Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/nkJNieuoQADsAH0jBf018VOdJxA.roa
File: nkJNieuoQADsAH0jBf018VOdJxA.roa (raw, json)
Hash identifier: StwOcHjMQvVIqkG0BBdlB7z1dbKfaHv/yrtDhuV3PhU=
Subject key identifier: 9E:42:4D:89:EB:A8:40:00:EC:00:7D:23:05:FD:35:F1:53:9D:27:10
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 01978BF29E8379993A9FDB47D36364A571D1
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/nkJNieuoQADsAH0jBf018VOdJxA.roa
Signing time: Fri 20 Jun 2025 06:07:02 +0000
ROA not before: Fri 20 Jun 2025 06:07:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
2001:67c:64:ffff:0:197:8bf0:40ad/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 20 Jun 2025 06:17:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:8b:f2:9e:83:79:99:3a:9f:db:47:d3:63:64:a5:71:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 20 06:07:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9e424d89eba84000ec007d2305fd35f1539d2710
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:63:a7:ed:25:aa:e1:45:aa:e4:99:c5:1e:bd:
d9:40:4c:ec:7b:6e:49:95:2e:c1:2d:f6:e4:e7:66:
72:d7:f4:b0:ab:77:98:15:1f:cb:87:fa:04:e6:bc:
09:d7:7b:ea:9c:ff:6b:17:03:c3:4d:6d:8e:8f:93:
35:3a:eb:13:a3:1d:37:fb:a8:67:0a:a1:fb:e7:fd:
92:25:dd:07:3d:d2:0c:8a:28:82:68:ca:f9:22:da:
3a:86:6b:2f:cf:3c:dc:96:d6:29:da:20:99:60:29:
4e:38:71:3a:b9:8f:7a:05:d7:04:62:48:fe:37:72:
8f:2b:d1:5a:91:37:b7:bf:08:11:ba:12:aa:50:eb:
ff:3a:40:59:63:28:b3:b6:3c:c1:05:4a:99:19:1b:
96:21:10:47:44:bf:48:b1:91:8c:5d:b6:cb:bf:82:
fb:ba:a0:f7:6c:89:f6:bc:d5:48:d1:47:b0:a3:73:
3e:fc:1d:d4:a0:18:ed:c8:88:ea:8e:6d:d6:98:b0:
21:ff:16:0d:a9:64:ae:e6:80:ab:33:23:45:24:55:
eb:e3:c6:cd:49:3f:32:ce:37:f2:6a:a3:7d:17:5c:
9d:be:df:27:6e:ae:a6:d6:90:1d:e1:82:fb:af:9c:
f6:6d:59:2f:67:31:8a:7e:47:3d:8d:ad:fa:cc:f6:
57:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:42:4D:89:EB:A8:40:00:EC:00:7D:23:05:FD:35:F1:53:9D:27:10
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/nkJNieuoQADsAH0jBf018VOdJxA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
2001:67c:64:ffff:0:197:8bf0:40ad/128
Signature Algorithm: sha256WithRSAEncryption
1e:2c:db:d4:16:56:e8:1d:ac:77:bc:fe:99:ed:0f:7d:ef:cc:
76:76:9e:f6:db:e7:58:85:3a:72:9f:21:e3:09:4b:0f:ea:e7:
a9:fc:70:d8:1c:01:36:b0:7e:20:cc:ab:89:b6:7e:83:96:c8:
86:34:6b:8d:08:01:3c:74:de:16:7e:e0:0e:c7:8f:51:68:87:
56:04:29:5d:a4:92:e2:33:63:fa:74:93:bb:23:58:fa:15:11:
0c:14:24:12:e5:ab:7b:8b:cc:e8:4c:e9:bd:ee:cf:9a:4a:02:
9b:27:d5:a1:d7:57:f2:97:97:8c:e1:d4:01:1a:99:3c:5b:1d:
c2:ba:29:0e:4e:5d:57:c0:e7:9f:fc:9a:b2:06:23:4d:fb:21:
b2:2e:e9:e5:6e:2d:bd:f8:0e:bd:ef:d6:17:a6:47:03:79:1a:
b8:9e:cc:df:b6:e8:bb:be:0b:ec:8f:24:ed:03:e8:b3:3a:4b:
5c:a2:69:8b:9c:4f:3a:79:b2:db:4b:87:f4:9d:d2:39:d4:12:
d6:51:ea:ec:d4:bb:8b:ef:b4:7c:fc:98:c1:4a:40:5c:54:b3:
02:b0:ed:38:60:40:61:f4:72:b2:f6:c2:9c:a2:06:41:c5:74:
27:01:56:22:a4:9e:33:fb:12:61:e5:90:cd:2d:a3:f4:ed:df:
a9:50:ca:a8
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZeL8p6DeZk6n9tH02NkpXHRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjIwMDYwNzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTQyNGQ4OWViYTg0MDAwZWMwMDdkMjMwNWZkMzVmMTUzOWQyNzEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvGOn7SWq4UWq5JnFHr3ZQEzse25J
lS7BLfbk52Zy1/Swq3eYFR/Lh/oE5rwJ13vqnP9rFwPDTW2Oj5M1OusTox03+6hn
CqH75/2SJd0HPdIMiiiCaMr5Ito6hmsvzzzcltYp2iCZYClOOHE6uY96BdcEYkj+
N3KPK9FakTe3vwgRuhKqUOv/OkBZYyiztjzBBUqZGRuWIRBHRL9IsZGMXbbLv4L7
uqD3bIn2vNVI0Uewo3M+/B3UoBjtyIjqjm3WmLAh/xYNqWSu5oCrMyNFJFXr48bN
ST8yzjfyaqN9F1ydvt8nbq6m1pAd4YL7r5z2bVkvZzGKfkc9ja36zPZXkQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFJ5CTYnrqEAA7AB9IwX9NfFTnScQMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvbmtKTmlldW9RQURzQUgwakJmMDE4Vk9kSnhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGXaFF4nAMRACABBnwAZP//AAABl4vwQK0wDQYJKoZIhvcNAQELBQADggEB
AB4s29QWVugdrHe8/pntD33vzHZ2nvbb51iFOnKfIeMJSw/q56n8cNgcATawfiDM
q4m2foOWyIY0a40IATx03hZ+4A7Hj1Foh1YEKV2kkuIzY/p0k7sjWPoVEQwUJBLl
q3uLzOhM6b3uz5pKApsn1aHXV/KXl4zh1AEamTxbHcK6KQ5OXVfA55/8mrIGI037
IbIu6eVuLb34Dr3v1hemRwN5GriezN+26Lu+C+yPJO0D6LM6S1yiaYucTzp5sttL
h/Sd0jnUEtZR6uzUu4vvtHz8mMFKQFxUswKw7ThgQGH0crL2wpyiBkHFdCcBViKk
njP7EmHlkM0to/Tt36lQyqg=
-----END CERTIFICATE-----
Generated at Sat Jul 5 16:27:02 2025 by rpki-client