Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/fH2f5RgqStZSA56jvhfaV2tlmhc.roa
File: fH2f5RgqStZSA56jvhfaV2tlmhc.roa (raw, json)
Hash identifier: CBIajQjdTKpON68pcXoKQYkGitlpIQEpdqRomfNLR5g=
Subject key identifier: 7C:7D:9F:E5:18:2A:4A:D6:52:03:9E:A3:BE:17:DA:57:6B:65:9A:17
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 01977D2A0EF50CC4437C79A7004B0D767FAA
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/fH2f5RgqStZSA56jvhfaV2tlmhc.roa
Signing time: Tue 17 Jun 2025 09:13:17 +0000
ROA not before: Tue 17 Jun 2025 09:13:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 17 Jun 2025 10:05:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:7d:2a:0e:f5:0c:c4:43:7c:79:a7:00:4b:0d:76:7f:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 17 09:13:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7c7d9fe5182a4ad652039ea3be17da576b659a17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:a2:16:ba:a8:55:f1:f6:ac:66:23:85:25:62:
d9:f0:0e:87:85:c2:4a:72:e1:02:50:1d:27:53:f5:
8e:af:a7:e9:2d:bf:63:0b:4b:5c:55:50:6d:db:48:
c6:cb:b0:e2:4a:18:25:5e:c5:02:89:1e:4e:58:8b:
91:75:f3:d8:f7:66:36:70:a5:e9:03:82:3d:d7:e2:
be:ff:1b:39:65:8a:c3:0a:25:0c:41:09:ba:95:f0:
cc:d5:6e:07:d4:0b:8a:cf:c3:3a:e9:cb:f4:c5:20:
73:79:d7:d6:9a:c8:a6:e9:0a:59:2f:f2:cc:c1:4e:
f1:46:b0:4e:ac:95:d9:3f:82:34:f0:57:8d:f2:c3:
a2:ef:ef:f2:cc:0e:ff:7c:9a:61:47:aa:8f:c9:8d:
73:1d:26:bc:7f:67:13:b6:54:86:3e:ce:82:1a:8a:
5f:ce:c6:a2:40:a8:39:cb:fb:a3:77:12:cc:9f:a7:
c0:d9:48:4f:e6:bc:c4:84:c5:4a:41:c2:75:b8:ca:
f4:6a:54:f2:05:4e:63:eb:7c:5a:20:e9:c2:49:24:
3c:2a:fd:50:69:15:56:9c:90:b1:20:2e:a3:6e:f5:
b2:f0:40:01:c1:d4:f5:81:38:e1:50:3d:db:c5:bb:
5d:64:3f:8c:26:ac:e6:14:95:d5:67:53:87:b8:43:
ea:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:7D:9F:E5:18:2A:4A:D6:52:03:9E:A3:BE:17:DA:57:6B:65:9A:17
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/fH2f5RgqStZSA56jvhfaV2tlmhc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
40:28:7d:66:57:85:2d:92:1d:dc:a6:3a:2d:c8:8b:bf:99:46:
cb:de:74:e1:55:ea:36:95:93:6c:36:30:69:85:3a:31:ba:12:
c5:59:10:a0:6e:fa:da:cb:74:e5:bd:5f:d0:98:b0:cb:3f:e6:
88:00:38:ee:c3:34:fb:fa:54:83:62:57:69:8f:85:d8:80:62:
24:b2:ad:cc:c3:c2:bf:e2:a6:3e:25:70:d9:07:13:24:86:22:
81:a6:8a:72:03:a7:85:57:0b:eb:1c:ab:6d:67:fe:ae:03:63:
62:86:3c:21:54:5a:04:ca:5a:d8:b2:5b:fe:5c:61:09:fb:1e:
e5:56:a5:28:83:0a:75:c6:1d:89:2b:02:6f:bc:69:a1:90:21:
a3:43:9b:e7:02:10:9f:a0:9e:a4:0e:c1:e6:ce:8e:58:f5:44:
91:7d:bf:6e:84:cc:8b:20:99:72:01:1c:d7:3c:53:4f:2b:dd:
b7:91:1c:71:9f:d5:46:49:a7:41:4b:df:96:c8:3f:33:c5:07:
80:50:b5:39:fb:88:4a:ad:77:b9:2d:f3:63:6f:e5:16:c9:86:
72:5e:fa:24:a4:20:c3:99:3e:ba:fa:51:af:b5:6a:74:cf:60:
18:c2:74:70:a5:44:ce:a5:41:b9:32:07:a7:02:9f:78:df:23:
9a:3e:30:45
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZd9Kg71DMRDfHmnAEsNdn+qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjE3MDkxMzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzdkOWZlNTE4MmE0YWQ2NTIwMzllYTNiZTE3ZGE1NzZiNjU5YTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvqIWuqhV8fasZiOFJWLZ8A6HhcJK
cuECUB0nU/WOr6fpLb9jC0tcVVBt20jGy7DiShglXsUCiR5OWIuRdfPY92Y2cKXp
A4I91+K+/xs5ZYrDCiUMQQm6lfDM1W4H1AuKz8M66cv0xSBzedfWmsim6QpZL/LM
wU7xRrBOrJXZP4I08FeN8sOi7+/yzA7/fJphR6qPyY1zHSa8f2cTtlSGPs6CGopf
zsaiQKg5y/ujdxLMn6fA2UhP5rzEhMVKQcJ1uMr0alTyBU5j63xaIOnCSSQ8Kv1Q
aRVWnJCxIC6jbvWy8EABwdT1gTjhUD3bxbtdZD+MJqzmFJXVZ1OHuEPq3wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFHx9n+UYKkrWUgOeo74X2ldrZZoXMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvZkgyZjVSZ3FTdFpTQTU2anZoZmFWMnRsbWhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAQCh9ZleFLZId3KY6LciLv5lG
y9504VXqNpWTbDYwaYU6MboSxVkQoG762st05b1f0Jiwyz/miAA47sM0+/pUg2JX
aY+F2IBiJLKtzMPCv+KmPiVw2QcTJIYigaaKcgOnhVcL6xyrbWf+rgNjYoY8IVRa
BMpa2LJb/lxhCfse5ValKIMKdcYdiSsCb7xpoZAho0Ob5wIQn6CepA7B5s6OWPVE
kX2/boTMiyCZcgEc1zxTTyvdt5EccZ/VRkmnQUvflsg/M8UHgFC1OfuISq13uS3z
Y2/lFsmGcl76JKQgw5k+uvpRr7VqdM9gGMJ0cKVEzqVBuTIHpwKfeN8jmj4wRQ==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:14:36 2025 by rpki-client