Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/iM2A0ufiw68zo92C1HEkNa2epIY.roa
File: iM2A0ufiw68zo92C1HEkNa2epIY.roa (raw, json)
Hash identifier: aWo2iUwFB9kPbh04PTZfwkqFYcDC6uY3JsWq9qXqm44=
Subject key identifier: 88:CD:80:D2:E7:E2:C3:AF:33:A3:DD:82:D4:71:24:35:AD:9E:A4:86
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 0197A84C94752FD885B70F3A0DF69FDDB968
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/iM2A0ufiw68zo92C1HEkNa2epIY.roa
Signing time: Wed 25 Jun 2025 18:14:40 +0000
ROA not before: Wed 25 Jun 2025 18:14:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 25 Jun 2025 20:04:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a8:4c:94:75:2f:d8:85:b7:0f:3a:0d:f6:9f:dd:b9:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 25 18:14:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=88cd80d2e7e2c3af33a3dd82d4712435ad9ea486
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:63:e7:d4:5e:5b:1b:0a:60:ce:8d:b0:48:6b:
02:c1:02:77:44:3f:f3:8f:c2:70:16:05:60:b4:8c:
da:d4:51:18:06:f2:ab:ba:8d:ae:f1:c1:b0:8a:0c:
a9:47:e0:2a:4b:f3:24:f5:14:22:5a:48:dd:fc:7d:
3b:12:17:81:7b:55:76:f9:66:da:11:6f:d3:b0:7b:
f9:f2:2c:c8:8b:a5:e2:3f:5a:1a:e6:cb:3a:78:38:
18:bf:a5:f7:bf:22:e1:fc:cf:99:2e:a8:1f:75:e8:
f7:04:71:78:89:80:60:87:e9:71:a9:5b:b5:0f:d0:
a9:f9:2d:88:1e:0b:dc:83:94:11:a1:2e:95:ad:35:
36:d4:fa:d7:52:f8:d4:01:e9:46:39:cb:f9:ea:32:
f3:1b:75:ab:f7:c8:cf:10:a5:d1:97:da:3c:d8:1b:
c1:1c:12:58:f2:ed:93:0b:1e:47:f2:fd:2e:a8:5a:
20:0e:ff:07:95:a0:cb:08:48:ab:5f:ec:b5:c3:27:
4c:a9:16:58:50:70:f8:87:50:25:3b:2b:18:20:58:
3f:c3:8b:6e:d1:9c:d2:6b:e0:50:7f:5f:6d:64:be:
79:02:8a:3d:6d:3f:06:7d:00:ec:e6:f6:95:54:b9:
70:cf:d9:45:fa:31:42:0e:95:d1:b7:47:cc:f0:b7:
f9:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:CD:80:D2:E7:E2:C3:AF:33:A3:DD:82:D4:71:24:35:AD:9E:A4:86
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/iM2A0ufiw68zo92C1HEkNa2epIY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
39:b7:41:83:ae:0d:7e:a6:6e:12:a5:92:c4:01:56:02:71:ad:
92:3c:a3:13:2f:71:02:14:02:e1:c3:4d:8e:9a:c7:86:35:6c:
66:e7:2a:93:4e:d1:33:17:e1:c0:e1:46:a9:f8:e0:8d:ca:2a:
14:83:61:d9:3a:01:26:1d:3c:1e:7a:6a:b0:cb:99:47:9a:ab:
79:2c:c8:f4:1d:90:8d:8d:5b:69:aa:fe:9a:a1:48:fc:bc:55:
6a:7a:1c:c7:a8:8b:35:05:69:c8:fb:cd:81:0c:62:1c:20:ae:
05:69:8c:62:83:72:00:77:b7:d7:c3:f8:9e:aa:1e:1d:98:48:
05:bd:ad:12:f8:e2:cd:e2:c5:be:ea:26:5d:8e:8a:e5:25:ff:
ba:d7:a7:fe:da:1e:26:fa:6b:16:5c:23:95:67:3a:05:1a:d8:
55:4b:cc:91:aa:08:8f:9e:ee:5e:c0:23:6e:af:75:18:56:c2:
f5:52:b9:cf:6c:6f:d9:2b:a4:a9:10:05:d9:62:eb:93:5e:7f:
80:79:3b:0b:eb:eb:95:71:ee:47:80:e9:9d:f6:d5:3a:9f:a3:
50:bf:ea:75:b6:e9:6d:dd:6b:ef:11:56:6a:ec:9e:80:88:4b:
a6:cd:25:50:1d:4c:c4:35:17:1f:54:c5:33:6f:5b:18:8e:a3:
7d:fd:17:97
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZeoTJR1L9iFtw86Dfaf3bloMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjI1MTgxNDQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGNkODBkMmU3ZTJjM2FmMzNhM2RkODJkNDcxMjQzNWFkOWVhNDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApmPn1F5bGwpgzo2wSGsCwQJ3RD/z
j8JwFgVgtIza1FEYBvKruo2u8cGwigypR+AqS/Mk9RQiWkjd/H07EheBe1V2+Wba
EW/TsHv58izIi6XiP1oa5ss6eDgYv6X3vyLh/M+ZLqgfdej3BHF4iYBgh+lxqVu1
D9Cp+S2IHgvcg5QRoS6VrTU21PrXUvjUAelGOcv56jLzG3Wr98jPEKXRl9o82BvB
HBJY8u2TCx5H8v0uqFogDv8HlaDLCEirX+y1wydMqRZYUHD4h1AlOysYIFg/w4tu
0ZzSa+BQf19tZL55Aoo9bT8GfQDs5vaVVLlwz9lF+jFCDpXRt0fM8Lf54QIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFIjNgNLn4sOvM6PdgtRxJDWtnqSGMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvaU0yQTB1Zml3Njh6bzkyQzFIRWtOYTJlcElZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAObdBg64NfqZuEqWSxAFWAnGt
kjyjEy9xAhQC4cNNjprHhjVsZucqk07RMxfhwOFGqfjgjcoqFINh2ToBJh08Hnpq
sMuZR5qreSzI9B2QjY1baar+mqFI/LxVanocx6iLNQVpyPvNgQxiHCCuBWmMYoNy
AHe318P4nqoeHZhIBb2tEvjizeLFvuomXY6K5SX/uten/toeJvprFlwjlWc6BRrY
VUvMkaoIj57uXsAjbq91GFbC9VK5z2xv2SukqRAF2WLrk15/gHk7C+vrlXHuR4Dp
nfbVOp+jUL/qdbbpbd1r7xFWauyegIhLps0lUB1MxDUXH1TFM29bGI6jff0Xlw==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:30:12 2025 by rpki-client