Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/fafwhB7bc7lXce2t6ILwK9cO3xE.roa
File: fafwhB7bc7lXce2t6ILwK9cO3xE.roa (raw, json)
Hash identifier: bMaJXCrFQsWNEKXscpFw1LAgTLoT4W6CaMdQxBsbbb8=
Subject key identifier: 7D:A7:F0:84:1E:DB:73:B9:57:71:ED:AD:E8:82:F0:2B:D7:0E:DF:11
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 0197A093639579012D3B27F88CE29C55D8B0
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/fafwhB7bc7lXce2t6ILwK9cO3xE.roa
Signing time: Tue 24 Jun 2025 06:15:03 +0000
ROA not before: Tue 24 Jun 2025 06:15:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 24 Jun 2025 07:05:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a0:93:63:95:79:01:2d:3b:27:f8:8c:e2:9c:55:d8:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 24 06:15:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7da7f0841edb73b95771edade882f02bd70edf11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:53:ed:63:72:c5:9d:16:bf:6a:74:ed:a5:41:
5e:9c:cb:29:49:e6:92:f1:75:f1:93:a2:60:03:16:
ea:06:02:96:88:00:25:73:13:c0:01:14:53:12:17:
04:4c:91:57:e4:2e:86:3d:3e:74:e0:20:35:c3:fa:
d1:fa:0c:20:39:c3:14:c5:04:18:49:dc:8f:17:59:
62:4d:2c:f5:e8:cb:9f:52:3c:b7:f9:e3:5a:66:50:
bd:b7:fe:d2:f1:6f:4d:2b:2e:fb:1c:13:4e:a2:23:
69:f7:0b:0a:17:0b:a5:61:5b:86:69:e0:f0:07:35:
07:b8:08:47:75:d0:b8:0a:10:bc:1a:a2:38:db:a2:
89:e0:d7:55:42:4c:96:cb:2e:45:8e:01:b6:1f:4c:
99:0c:c6:f3:14:12:65:48:25:5b:7d:11:7b:ab:16:
47:54:a0:3a:11:5a:aa:ed:ac:6e:a1:b4:67:85:18:
35:c5:64:47:f8:f8:28:31:8d:19:4b:7f:6a:fd:e8:
50:4d:16:88:a7:9e:c3:42:ab:3d:a2:d6:74:32:e8:
64:63:18:5b:2d:a2:78:ae:33:bd:32:84:06:52:d8:
6c:ba:f3:ba:8d:1a:39:0c:0e:af:c0:02:77:f2:cf:
c6:a5:00:a5:37:7f:b9:47:fb:65:4e:87:c9:42:79:
f4:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:A7:F0:84:1E:DB:73:B9:57:71:ED:AD:E8:82:F0:2B:D7:0E:DF:11
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/fafwhB7bc7lXce2t6ILwK9cO3xE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
85:ca:f7:5f:d3:ef:e6:93:e5:e1:04:5e:b3:40:a7:f8:8d:55:
da:e2:d3:72:9a:4f:8b:26:dd:85:42:c2:24:66:43:da:0e:d0:
b0:e5:12:19:b1:a0:71:64:37:53:2a:40:91:5b:8e:8d:9c:e3:
87:d0:5d:e5:60:23:d5:0c:b0:47:c7:ee:09:f1:63:24:e9:c4:
7a:ec:0b:d6:13:37:8a:6a:20:f5:91:ed:b6:b5:d5:6e:3c:15:
9c:3c:69:b0:dc:d1:72:fe:b9:b3:be:8f:82:3b:97:6b:f7:ce:
b7:95:51:37:8c:a7:1b:56:cb:2f:78:23:5d:30:36:3d:62:05:
ad:fa:9f:4d:b2:d0:a5:8d:70:29:60:18:5c:71:a6:8e:2d:c6:
99:b9:e0:ad:d7:f0:85:d0:e3:7f:38:21:d5:a7:d1:02:fb:d3:
b5:7f:de:a2:19:e4:a6:f2:b1:c1:20:78:20:61:ed:e4:03:6f:
fb:32:46:d3:19:08:b0:00:7f:f3:db:6d:8f:7d:76:d2:33:3d:
89:39:51:a2:19:50:63:bb:52:26:76:5e:23:df:2c:00:08:d5:
35:56:4c:fb:1b:61:b7:7e:3b:68:54:92:74:ab:b6:0c:a2:ef:
e5:4a:bb:6d:cb:2d:0e:81:f6:09:fa:ce:4e:b9:90:a4:ae:a2:
f7:09:cb:a7
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZegk2OVeQEtOyf4jOKcVdiwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjI0MDYxNTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGE3ZjA4NDFlZGI3M2I5NTc3MWVkYWRlODgyZjAyYmQ3MGVkZjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAulPtY3LFnRa/anTtpUFenMspSeaS
8XXxk6JgAxbqBgKWiAAlcxPAARRTEhcETJFX5C6GPT504CA1w/rR+gwgOcMUxQQY
SdyPF1liTSz16MufUjy3+eNaZlC9t/7S8W9NKy77HBNOoiNp9wsKFwulYVuGaeDw
BzUHuAhHddC4ChC8GqI426KJ4NdVQkyWyy5FjgG2H0yZDMbzFBJlSCVbfRF7qxZH
VKA6EVqq7axuobRnhRg1xWRH+PgoMY0ZS39q/ehQTRaIp57DQqs9otZ0MuhkYxhb
LaJ4rjO9MoQGUthsuvO6jRo5DA6vwAJ38s/GpQClN3+5R/tlTofJQnn0KQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFH2n8IQe23O5V3HtreiC8CvXDt8RMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvZmFmd2hCN2JjN2xYY2UydDZJTHdLOWNPM3hFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAhcr3X9Pv5pPl4QRes0Cn+I1V
2uLTcppPiybdhULCJGZD2g7QsOUSGbGgcWQ3UypAkVuOjZzjh9Bd5WAj1QywR8fu
CfFjJOnEeuwL1hM3imog9ZHttrXVbjwVnDxpsNzRcv65s76PgjuXa/fOt5VRN4yn
G1bLL3gjXTA2PWIFrfqfTbLQpY1wKWAYXHGmji3GmbngrdfwhdDjfzgh1afRAvvT
tX/eohnkpvKxwSB4IGHt5ANv+zJG0xkIsAB/89ttj3120jM9iTlRohlQY7tSJnZe
I98sAAjVNVZM+xtht347aFSSdKu2DKLv5Uq7bcstDoH2CfrOTrmQpK6i9wnLpw==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:55:08 2025 by rpki-client