Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/rnsBYBJ1upOgOrhWEehfQn85wYs.roa
File: rnsBYBJ1upOgOrhWEehfQn85wYs.roa (raw, json)
Hash identifier: IhS6d2cCWjM+0/IUvG4GrYH/HvOy7bO5r385R5rwIpQ=
Subject key identifier: AE:7B:01:60:12:75:BA:93:A0:3A:B8:56:11:E8:5F:42:7F:39:C1:8B
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 0197A65B726F553DBAE9A821F360BDED98FD
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/rnsBYBJ1upOgOrhWEehfQn85wYs.roa
Signing time: Wed 25 Jun 2025 09:11:40 +0000
ROA not before: Wed 25 Jun 2025 09:11:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 25 Jun 2025 10:04:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a6:5b:72:6f:55:3d:ba:e9:a8:21:f3:60:bd:ed:98:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 25 09:11:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ae7b01601275ba93a03ab85611e85f427f39c18b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:88:3c:0c:6c:03:50:ff:7a:ba:c8:ca:f0:b7:
92:62:eb:22:ea:1d:07:ba:bf:f0:c9:a1:66:16:35:
ec:4e:14:5c:1e:e4:fd:e7:72:0a:49:06:8d:2c:d1:
1c:10:37:5b:bc:46:1b:75:53:59:04:67:5f:06:fa:
9b:88:f1:54:46:cf:d3:7f:4a:5e:01:26:8c:da:9c:
bd:54:33:0d:15:8a:83:bf:9c:ad:98:4d:7c:ca:fd:
54:ed:2c:16:1d:17:2e:60:9b:5a:09:a3:ea:18:ee:
7b:ee:70:2c:a6:df:32:0f:47:50:60:86:76:25:ed:
99:06:88:2d:65:9a:80:dd:10:44:4f:3e:1f:c3:17:
5f:ad:39:90:e1:0f:fb:c0:01:92:f2:e2:52:57:c6:
b4:24:4c:99:96:be:be:6d:b6:42:38:2e:a1:00:f4:
3f:59:95:56:0e:79:c9:3a:44:fb:d9:20:9e:d0:c9:
c8:b5:37:1c:e5:fd:ec:f9:80:7c:01:f0:bc:f4:f9:
d9:b9:7d:f6:ff:1d:2a:6e:91:97:5d:f8:ef:e7:b9:
2f:87:c7:29:03:3e:2b:be:0d:18:06:86:e6:8d:f6:
e2:3a:a6:54:e5:91:83:0d:92:b1:b4:4e:37:74:66:
f7:d0:73:84:4e:c8:1c:80:b2:e2:bb:8d:57:be:0b:
75:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:7B:01:60:12:75:BA:93:A0:3A:B8:56:11:E8:5F:42:7F:39:C1:8B
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/rnsBYBJ1upOgOrhWEehfQn85wYs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
75:6c:58:1b:3a:d1:35:80:3f:c3:73:e3:b4:e1:3e:78:ed:c5:
b0:21:a7:6b:45:82:33:14:8b:86:3e:46:d4:f7:e9:92:d9:81:
46:d3:55:61:ad:03:04:05:2c:77:be:01:7e:5b:b6:16:bf:bf:
93:93:f3:b2:ba:70:ec:11:35:e9:22:0e:df:8f:28:e6:e6:f1:
dc:43:f8:44:6c:85:06:86:1a:6c:cd:82:1d:1a:bc:ff:80:e0:
f3:bf:9c:e2:bf:2e:b8:96:6c:ff:c3:b2:7e:c7:56:ed:d4:e5:
8b:7e:ba:4d:04:69:6f:30:a7:26:d7:df:76:6d:f1:09:a2:4f:
7a:bf:1d:29:c9:98:fa:44:15:4f:9d:ed:90:dc:13:17:d6:1d:
13:26:8a:5e:01:dd:be:97:6a:6f:2a:02:95:c4:15:71:56:14:
4a:e0:4f:56:ff:0c:cd:74:34:02:9d:ba:47:89:6b:23:9b:e0:
c5:3c:b9:df:55:5e:0b:3c:3e:64:4f:9c:0b:a3:23:fe:35:aa:
bb:c9:65:8f:99:6a:40:c5:8a:54:e9:6b:2d:18:55:ce:42:cb:
10:77:1f:f6:4e:3c:c6:47:7e:88:76:34:c5:65:02:c5:71:13:
3a:4f:1c:f4:4c:ae:a3:65:5e:8b:0d:a6:8b:ef:04:e3:10:e2:
dc:3d:5a:02
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZemW3JvVT266agh82C97Zj9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjI1MDkxMTQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTdiMDE2MDEyNzViYTkzYTAzYWI4NTYxMWU4NWY0MjdmMzljMThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4g8DGwDUP96usjK8LeSYusi6h0H
ur/wyaFmFjXsThRcHuT953IKSQaNLNEcEDdbvEYbdVNZBGdfBvqbiPFURs/Tf0pe
ASaM2py9VDMNFYqDv5ytmE18yv1U7SwWHRcuYJtaCaPqGO577nAspt8yD0dQYIZ2
Je2ZBogtZZqA3RBETz4fwxdfrTmQ4Q/7wAGS8uJSV8a0JEyZlr6+bbZCOC6hAPQ/
WZVWDnnJOkT72SCe0MnItTcc5f3s+YB8AfC89PnZuX32/x0qbpGXXfjv57kvh8cp
Az4rvg0YBobmjfbiOqZU5ZGDDZKxtE43dGb30HOETsgcgLLiu41Xvgt1/QIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFK57AWASdbqToDq4VhHoX0J/OcGLMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvcm5zQllCSjF1cE9nT3JoV0VlaGZRbjg1d1lzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAdWxYGzrRNYA/w3PjtOE+eO3F
sCGna0WCMxSLhj5G1PfpktmBRtNVYa0DBAUsd74Bflu2Fr+/k5Pzsrpw7BE16SIO
348o5ubx3EP4RGyFBoYabM2CHRq8/4Dg87+c4r8uuJZs/8OyfsdW7dTli366TQRp
bzCnJtffdm3xCaJPer8dKcmY+kQVT53tkNwTF9YdEyaKXgHdvpdqbyoClcQVcVYU
SuBPVv8MzXQ0Ap26R4lrI5vgxTy531VeCzw+ZE+cC6Mj/jWqu8llj5lqQMWKVOlr
LRhVzkLLEHcf9k48xkd+iHY0xWUCxXETOk8c9Eyuo2Veiw2mi+8E4xDi3D1aAg==
-----END CERTIFICATE-----
Generated at Sat Jul 5 16:06:50 2025 by rpki-client