Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ryDlcxprhYLkCmldZjFOUZ2njNI.roa
File: ryDlcxprhYLkCmldZjFOUZ2njNI.roa (raw, json)
Hash identifier: M7iqRKV4tMFCrXZEPhzfBFmsS1sCybbeBxQmbG56G6s=
Subject key identifier: AF:20:E5:73:1A:6B:85:82:E4:0A:69:5D:66:31:4E:51:9D:A7:8C:D2
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 01978174B0DD339F99C3C4D9BEDED3073C1D
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ryDlcxprhYLkCmldZjFOUZ2njNI.roa
Signing time: Wed 18 Jun 2025 05:13:17 +0000
ROA not before: Wed 18 Jun 2025 05:13:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 18 Jun 2025 06:04:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:81:74:b0:dd:33:9f:99:c3:c4:d9:be:de:d3:07:3c:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 18 05:13:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=af20e5731a6b8582e40a695d66314e519da78cd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:d5:3b:9f:31:30:64:5a:cc:8d:7e:02:48:80:
dd:a4:9f:3a:f3:27:ba:7b:d6:22:8f:fb:4f:b9:22:
90:c9:f0:2b:1c:de:f6:d6:41:2b:f3:89:8a:5a:65:
a7:50:0a:45:85:21:bf:19:fd:e5:c6:4b:17:1d:48:
66:2e:e4:1d:0e:b0:78:1a:a7:51:dd:7c:7b:0d:65:
01:75:4f:8c:55:5d:43:d3:49:b1:6a:e3:e5:19:cf:
67:28:dc:14:9f:eb:34:9e:e8:b6:cc:e7:0a:8b:54:
2b:03:f6:76:9b:8d:83:f9:90:2b:e2:87:cf:e6:8f:
4f:b7:27:87:a4:83:a5:4a:36:42:4e:0e:5a:e6:f6:
9a:d5:bc:4c:7a:c1:4d:0d:70:2d:a8:d8:1d:e7:17:
8e:1b:44:81:08:b2:4d:fe:91:0b:07:b3:0d:df:f5:
72:17:67:83:03:59:eb:a2:13:82:35:8c:3d:85:5d:
d5:e7:4e:1f:bb:ca:1c:4b:11:b7:3a:15:f3:1e:ea:
90:ce:fe:6d:c7:77:11:d3:70:67:8a:12:ae:50:24:
89:ba:99:32:01:c5:cb:9f:3b:18:2d:0a:c5:5c:bb:
1f:c0:c6:83:5b:79:f2:46:b0:97:95:79:55:96:90:
bc:a8:a1:20:cb:ce:e3:97:34:67:fd:44:e6:a4:67:
0c:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:20:E5:73:1A:6B:85:82:E4:0A:69:5D:66:31:4E:51:9D:A7:8C:D2
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ryDlcxprhYLkCmldZjFOUZ2njNI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
09:b5:eb:6b:a0:28:4c:b7:7d:05:8f:ac:ef:73:71:37:7c:54:
82:a3:7b:0e:b7:f1:89:23:4d:d0:4e:03:35:3c:51:3c:4d:d4:
f1:db:5c:49:ba:e2:a4:b4:df:8b:e9:82:8b:d4:c1:5a:38:40:
f6:33:d4:1d:d6:d6:46:8b:23:e4:86:87:08:5d:df:ae:ca:f2:
c2:bf:bc:90:94:5a:ac:69:92:5f:33:24:14:e0:2a:e8:12:72:
05:be:92:04:d2:8f:b8:2d:3b:8d:7d:06:98:2c:b1:73:c3:24:
0e:20:1c:ff:b9:1a:fc:12:0d:a8:24:cc:f8:e8:ab:e1:53:06:
c8:c8:11:40:c2:06:de:c5:d1:b4:f5:95:df:59:a2:a4:3f:3d:
af:ea:9d:ce:1d:ad:12:d3:07:d0:32:52:c0:00:03:a7:fc:7f:
27:01:08:0c:f2:95:dd:1f:7c:56:fa:3e:a1:a7:18:5d:75:82:
41:04:3b:ea:aa:89:c0:9c:28:26:1b:fc:13:b6:8a:3a:77:b4:
d9:f1:ef:d7:2a:48:f1:fa:07:a9:b4:c4:0d:3e:0e:33:2e:d6:
c0:ef:d6:51:a4:80:cc:2a:b1:14:19:19:e3:be:ba:a2:69:6d:
e0:6b:51:6e:42:12:bf:41:13:44:57:d9:7d:c3:cf:5d:ff:9a:
1a:2c:c3:55
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZeBdLDdM5+Zw8TZvt7TBzwdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjE4MDUxMzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjIwZTU3MzFhNmI4NTgyZTQwYTY5NWQ2NjMxNGU1MTlkYTc4Y2QyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxtU7nzEwZFrMjX4CSIDdpJ868ye6
e9Yij/tPuSKQyfArHN721kEr84mKWmWnUApFhSG/Gf3lxksXHUhmLuQdDrB4GqdR
3Xx7DWUBdU+MVV1D00mxauPlGc9nKNwUn+s0nui2zOcKi1QrA/Z2m42D+ZAr4ofP
5o9PtyeHpIOlSjZCTg5a5vaa1bxMesFNDXAtqNgd5xeOG0SBCLJN/pELB7MN3/Vy
F2eDA1nrohOCNYw9hV3V504fu8ocSxG3OhXzHuqQzv5tx3cR03BnihKuUCSJupky
AcXLnzsYLQrFXLsfwMaDW3nyRrCXlXlVlpC8qKEgy87jlzRn/UTmpGcM4wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFK8g5XMaa4WC5AppXWYxTlGdp4zSMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvcnlEbGN4cHJoWUxrQ21sZFpqRk9VWjJuak5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEACbXra6AoTLd9BY+s73NxN3xU
gqN7DrfxiSNN0E4DNTxRPE3U8dtcSbripLTfi+mCi9TBWjhA9jPUHdbWRosj5IaH
CF3frsrywr+8kJRarGmSXzMkFOAq6BJyBb6SBNKPuC07jX0GmCyxc8MkDiAc/7ka
/BINqCTM+Oir4VMGyMgRQMIG3sXRtPWV31mipD89r+qdzh2tEtMH0DJSwAADp/x/
JwEIDPKV3R98Vvo+oacYXXWCQQQ76qqJwJwoJhv8E7aKOne02fHv1ypI8foHqbTE
DT4OMy7WwO/WUaSAzCqxFBkZ4766omlt4GtRbkISv0ETRFfZfcPPXf+aGizDVQ==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:03:49 2025 by rpki-client