Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/qaPIq10RPIbs8fKXa4n__ULFBUs.roa
File: qaPIq10RPIbs8fKXa4n__ULFBUs.roa (raw, json)
Hash identifier: EcO7bpC/J0o05sQZ4njSU9GAjGYdf148unJpFUpnwdY=
Subject key identifier: A9:A3:C8:AB:5D:11:3C:86:EC:F1:F2:97:6B:89:FF:FD:42:C5:05:4B
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 01979834245CF95436C69C108B042B03E9B5
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/qaPIq10RPIbs8fKXa4n__ULFBUs.roa
Signing time: Sun 22 Jun 2025 15:14:03 +0000
ROA not before: Sun 22 Jun 2025 15:14:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 22 Jun 2025 16:06:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:98:34:24:5c:f9:54:36:c6:9c:10:8b:04:2b:03:e9:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 22 15:14:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a9a3c8ab5d113c86ecf1f2976b89fffd42c5054b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:55:c9:80:8c:51:03:d0:b6:9a:15:11:50:d0:
ab:5c:8c:1f:1c:78:b3:d9:5d:02:a8:27:6c:4f:7b:
5c:21:91:59:31:cb:09:68:9a:d7:27:d6:f9:c2:75:
61:9e:dc:4b:f1:2f:0d:f5:74:1e:9d:d6:7b:da:54:
20:69:09:7c:c0:37:6f:0f:80:95:d1:94:e8:1b:45:
65:c4:f4:e8:c2:f6:e0:bf:cb:37:33:f8:44:51:4c:
34:a6:7c:77:73:c3:b2:aa:a9:0d:39:1d:04:7c:7d:
5f:07:f1:93:ad:af:53:1f:9e:6c:6b:a0:63:3e:84:
93:85:c5:a6:bd:f7:d4:5c:80:95:d5:6e:6b:c0:63:
3c:f3:0f:42:97:16:77:d4:90:ac:aa:61:74:52:73:
7f:bc:29:d0:a9:74:fa:b8:14:be:dd:fb:ce:d6:92:
41:d9:67:cf:ed:e4:41:b9:29:7c:62:fb:7a:f6:a1:
ff:d5:80:58:3b:47:71:4f:66:48:ef:b5:18:b3:c9:
84:c3:d7:34:60:c5:f5:56:18:19:a4:3e:c0:02:df:
43:5d:5f:ae:d8:91:64:36:40:67:6b:3a:c2:05:96:
db:62:b6:70:ab:b4:f7:41:12:77:0d:14:b3:c8:4d:
56:a6:21:dc:09:75:cc:8d:0a:50:cc:af:a1:28:87:
53:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:A3:C8:AB:5D:11:3C:86:EC:F1:F2:97:6B:89:FF:FD:42:C5:05:4B
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/qaPIq10RPIbs8fKXa4n__ULFBUs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
16:74:cc:91:ab:5c:cc:b5:d5:d8:9c:29:03:81:64:98:f5:19:
fc:63:7c:e8:45:f9:a9:a6:28:3b:e5:25:b6:3e:28:c4:e3:e9:
1a:7a:03:e6:66:a1:9c:19:ed:db:ae:bb:b6:99:6b:85:85:89:
74:58:15:56:59:3f:75:e5:60:aa:0f:9f:d6:18:5f:44:0a:5b:
d0:07:56:3f:5a:6a:03:67:db:2d:72:ba:85:8d:af:b4:62:b1:
0c:ef:60:30:20:f8:c2:08:3d:b4:08:0c:44:04:50:5d:f1:66:
fe:32:05:bd:e8:c3:4f:94:71:e5:b9:ed:df:39:d3:76:ab:9b:
4b:9d:a8:c3:e4:82:a3:28:9e:88:6e:fd:9d:40:07:5a:d6:0e:
72:30:55:21:38:56:6d:3f:fb:dc:d7:13:ee:b3:44:90:68:a9:
3f:79:b7:0b:59:6c:9b:1e:97:8a:5c:9b:8a:bf:87:6c:96:de:
14:e5:a1:cb:f7:c8:e0:fd:8b:63:3d:d5:95:fb:9d:7a:82:54:
8d:c8:f0:f6:c1:2f:a9:6b:6d:32:a8:6a:ea:4a:53:9c:af:9e:
a5:82:71:a5:d7:d4:3e:48:d9:63:7c:64:50:22:ab:10:b2:26:
f4:a0:4e:86:ce:ee:80:ce:f4:ab:21:6d:41:5c:c6:7b:44:f2:
f9:33:72:3f
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZeYNCRc+VQ2xpwQiwQrA+m1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjIyMTUxNDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWEzYzhhYjVkMTEzYzg2ZWNmMWYyOTc2Yjg5ZmZmZDQyYzUwNTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxFXJgIxRA9C2mhURUNCrXIwfHHiz
2V0CqCdsT3tcIZFZMcsJaJrXJ9b5wnVhntxL8S8N9XQendZ72lQgaQl8wDdvD4CV
0ZToG0VlxPTowvbgv8s3M/hEUUw0pnx3c8OyqqkNOR0EfH1fB/GTra9TH55sa6Bj
PoSThcWmvffUXICV1W5rwGM88w9ClxZ31JCsqmF0UnN/vCnQqXT6uBS+3fvO1pJB
2WfP7eRBuSl8Yvt69qH/1YBYO0dxT2ZI77UYs8mEw9c0YMX1VhgZpD7AAt9DXV+u
2JFkNkBnazrCBZbbYrZwq7T3QRJ3DRSzyE1WpiHcCXXMjQpQzK+hKIdTFQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFKmjyKtdETyG7PHyl2uJ//1CxQVLMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvcWFQSXExMFJQSWJzOGZLWGE0bl9fVUxGQlVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAFnTMkatczLXV2JwpA4FkmPUZ
/GN86EX5qaYoO+Ultj4oxOPpGnoD5mahnBnt2667tplrhYWJdFgVVlk/deVgqg+f
1hhfRApb0AdWP1pqA2fbLXK6hY2vtGKxDO9gMCD4wgg9tAgMRARQXfFm/jIFvejD
T5Rx5bnt3znTdqubS52ow+SCoyieiG79nUAHWtYOcjBVIThWbT/73NcT7rNEkGip
P3m3C1lsmx6Xilybir+HbJbeFOWhy/fI4P2LYz3VlfudeoJUjcjw9sEvqWttMqhq
6kpTnK+epYJxpdfUPkjZY3xkUCKrELIm9KBOhs7ugM70qyFtQVzGe0Ty+TNyPw==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:01:55 2025 by rpki-client