Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/gEPcfgFl7QultzbKNnQnZWqj8u4.roa
File: gEPcfgFl7QultzbKNnQnZWqj8u4.roa (raw, json)
Hash identifier: ca6OMJMbV8LxLeBGdNaQtMUu6XpYIZCk+kc1PYUhuWI=
Subject key identifier: 80:43:DC:7E:01:65:ED:0B:A5:B7:36:CA:36:74:27:65:6A:A3:F2:EE
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 0197B3725079365A777E899BCCC4EA2E192D
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/gEPcfgFl7QultzbKNnQnZWqj8u4.roa
Signing time: Fri 27 Jun 2025 22:11:42 +0000
ROA not before: Fri 27 Jun 2025 22:11:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 27 Jun 2025 23:04:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b3:72:50:79:36:5a:77:7e:89:9b:cc:c4:ea:2e:19:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 27 22:11:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8043dc7e0165ed0ba5b736ca367427656aa3f2ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:02:a3:d3:da:e7:c5:60:06:96:3d:6f:2e:54:
7e:57:ea:ff:f7:b8:22:ac:47:0b:2c:a8:e6:18:93:
98:15:49:6f:6f:89:66:39:5c:71:bf:96:66:46:62:
b6:6e:b9:f8:50:90:51:86:43:8a:e8:34:bf:43:95:
a7:1b:e7:03:ac:fc:4a:6c:e8:39:72:9b:de:ff:84:
ad:9f:12:90:e6:97:60:c1:3f:05:8a:a9:ad:84:a7:
41:7f:4e:66:bd:ee:51:91:56:e5:09:1a:a1:86:79:
e3:ff:d4:b7:cf:b0:b7:2a:7e:2c:60:fe:ce:cf:f0:
80:8a:a6:5c:ea:7c:a1:7b:20:a2:8e:b2:9b:01:44:
6a:79:90:e5:73:ad:a0:51:49:a5:b9:92:3b:8a:8e:
8a:3e:b0:55:70:6a:df:c9:c2:c7:a3:1c:66:f2:34:
39:14:d8:de:53:3b:9c:2e:91:3d:3d:b2:e7:51:27:
15:7c:7a:15:4c:ca:fb:6d:9f:1b:eb:65:52:27:35:
77:fb:f2:a9:41:3c:ff:8c:aa:ea:9c:70:c0:ac:c3:
71:26:77:2a:69:53:b2:0f:e8:0e:76:15:8a:e1:43:
38:0f:0c:83:45:5a:c0:90:cd:51:f1:e6:da:e7:49:
15:85:02:35:5a:b1:0a:41:f7:9d:df:bd:43:9a:0e:
04:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:43:DC:7E:01:65:ED:0B:A5:B7:36:CA:36:74:27:65:6A:A3:F2:EE
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/gEPcfgFl7QultzbKNnQnZWqj8u4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
89:58:09:c9:f3:62:1b:c0:6f:d7:22:b0:d3:44:4e:f7:89:7a:
83:d1:0f:10:c3:2d:64:65:db:ec:b2:bd:37:e5:81:c8:db:95:
b8:71:8c:ea:f2:be:70:48:c0:ed:b1:17:51:11:1a:ff:6b:71:
bc:c8:d8:1f:39:50:f4:61:8a:bf:71:53:0d:b8:e3:71:3a:53:
d2:f7:da:48:ed:03:97:76:62:3c:2c:cd:4f:99:00:e3:e0:f2:
5b:51:79:3f:4c:e6:04:68:36:93:1c:3e:0c:91:23:9d:77:32:
1c:55:38:d5:fc:42:6c:90:71:d1:83:a2:ca:96:5f:72:d2:99:
e8:59:4d:a6:59:26:61:d4:8e:be:12:b4:e9:b8:de:c2:e4:c2:
a4:2f:2e:28:4f:ce:1b:4e:b9:3e:bd:20:65:5c:e9:92:d7:20:
b4:d0:16:62:37:9c:e4:ea:96:73:b6:6e:df:d0:08:b9:4d:75:
71:07:22:5d:63:82:69:40:66:9a:7f:b7:cc:c0:84:42:20:a0:
58:9d:29:6f:f7:2f:64:f2:23:ab:3e:88:b6:e1:be:91:25:96:
e6:12:5f:bc:7f:e3:aa:ee:d6:77:44:f2:b8:79:5c:8e:9e:0e:
65:6d:c6:17:54:e5:12:c7:66:d2:5c:79:c5:53:49:eb:3d:f2:
a6:d8:2b:80
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZezclB5Nlp3fombzMTqLhktMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjI3MjIxMTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDQzZGM3ZTAxNjVlZDBiYTViNzM2Y2EzNjc0Mjc2NTZhYTNmMmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2gKj09rnxWAGlj1vLlR+V+r/97gi
rEcLLKjmGJOYFUlvb4lmOVxxv5ZmRmK2brn4UJBRhkOK6DS/Q5WnG+cDrPxKbOg5
cpve/4StnxKQ5pdgwT8FiqmthKdBf05mve5RkVblCRqhhnnj/9S3z7C3Kn4sYP7O
z/CAiqZc6nyheyCijrKbAURqeZDlc62gUUmluZI7io6KPrBVcGrfycLHoxxm8jQ5
FNjeUzucLpE9PbLnUScVfHoVTMr7bZ8b62VSJzV3+/KpQTz/jKrqnHDArMNxJncq
aVOyD+gOdhWK4UM4DwyDRVrAkM1R8eba50kVhQI1WrEKQfed371Dmg4EEwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFIBD3H4BZe0Lpbc2yjZ0J2Vqo/LuMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvZ0VQY2ZnRmw3UXVsdHpiS05uUW5aV3FqOHU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAiVgJyfNiG8Bv1yKw00RO94l6
g9EPEMMtZGXb7LK9N+WByNuVuHGM6vK+cEjA7bEXUREa/2txvMjYHzlQ9GGKv3FT
DbjjcTpT0vfaSO0Dl3ZiPCzNT5kA4+DyW1F5P0zmBGg2kxw+DJEjnXcyHFU41fxC
bJBx0YOiypZfctKZ6FlNplkmYdSOvhK06bjewuTCpC8uKE/OG065Pr0gZVzpktcg
tNAWYjec5OqWc7Zu39AIuU11cQciXWOCaUBmmn+3zMCEQiCgWJ0pb/cvZPIjqz6I
tuG+kSWW5hJfvH/jqu7Wd0TyuHlcjp4OZW3GF1TlEsdm0lx5xVNJ6z3yptgrgA==
-----END CERTIFICATE-----
Generated at Sat Jul 5 16:05:59 2025 by rpki-client