Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ae-BfqBLgIvRwmTUpcRkxvkImYg.roa
File: ae-BfqBLgIvRwmTUpcRkxvkImYg.roa (raw, json)
Hash identifier: n0hvq0C9je6GoBODIpAHCf1QOM/J/ezkCN26hOkpLEc=
Subject key identifier: 69:EF:81:7E:A0:4B:80:8B:D1:C2:64:D4:A5:C4:64:C6:F9:08:99:88
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 0197C08BE3EFCD8B3BC00A5B2D8394BFFA82
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ae-BfqBLgIvRwmTUpcRkxvkImYg.roa
Signing time: Mon 30 Jun 2025 11:14:42 +0000
ROA not before: Mon 30 Jun 2025 11:14:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 30 Jun 2025 12:04:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c0:8b:e3:ef:cd:8b:3b:c0:0a:5b:2d:83:94:bf:fa:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 30 11:14:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69ef817ea04b808bd1c264d4a5c464c6f9089988
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:09:fa:d8:fb:93:6c:7e:49:97:08:a1:3f:98:
05:7e:65:09:b5:7f:bc:a4:f0:09:1e:d7:03:a1:a3:
91:7d:8f:a8:d1:f4:2e:55:ef:04:24:74:e3:f9:e0:
16:8b:f0:7f:79:6b:01:17:28:1a:58:58:39:05:ac:
33:4d:e5:59:1d:60:ef:5f:b1:cb:47:03:1b:e3:35:
ac:c9:ca:62:70:54:79:61:b7:4c:73:cd:2b:b5:03:
55:45:af:1d:b9:87:99:0d:4b:dc:ee:d1:7c:52:b5:
2e:fe:96:d7:ca:1e:f1:9b:3b:70:5f:a0:98:25:86:
be:1f:8d:ee:1f:84:ff:76:7e:d4:32:e5:42:66:36:
a6:b1:4d:23:94:c8:50:5e:40:55:38:6b:64:4d:be:
2e:5a:86:39:71:3e:fd:be:11:9a:8e:c4:64:10:db:
9e:ac:bb:b0:1a:c4:11:06:6b:af:c3:2b:e2:04:4a:
d4:bf:45:86:f6:a7:ef:25:48:1b:9a:d4:d2:2f:ae:
a5:6c:ae:91:49:c2:ca:ec:1b:a5:cc:7e:67:9c:92:
93:c9:e5:dd:34:88:a6:c8:36:d8:62:f7:b8:33:de:
d9:46:b9:b3:66:17:f9:82:4a:3e:b3:03:c0:1a:1e:
c9:a3:1d:42:0c:3f:36:77:54:c8:98:27:e2:6c:10:
66:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:EF:81:7E:A0:4B:80:8B:D1:C2:64:D4:A5:C4:64:C6:F9:08:99:88
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ae-BfqBLgIvRwmTUpcRkxvkImYg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
71:47:56:94:55:0b:53:be:a6:23:8f:a7:04:25:bf:50:3b:c0:
90:f5:1d:36:5f:13:27:79:a0:ae:39:98:62:45:27:5e:13:b1:
d7:b6:33:b3:61:45:f9:0a:55:84:33:d3:92:92:e8:d2:65:61:
f3:ad:25:ff:75:7e:a5:1d:d4:c9:53:c7:19:b3:3a:1a:34:18:
97:b9:c8:10:80:0d:f1:a6:64:f8:d6:c2:c8:6c:94:24:12:b1:
c3:38:f1:55:d9:0d:04:ec:08:b1:2e:80:c5:8e:07:8b:73:e9:
bb:3d:ba:6b:d2:30:84:be:e1:85:7e:ca:83:00:56:72:90:7d:
aa:a3:1e:eb:8b:44:d5:02:64:0a:6b:ae:20:33:1b:4c:48:63:
8a:7c:98:c7:ae:08:3b:06:2a:1d:ed:69:a0:7b:3a:03:36:c7:
f7:5b:9e:a1:6e:90:61:9e:8c:c7:ee:84:f4:52:86:45:ed:9b:
7e:c7:8c:f1:87:d2:fa:50:0d:52:eb:4a:3d:66:50:7b:8b:07:
f8:2b:0d:35:c8:25:2b:25:79:21:6d:57:ea:fd:42:a7:f7:b8:
3d:11:fe:5c:b1:cf:25:d6:57:68:a0:c7:f8:0d:30:7b:93:b4:
e0:a5:25:67:fc:ab:79:de:ec:5a:ec:b0:12:c0:da:b8:5b:07:
51:dc:8b:5b
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZfAi+PvzYs7wApbLYOUv/qCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjMwMTExNDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWVmODE3ZWEwNGI4MDhiZDFjMjY0ZDRhNWM0NjRjNmY5MDg5OTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQn62PuTbH5JlwihP5gFfmUJtX+8
pPAJHtcDoaORfY+o0fQuVe8EJHTj+eAWi/B/eWsBFygaWFg5BawzTeVZHWDvX7HL
RwMb4zWsycpicFR5YbdMc80rtQNVRa8duYeZDUvc7tF8UrUu/pbXyh7xmztwX6CY
JYa+H43uH4T/dn7UMuVCZjamsU0jlMhQXkBVOGtkTb4uWoY5cT79vhGajsRkENue
rLuwGsQRBmuvwyviBErUv0WG9qfvJUgbmtTSL66lbK6RScLK7BulzH5nnJKTyeXd
NIimyDbYYve4M97ZRrmzZhf5gko+swPAGh7Jox1CDD82d1TImCfibBBmqQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFGnvgX6gS4CL0cJk1KXEZMb5CJmIMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvYWUtQmZxQkxnSXZSd21UVXBjUmt4dmtJbVlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAcUdWlFULU76mI4+nBCW/UDvA
kPUdNl8TJ3mgrjmYYkUnXhOx17Yzs2FF+QpVhDPTkpLo0mVh860l/3V+pR3UyVPH
GbM6GjQYl7nIEIAN8aZk+NbCyGyUJBKxwzjxVdkNBOwIsS6AxY4Hi3Ppuz26a9Iw
hL7hhX7KgwBWcpB9qqMe64tE1QJkCmuuIDMbTEhjinyYx64IOwYqHe1poHs6AzbH
91ueoW6QYZ6Mx+6E9FKGRe2bfseM8YfS+lANUutKPWZQe4sH+CsNNcglKyV5IW1X
6v1Cp/e4PRH+XLHPJdZXaKDH+A0we5O04KUlZ/yred7sWuywEsDauFsHUdyLWw==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:49:34 2025 by rpki-client