Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/d8cybt4QTK1Bh9GHoVN_U_9wKRU.roa
File: d8cybt4QTK1Bh9GHoVN_U_9wKRU.roa (raw, json)
Hash identifier: 7qg60AKtpPhYMydkGZ0BUnfr4IB98lYPSv9T0b96VUo=
Subject key identifier: 77:C7:32:6E:DE:10:4C:AD:41:87:D1:87:A1:53:7F:53:FF:70:29:15
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 019788507418DEDDE1216E5C44146754BE21
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/d8cybt4QTK1Bh9GHoVN_U_9wKRU.roa
Signing time: Thu 19 Jun 2025 13:11:03 +0000
ROA not before: Thu 19 Jun 2025 13:11:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 19 Jun 2025 14:06:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:88:50:74:18:de:dd:e1:21:6e:5c:44:14:67:54:be:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 19 13:11:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=77c7326ede104cad4187d187a1537f53ff702915
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:9d:11:08:53:4c:2b:68:d1:77:97:61:f1:e2:
25:29:f7:e9:66:79:18:8c:4d:83:7f:8d:57:43:43:
50:eb:46:e4:0f:98:5c:32:7b:5b:ad:7e:ae:2f:7c:
1e:c8:ad:4a:0c:5c:4c:36:2e:d4:75:68:62:92:3b:
5d:12:6c:38:18:75:49:99:15:8c:a7:ef:a2:da:0c:
7a:09:b6:80:3f:c6:53:c5:5b:a5:f4:10:ce:3d:18:
86:e6:4d:e1:36:77:12:a1:e5:d4:10:89:84:42:b3:
bb:2c:5b:f7:80:42:4c:d2:15:d7:67:0b:59:1f:98:
b8:6f:35:32:4f:18:0a:73:1b:53:d0:17:3f:30:66:
22:30:5c:57:cf:0d:12:34:9a:8e:1d:ce:a2:f0:28:
36:8c:fd:b8:35:c1:5d:13:82:c2:0f:78:9c:1e:a6:
c9:8d:35:a0:81:6f:eb:16:b4:f9:91:1c:96:73:fe:
f2:ad:f4:46:8e:5f:19:95:fb:05:64:b1:f4:7b:ba:
17:e7:33:d3:c0:f2:a2:db:f7:64:48:3d:66:e6:1e:
2d:83:96:a3:84:e9:8f:7f:34:35:e5:fa:64:38:0a:
0f:ee:6a:cb:05:1e:c7:36:5a:6d:32:8d:4d:50:87:
3a:6d:f2:49:12:9d:54:7a:57:05:67:7d:01:c3:ad:
18:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:C7:32:6E:DE:10:4C:AD:41:87:D1:87:A1:53:7F:53:FF:70:29:15
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/d8cybt4QTK1Bh9GHoVN_U_9wKRU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
5c:d9:a3:2e:c4:87:c7:da:68:29:1f:c3:53:2f:f3:04:c2:e4:
b5:fa:60:fc:66:3d:fc:dc:4e:61:cc:6e:8e:a7:91:77:9d:4f:
c0:fe:98:bd:3d:00:7f:bc:70:a8:3f:52:65:87:77:92:d3:e1:
74:1c:e8:6a:56:32:14:53:b0:b1:bd:42:e1:ae:29:b6:a2:b2:
4f:98:ad:c7:e5:4f:3c:b9:2a:fa:21:26:f9:8c:bc:08:a8:0f:
6d:90:13:ac:fc:7d:6f:28:69:bd:55:db:47:ce:72:1c:bf:dc:
34:0e:21:c6:c1:b7:bc:26:b5:aa:a3:33:fa:8d:17:c0:b5:2e:
79:1d:8e:52:e4:38:5e:31:4a:06:17:c9:61:d5:fb:9b:52:59:
ef:21:97:f6:94:14:64:91:a6:8e:7c:1b:51:c7:27:2a:a3:44:
9e:f0:5a:25:b7:bf:e1:8c:4c:75:69:d9:93:7e:cb:45:58:1d:
f9:6f:74:5e:4f:44:d4:ae:fa:a9:39:a3:dd:6d:10:be:66:88:
13:98:d6:b1:21:eb:d4:68:c4:c6:74:a1:d4:0d:dc:30:89:1a:
c1:40:80:14:25:a4:37:35:85:9b:c0:d9:ed:1a:30:02:2c:66:
82:6a:03:90:3b:17:d3:3b:b2:4a:7e:c4:0a:81:43:5a:33:18:
f6:8d:7b:ed
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZeIUHQY3t3hIW5cRBRnVL4hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjE5MTMxMTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2M3MzI2ZWRlMTA0Y2FkNDE4N2QxODdhMTUzN2Y1M2ZmNzAyOTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt50RCFNMK2jRd5dh8eIlKffpZnkY
jE2Df41XQ0NQ60bkD5hcMntbrX6uL3weyK1KDFxMNi7UdWhikjtdEmw4GHVJmRWM
p++i2gx6CbaAP8ZTxVul9BDOPRiG5k3hNncSoeXUEImEQrO7LFv3gEJM0hXXZwtZ
H5i4bzUyTxgKcxtT0Bc/MGYiMFxXzw0SNJqOHc6i8Cg2jP24NcFdE4LCD3icHqbJ
jTWggW/rFrT5kRyWc/7yrfRGjl8ZlfsFZLH0e7oX5zPTwPKi2/dkSD1m5h4tg5aj
hOmPfzQ15fpkOAoP7mrLBR7HNlptMo1NUIc6bfJJEp1UelcFZ30Bw60YHwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFHfHMm7eEEytQYfRh6FTf1P/cCkVMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvZDhjeWJ0NFFUSzFCaDlHSG9WTl9VXzl3S1JVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAXNmjLsSHx9poKR/DUy/zBMLk
tfpg/GY9/NxOYcxujqeRd51PwP6YvT0Af7xwqD9SZYd3ktPhdBzoalYyFFOwsb1C
4a4ptqKyT5itx+VPPLkq+iEm+Yy8CKgPbZATrPx9byhpvVXbR85yHL/cNA4hxsG3
vCa1qqMz+o0XwLUueR2OUuQ4XjFKBhfJYdX7m1JZ7yGX9pQUZJGmjnwbUccnKqNE
nvBaJbe/4YxMdWnZk37LRVgd+W90Xk9E1K76qTmj3W0QvmaIE5jWsSHr1GjExnSh
1A3cMIkawUCAFCWkNzWFm8DZ7RowAixmgmoDkDsX0zuySn7ECoFDWjMY9o177Q==
-----END CERTIFICATE-----
Generated at Sat Jul 5 16:05:24 2025 by rpki-client