzc1MzcxZTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyTp8I6kSz0Xht15RRjRvRBkTIpWT
JDdGub903zXfm3x3m5s//4CQhFik3YTV8+o4duWz4NXtA5Rj36np8fmWiwcC/hAF
I43vu17Zo1sRtMSfvxpggtei0EIm+7OlzFe84KT1Mzb6vCwTQ4iu5jN5epkxVIyp
OK0J0eKBYseTZBhuM2smBtZ6+FJ7XctBrboWs4oACOxiy7dRepnwfPvtBlCl0Xlv
ZyvNXnX0XF6a73PObRMnrEHPIspgrXkf85lxrLE88f04y0Blf2VkPZmGTMxgObQx
o34zC5v/u+3ch/kpjg9VVNvei21uwTcLx6wLXFDvgpt31FJb4sEQ4g8sHQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFGuKeupbwPL9bSBUhugAMBN1Nx4gMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvYTRwNjZsdkE4djF0SUZTRzZBQXdFM1UzSGlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAZW4d7mKPsrrIcJFsaMgdB++K
vGQilrYz66nu+Azp5CvtQ54N8/PJmjDu9BcQyzbxe2g5/G3UxGt/OH0u9M+PalN6
HhndQdbFDyk8lvcZiTrXbnt/OmhT9rhX+maAs265Yvgcvzap4ifJnBJVURy/b3dU
PiDXNXpuaza5WV5fMTw8LaU3Wo0QhOTfOASAKCfY+l+RnFOJmDHU/X0AFWhns4Dp
ng/vlujZznsd0XTrBMOYdRVKJ/UkJeeabCHZ9V9KYIjBrUyXsKpjwnMTOr7jdM4S
Pmj88xcCNjDaK6RLLvv+F/Ga32QY+cBFpuA+1KPZhlX/zcwjZy0wW68lphoD0w==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:20:11 2025 by rpki-client