Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/oFwxrvlb4nDi9LNP8LbsAPwpXgc.roa
File: oFwxrvlb4nDi9LNP8LbsAPwpXgc.roa (raw, json)
Hash identifier: w+VmgsBOVSwXgM2cobW3HQMdYpnW/9jVkGjZaG7Q0/c=
Subject key identifier: A0:5C:31:AE:F9:5B:E2:70:E2:F4:B3:4F:F0:B6:EC:00:FC:29:5E:07
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 01977DCEDB41EF926DEAF86D7D6F49AF28EC
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/oFwxrvlb4nDi9LNP8LbsAPwpXgc.roa
Signing time: Tue 17 Jun 2025 12:13:17 +0000
ROA not before: Tue 17 Jun 2025 12:13:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 17 Jun 2025 13:04:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:7d:ce:db:41:ef:92:6d:ea:f8:6d:7d:6f:49:af:28:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 17 12:13:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a05c31aef95be270e2f4b34ff0b6ec00fc295e07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:87:9d:6a:17:6f:c3:8d:d9:68:50:c2:ed:fc:
45:73:24:75:f4:0e:d5:49:c2:11:c2:c4:93:55:47:
76:39:13:71:a5:a8:c2:4d:ef:09:80:67:ce:31:b1:
fd:19:37:68:5d:9e:75:b6:5b:22:7f:3e:9d:7e:d6:
73:09:fa:90:ea:a7:4f:ac:a4:a7:d0:91:07:df:cf:
2d:7f:d0:0f:31:97:d4:cf:d2:c3:58:05:63:90:5b:
5c:b3:1c:37:3b:38:2a:3c:27:cd:68:66:2a:02:91:
ca:f4:12:83:fc:97:3d:1f:b8:8d:26:3b:c1:79:32:
30:aa:6e:c7:e2:1d:e5:9f:7d:48:c5:f5:3a:a6:06:
d9:d3:d5:b2:4e:d7:81:bd:88:78:af:16:5d:22:94:
43:61:ad:af:99:73:06:dd:fd:af:23:7f:c6:5f:5c:
ec:b5:97:11:b1:47:bc:21:7c:e3:35:f5:cf:6e:99:
a4:84:07:59:f3:39:b4:20:1c:29:c1:83:e2:96:35:
b5:63:dd:64:ed:30:42:5f:a6:aa:c4:69:1c:a0:96:
30:4e:ae:35:69:00:bc:33:7e:4d:1d:d7:53:46:1c:
1a:50:2f:f6:ec:9d:61:00:54:67:92:71:74:58:72:
e5:23:2c:ee:88:75:99:ad:50:56:d8:b7:c4:95:8a:
66:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:5C:31:AE:F9:5B:E2:70:E2:F4:B3:4F:F0:B6:EC:00:FC:29:5E:07
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/oFwxrvlb4nDi9LNP8LbsAPwpXgc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
47:ca:54:58:d0:65:56:18:aa:88:9d:25:55:9c:a2:b9:9e:87:
65:bd:11:6e:f1:6a:47:92:bc:a0:88:fd:6c:c3:8d:c0:a3:98:
3e:79:0d:55:7c:09:45:a7:83:d4:27:c6:b4:73:5b:5d:19:37:
67:b8:3b:87:e1:10:9a:d9:92:27:98:29:d9:84:b8:a0:6b:99:
7f:1a:44:82:05:0c:d1:e3:59:79:4e:4f:c2:dc:ee:87:6c:ac:
c3:70:37:43:3f:61:bc:7f:3d:48:6f:c5:23:16:e1:3a:59:f7:
50:75:30:7f:58:e0:35:71:bf:7a:44:fc:83:8d:10:1f:fb:c2:
d9:c3:c7:b7:b4:6e:d0:de:d1:6c:ca:87:28:81:0f:2a:37:2b:
b0:46:85:67:0f:2c:2f:fe:ff:72:17:77:9c:ad:80:0c:03:cb:
38:07:93:ea:6c:2f:47:3e:ce:a6:3b:7e:b1:27:34:1b:f1:05:
0f:34:7e:c9:ef:c2:3a:4f:e7:bb:9c:15:4d:35:29:96:3c:8e:
45:87:a1:7f:e6:e8:26:d0:d0:4a:c0:4e:7d:76:aa:ed:b4:30:
8f:e4:d3:dc:f8:b4:6e:74:79:cd:04:1d:40:68:42:03:53:66:
5b:ff:0d:0f:05:22:84:1c:6d:b8:e0:ce:2e:47:06:c5:7d:b7:
1b:45:3c:a3
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZd9zttB75Jt6vhtfW9JryjsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjE3MTIxMzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDVjMzFhZWY5NWJlMjcwZTJmNGIzNGZmMGI2ZWMwMGZjMjk1ZTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj4edahdvw43ZaFDC7fxFcyR19A7V
ScIRwsSTVUd2ORNxpajCTe8JgGfOMbH9GTdoXZ51tlsifz6dftZzCfqQ6qdPrKSn
0JEH388tf9APMZfUz9LDWAVjkFtcsxw3OzgqPCfNaGYqApHK9BKD/Jc9H7iNJjvB
eTIwqm7H4h3ln31IxfU6pgbZ09WyTteBvYh4rxZdIpRDYa2vmXMG3f2vI3/GX1zs
tZcRsUe8IXzjNfXPbpmkhAdZ8zm0IBwpwYPiljW1Y91k7TBCX6aqxGkcoJYwTq41
aQC8M35NHddTRhwaUC/27J1hAFRnknF0WHLlIyzuiHWZrVBW2LfElYpmuwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFKBcMa75W+Jw4vSzT/C27AD8KV4HMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvb0Z3eHJ2bGI0bkRpOUxOUDhMYnNBUHdwWGdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAR8pUWNBlVhiqiJ0lVZyiuZ6H
Zb0RbvFqR5K8oIj9bMONwKOYPnkNVXwJRaeD1CfGtHNbXRk3Z7g7h+EQmtmSJ5gp
2YS4oGuZfxpEggUM0eNZeU5Pwtzuh2ysw3A3Qz9hvH89SG/FIxbhOln3UHUwf1jg
NXG/ekT8g40QH/vC2cPHt7Ru0N7RbMqHKIEPKjcrsEaFZw8sL/7/chd3nK2ADAPL
OAeT6mwvRz7Opjt+sSc0G/EFDzR+ye/COk/nu5wVTTUpljyORYehf+boJtDQSsBO
fXaq7bQwj+TT3Pi0bnR5zQQdQGhCA1NmW/8NDwUihBxtuODOLkcGxX23G0U8ow==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:59:04 2025 by rpki-client