Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/nVszmsvTlge6lnKbgwJmQq34jQc.roa
File: nVszmsvTlge6lnKbgwJmQq34jQc.roa (raw, json)
Hash identifier: iOR5Iz288YDgzYmVu1Uc/P/Qv0FZusHtJyg79tBvUW0=
Subject key identifier: 9D:5B:33:9A:CB:D3:96:07:BA:96:72:9B:83:02:66:42:AD:F8:8D:07
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 01978062F35FB9E9B6B34E448A20B8040323
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/nVszmsvTlge6lnKbgwJmQq34jQc.roa
Signing time: Wed 18 Jun 2025 00:14:17 +0000
ROA not before: Wed 18 Jun 2025 00:14:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 18 Jun 2025 01:05:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:80:62:f3:5f:b9:e9:b6:b3:4e:44:8a:20:b8:04:03:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 18 00:14:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9d5b339acbd39607ba96729b83026642adf88d07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:50:19:0a:81:0e:7a:31:b9:01:7e:1c:ef:80:
45:a7:88:64:be:e3:3f:55:5d:7d:20:f6:da:d4:e7:
0d:b7:fe:b8:97:cb:06:a9:37:1a:1b:1c:14:ba:92:
22:b7:43:0b:d5:88:72:0f:7a:75:fe:35:56:ca:7b:
66:70:d7:42:c6:5a:d3:39:56:92:76:72:b4:80:e0:
30:c7:62:e3:39:85:33:84:f9:ac:71:1f:46:af:7e:
00:d9:42:56:ec:f3:d9:62:e9:46:07:ed:28:87:7d:
45:94:50:44:49:5e:a7:cc:0e:c2:ff:aa:de:4b:f8:
da:4c:f3:93:e3:1e:4e:b8:c0:28:9a:eb:f0:15:8c:
3d:53:f0:b1:a6:fb:17:68:90:6b:3d:60:62:45:8b:
88:f4:d5:21:74:70:8b:5d:24:3b:9c:d4:e9:65:d7:
17:89:f3:0e:c9:f5:4b:7a:cd:9a:e0:65:b4:02:b9:
7c:40:f0:a4:2c:df:fb:f6:b7:25:75:61:51:7e:31:
a7:2a:42:b9:ba:c0:a9:1f:8f:f2:be:c1:b2:4f:81:
1a:99:2f:74:41:71:b8:95:cf:fc:b5:5f:6f:18:b6:
67:15:6d:4f:38:52:4a:5f:81:d8:03:d2:cc:f0:ec:
ba:b0:c4:8b:04:79:4b:5c:97:50:e7:a3:b5:de:e0:
b7:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:5B:33:9A:CB:D3:96:07:BA:96:72:9B:83:02:66:42:AD:F8:8D:07
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/nVszmsvTlge6lnKbgwJmQq34jQc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
40:ef:4c:4d:bf:6b:6d:91:05:ac:99:82:e7:4f:40:49:40:86:
16:93:77:25:20:89:61:6c:7d:dd:bb:2e:55:ae:6f:20:65:be:
e7:47:ea:90:6d:cd:52:ce:ec:81:39:ac:74:d8:b0:2e:b7:0b:
ee:de:02:c9:5e:11:46:31:82:c6:25:d1:d7:fc:fa:0b:d7:51:
26:c5:da:42:3a:9f:49:43:be:c9:f5:60:8f:f4:d6:82:0c:fe:
2d:47:70:f0:f9:f3:97:c0:3b:a5:6f:cc:c5:81:13:ed:d8:39:
08:1e:42:6d:d9:37:3a:71:07:26:15:b9:ee:99:91:75:a6:b8:
96:71:bc:42:f0:fd:3f:a7:ac:62:75:f1:56:76:40:56:cb:e5:
12:d6:75:d3:94:e8:bd:3a:59:dc:ab:dc:07:90:71:32:2d:36:
b7:79:6b:47:04:02:c7:21:42:91:a6:e3:53:8f:2d:d8:28:cf:
8b:fb:b9:ce:84:84:2f:dd:f0:6e:3b:eb:ff:59:8a:f4:62:30:
54:61:ab:87:f6:52:20:9a:0b:54:ba:ae:63:f5:d0:c4:22:89:
9f:00:f0:56:99:37:a3:e8:94:3f:99:29:5d:a0:14:71:45:cf:
75:73:62:01:df:aa:d3:27:d1:ad:d2:2e:d7:7d:27:b0:77:a5:
76:29:e9:2d
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZeAYvNfuem2s05EiiC4BAMjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjE4MDAxNDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDViMzM5YWNiZDM5NjA3YmE5NjcyOWI4MzAyNjY0MmFkZjg4ZDA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0VAZCoEOejG5AX4c74BFp4hkvuM/
VV19IPba1OcNt/64l8sGqTcaGxwUupIit0ML1YhyD3p1/jVWyntmcNdCxlrTOVaS
dnK0gOAwx2LjOYUzhPmscR9Gr34A2UJW7PPZYulGB+0oh31FlFBESV6nzA7C/6re
S/jaTPOT4x5OuMAomuvwFYw9U/CxpvsXaJBrPWBiRYuI9NUhdHCLXSQ7nNTpZdcX
ifMOyfVLes2a4GW0Arl8QPCkLN/79rcldWFRfjGnKkK5usCpH4/yvsGyT4EamS90
QXG4lc/8tV9vGLZnFW1POFJKX4HYA9LM8Oy6sMSLBHlLXJdQ56O13uC3KwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFJ1bM5rL05YHupZym4MCZkKt+I0HMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvblZzem1zdlRsZ2U2bG5LYmd3Sm1RcTM0alFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAQO9MTb9rbZEFrJmC509ASUCG
FpN3JSCJYWx93bsuVa5vIGW+50fqkG3NUs7sgTmsdNiwLrcL7t4CyV4RRjGCxiXR
1/z6C9dRJsXaQjqfSUO+yfVgj/TWggz+LUdw8Pnzl8A7pW/MxYET7dg5CB5Cbdk3
OnEHJhW57pmRdaa4lnG8QvD9P6esYnXxVnZAVsvlEtZ105TovTpZ3KvcB5BxMi02
t3lrRwQCxyFCkabjU48t2CjPi/u5zoSEL93wbjvr/1mK9GIwVGGrh/ZSIJoLVLqu
Y/XQxCKJnwDwVpk3o+iUP5kpXaAUcUXPdXNiAd+q0yfRrdIu130nsHeldinpLQ==
-----END CERTIFICATE-----
Generated at Sat Jul 5 16:20:06 2025 by rpki-client