Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ksMok14iC9Hrt3wfQD42yvpZn4A.roa
File: ksMok14iC9Hrt3wfQD42yvpZn4A.roa (raw, json)
Hash identifier: M//BYZ7c9d5iIRqJmdmaZLw4qiv6yQU5ooBlhTr1BhY=
Subject key identifier: 92:C3:28:93:5E:22:0B:D1:EB:B7:7C:1F:40:3E:36:CA:FA:59:9F:80
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 0197BA52DE9C1740043032C5B4485585DB11
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ksMok14iC9Hrt3wfQD42yvpZn4A.roa
Signing time: Sun 29 Jun 2025 06:14:42 +0000
ROA not before: Sun 29 Jun 2025 06:14:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 29 Jun 2025 07:04:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ba:52:de:9c:17:40:04:30:32:c5:b4:48:55:85:db:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 29 06:14:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=92c328935e220bd1ebb77c1f403e36cafa599f80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:4c:1e:b2:d5:a5:e8:6e:61:6f:13:38:26:57:
5d:61:4c:cb:47:c4:49:a1:79:a2:c8:da:3e:cb:63:
de:d4:77:c1:7e:92:6f:7c:b0:08:ce:38:7a:54:0a:
d6:9a:9f:e2:01:43:b5:90:d0:8f:60:90:6c:c7:87:
aa:ba:f3:25:6a:09:72:b9:98:c7:af:36:f5:e6:62:
af:df:d6:28:b0:15:5d:6b:61:a2:a0:e8:d0:cb:3c:
b8:ef:cd:ab:c2:38:2a:a6:71:6e:f2:12:fc:8b:a4:
52:29:ed:e7:0d:ce:e4:84:6f:1c:5b:f9:1e:82:48:
ff:9b:09:c3:d0:53:d8:13:8f:ef:9b:98:ed:0c:8e:
09:a6:4e:00:5e:8f:a4:7d:cc:60:06:7e:95:31:38:
a5:f3:41:03:18:71:cb:f3:c0:06:cc:f5:fa:19:62:
c0:14:cb:57:10:6a:72:0a:13:30:4d:14:2c:03:67:
e1:ed:4f:8a:b0:59:c1:29:27:6f:d6:7d:7c:9e:f8:
28:f4:e3:30:8c:e3:64:64:19:db:ee:cf:80:1f:4d:
5a:92:ef:25:28:21:34:ea:5c:60:5a:f8:c4:c3:35:
e0:e9:2c:1c:9a:cf:b6:4c:07:fa:d8:89:50:91:14:
4e:e1:6b:93:c2:bb:81:aa:73:08:64:ef:cc:e2:44:
0f:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:C3:28:93:5E:22:0B:D1:EB:B7:7C:1F:40:3E:36:CA:FA:59:9F:80
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ksMok14iC9Hrt3wfQD42yvpZn4A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
23:4f:04:bc:8a:dd:91:7e:8b:48:c1:96:e1:50:d7:8a:23:1f:
80:4a:70:b2:38:b6:58:3b:95:30:75:99:91:6c:60:3a:36:25:
ea:bc:5e:09:f0:4d:8c:69:c8:41:74:92:8b:ec:03:c7:b9:b3:
2f:ba:75:2e:76:cb:df:a2:81:f3:d2:24:56:2f:12:2c:7c:71:
c0:c5:f6:0b:58:d6:61:02:2a:73:d3:0e:01:32:3d:ed:93:e7:
c5:97:2d:b0:f0:d6:a0:87:43:cb:cd:59:eb:81:b6:de:08:7c:
5b:1c:5c:7e:6e:96:03:e3:a3:9b:ad:12:12:df:df:1f:0d:4b:
5d:65:e8:0b:dd:7f:63:65:74:25:6f:bf:ba:93:31:5d:9b:7a:
5b:05:a5:07:35:91:4b:3c:ca:85:9d:55:52:6b:63:ec:f2:b0:
1c:50:6d:09:60:94:d8:1a:ab:14:e7:56:84:23:2a:88:ee:88:
4e:fd:ad:37:b7:9f:57:c6:20:94:ae:10:93:1f:9f:6b:a5:cc:
11:ec:39:46:40:f8:c1:84:4e:d8:41:4b:76:80:8f:7d:f5:07:
7c:fb:2a:15:58:03:16:59:c5:b6:e7:0c:60:34:e9:31:2a:9f:
48:79:8c:e8:e2:a6:93:ac:5f:9d:3f:4d:65:5a:5d:62:f1:b3:
1b:f1:94:98
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZe6Ut6cF0AEMDLFtEhVhdsRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjI5MDYxNDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmMzMjg5MzVlMjIwYmQxZWJiNzdjMWY0MDNlMzZjYWZhNTk5ZjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0kwestWl6G5hbxM4JlddYUzLR8RJ
oXmiyNo+y2Pe1HfBfpJvfLAIzjh6VArWmp/iAUO1kNCPYJBsx4equvMlaglyuZjH
rzb15mKv39YosBVda2GioOjQyzy4782rwjgqpnFu8hL8i6RSKe3nDc7khG8cW/ke
gkj/mwnD0FPYE4/vm5jtDI4Jpk4AXo+kfcxgBn6VMTil80EDGHHL88AGzPX6GWLA
FMtXEGpyChMwTRQsA2fh7U+KsFnBKSdv1n18nvgo9OMwjONkZBnb7s+AH01aku8l
KCE06lxgWvjEwzXg6Swcms+2TAf62IlQkRRO4WuTwruBqnMIZO/M4kQPSwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFJLDKJNeIgvR67d8H0A+Nsr6WZ+AMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEva3NNb2sxNGlDOUhydDN3ZlFENDJ5dnBabjRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAI08EvIrdkX6LSMGW4VDXiiMf
gEpwsji2WDuVMHWZkWxgOjYl6rxeCfBNjGnIQXSSi+wDx7mzL7p1LnbL36KB89Ik
Vi8SLHxxwMX2C1jWYQIqc9MOATI97ZPnxZctsPDWoIdDy81Z64G23gh8Wxxcfm6W
A+Ojm60SEt/fHw1LXWXoC91/Y2V0JW+/upMxXZt6WwWlBzWRSzzKhZ1VUmtj7PKw
HFBtCWCU2BqrFOdWhCMqiO6ITv2tN7efV8YglK4Qkx+fa6XMEew5RkD4wYRO2EFL
doCPffUHfPsqFVgDFlnFtucMYDTpMSqfSHmM6OKmk6xfnT9NZVpdYvGzG/GUmA==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:20:10 2025 by rpki-client