Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/l6pqKdEv799F5OyCKbnE-duaE7E.roa
File: l6pqKdEv799F5OyCKbnE-duaE7E.roa (raw, json)
Hash identifier: 5YoLZ1VmGNmKbwtVt2f976886c+eHyK5dCrMNvc8+Z8=
Subject key identifier: 97:AA:6A:29:D1:2F:EF:DF:45:E4:EC:82:29:B9:C4:F9:DB:9A:13:B1
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 0197B00710964859C9906C2BEB696FBE8D67
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/l6pqKdEv799F5OyCKbnE-duaE7E.roa
Signing time: Fri 27 Jun 2025 06:15:42 +0000
ROA not before: Fri 27 Jun 2025 06:15:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 27 Jun 2025 07:04:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b0:07:10:96:48:59:c9:90:6c:2b:eb:69:6f:be:8d:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 27 06:15:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=97aa6a29d12fefdf45e4ec8229b9c4f9db9a13b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:4d:05:f2:9f:f9:6d:d9:57:54:f7:e9:6a:de:
46:6e:51:c5:22:41:ec:dc:26:d5:6c:2b:8c:13:a3:
8b:e9:32:db:f8:36:22:1f:79:30:9f:3b:8c:5b:3f:
0c:2a:2a:9b:d1:43:77:14:34:32:29:29:a4:89:97:
ed:5f:d4:6f:39:6a:6e:36:cd:de:20:34:a3:9a:ac:
6e:65:1e:57:30:74:84:3f:cc:33:5c:a6:5b:d4:e2:
2c:a4:32:98:b7:a6:c5:c2:a1:a6:fd:29:dc:11:61:
c7:31:a8:b7:3e:38:d7:07:d6:2e:7e:b3:fb:ab:28:
a5:3d:4b:ef:ed:da:4c:6f:cc:36:26:7a:aa:22:19:
e6:83:5a:80:8a:19:7f:75:d2:15:a1:8c:0a:77:87:
df:e0:d2:91:8d:48:3a:be:8b:99:67:fd:c6:d2:26:
09:d2:c0:61:4c:00:f6:b4:3f:31:ba:9d:d1:53:f6:
4b:23:01:ed:4e:90:05:e8:24:2f:fb:fe:97:80:f6:
98:3b:a1:9c:09:12:42:14:45:36:91:a8:17:67:e5:
86:6a:fe:89:28:e3:07:10:ed:f5:d8:6a:ee:46:49:
d4:b3:86:7f:4f:74:17:a9:00:30:96:1f:1f:d1:cf:
79:6a:f8:9a:36:f2:6a:60:b2:b2:fe:69:bc:1e:ee:
c1:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:AA:6A:29:D1:2F:EF:DF:45:E4:EC:82:29:B9:C4:F9:DB:9A:13:B1
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/l6pqKdEv799F5OyCKbnE-duaE7E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
62:9e:6b:7e:f6:51:2f:2b:a8:4a:db:bf:25:d2:96:fe:2a:20:
1c:2a:da:3a:3b:2f:db:1d:71:f7:9e:49:84:04:1b:7d:63:b5:
08:75:1b:8c:69:01:50:fb:0f:01:ed:55:a6:08:6b:b3:6f:0b:
28:4d:17:ef:03:a3:95:29:7d:a9:be:f3:27:ff:26:de:36:42:
e5:39:51:dc:99:4b:d8:62:d3:cb:01:a8:73:79:2d:32:2d:8c:
54:a8:85:46:7b:1d:bd:b8:79:17:c0:b7:31:f7:97:40:e3:d0:
89:d0:89:e6:41:54:ac:ba:c7:9a:fc:4b:7b:d9:7d:27:36:f4:
9d:17:24:f6:27:e0:26:0b:bc:b2:9e:f0:a9:5a:f8:dc:fe:3c:
a1:e8:30:f6:f2:8e:0e:7d:2e:39:d0:e8:11:39:a1:31:90:98:
a7:bf:0b:ec:ea:a2:c8:d5:6f:7e:58:bd:d9:c1:ad:ba:3f:50:
8c:d7:d1:4c:85:75:db:2b:82:87:5d:df:86:2c:b1:80:99:d6:
c4:08:aa:8b:ad:b1:31:26:f9:d3:c5:72:82:51:c9:05:9b:b0:
bf:e9:36:e8:18:72:61:8a:bb:76:33:23:7d:a7:3f:cc:b3:d2:
33:a5:09:a6:e6:5d:65:1a:27:11:cb:00:3b:28:3a:07:6b:8d:
55:16:74:64
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZewBxCWSFnJkGwr62lvvo1nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjI3MDYxNTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2FhNmEyOWQxMmZlZmRmNDVlNGVjODIyOWI5YzRmOWRiOWExM2IxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt00F8p/5bdlXVPfpat5GblHFIkHs
3CbVbCuME6OL6TLb+DYiH3kwnzuMWz8MKiqb0UN3FDQyKSmkiZftX9RvOWpuNs3e
IDSjmqxuZR5XMHSEP8wzXKZb1OIspDKYt6bFwqGm/SncEWHHMai3PjjXB9YufrP7
qyilPUvv7dpMb8w2JnqqIhnmg1qAihl/ddIVoYwKd4ff4NKRjUg6vouZZ/3G0iYJ
0sBhTAD2tD8xup3RU/ZLIwHtTpAF6CQv+/6XgPaYO6GcCRJCFEU2kagXZ+WGav6J
KOMHEO312GruRknUs4Z/T3QXqQAwlh8f0c95aviaNvJqYLKy/mm8Hu7BKwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFJeqainRL+/fReTsgim5xPnbmhOxMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvbDZwcUtkRXY3OTlGNU95Q0tibkUtZHVhRTdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAYp5rfvZRLyuoStu/JdKW/iog
HCraOjsv2x1x955JhAQbfWO1CHUbjGkBUPsPAe1Vpghrs28LKE0X7wOjlSl9qb7z
J/8m3jZC5TlR3JlL2GLTywGoc3ktMi2MVKiFRnsdvbh5F8C3MfeXQOPQidCJ5kFU
rLrHmvxLe9l9Jzb0nRck9ifgJgu8sp7wqVr43P48oegw9vKODn0uOdDoETmhMZCY
p78L7OqiyNVvfli92cGtuj9QjNfRTIV12yuCh13fhiyxgJnWxAiqi62xMSb508Vy
glHJBZuwv+k26BhyYYq7djMjfac/zLPSM6UJpuZdZRonEcsAOyg6B2uNVRZ0ZA==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:33:10 2025 by rpki-client