Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/iZMeYmFgWBgYQBELSbPXpZVRZ3w.roa
File: iZMeYmFgWBgYQBELSbPXpZVRZ3w.roa (raw, json)
Hash identifier: Bw+/tnEp+KlBeMLA8cl/fdShWLN+/5BDsi9uxv3yf48=
Subject key identifier: 89:93:1E:62:61:60:58:18:18:40:11:0B:49:B3:D7:A5:95:51:67:7C
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 0197C0C2D2733B776A80469286ACABA36FBA
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/iZMeYmFgWBgYQBELSbPXpZVRZ3w.roa
Signing time: Mon 30 Jun 2025 12:14:42 +0000
ROA not before: Mon 30 Jun 2025 12:14:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 30 Jun 2025 13:04:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c0:c2:d2:73:3b:77:6a:80:46:92:86:ac:ab:a3:6f:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 30 12:14:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=89931e62616058181840110b49b3d7a59551677c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:2f:92:b0:00:1e:0e:e8:ad:b9:b0:79:97:d9:
3e:2c:a7:44:a0:1a:b9:31:bb:a3:7c:f4:d9:0b:49:
e7:fc:5d:bb:60:14:6e:f2:bd:dc:94:68:a4:18:8a:
84:51:96:e6:ab:56:6e:d0:5d:19:46:78:c5:b5:dd:
d6:16:2d:1a:02:2f:e2:85:6b:d6:f0:88:f4:66:4b:
98:4e:af:53:a9:45:a9:33:cc:ee:d6:d9:28:03:04:
1a:07:5c:fe:f3:70:95:a7:f4:d3:58:95:9f:92:c9:
38:6a:95:af:69:bc:8a:64:91:5e:da:51:74:93:99:
57:05:88:58:e9:6f:1c:e4:29:cf:c6:0f:cf:da:ab:
d5:52:5c:5b:06:86:88:93:c0:65:0f:b4:0e:6e:7f:
03:ad:56:2d:f0:d9:0e:a7:c6:1b:28:20:5d:33:29:
0b:d2:c2:fa:8b:5d:33:c8:df:04:26:d3:72:b0:1c:
e7:97:99:c6:94:ae:5f:c1:91:b7:19:ca:be:bf:30:
a5:ad:35:b6:71:5b:98:02:a9:26:ff:7f:41:bd:26:
72:06:bc:a0:60:60:c2:fb:f2:0a:f8:7d:71:f2:17:
0d:05:3d:32:54:15:a8:35:e9:76:b7:9a:75:ae:d7:
10:e8:06:ba:19:d4:32:8d:f8:fd:f5:12:92:36:97:
89:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:93:1E:62:61:60:58:18:18:40:11:0B:49:B3:D7:A5:95:51:67:7C
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/iZMeYmFgWBgYQBELSbPXpZVRZ3w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
5a:d7:c1:0e:c0:b2:88:e0:ac:ca:16:c6:07:4c:64:b8:6f:1c:
47:af:cc:43:aa:a3:9e:5e:f4:31:c7:6a:c5:54:c7:48:be:d4:
6e:1f:4d:4e:e7:8b:92:8e:c7:e7:d6:fc:c9:3e:61:2e:62:83:
21:4c:3d:24:27:ff:56:de:2a:e6:b4:f1:12:e5:46:df:91:7f:
41:c7:10:28:77:6d:0b:fc:99:23:b4:06:1c:67:69:1f:a0:f6:
8d:e0:89:f8:d1:2f:0e:f0:f6:b4:e1:c3:72:21:66:c0:34:e3:
25:8c:53:de:73:91:44:8f:dc:bf:12:7d:4b:ac:02:8e:fa:5e:
6b:87:19:19:37:ab:61:5d:d0:81:08:89:87:6d:c4:0d:19:c8:
e8:a8:33:70:5d:04:12:98:27:3a:23:26:83:50:6e:3b:59:75:
fd:91:26:3d:cd:0d:d1:3f:d9:77:d5:6d:08:6a:d0:b8:55:df:
ba:a8:a0:26:dd:71:87:d8:74:90:1f:f9:c4:c7:45:a3:94:77:
7b:fa:34:1d:40:ea:96:f5:71:1e:40:e8:e9:45:86:c5:74:2b:
2c:a5:b3:7c:b4:29:9a:d5:21:ae:a0:de:ee:45:04:ef:17:4f:
f5:6b:61:0b:49:e0:bb:6d:38:30:98:f4:26:44:c3:b3:9a:fd:
60:ab:ef:1f
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZfAwtJzO3dqgEaShqyro2+6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjMwMTIxNDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTkzMWU2MjYxNjA1ODE4MTg0MDExMGI0OWIzZDdhNTk1NTE2NzdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuS+SsAAeDuitubB5l9k+LKdEoBq5
MbujfPTZC0nn/F27YBRu8r3clGikGIqEUZbmq1Zu0F0ZRnjFtd3WFi0aAi/ihWvW
8Ij0ZkuYTq9TqUWpM8zu1tkoAwQaB1z+83CVp/TTWJWfksk4apWvabyKZJFe2lF0
k5lXBYhY6W8c5CnPxg/P2qvVUlxbBoaIk8BlD7QObn8DrVYt8NkOp8YbKCBdMykL
0sL6i10zyN8EJtNysBznl5nGlK5fwZG3Gcq+vzClrTW2cVuYAqkm/39BvSZyBryg
YGDC+/IK+H1x8hcNBT0yVBWoNel2t5p1rtcQ6Aa6GdQyjfj99RKSNpeJQwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFImTHmJhYFgYGEARC0mz16WVUWd8MB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvaVpNZVltRmdXQmdZUUJFTFNiUFhwWlZSWjN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAWtfBDsCyiOCsyhbGB0xkuG8c
R6/MQ6qjnl70McdqxVTHSL7Ubh9NTueLko7H59b8yT5hLmKDIUw9JCf/Vt4q5rTx
EuVG35F/QccQKHdtC/yZI7QGHGdpH6D2jeCJ+NEvDvD2tOHDciFmwDTjJYxT3nOR
RI/cvxJ9S6wCjvpea4cZGTerYV3QgQiJh23EDRnI6KgzcF0EEpgnOiMmg1BuO1l1
/ZEmPc0N0T/Zd9VtCGrQuFXfuqigJt1xh9h0kB/5xMdFo5R3e/o0HUDqlvVxHkDo
6UWGxXQrLKWzfLQpmtUhrqDe7kUE7xdP9WthC0ngu204MJj0JkTDs5r9YKvvHw==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:19:18 2025 by rpki-client