Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/eKM76xRCtTBpFAJdh7yhqzHntCE.roa
File: eKM76xRCtTBpFAJdh7yhqzHntCE.roa (raw, json)
Hash identifier: BfQal1DtTiwJFYGfwXHN5JrPX059PnGHYsregwX1hDM=
Subject key identifier: 78:A3:3B:EB:14:42:B5:30:69:14:02:5D:87:BC:A1:AB:31:E7:B4:21
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 0197759F36209C5912C58180F421DF561384
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/eKM76xRCtTBpFAJdh7yhqzHntCE.roa
Signing time: Sun 15 Jun 2025 22:04:17 +0000
ROA not before: Sun 15 Jun 2025 22:04:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
2001:67c:64:ffff:0:197:759f:1aea/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 15 Jun 2025 22:14:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:75:9f:36:20:9c:59:12:c5:81:80:f4:21:df:56:13:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 15 22:04:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=78a33beb1442b5306914025d87bca1ab31e7b421
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:70:9d:83:b0:57:e5:5e:01:63:38:36:6b:6e:
78:af:45:f7:29:e7:0b:a0:c9:de:09:bf:f8:e7:07:
8c:6a:b4:bf:b0:19:1d:7c:a2:ca:9d:30:dd:6c:0c:
40:bc:3e:38:d8:b4:54:2f:70:6b:5d:e4:87:62:73:
61:3b:f2:33:e5:bc:6a:6f:e3:08:e3:4b:bf:1f:cd:
8f:e0:5d:29:ed:9a:dc:e2:89:dd:ef:90:e8:30:66:
5b:68:77:ff:89:f4:a9:2a:f5:59:dd:3e:15:e9:bb:
82:1f:ac:ed:5d:5f:ec:d4:b4:05:9d:58:2a:15:fc:
1f:12:e2:7f:e0:17:c6:8f:ca:dd:8f:a0:ba:1d:97:
3c:92:45:44:cd:c6:de:6a:f9:f2:1d:ea:45:c0:d9:
3e:a9:6d:4c:27:8d:51:49:66:d6:92:9e:e1:8c:79:
58:9d:0e:ef:5d:a3:0d:f1:1b:df:88:ca:50:c3:11:
e7:a2:1b:a3:f5:4d:cc:4d:73:e0:0d:65:0f:86:4c:
1d:44:a9:ea:9d:04:99:8e:f3:f1:72:02:d9:4e:14:
97:20:91:be:d2:c5:a5:dd:02:b0:4e:41:3c:23:f7:
dd:8f:f5:e4:80:9c:47:81:0c:ca:e1:13:af:8b:bf:
49:6c:b1:71:08:87:bf:88:52:cd:03:91:d6:ab:67:
27:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:A3:3B:EB:14:42:B5:30:69:14:02:5D:87:BC:A1:AB:31:E7:B4:21
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/eKM76xRCtTBpFAJdh7yhqzHntCE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
2001:67c:64:ffff:0:197:759f:1aea/128
Signature Algorithm: sha256WithRSAEncryption
6e:f2:6e:03:30:c4:8b:17:b0:6f:b9:68:52:27:59:f9:f0:59:
09:f8:5d:8d:f3:c6:7f:33:fb:78:1c:21:bc:be:eb:8b:05:80:
cc:19:2a:14:82:16:0e:f3:87:9f:f1:75:2c:0b:e4:b0:4c:d3:
a7:85:29:36:aa:bd:c9:a0:6d:59:61:df:a4:64:4b:62:d9:ea:
ea:14:19:8f:70:7a:77:84:8d:53:fa:bb:ef:54:18:1d:11:5f:
7b:d8:9b:4b:e5:ab:ea:a6:4d:70:49:4f:69:0d:f9:42:4d:ae:
26:19:73:f9:83:2e:b3:b1:4c:4d:68:1a:17:df:03:3d:0f:f6:
3f:41:5d:e7:af:53:26:21:07:68:a0:8a:d7:b5:37:fd:41:c1:
81:6e:c0:40:7b:37:18:6c:9c:f6:b5:ca:8e:7a:83:08:06:e3:
e0:1d:8f:f0:7d:b6:f9:c9:49:2a:6c:d6:e6:0b:c4:de:ab:a3:
8a:8b:7d:28:78:00:1e:36:58:40:77:ca:80:ad:b0:a3:c5:11:
c4:23:b3:98:e4:2c:91:35:e7:8c:44:77:5e:a0:98:a9:4f:71:
c6:8a:96:e7:7b:ca:72:2b:50:d2:29:57:14:cc:ab:ae:c8:ae:
cf:fb:54:84:f0:58:34:5e:4f:5f:77:47:6a:01:6b:1c:2e:9c:
b6:af:1e:12
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZd1nzYgnFkSxYGA9CHfVhOEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjE1MjIwNDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGEzM2JlYjE0NDJiNTMwNjkxNDAyNWQ4N2JjYTFhYjMxZTdiNDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw3Cdg7BX5V4BYzg2a254r0X3KecL
oMneCb/45weMarS/sBkdfKLKnTDdbAxAvD442LRUL3BrXeSHYnNhO/Iz5bxqb+MI
40u/H82P4F0p7Zrc4ond75DoMGZbaHf/ifSpKvVZ3T4V6buCH6ztXV/s1LQFnVgq
FfwfEuJ/4BfGj8rdj6C6HZc8kkVEzcbeavnyHepFwNk+qW1MJ41RSWbWkp7hjHlY
nQ7vXaMN8RvfiMpQwxHnohuj9U3MTXPgDWUPhkwdRKnqnQSZjvPxcgLZThSXIJG+
0sWl3QKwTkE8I/fdj/XkgJxHgQzK4ROvi79JbLFxCIe/iFLNA5HWq2cnVQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFHijO+sUQrUwaRQCXYe8oasx57QhMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvZUtNNzZ4UkN0VEJwRkFKZGg3eWhxekhudENFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGXaFF4nAMRACABBnwAZP//AAABl3WfGuowDQYJKoZIhvcNAQELBQADggEB
AG7ybgMwxIsXsG+5aFInWfnwWQn4XY3zxn8z+3gcIby+64sFgMwZKhSCFg7zh5/x
dSwL5LBM06eFKTaqvcmgbVlh36RkS2LZ6uoUGY9weneEjVP6u+9UGB0RX3vYm0vl
q+qmTXBJT2kN+UJNriYZc/mDLrOxTE1oGhffAz0P9j9BXeevUyYhB2igite1N/1B
wYFuwEB7NxhsnPa1yo56gwgG4+Adj/B9tvnJSSps1uYLxN6ro4qLfSh4AB42WEB3
yoCtsKPFEcQjs5jkLJE154xEd16gmKlPccaKlud7ynIrUNIpVxTMq67Irs/7VITw
WDReT193R2oBaxwunLavHhI=
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:31:08 2025 by rpki-client