Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/hg85oB3GflNyZqA-t5blUpFfTvE.roa
File: hg85oB3GflNyZqA-t5blUpFfTvE.roa (raw, json)
Hash identifier: 5T1AS7Lnq5D7Ehf3tu5ELuRLHiVF38Lp/sXwIq5h8+I=
Subject key identifier: 86:0F:39:A0:1D:C6:7E:53:72:66:A0:3E:B7:96:E5:52:91:5F:4E:F1
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 01978B1E3A36C86446DB6401DB8D64AB55E2
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/hg85oB3GflNyZqA-t5blUpFfTvE.roa
Signing time: Fri 20 Jun 2025 02:15:03 +0000
ROA not before: Fri 20 Jun 2025 02:15:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 20 Jun 2025 03:06:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:8b:1e:3a:36:c8:64:46:db:64:01:db:8d:64:ab:55:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 20 02:15:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=860f39a01dc67e537266a03eb796e552915f4ef1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:ae:21:5a:62:a4:de:b6:df:c2:2a:00:88:1d:
ff:f1:f3:dd:a7:a4:c9:e3:c3:82:1b:00:c6:44:0d:
86:c3:03:0b:25:07:df:ee:83:9a:cd:90:9a:6a:42:
c5:bf:37:cf:de:2a:b5:6f:49:7c:3d:3b:b0:b4:50:
02:fe:87:61:fc:b2:ea:69:c1:67:c2:fa:52:d5:3b:
98:b5:73:35:2d:60:e6:f8:5b:13:e3:a8:32:13:b6:
8d:10:7a:01:da:b6:3e:c2:3e:76:ed:97:13:9e:ed:
fa:8e:39:c0:9c:67:22:c8:f9:25:9d:e5:8f:5d:be:
1f:54:99:22:e0:27:be:4b:62:d4:9c:9a:d1:26:1a:
99:4a:2d:e0:07:ce:b2:20:6e:28:94:88:9c:9e:cb:
b0:a5:d5:95:b7:4e:f8:b2:cf:f0:46:8b:a9:9c:00:
2c:42:5e:1f:ce:83:8a:d4:23:46:8b:ab:53:7c:83:
7c:88:38:3d:ca:a8:dd:17:39:dd:2e:98:e0:a2:37:
6a:c4:d2:39:8d:db:0d:a0:fb:db:84:82:38:11:aa:
8c:fd:8b:48:09:d2:94:df:54:e5:9b:cd:07:e7:51:
c2:99:75:3e:35:df:04:4b:80:5c:8e:80:65:7a:ec:
65:c5:40:32:69:56:c5:47:37:01:f0:09:5a:4b:97:
c6:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:0F:39:A0:1D:C6:7E:53:72:66:A0:3E:B7:96:E5:52:91:5F:4E:F1
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/hg85oB3GflNyZqA-t5blUpFfTvE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
40:79:ba:a5:4d:f3:10:cc:48:57:b1:09:f6:a1:83:64:49:2b:
f4:db:31:6b:97:7c:5d:70:0f:d2:b9:c9:29:8b:8d:5b:89:50:
d8:3f:84:2c:12:ad:cb:c4:1f:bd:5c:d6:e2:2b:86:47:97:dd:
4b:78:3c:36:ea:8a:06:d8:a5:ad:a5:59:08:a2:42:cb:50:bd:
bc:63:cb:cb:64:d7:ac:e4:0b:98:3c:ba:35:0c:3a:83:ff:09:
75:79:4b:e2:2c:14:0e:0b:4b:db:96:8e:89:a8:9a:8d:cd:4c:
a8:7c:cb:f7:7b:22:2e:f3:86:dd:2e:3b:fd:8f:9b:57:20:a7:
bb:0c:3b:fb:c3:ab:84:8d:c1:18:7f:79:fe:3c:e5:31:c7:42:
4f:68:40:ce:79:e4:c8:a2:4e:1e:25:d2:42:2f:ff:b8:04:68:
34:6c:8d:1d:cb:67:b6:1a:2e:23:4f:e7:66:37:70:38:a5:75:
41:72:8a:ad:ca:64:41:16:45:bc:d2:07:b4:ba:56:bd:3a:5b:
76:59:57:10:53:6a:7c:f1:29:e7:bf:65:62:7f:5c:95:b7:b8:
60:98:8e:0e:5c:bc:e2:58:d6:fd:bb:ed:7e:25:2c:c8:9c:38:
9a:96:b3:2b:08:17:82:de:82:03:60:e4:bf:3f:75:9f:5a:3b:
02:4b:7a:d1
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZeLHjo2yGRG22QB241kq1XiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjIwMDIxNTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjBmMzlhMDFkYzY3ZTUzNzI2NmEwM2ViNzk2ZTU1MjkxNWY0ZWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyq4hWmKk3rbfwioAiB3/8fPdp6TJ
48OCGwDGRA2GwwMLJQff7oOazZCaakLFvzfP3iq1b0l8PTuwtFAC/odh/LLqacFn
wvpS1TuYtXM1LWDm+FsT46gyE7aNEHoB2rY+wj527ZcTnu36jjnAnGciyPklneWP
Xb4fVJki4Ce+S2LUnJrRJhqZSi3gB86yIG4olIicnsuwpdWVt074ss/wRoupnAAs
Ql4fzoOK1CNGi6tTfIN8iDg9yqjdFzndLpjgojdqxNI5jdsNoPvbhII4EaqM/YtI
CdKU31Tlm80H51HCmXU+Nd8ES4BcjoBleuxlxUAyaVbFRzcB8AlaS5fGMwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFIYPOaAdxn5TcmagPreW5VKRX07xMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvaGc4NW9CM0dmbE55WnFBLXQ1YmxVcEZmVHZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAQHm6pU3zEMxIV7EJ9qGDZEkr
9Nsxa5d8XXAP0rnJKYuNW4lQ2D+ELBKty8QfvVzW4iuGR5fdS3g8NuqKBtilraVZ
CKJCy1C9vGPLy2TXrOQLmDy6NQw6g/8JdXlL4iwUDgtL25aOiaiajc1MqHzL93si
LvOG3S47/Y+bVyCnuww7+8OrhI3BGH95/jzlMcdCT2hAznnkyKJOHiXSQi//uARo
NGyNHctnthouI0/nZjdwOKV1QXKKrcpkQRZFvNIHtLpWvTpbdllXEFNqfPEp579l
Yn9clbe4YJiODly84ljW/bvtfiUsyJw4mpazKwgXgt6CA2Dkvz91n1o7Akt60Q==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:06:16 2025 by rpki-client