Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/l8UvsjpAvh1_cXjjGJ9yuijNOtY.roa
File: l8UvsjpAvh1_cXjjGJ9yuijNOtY.roa (raw, json)
Hash identifier: J0DIb2nDknH5YyaxfIE2e4b88sg7fYZBQIj8AhQWzqQ=
Subject key identifier: 97:C5:2F:B2:3A:40:BE:1D:7F:71:78:E3:18:9F:72:BA:28:CD:3A:D6
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 01978B8B2CBF0B62E745081316AEC45BC21C
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/l8UvsjpAvh1_cXjjGJ9yuijNOtY.roa
Signing time: Fri 20 Jun 2025 04:14:03 +0000
ROA not before: Fri 20 Jun 2025 04:14:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 20 Jun 2025 05:05:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:8b:8b:2c:bf:0b:62:e7:45:08:13:16:ae:c4:5b:c2:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 20 04:14:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=97c52fb23a40be1d7f7178e3189f72ba28cd3ad6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:80:a2:1f:c3:57:cf:05:7d:94:0e:9a:fc:32:
a4:5d:0b:7b:2f:14:7f:ac:24:ef:4c:a9:5d:16:28:
7c:8c:b9:1c:93:b1:aa:5e:20:0e:30:0b:1c:d1:1c:
77:56:46:ae:1d:b1:ae:ee:33:c8:3a:57:33:4b:42:
78:86:91:b7:1d:73:21:c1:34:f3:df:a3:09:8c:d3:
c4:7d:37:af:b1:c7:66:7e:1b:fe:b8:a1:40:20:72:
6a:40:87:23:55:4b:65:70:d6:dc:e8:41:d3:ad:11:
78:70:7f:9f:01:d0:73:cc:83:2e:23:44:b3:42:0a:
4b:f3:1a:3f:70:0e:13:19:68:3c:a8:f1:a2:39:dc:
36:89:2d:8b:45:5a:a2:e8:bc:c8:15:f7:e2:80:92:
b5:12:3b:27:aa:92:0e:b2:11:38:89:bd:b4:cd:7d:
34:17:b2:4b:03:33:7b:80:15:22:bc:b4:e2:63:0f:
8c:6a:a8:2d:d5:0b:77:5f:eb:80:68:aa:9c:c3:b9:
08:29:fd:f5:22:89:50:1a:c2:0b:9a:cf:f0:46:6b:
25:e7:75:7e:ce:82:e2:98:67:0e:c6:3d:be:9c:0d:
ae:a2:a0:d1:53:8c:f9:08:fb:d9:ae:d1:aa:70:a1:
e3:90:52:d2:b2:a8:f8:91:2b:40:90:cf:74:2c:0d:
38:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:C5:2F:B2:3A:40:BE:1D:7F:71:78:E3:18:9F:72:BA:28:CD:3A:D6
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/l8UvsjpAvh1_cXjjGJ9yuijNOtY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
26:60:fc:5c:e2:bc:c1:84:88:66:23:78:8c:c6:de:18:64:db:
b2:23:d9:65:a2:9a:5a:f9:d9:b0:2f:f5:08:9a:cf:fe:e1:1d:
d1:c9:e7:37:4f:e4:4d:be:a2:ac:64:5a:a0:3f:94:6d:fc:b5:
e7:86:ab:c0:75:60:79:82:fb:eb:cb:09:f6:e1:7c:83:61:bd:
15:26:c1:5d:78:92:19:72:43:e2:59:33:ff:6e:3b:0b:8d:f6:
c6:5d:3d:89:a1:e6:7a:4b:5e:53:ef:d6:4a:72:4a:5c:bc:d4:
a0:9f:bd:39:bd:c2:9f:2e:fd:c5:96:1e:ea:1d:a2:a8:b0:90:
92:52:4a:66:fd:1f:7b:c1:d3:65:79:d4:f8:86:7b:c5:0e:de:
89:83:38:39:85:19:a1:62:03:6b:e8:9f:a3:34:aa:c0:e5:42:
79:43:b7:e3:8f:c7:f5:5e:74:55:2b:0d:40:ce:0d:f8:f3:81:
fd:e4:ac:19:10:41:02:44:f9:00:1b:69:35:b6:88:2c:7c:62:
36:cd:d0:9e:f9:c7:44:62:8a:b1:a0:b2:2d:f3:71:e9:c9:b1:
34:d2:b1:ca:83:09:a3:3a:d4:0e:73:7c:7e:96:b0:8f:35:d8:
c7:9a:bb:37:67:f4:c8:2f:a6:ac:bc:a5:17:63:4d:ce:91:26:
21:c8:7d:bd
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZeLiyy/C2LnRQgTFq7EW8IcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjIwMDQxNDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2M1MmZiMjNhNDBiZTFkN2Y3MTc4ZTMxODlmNzJiYTI4Y2QzYWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvICiH8NXzwV9lA6a/DKkXQt7LxR/
rCTvTKldFih8jLkck7GqXiAOMAsc0Rx3VkauHbGu7jPIOlczS0J4hpG3HXMhwTTz
36MJjNPEfTevscdmfhv+uKFAIHJqQIcjVUtlcNbc6EHTrRF4cH+fAdBzzIMuI0Sz
QgpL8xo/cA4TGWg8qPGiOdw2iS2LRVqi6LzIFffigJK1EjsnqpIOshE4ib20zX00
F7JLAzN7gBUivLTiYw+Maqgt1Qt3X+uAaKqcw7kIKf31IolQGsILms/wRmsl53V+
zoLimGcOxj2+nA2uoqDRU4z5CPvZrtGqcKHjkFLSsqj4kStAkM90LA04rQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFJfFL7I6QL4df3F44xifcroozTrWMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvbDhVdnNqcEF2aDFfY1hqakdKOXl1aWpOT3RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAJmD8XOK8wYSIZiN4jMbeGGTb
siPZZaKaWvnZsC/1CJrP/uEd0cnnN0/kTb6irGRaoD+Ubfy154arwHVgeYL768sJ
9uF8g2G9FSbBXXiSGXJD4lkz/247C432xl09iaHmekteU+/WSnJKXLzUoJ+9Ob3C
ny79xZYe6h2iqLCQklJKZv0fe8HTZXnU+IZ7xQ7eiYM4OYUZoWIDa+ifozSqwOVC
eUO344/H9V50VSsNQM4N+POB/eSsGRBBAkT5ABtpNbaILHxiNs3QnvnHRGKKsaCy
LfNx6cmxNNKxyoMJozrUDnN8fpawjzXYx5q7N2f0yC+mrLylF2NNzpEmIch9vQ==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:55:54 2025 by rpki-client