Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/soYiobMaHlpUlgUvJiXSEtCeYfE.roa
File: soYiobMaHlpUlgUvJiXSEtCeYfE.roa (raw, json)
Hash identifier: Artunanf53sG/DM3MyvLVpEJmgD/0NshkpDqqK14RMA=
Subject key identifier: B2:86:22:A1:B3:1A:1E:5A:54:96:05:2F:26:25:D2:12:D0:9E:61:F1
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 0197C50D73762F4409FB4C4B501EFC97B46D
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/soYiobMaHlpUlgUvJiXSEtCeYfE.roa
Signing time: Tue 01 Jul 2025 08:14:42 +0000
ROA not before: Tue 01 Jul 2025 08:14:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 01 Jul 2025 09:08:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c5:0d:73:76:2f:44:09:fb:4c:4b:50:1e:fc:97:b4:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jul 1 08:14:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b28622a1b31a1e5a5496052f2625d212d09e61f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:51:87:f8:d7:ea:38:82:62:73:85:2d:18:88:
3d:c1:8f:44:bd:57:3c:4a:10:32:21:ff:94:ae:c3:
e9:cd:39:e2:e5:e4:19:27:a9:aa:ae:cb:9a:62:94:
f9:2b:37:1d:7e:69:ce:f2:f7:65:04:56:3e:40:49:
f6:68:11:dd:70:c8:a1:d0:80:a0:93:9a:77:ae:ea:
af:bd:5d:4c:e1:28:3a:c3:af:df:3d:58:c7:80:fc:
05:10:bc:9b:48:75:bb:3e:9d:d5:66:1a:85:3d:0c:
e4:f8:87:f8:41:f5:4b:6a:53:ce:d9:31:9c:60:56:
3f:f9:82:1e:63:54:95:7e:9b:f9:64:fc:14:98:0d:
f1:04:1c:12:1f:2d:04:2d:cf:b4:51:8a:c6:ad:a0:
ae:1b:3e:b1:41:ee:32:63:93:03:1c:c6:a3:c7:3d:
47:b0:18:92:b1:40:17:e8:e2:42:00:b2:77:ed:53:
2f:dc:4c:18:3f:8f:ea:1c:41:5c:fd:74:96:71:19:
9b:c2:f5:9f:e3:88:3c:13:0c:82:3a:1d:a9:24:c8:
0e:35:e0:cd:2b:61:49:c2:84:97:9e:b6:5c:7b:c6:
73:25:73:f4:76:84:ac:7a:2f:26:1c:ab:ef:cd:27:
03:25:8b:1c:19:6d:f2:75:bd:f7:c4:33:f5:67:68:
d7:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:86:22:A1:B3:1A:1E:5A:54:96:05:2F:26:25:D2:12:D0:9E:61:F1
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/soYiobMaHlpUlgUvJiXSEtCeYfE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
37:06:09:9d:ca:27:28:c1:b1:72:1f:a1:23:9f:b8:0c:86:a6:
6a:39:21:68:67:c2:86:a2:27:61:1a:9e:6c:34:82:79:33:fe:
6f:f9:a7:ae:60:8c:46:74:31:0f:11:37:f2:cf:9b:bd:92:97:
6a:73:e0:7f:66:e5:e9:a6:01:28:48:a7:95:59:8a:33:cd:82:
24:37:2c:28:ee:00:77:b6:6a:b1:6d:73:51:58:0c:dd:00:f8:
4f:90:a0:29:b7:2a:41:ae:98:5b:04:d4:90:df:5e:81:5e:60:
eb:37:97:6c:e2:c0:1e:18:14:08:dc:21:46:2e:0f:38:b7:e3:
ec:36:3d:1b:6b:b0:90:1d:df:70:9f:c2:fb:c3:11:e4:ab:67:
0a:d1:50:ae:52:2e:d9:cb:5a:32:28:dc:1f:92:16:08:c2:dc:
10:f0:9d:cd:fa:90:b9:94:c8:2e:31:77:e9:04:6e:bc:b5:77:
3f:55:43:5b:21:25:f9:19:d7:d6:a9:07:85:c0:5a:99:bc:fd:
46:ea:d9:d7:cb:94:98:3d:7a:a2:0b:11:9b:7b:5c:d1:89:7f:
f6:6b:fb:d0:43:6f:02:9a:68:71:75:29:2c:91:79:55:08:0f:
10:ec:ca:ea:e0:98:36:36:a1:16:7d:a0:8b:68:2f:20:a7:ed:
3b:5b:e1:f0
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZfFDXN2L0QJ+0xLUB78l7RtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNzAxMDgxNDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjg2MjJhMWIzMWExZTVhNTQ5NjA1MmYyNjI1ZDIxMmQwOWU2MWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzVGH+NfqOIJic4UtGIg9wY9EvVc8
ShAyIf+UrsPpzTni5eQZJ6mqrsuaYpT5KzcdfmnO8vdlBFY+QEn2aBHdcMih0ICg
k5p3ruqvvV1M4Sg6w6/fPVjHgPwFELybSHW7Pp3VZhqFPQzk+If4QfVLalPO2TGc
YFY/+YIeY1SVfpv5ZPwUmA3xBBwSHy0ELc+0UYrGraCuGz6xQe4yY5MDHMajxz1H
sBiSsUAX6OJCALJ37VMv3EwYP4/qHEFc/XSWcRmbwvWf44g8EwyCOh2pJMgONeDN
K2FJwoSXnrZce8ZzJXP0doSsei8mHKvvzScDJYscGW3ydb33xDP1Z2jXmQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFLKGIqGzGh5aVJYFLyYl0hLQnmHxMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvc29ZaW9iTWFIbHBVbGdVdkppWFNFdENlWWZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEANwYJnconKMGxch+hI5+4DIam
ajkhaGfChqInYRqebDSCeTP+b/mnrmCMRnQxDxE38s+bvZKXanPgf2bl6aYBKEin
lVmKM82CJDcsKO4Ad7ZqsW1zUVgM3QD4T5CgKbcqQa6YWwTUkN9egV5g6zeXbOLA
HhgUCNwhRi4POLfj7DY9G2uwkB3fcJ/C+8MR5KtnCtFQrlIu2ctaMijcH5IWCMLc
EPCdzfqQuZTILjF36QRuvLV3P1VDWyEl+RnX1qkHhcBambz9RurZ18uUmD16ogsR
m3tc0Yl/9mv70ENvAppocXUpLJF5VQgPEOzK6uCYNjahFn2gi2gvIKftO1vh8A==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:12:22 2025 by rpki-client