Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/m0ndeidOcQitPLjh5iBVd0CwNGA.roa
File: m0ndeidOcQitPLjh5iBVd0CwNGA.roa (raw, json)
Hash identifier: hjY6ouNwtsjrUWWMzaWGjlmk21Zb0wnIJLQK2E6Pzog=
Subject key identifier: 9B:49:DD:7A:27:4E:71:08:AD:3C:B8:E1:E6:20:55:77:40:B0:34:60
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 01978DE76D0985392BB02E402A706E9AE0DF
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/m0ndeidOcQitPLjh5iBVd0CwNGA.roa
Signing time: Fri 20 Jun 2025 15:14:03 +0000
ROA not before: Fri 20 Jun 2025 15:14:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 20 Jun 2025 16:07:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:8d:e7:6d:09:85:39:2b:b0:2e:40:2a:70:6e:9a:e0:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 20 15:14:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9b49dd7a274e7108ad3cb8e1e620557740b03460
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:11:0d:89:cc:f6:e6:2d:1f:16:6d:9f:1b:a2:
5d:50:7c:2c:8a:36:1b:dd:f5:4d:e4:27:0e:a8:af:
23:e7:0d:61:33:bd:27:c3:18:35:1d:c0:0c:e4:90:
cf:13:54:7a:10:34:50:39:b4:13:a8:11:b6:4a:96:
1e:53:4e:78:17:06:54:27:4f:cf:93:db:2f:f4:77:
e1:88:fe:75:1e:42:fd:ea:e6:df:da:2d:56:ab:9b:
4e:ce:fc:e2:9a:0c:68:e6:bb:2d:8f:84:e1:3d:44:
7d:af:12:90:72:6d:52:ee:09:9c:7e:3e:ff:c3:90:
e4:e0:d8:6f:32:89:ca:c0:0a:ba:d8:b3:17:03:5c:
27:47:6c:d1:f3:c8:f6:06:a4:88:30:fd:17:70:f6:
0b:83:4a:ad:97:71:98:8a:19:70:cd:ab:1e:46:cc:
a9:3e:45:97:aa:20:cd:52:98:b3:80:42:59:6f:4a:
40:f1:3a:23:16:52:93:35:33:e3:f2:7e:31:9a:89:
01:f6:37:cb:37:1e:e5:77:62:4e:94:f6:3a:c0:40:
1d:b7:1d:53:f5:6b:01:05:a6:ce:a6:14:4b:dd:88:
5f:57:18:db:ce:8b:47:23:e9:01:24:3f:b5:3e:91:
77:ff:6d:80:56:3b:b9:ab:70:a1:e8:67:c2:ce:0a:
9e:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:49:DD:7A:27:4E:71:08:AD:3C:B8:E1:E6:20:55:77:40:B0:34:60
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/m0ndeidOcQitPLjh5iBVd0CwNGA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
2f:6e:a7:e0:17:8c:19:c5:19:d5:ef:6d:d7:19:cb:c6:4d:06:
fb:4e:a3:55:a6:56:9b:91:2b:65:d1:33:8c:3e:a0:c4:c0:f6:
b5:e5:15:26:55:27:8e:66:0e:22:48:61:67:55:62:d1:8d:12:
e2:13:37:c1:d4:b6:40:10:9e:d7:d7:b2:3d:23:ab:ae:42:da:
19:86:24:ed:38:0f:b0:60:4d:47:a2:67:89:11:42:b9:2a:04:
b0:cd:43:e5:17:0f:38:2d:5e:3f:7b:57:32:34:ed:e4:c9:56:
02:c0:fb:86:0b:ea:2c:83:bc:4f:3f:16:15:53:44:12:b9:85:
34:f5:fa:64:75:69:79:6b:48:f7:27:08:07:76:ac:6d:c6:80:
36:45:55:38:4d:0f:77:9a:dc:9e:d3:2a:15:4b:a6:0f:89:48:
93:57:e7:25:59:73:a5:e1:94:5a:85:7c:94:a9:3e:87:95:d8:
c7:13:e9:14:31:4b:18:35:91:b1:45:0e:51:ab:f4:33:ee:44:
35:55:9f:c4:44:92:b8:44:28:11:67:e6:3f:4d:63:5f:23:31:
6a:84:db:8e:d6:f9:dd:44:d8:51:1f:34:41:f9:2e:61:0b:ab:
ef:6c:ea:c5:49:d5:5d:a5:7f:af:63:cb:3f:95:0a:1f:b2:2d:
e3:eb:53:0d
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZeN520JhTkrsC5AKnBumuDfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjIwMTUxNDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjQ5ZGQ3YTI3NGU3MTA4YWQzY2I4ZTFlNjIwNTU3NzQwYjAzNDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxENicz25i0fFm2fG6JdUHwsijYb
3fVN5CcOqK8j5w1hM70nwxg1HcAM5JDPE1R6EDRQObQTqBG2SpYeU054FwZUJ0/P
k9sv9HfhiP51HkL96ubf2i1Wq5tOzvzimgxo5rstj4ThPUR9rxKQcm1S7gmcfj7/
w5Dk4NhvMonKwAq62LMXA1wnR2zR88j2BqSIMP0XcPYLg0qtl3GYihlwzaseRsyp
PkWXqiDNUpizgEJZb0pA8TojFlKTNTPj8n4xmokB9jfLNx7ld2JOlPY6wEAdtx1T
9WsBBabOphRL3YhfVxjbzotHI+kBJD+1PpF3/22AVju5q3Ch6GfCzgqelwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFJtJ3XonTnEIrTy44eYgVXdAsDRgMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvbTBuZGVpZE9jUWl0UExqaDVpQlZkMEN3TkdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAL26n4BeMGcUZ1e9t1xnLxk0G
+06jVaZWm5ErZdEzjD6gxMD2teUVJlUnjmYOIkhhZ1Vi0Y0S4hM3wdS2QBCe19ey
PSOrrkLaGYYk7TgPsGBNR6JniRFCuSoEsM1D5RcPOC1eP3tXMjTt5MlWAsD7hgvq
LIO8Tz8WFVNEErmFNPX6ZHVpeWtI9ycIB3asbcaANkVVOE0Pd5rcntMqFUumD4lI
k1fnJVlzpeGUWoV8lKk+h5XYxxPpFDFLGDWRsUUOUav0M+5ENVWfxESSuEQoEWfm
P01jXyMxaoTbjtb53UTYUR80QfkuYQur72zqxUnVXaV/r2PLP5UKH7It4+tTDQ==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:07:42 2025 by rpki-client