Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ddVVOqeBWPkJekjGzIT1a_p7vIs.roa
File: ddVVOqeBWPkJekjGzIT1a_p7vIs.roa (raw, json)
Hash identifier: HQKBqTlj8mzBqSCvpERPTtZlAGAASNqy08KlVYuBZj4=
Subject key identifier: 75:D5:55:3A:A7:81:58:F9:09:7A:48:C6:CC:84:F5:6B:FA:7B:BC:8B
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 01977A5F08D777457202F078BEA367384799
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ddVVOqeBWPkJekjGzIT1a_p7vIs.roa
Signing time: Mon 16 Jun 2025 20:12:17 +0000
ROA not before: Mon 16 Jun 2025 20:12:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 16 Jun 2025 21:04:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:7a:5f:08:d7:77:45:72:02:f0:78:be:a3:67:38:47:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 16 20:12:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=75d5553aa78158f9097a48c6cc84f56bfa7bbc8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:4d:7c:1a:74:7d:db:7d:f7:9c:0a:c8:a9:d5:
5b:49:0d:84:42:ca:e3:f0:43:f6:f9:da:e5:42:c1:
09:50:50:7a:72:35:dc:17:db:f0:a1:21:49:7b:a8:
6e:e3:06:03:8c:89:17:1a:33:e8:63:de:f3:24:e4:
4a:c6:04:4a:37:9d:b8:f3:cd:91:d7:e9:40:37:49:
66:84:74:cd:f5:dc:8e:0a:c8:ab:9d:b9:3f:d6:09:
29:f4:58:70:fe:ec:78:ca:1b:85:75:24:8d:89:b0:
e7:bc:58:48:29:03:5d:62:ad:1c:3a:10:66:c5:94:
68:b2:43:92:9f:9c:d4:e2:55:eb:4f:c8:f5:ad:c5:
13:d5:ed:09:71:09:56:3d:e2:47:c6:2e:1e:bd:a3:
c1:3d:cd:f2:32:c2:21:da:ba:71:c9:0b:5e:eb:b9:
c0:89:3a:ed:b5:41:34:68:b1:54:08:b9:2b:c8:71:
65:84:9c:ad:0e:90:c8:64:5c:5d:9e:94:4c:73:58:
ff:2f:70:8d:1b:15:dc:2e:63:5f:48:ce:5f:ed:d1:
02:19:d8:86:37:60:cd:e9:45:63:a3:0c:36:a5:8e:
08:5a:ec:6a:09:f8:9a:7e:89:9c:a5:8d:9d:5f:78:
df:cc:a0:6e:6f:0c:c7:25:b5:5c:9e:16:67:85:4d:
f5:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:D5:55:3A:A7:81:58:F9:09:7A:48:C6:CC:84:F5:6B:FA:7B:BC:8B
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ddVVOqeBWPkJekjGzIT1a_p7vIs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
3e:e5:26:ac:b1:1b:93:80:bc:7e:1c:0e:84:2f:3b:cd:ce:9b:
27:d0:e9:56:ff:7d:78:db:af:36:3e:fc:08:08:97:68:9f:20:
9b:02:b8:4e:a5:40:a8:56:bf:30:ff:4d:03:17:ae:ba:2a:4c:
52:fd:98:50:bc:7f:b3:7a:b3:40:23:62:b5:e1:69:ba:1e:15:
c0:39:c1:19:b6:15:1d:df:d6:d4:3e:14:a2:28:0e:dd:46:05:
a4:4c:74:ac:a6:01:24:e3:3e:52:58:b3:3e:53:59:94:56:d2:
f7:4c:51:ea:67:db:9c:17:49:63:3f:43:61:65:17:8e:4e:69:
84:39:8d:3a:31:17:25:c2:df:ff:c3:11:4c:43:c7:57:e2:af:
25:f5:cb:51:ea:27:ce:45:c4:6a:db:00:78:75:35:54:c3:dc:
37:db:e6:ef:c4:fb:bb:88:af:f2:b9:a5:da:49:11:35:fc:58:
77:63:c0:28:40:d3:c2:73:57:b7:b0:1b:08:96:1a:50:19:ad:
ed:9f:55:16:5e:bc:4e:36:bf:54:5e:ae:65:46:76:6b:ee:8e:
36:a4:b7:09:a9:06:ad:0d:0c:b5:b2:52:0f:3d:f1:af:69:8e:
a4:1c:62:5c:04:bd:f9:0e:69:1c:1e:48:10:9b:9c:49:28:ae:
a2:a7:67:eb
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZd6XwjXd0VyAvB4vqNnOEeZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjE2MjAxMjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWQ1NTUzYWE3ODE1OGY5MDk3YTQ4YzZjYzg0ZjU2YmZhN2JiYzhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxU18GnR92333nArIqdVbSQ2EQsrj
8EP2+drlQsEJUFB6cjXcF9vwoSFJe6hu4wYDjIkXGjPoY97zJORKxgRKN524882R
1+lAN0lmhHTN9dyOCsirnbk/1gkp9Fhw/ux4yhuFdSSNibDnvFhIKQNdYq0cOhBm
xZRoskOSn5zU4lXrT8j1rcUT1e0JcQlWPeJHxi4evaPBPc3yMsIh2rpxyQte67nA
iTrttUE0aLFUCLkryHFlhJytDpDIZFxdnpRMc1j/L3CNGxXcLmNfSM5f7dECGdiG
N2DN6UVjoww2pY4IWuxqCfiafomcpY2dX3jfzKBubwzHJbVcnhZnhU31bwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFHXVVTqngVj5CXpIxsyE9Wv6e7yLMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvZGRWVk9xZUJXUGtKZWtqR3pJVDFhX3A3dklzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAPuUmrLEbk4C8fhwOhC87zc6b
J9DpVv99eNuvNj78CAiXaJ8gmwK4TqVAqFa/MP9NAxeuuipMUv2YULx/s3qzQCNi
teFpuh4VwDnBGbYVHd/W1D4UoigO3UYFpEx0rKYBJOM+UlizPlNZlFbS90xR6mfb
nBdJYz9DYWUXjk5phDmNOjEXJcLf/8MRTEPHV+KvJfXLUeonzkXEatsAeHU1VMPc
N9vm78T7u4iv8rml2kkRNfxYd2PAKEDTwnNXt7AbCJYaUBmt7Z9VFl68Tja/VF6u
ZUZ2a+6ONqS3CakGrQ0MtbJSDz3xr2mOpBxiXAS9+Q5pHB5IEJucSSiuoqdn6w==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:18:44 2025 by rpki-client