Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/pILGOzpjrryKv1lUQQY8IH_e524.roa
File: pILGOzpjrryKv1lUQQY8IH_e524.roa (raw, json)
Hash identifier: myKaaS9GFWGCq2QY8TEKISyNYNeUI6PU23ZXuI9yZxM=
Subject key identifier: A4:82:C6:3B:3A:63:AE:BC:8A:BF:59:54:41:06:3C:20:7F:DE:E7:6E
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 01977538AC0CC9F4151CDED223E02571A8BF
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/pILGOzpjrryKv1lUQQY8IH_e524.roa
Signing time: Sun 15 Jun 2025 20:12:17 +0000
ROA not before: Sun 15 Jun 2025 20:12:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 15 Jun 2025 21:04:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:75:38:ac:0c:c9:f4:15:1c:de:d2:23:e0:25:71:a8:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 15 20:12:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a482c63b3a63aebc8abf595441063c207fdee76e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:c3:cb:10:fb:69:3d:ad:9e:8e:42:a8:c4:3c:
aa:d3:a2:ea:b4:ef:40:80:34:38:de:87:12:3e:68:
af:01:22:a6:2e:c1:27:f1:3e:f9:02:50:00:50:b7:
3d:7f:38:91:05:cb:fa:fc:ff:d2:aa:00:77:6f:25:
5c:15:15:da:34:f7:39:4e:5e:37:a3:8d:73:b2:42:
5d:29:76:3f:0f:47:eb:81:3e:e1:a6:3a:dd:b6:a5:
8c:95:97:8c:0c:11:bf:cf:74:cf:bf:4d:a5:1c:59:
b5:1e:d0:9d:7c:c8:5b:53:a4:fa:61:cc:d8:f3:3e:
c6:eb:a6:0d:24:81:02:b3:f8:94:df:15:80:b5:1f:
f6:01:bb:ba:7c:53:f6:b5:68:15:ee:1e:f6:8f:e1:
6c:71:3b:1a:8a:1c:d6:5a:8d:0d:c5:9a:5e:a6:bb:
1e:a1:8a:b7:01:be:14:ac:d7:28:a4:c8:d7:d7:3f:
64:f7:a6:f8:8b:79:69:0a:b7:2e:a3:25:13:e5:8b:
bb:bb:3b:3a:6c:9d:25:de:ee:48:d8:68:15:c0:f7:
96:74:fe:fd:90:b8:c7:b2:6e:d1:2f:61:14:e4:54:
84:53:02:6d:87:54:f7:be:5e:7c:d4:24:3e:14:c7:
1a:75:5a:0b:09:00:00:c3:23:3d:22:f5:f2:e8:b2:
6a:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:82:C6:3B:3A:63:AE:BC:8A:BF:59:54:41:06:3C:20:7F:DE:E7:6E
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/pILGOzpjrryKv1lUQQY8IH_e524.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
1a:8a:39:65:44:b9:d0:c4:21:5e:03:54:9f:fe:5b:7a:43:fe:
b0:7c:cd:09:88:17:80:7e:c1:91:c2:ca:a1:21:1f:33:d2:5c:
7b:bb:9f:b6:54:05:a8:ca:ac:f6:7f:f3:ed:ec:d9:71:a3:b8:
0b:a6:f1:c2:9d:ed:2d:ef:15:19:1b:c7:2d:2f:6d:7b:e5:1b:
f6:d5:de:d6:a8:de:aa:ec:35:e4:2d:01:56:da:f4:b9:26:05:
37:39:8a:27:ca:20:73:82:7d:96:3b:a7:66:7f:ab:57:5f:0e:
69:d3:49:f1:9f:3a:16:46:c0:cb:0e:90:b2:c1:87:1c:51:9e:
cf:d4:14:75:84:18:c7:7e:67:b2:e2:7d:78:1c:0e:9f:49:bb:
b4:f5:aa:a2:8d:4d:82:2e:c8:b1:ea:86:d9:e9:9a:09:88:fd:
f2:f1:91:cb:48:12:4f:ae:56:7b:ce:51:8e:54:f7:44:87:92:
49:8d:b4:8f:e8:75:5b:d8:87:c9:36:6c:ea:fc:b9:b0:62:16:
db:0f:1f:0b:2d:45:85:53:59:e7:10:39:d3:04:97:41:c7:49:
0b:b7:08:c3:b8:64:2e:21:79:62:54:74:84:71:75:b0:48:71:
1c:18:68:d9:73:49:79:5c:3d:3c:ca:f7:f5:ad:3a:55:50:b5:
06:4c:07:c9
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZd1OKwMyfQVHN7SI+Alcai/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjE1MjAxMjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDgyYzYzYjNhNjNhZWJjOGFiZjU5NTQ0MTA2M2MyMDdmZGVlNzZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu8PLEPtpPa2ejkKoxDyq06LqtO9A
gDQ43ocSPmivASKmLsEn8T75AlAAULc9fziRBcv6/P/SqgB3byVcFRXaNPc5Tl43
o41zskJdKXY/D0frgT7hpjrdtqWMlZeMDBG/z3TPv02lHFm1HtCdfMhbU6T6YczY
8z7G66YNJIECs/iU3xWAtR/2Abu6fFP2tWgV7h72j+FscTsaihzWWo0NxZpeprse
oYq3Ab4UrNcopMjX1z9k96b4i3lpCrcuoyUT5Yu7uzs6bJ0l3u5I2GgVwPeWdP79
kLjHsm7RL2EU5FSEUwJth1T3vl581CQ+FMcadVoLCQAAwyM9IvXy6LJqYQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFKSCxjs6Y668ir9ZVEEGPCB/3uduMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvcElMR096cGpycnlLdjFsVVFRWThJSF9lNTI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAGoo5ZUS50MQhXgNUn/5bekP+
sHzNCYgXgH7BkcLKoSEfM9Jce7uftlQFqMqs9n/z7ezZcaO4C6bxwp3tLe8VGRvH
LS9te+Ub9tXe1qjequw15C0BVtr0uSYFNzmKJ8ogc4J9ljunZn+rV18OadNJ8Z86
FkbAyw6QssGHHFGez9QUdYQYx35nsuJ9eBwOn0m7tPWqoo1Ngi7IseqG2emaCYj9
8vGRy0gST65We85RjlT3RIeSSY20j+h1W9iHyTZs6vy5sGIW2w8fCy1FhVNZ5xA5
0wSXQcdJC7cIw7hkLiF5YlR0hHF1sEhxHBho2XNJeVw9PMr39a06VVC1BkwHyQ==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:23:30 2025 by rpki-client