Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/dbmb3qjBxZPIpSI-eG0yu1oNrQw.roa
File: dbmb3qjBxZPIpSI-eG0yu1oNrQw.roa (raw, json)
Hash identifier: fqC0ODePSi1lR9WEnJATRT01/YPvpb1bBu22yPXGP6Q=
Subject key identifier: 75:B9:9B:DE:A8:C1:C5:93:C8:A5:22:3E:78:6D:32:BB:5A:0D:AD:0C
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 01978B5613BB72D5F292919934FE080C7E3B
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/dbmb3qjBxZPIpSI-eG0yu1oNrQw.roa
Signing time: Fri 20 Jun 2025 03:16:03 +0000
ROA not before: Fri 20 Jun 2025 03:16:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 20 Jun 2025 04:07:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:8b:56:13:bb:72:d5:f2:92:91:99:34:fe:08:0c:7e:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 20 03:16:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=75b99bdea8c1c593c8a5223e786d32bb5a0dad0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:53:c0:90:0f:24:7b:97:91:f9:75:51:57:a0:
5b:f5:e5:56:a3:8f:2f:38:85:f8:3a:1d:5d:1b:85:
5c:19:f3:dc:e0:00:e3:5d:a3:f9:be:ac:7d:38:4f:
46:25:03:7b:b4:c0:0e:6c:6d:a1:3c:bb:4f:ab:04:
fd:db:72:4f:5c:ed:8a:6e:b4:9c:e5:5d:de:15:68:
29:fd:d9:0a:86:3d:86:89:66:9c:bc:2a:40:b5:98:
f4:6e:53:cd:10:09:7c:a7:2c:cb:a8:4c:84:44:83:
be:ec:10:e4:57:8d:f8:27:22:5a:16:e2:f2:27:8b:
d7:bd:78:8c:bf:d2:75:4e:ca:df:fb:28:24:39:cd:
83:a4:08:69:76:e6:78:97:03:17:5f:75:bb:8f:f3:
0f:f7:2e:8e:47:81:9a:d4:c5:f4:fc:0d:ec:c1:66:
9e:82:8b:4d:cd:0e:a3:91:e7:d5:90:df:fb:1d:e1:
39:c1:cd:b1:26:e1:4f:71:97:07:ec:61:00:27:db:
8f:6b:8d:c4:37:c3:98:9c:28:3c:ff:a2:15:49:23:
bf:84:3e:ad:68:92:42:ae:4e:5a:ff:a8:73:5e:6d:
4f:d7:48:fd:c8:0d:32:bd:38:54:94:c7:6f:b7:78:
cf:ec:b5:58:a4:0b:cb:42:a1:8b:c8:7a:16:7e:e2:
4d:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:B9:9B:DE:A8:C1:C5:93:C8:A5:22:3E:78:6D:32:BB:5A:0D:AD:0C
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/dbmb3qjBxZPIpSI-eG0yu1oNrQw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
8c:82:32:05:ca:3a:7b:2a:45:08:fe:36:49:32:aa:ac:b4:cd:
c3:e4:1c:9e:af:f5:04:1d:fa:12:ad:f8:50:79:13:f8:3a:e6:
53:a8:18:ae:7b:42:e6:54:58:21:b7:7e:57:bd:64:41:9f:bd:
e5:71:cb:07:c5:71:51:a5:1f:c6:d7:bf:a6:61:dc:ba:d4:62:
a7:f0:e7:f7:f8:37:0a:a9:4e:03:9a:4d:b4:3d:f5:fb:c0:b5:
8c:74:0a:98:d5:80:ae:36:d7:87:df:cd:7f:8e:cf:4e:c1:70:
7b:e9:b9:6c:51:e7:44:99:87:26:7b:a6:d9:0c:8a:10:50:8a:
d2:34:cb:f4:ec:75:8f:1a:f2:fb:85:89:96:6d:bd:1d:b9:d1:
e4:41:d6:4a:60:1f:0b:da:e1:6a:1d:46:cd:1e:fd:be:03:32:
71:33:a1:a4:60:af:29:4f:fc:75:c3:30:76:3e:fc:97:36:54:
47:0d:48:53:53:4a:2a:1c:ea:bf:49:a2:94:84:a3:8f:78:dd:
a6:1d:8e:3d:6e:35:ee:f6:8c:31:70:37:f9:0e:c1:54:ae:fe:
f9:b6:10:fe:6a:38:ca:8f:f9:33:9a:7a:85:3a:50:87:42:ec:
bc:68:2f:82:90:fe:70:a6:f0:31:91:5d:74:59:dc:38:23:1d:
af:67:89:3a
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZeLVhO7ctXykpGZNP4IDH47MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjIwMDMxNjAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWI5OWJkZWE4YzFjNTkzYzhhNTIyM2U3ODZkMzJiYjVhMGRhZDBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxlPAkA8ke5eR+XVRV6Bb9eVWo48v
OIX4Oh1dG4VcGfPc4ADjXaP5vqx9OE9GJQN7tMAObG2hPLtPqwT923JPXO2KbrSc
5V3eFWgp/dkKhj2GiWacvCpAtZj0blPNEAl8pyzLqEyERIO+7BDkV434JyJaFuLy
J4vXvXiMv9J1Tsrf+ygkOc2DpAhpduZ4lwMXX3W7j/MP9y6OR4Ga1MX0/A3swWae
gotNzQ6jkefVkN/7HeE5wc2xJuFPcZcH7GEAJ9uPa43EN8OYnCg8/6IVSSO/hD6t
aJJCrk5a/6hzXm1P10j9yA0yvThUlMdvt3jP7LVYpAvLQqGLyHoWfuJNDQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFHW5m96owcWTyKUiPnhtMrtaDa0MMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvZGJtYjNxakJ4WlBJcFNJLWVHMHl1MW9OclF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAjIIyBco6eypFCP42STKqrLTN
w+Qcnq/1BB36Eq34UHkT+DrmU6gYrntC5lRYIbd+V71kQZ+95XHLB8VxUaUfxte/
pmHcutRip/Dn9/g3CqlOA5pNtD31+8C1jHQKmNWArjbXh9/Nf47PTsFwe+m5bFHn
RJmHJnum2QyKEFCK0jTL9Ox1jxry+4WJlm29HbnR5EHWSmAfC9rhah1GzR79vgMy
cTOhpGCvKU/8dcMwdj78lzZURw1IU1NKKhzqv0milISjj3jdph2OPW417vaMMXA3
+Q7BVK7++bYQ/mo4yo/5M5p6hTpQh0LsvGgvgpD+cKbwMZFddFncOCMdr2eJOg==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:51:29 2025 by rpki-client