Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/g8puQir1w4ngSKQVm7-MH1r9la4.roa
File: g8puQir1w4ngSKQVm7-MH1r9la4.roa (raw, json)
Hash identifier: QAUwMfIbY3fX6FWekgVwSPIxGIxOrAHZWJdi8FoV7JY=
Subject key identifier: 83:CA:6E:42:2A:F5:C3:89:E0:48:A4:15:9B:BF:8C:1F:5A:FD:95:AE
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 0197BD1CFAD93D096293854A7E6B3A117A35
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/g8puQir1w4ngSKQVm7-MH1r9la4.roa
Signing time: Sun 29 Jun 2025 19:14:42 +0000
ROA not before: Sun 29 Jun 2025 19:14:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 29 Jun 2025 20:04:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:bd:1c:fa:d9:3d:09:62:93:85:4a:7e:6b:3a:11:7a:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 29 19:14:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=83ca6e422af5c389e048a4159bbf8c1f5afd95ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:ad:39:58:a9:ab:07:7b:26:45:38:28:ee:95:
e1:88:db:8a:1f:06:9d:57:3e:f2:68:a3:08:d5:17:
f2:04:1f:f5:0e:b8:81:26:3d:23:ea:fe:5b:e6:b6:
f2:7c:e4:05:65:ab:d5:10:ec:a8:e7:92:4c:db:83:
e5:7e:1c:5e:b7:8a:5b:f5:13:ae:ac:ee:a9:b0:07:
3b:84:64:9a:18:47:d8:80:e3:5c:4f:7b:dc:05:4e:
5d:ef:4d:91:05:fd:dd:bc:aa:34:e8:96:d2:df:87:
5b:09:18:80:08:f8:65:25:4c:f3:59:e6:2f:a6:7c:
64:03:a9:e1:ea:72:ee:3e:12:a5:27:03:fc:80:df:
ff:f3:41:45:b7:ce:fc:49:e6:95:41:85:a8:44:06:
81:59:0b:b3:29:3d:e8:8d:fa:e5:60:9a:f4:f7:7a:
c6:e1:63:85:5b:30:03:e2:af:ee:ea:d4:d6:0b:f0:
b1:f2:5f:43:a0:76:be:a6:9e:42:30:c3:62:9b:d0:
da:aa:1a:cc:73:2d:f9:78:ad:40:19:4c:7a:1d:10:
c4:cf:5f:b4:dc:39:50:57:9c:0f:30:f3:6f:99:65:
35:2b:52:82:87:fd:cd:09:dc:3b:24:1d:13:de:3f:
fb:fe:07:d6:84:d8:36:a4:e2:34:9d:c7:b1:a2:32:
bf:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:CA:6E:42:2A:F5:C3:89:E0:48:A4:15:9B:BF:8C:1F:5A:FD:95:AE
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/g8puQir1w4ngSKQVm7-MH1r9la4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
29:e6:12:65:a9:ba:cd:92:b7:84:97:19:b3:45:2a:8d:c7:ce:
ac:a6:26:96:02:3a:af:37:8f:4e:09:75:3a:0c:ff:e8:2f:be:
91:a9:bc:5e:e8:8e:49:82:5e:b7:bd:0c:46:c9:ff:5f:c0:97:
cd:41:87:76:4f:e6:40:cf:a4:82:53:e3:fb:52:ee:16:8f:8a:
cb:6a:00:de:bd:6e:3b:78:a9:57:cf:fa:61:15:0b:63:0d:b5:
6c:b4:29:f3:f3:2a:fe:88:1c:22:19:d4:9a:50:e3:4f:69:33:
99:e3:d7:67:a2:b0:39:1b:54:1f:02:5d:41:1d:88:69:58:62:
97:6f:68:5e:7d:39:a8:52:ee:9e:b8:c0:ca:ad:cc:01:15:5b:
c4:94:21:05:dc:72:d5:ec:68:a3:60:87:a8:aa:ca:39:c9:34:
af:c8:3b:9f:1b:51:fc:21:1a:b8:ed:56:6f:02:03:4a:5d:39:
cb:2d:7d:0a:7e:cb:cd:25:a4:c0:8e:4f:3f:90:1d:f2:11:6f:
d8:e2:91:4d:71:7f:ce:0c:e9:67:d6:ee:b4:e3:93:44:66:92:
a1:65:5b:27:d4:d1:1d:27:f5:fb:36:b0:82:19:6c:24:f2:6e:
15:28:03:e8:ed:e2:90:0c:96:0d:ca:14:81:36:24:06:2c:8b:
c1:81:ca:d0
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZe9HPrZPQlik4VKfms6EXo1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjI5MTkxNDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2NhNmU0MjJhZjVjMzg5ZTA0OGE0MTU5YmJmOGMxZjVhZmQ5NWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1q05WKmrB3smRTgo7pXhiNuKHwad
Vz7yaKMI1RfyBB/1DriBJj0j6v5b5rbyfOQFZavVEOyo55JM24Plfhxet4pb9ROu
rO6psAc7hGSaGEfYgONcT3vcBU5d702RBf3dvKo06JbS34dbCRiACPhlJUzzWeYv
pnxkA6nh6nLuPhKlJwP8gN//80FFt878SeaVQYWoRAaBWQuzKT3ojfrlYJr093rG
4WOFWzAD4q/u6tTWC/Cx8l9DoHa+pp5CMMNim9DaqhrMcy35eK1AGUx6HRDEz1+0
3DlQV5wPMPNvmWU1K1KCh/3NCdw7JB0T3j/7/gfWhNg2pOI0ncexojK/CwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFIPKbkIq9cOJ4EikFZu/jB9a/ZWuMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvZzhwdVFpcjF3NG5nU0tRVm03LU1IMXI5bGE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAKeYSZam6zZK3hJcZs0UqjcfO
rKYmlgI6rzePTgl1Ogz/6C++kam8XuiOSYJet70MRsn/X8CXzUGHdk/mQM+kglPj
+1LuFo+Ky2oA3r1uO3ipV8/6YRULYw21bLQp8/Mq/ogcIhnUmlDjT2kzmePXZ6Kw
ORtUHwJdQR2IaVhil29oXn05qFLunrjAyq3MARVbxJQhBdxy1exoo2CHqKrKOck0
r8g7nxtR/CEauO1WbwIDSl05yy19Cn7LzSWkwI5PP5Ad8hFv2OKRTXF/zgzpZ9bu
tOOTRGaSoWVbJ9TRHSf1+zawghlsJPJuFSgD6O3ikAyWDcoUgTYkBiyLwYHK0A==
-----END CERTIFICATE-----
Generated at Sat Jul 5 16:02:07 2025 by rpki-client