Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/fBuMb-4A9WYBAULRs8PjPqr8yho.roa
File: fBuMb-4A9WYBAULRs8PjPqr8yho.roa (raw, json)
Hash identifier: poVnctOEj4+FusSeQWZtHB9yhglpz4ktTutRnCzz37k=
Subject key identifier: 7C:1B:8C:6F:EE:00:F5:66:01:01:42:D1:B3:C3:E3:3E:AA:FC:CA:1A
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 0197C49F964B0D48BA8F3BE870AD0C8F2B6E
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/fBuMb-4A9WYBAULRs8PjPqr8yho.roa
Signing time: Tue 01 Jul 2025 06:14:42 +0000
ROA not before: Tue 01 Jul 2025 06:14:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 01 Jul 2025 08:04:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c4:9f:96:4b:0d:48:ba:8f:3b:e8:70:ad:0c:8f:2b:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jul 1 06:14:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7c1b8c6fee00f566010142d1b3c3e33eaafcca1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:b8:19:fa:13:b2:8d:52:96:62:7e:d6:5e:e5:
51:35:04:99:04:08:ca:e6:e8:e0:78:ea:a5:81:87:
06:21:18:57:a5:36:29:92:f4:a4:19:7d:09:25:f7:
a9:4c:78:a1:28:2f:a5:53:16:7f:b1:b9:cc:07:0a:
8f:bf:8b:59:4a:4f:fa:69:50:06:95:b4:15:3d:af:
42:9d:16:27:86:e0:f6:2b:bf:3c:cf:13:f9:82:5a:
e3:fa:ed:f1:64:83:54:bd:9a:bb:7f:32:8b:33:b3:
e0:8c:6e:11:76:9c:6f:88:86:b5:2b:e9:61:61:89:
6a:15:f0:c6:6f:38:6e:40:50:a4:67:fa:91:17:18:
cd:47:bb:62:fc:d1:10:e4:cc:dd:48:49:56:0f:23:
7d:0a:6c:ae:44:6c:d4:39:1a:4d:9a:02:91:91:9e:
2a:a8:49:0d:cb:ff:ff:b6:3d:39:ba:49:82:8d:ef:
4f:ce:7e:32:df:4f:16:a9:4a:3e:0f:46:45:88:1b:
e3:8e:d4:b1:3d:f0:d4:c9:ab:c5:1f:10:1c:12:39:
93:0a:cc:bc:2d:71:67:7f:a4:f0:13:10:7c:94:2f:
ca:78:bd:1b:75:cd:c2:ab:dc:5f:21:91:24:69:48:
fa:ea:7e:15:87:58:ba:68:b1:38:d7:0e:ff:fd:b1:
9b:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:1B:8C:6F:EE:00:F5:66:01:01:42:D1:B3:C3:E3:3E:AA:FC:CA:1A
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/fBuMb-4A9WYBAULRs8PjPqr8yho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
03:6d:f7:33:35:b9:5f:67:83:87:76:9f:32:b8:9c:03:3a:4f:
89:b6:37:69:f3:6d:5f:61:5b:f0:52:6c:f6:e5:92:9d:9b:9b:
38:63:b1:6a:ba:1e:fd:24:8b:5b:e5:39:cd:03:97:6c:a1:b6:
e7:7d:52:1f:db:10:8b:fb:0e:bb:f1:c3:eb:a7:c3:af:0c:99:
65:9a:5e:8e:60:2b:3c:7f:1d:7c:88:e7:9a:b8:58:33:b5:2d:
0c:13:6b:07:d5:e1:ac:80:c9:a3:38:c3:a6:f9:84:66:a8:d2:
8c:3a:f5:55:6c:a6:6f:95:aa:a9:52:db:37:59:2a:76:ac:62:
83:30:ea:ab:7f:12:00:97:a1:b2:ed:13:20:24:8c:ba:74:59:
bf:7e:0b:18:27:1d:4d:1f:43:da:4b:a0:b7:46:70:9a:52:fc:
67:af:b4:ed:f7:8c:53:dd:f5:42:9f:e4:a3:9d:06:81:84:67:
4f:b0:1c:b3:0a:bb:34:42:90:3c:7a:66:4e:80:21:c0:12:ee:
b2:52:10:36:e8:8f:ea:58:de:75:27:d2:ba:e1:65:45:25:83:
7a:73:82:03:a3:0b:8b:91:10:0c:e3:8c:4e:63:d0:15:26:22:
2e:cb:97:f5:17:2c:17:c0:82:1a:ee:b4:97:3d:e8:88:ce:09:
50:13:4c:46
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZfEn5ZLDUi6jzvocK0MjytuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNzAxMDYxNDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzFiOGM2ZmVlMDBmNTY2MDEwMTQyZDFiM2MzZTMzZWFhZmNjYTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp7gZ+hOyjVKWYn7WXuVRNQSZBAjK
5ujgeOqlgYcGIRhXpTYpkvSkGX0JJfepTHihKC+lUxZ/sbnMBwqPv4tZSk/6aVAG
lbQVPa9CnRYnhuD2K788zxP5glrj+u3xZINUvZq7fzKLM7PgjG4RdpxviIa1K+lh
YYlqFfDGbzhuQFCkZ/qRFxjNR7ti/NEQ5MzdSElWDyN9CmyuRGzUORpNmgKRkZ4q
qEkNy///tj05ukmCje9Pzn4y308WqUo+D0ZFiBvjjtSxPfDUyavFHxAcEjmTCsy8
LXFnf6TwExB8lC/KeL0bdc3Cq9xfIZEkaUj66n4Vh1i6aLE41w7//bGbmwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFHwbjG/uAPVmAQFC0bPD4z6q/MoaMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvZkJ1TWItNEE5V1lCQVVMUnM4UGpQcXI4eWhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAA233MzW5X2eDh3afMricAzpP
ibY3afNtX2Fb8FJs9uWSnZubOGOxaroe/SSLW+U5zQOXbKG2531SH9sQi/sOu/HD
66fDrwyZZZpejmArPH8dfIjnmrhYM7UtDBNrB9XhrIDJozjDpvmEZqjSjDr1VWym
b5WqqVLbN1kqdqxigzDqq38SAJehsu0TICSMunRZv34LGCcdTR9D2kugt0ZwmlL8
Z6+07feMU931Qp/ko50GgYRnT7Acswq7NEKQPHpmToAhwBLuslIQNuiP6ljedSfS
uuFlRSWDenOCA6MLi5EQDOOMTmPQFSYiLsuX9RcsF8CCGu60lz3oiM4JUBNMRg==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:55:54 2025 by rpki-client