Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/sLYjMPmbsKXIJNKKLqlHuUQs52g.roa
File: sLYjMPmbsKXIJNKKLqlHuUQs52g.roa (raw, json)
Hash identifier: BbbNJ8qlp/rQJUK3Qzp3QRgqhMyaNcxAvvdccEEyiVA=
Subject key identifier: B0:B6:23:30:F9:9B:B0:A5:C8:24:D2:8A:2E:A9:47:B9:44:2C:E7:68
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 0197A69435B5FC1FAFF7092DC3631B90D5E2
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/sLYjMPmbsKXIJNKKLqlHuUQs52g.roa
Signing time: Wed 25 Jun 2025 10:13:40 +0000
ROA not before: Wed 25 Jun 2025 10:13:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 25 Jun 2025 11:04:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a6:94:35:b5:fc:1f:af:f7:09:2d:c3:63:1b:90:d5:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 25 10:13:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b0b62330f99bb0a5c824d28a2ea947b9442ce768
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:2b:7d:39:9c:3b:4b:89:10:58:cc:b9:00:19:
4e:15:b0:4b:78:04:29:ae:5e:66:63:37:ac:d6:e7:
00:aa:6d:33:f6:b6:d8:dd:2e:b4:25:41:9c:c1:3c:
61:48:ff:58:84:01:10:ba:b1:3d:d4:ff:8a:af:4c:
bc:71:21:80:2b:41:68:f4:e9:7f:e3:7c:8c:83:4f:
43:74:ca:c8:ff:c8:3d:9a:a7:d4:f7:5d:09:75:88:
61:d4:a8:0d:90:02:de:bf:e0:bb:b9:e4:8a:8a:4b:
a2:a7:b3:21:1e:fd:77:f1:c3:7c:08:11:78:34:33:
56:90:bd:71:53:3a:fe:2f:b0:01:74:d5:28:0e:54:
a8:2f:45:7e:56:07:3a:0b:4f:81:d6:e5:eb:1c:8e:
d1:f0:68:c0:ee:62:b8:60:31:2d:8b:80:6b:26:a4:
d7:a5:a2:41:79:f3:2b:fc:c3:a3:6a:ee:28:37:7c:
66:c5:d7:27:9c:ec:7c:00:ab:5f:f5:06:69:75:25:
f8:ea:66:45:51:95:39:b6:13:32:e0:52:e0:f8:0e:
d6:c6:9a:63:7f:73:f0:7a:ee:7f:05:21:20:b2:a2:
a9:bd:a8:b0:a4:9c:5e:3c:6f:a6:9a:a3:bc:2b:02:
10:fc:c2:d7:48:ff:3b:f2:34:34:83:fe:24:46:b5:
2f:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:B6:23:30:F9:9B:B0:A5:C8:24:D2:8A:2E:A9:47:B9:44:2C:E7:68
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/sLYjMPmbsKXIJNKKLqlHuUQs52g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
1a:62:ca:12:c2:75:9e:31:49:3c:4b:01:10:fd:bd:75:90:7f:
76:db:7f:4f:ec:75:44:4d:ee:6e:2a:e8:29:50:dd:9f:08:ad:
91:4c:d0:7f:9f:a7:b1:92:84:81:1e:53:ea:7c:f9:ac:05:d4:
ec:38:b4:ca:61:b3:dd:45:5f:84:6d:ed:6e:54:76:d5:e7:49:
09:47:ce:e1:f4:09:42:50:ee:64:85:4d:e8:f4:55:47:83:35:
74:93:00:ac:0d:ad:01:55:cb:6a:0e:b4:d3:66:b3:03:4f:fd:
c4:7b:31:37:d6:a3:2f:41:94:bb:02:08:68:5e:12:8c:08:de:
cc:1a:89:a0:db:5f:4b:62:f9:84:b0:41:5e:36:be:8e:8e:fe:
fd:4b:bb:83:c7:ec:92:03:62:5a:1c:cd:c2:a3:c9:a3:ac:b6:
46:51:ff:69:0b:39:d3:66:84:65:cc:be:df:cd:d4:b5:9c:d9:
77:fc:ec:9c:2b:9e:26:59:84:7c:b8:5a:8d:f3:eb:75:fd:02:
cd:4f:09:94:31:11:20:8f:c2:cb:15:32:3a:05:63:2a:1b:05:
3e:69:1b:75:4d:1a:2e:be:1d:64:1c:7c:45:87:c4:43:ce:7f:
2c:12:ec:90:54:e9:10:48:e8:3a:5b:32:94:b5:4b:6b:0c:bf:
5d:95:ed:32
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZemlDW1/B+v9wktw2MbkNXiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjI1MTAxMzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGI2MjMzMGY5OWJiMGE1YzgyNGQyOGEyZWE5NDdiOTQ0MmNlNzY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoyt9OZw7S4kQWMy5ABlOFbBLeAQp
rl5mYzes1ucAqm0z9rbY3S60JUGcwTxhSP9YhAEQurE91P+Kr0y8cSGAK0Fo9Ol/
43yMg09DdMrI/8g9mqfU910JdYhh1KgNkALev+C7ueSKikuip7MhHv138cN8CBF4
NDNWkL1xUzr+L7ABdNUoDlSoL0V+Vgc6C0+B1uXrHI7R8GjA7mK4YDEti4BrJqTX
paJBefMr/MOjau4oN3xmxdcnnOx8AKtf9QZpdSX46mZFUZU5thMy4FLg+A7Wxppj
f3Pweu5/BSEgsqKpvaiwpJxePG+mmqO8KwIQ/MLXSP878jQ0g/4kRrUvkwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFLC2IzD5m7ClyCTSii6pR7lELOdoMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvc0xZak1QbWJzS1hJSk5LS0xxbEh1VVFzNTJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAGmLKEsJ1njFJPEsBEP29dZB/
dtt/T+x1RE3ubiroKVDdnwitkUzQf5+nsZKEgR5T6nz5rAXU7Di0ymGz3UVfhG3t
blR21edJCUfO4fQJQlDuZIVN6PRVR4M1dJMArA2tAVXLag6002azA0/9xHsxN9aj
L0GUuwIIaF4SjAjezBqJoNtfS2L5hLBBXja+jo7+/Uu7g8fskgNiWhzNwqPJo6y2
RlH/aQs502aEZcy+383UtZzZd/zsnCueJlmEfLhajfPrdf0CzU8JlDERII/CyxUy
OgVjKhsFPmkbdU0aLr4dZBx8RYfEQ85/LBLskFTpEEjoOlsylLVLawy/XZXtMg==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:27:07 2025 by rpki-client