Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/tehoKHHiJoti40gyQr2O4s0uL3s.roa
File: tehoKHHiJoti40gyQr2O4s0uL3s.roa (raw, json)
Hash identifier: X/IRWTCOUXybBAKRoGOWBiawxEsQ3UxmfRn5eDXF7Og=
Subject key identifier: B5:E8:68:28:71:E2:26:8B:62:E3:48:32:42:BD:8E:E2:CD:2E:2F:7B
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 0197960695B0540A9F49024AB2EFA20F3DAC
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/tehoKHHiJoti40gyQr2O4s0uL3s.roa
Signing time: Sun 22 Jun 2025 05:05:03 +0000
ROA not before: Sun 22 Jun 2025 05:05:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
2001:67c:64:ffff:0:197:9605:cf13/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 22 Jun 2025 05:16:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:96:06:95:b0:54:0a:9f:49:02:4a:b2:ef:a2:0f:3d:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 22 05:05:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b5e8682871e2268b62e3483242bd8ee2cd2e2f7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:01:32:b8:6b:62:ab:a2:67:9b:7d:cb:ef:80:
76:6b:47:49:f7:27:9c:63:a9:91:60:41:ee:71:9b:
74:eb:99:49:dc:72:3b:a0:f6:9e:2a:1d:2c:5d:88:
1b:ea:0f:f3:52:1b:24:47:94:71:d1:8d:9f:1a:2a:
fb:d3:04:a5:75:bf:f4:29:bf:b9:40:ea:1f:dc:12:
7b:82:c0:70:5d:a0:e0:1e:24:9c:d0:c2:62:83:e1:
33:30:2f:53:96:79:92:4d:dc:ac:1e:f6:d3:2e:2e:
ee:3c:67:f0:88:29:7c:77:32:61:2d:89:fa:5f:4d:
19:7f:66:20:1b:d7:9b:7a:ec:96:1d:d2:9b:c5:87:
d8:18:26:0b:33:92:79:87:a3:b1:c0:fd:3d:5d:44:
97:e6:6a:f9:1d:b5:55:ef:9e:8d:b0:47:42:3e:e1:
ff:a5:08:84:dc:f6:32:ba:6b:1d:e8:1f:5f:a4:74:
a0:4c:cc:4b:8a:5a:cb:06:14:4e:fe:28:c2:f0:e0:
42:8a:f9:37:46:83:96:41:2e:b7:a1:0e:78:e4:20:
c8:b6:4c:3f:5a:ce:4c:e0:81:f2:6e:39:b9:84:9e:
17:d9:4f:05:3b:9e:2f:a1:fd:f6:68:f5:01:df:30:
32:2d:6c:ae:4c:91:12:88:1c:52:ba:9e:2b:75:e9:
ea:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:E8:68:28:71:E2:26:8B:62:E3:48:32:42:BD:8E:E2:CD:2E:2F:7B
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/tehoKHHiJoti40gyQr2O4s0uL3s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
2001:67c:64:ffff:0:197:9605:cf13/128
Signature Algorithm: sha256WithRSAEncryption
50:2d:1b:7f:e5:c7:63:24:5e:bd:cc:00:a9:3b:79:bf:30:44:
23:90:f9:4b:74:ce:5a:58:2e:a6:ad:a8:cd:48:08:d5:a5:f9:
9f:05:45:e6:4c:00:c9:08:72:3c:51:1f:c5:27:6e:da:25:2c:
b1:60:57:68:88:4e:b5:6e:1f:91:c7:29:af:36:61:25:13:97:
f7:e1:b2:cf:5d:3a:a4:a0:f7:f9:04:80:21:cc:67:49:2b:41:
00:6b:7c:0d:4e:0f:f9:97:61:6b:11:cb:86:18:2c:9a:4b:e9:
f5:af:59:7c:ac:9d:c2:ab:4f:3b:e0:13:a1:ec:b9:99:0d:cf:
b3:62:47:29:97:7b:92:88:94:74:8b:ef:fb:27:b0:62:85:2c:
1a:7f:9c:a4:4c:42:07:96:db:8a:1c:db:9e:43:81:3d:25:9e:
97:3f:ad:04:f7:82:35:c7:b9:47:c3:66:6b:ed:36:1b:87:73:
28:b0:95:ba:fb:13:ab:9f:ee:eb:3b:c7:90:50:45:ca:2b:22:
7e:48:23:77:31:ed:f7:3b:57:1e:bd:88:18:9e:63:58:30:db:
a4:f2:c0:52:11:6b:7d:f0:c1:ac:58:f8:f5:9e:37:43:32:2b:
31:fe:6f:de:41:fb:90:3b:d4:2a:b7:05:f4:09:7d:2c:17:fd:
20:a2:ab:73
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZeWBpWwVAqfSQJKsu+iDz2sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjIyMDUwNTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWU4NjgyODcxZTIyNjhiNjJlMzQ4MzI0MmJkOGVlMmNkMmUyZjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAswEyuGtiq6Jnm33L74B2a0dJ9yec
Y6mRYEHucZt065lJ3HI7oPaeKh0sXYgb6g/zUhskR5Rx0Y2fGir70wSldb/0Kb+5
QOof3BJ7gsBwXaDgHiSc0MJig+EzMC9TlnmSTdysHvbTLi7uPGfwiCl8dzJhLYn6
X00Zf2YgG9ebeuyWHdKbxYfYGCYLM5J5h6OxwP09XUSX5mr5HbVV756NsEdCPuH/
pQiE3PYyumsd6B9fpHSgTMxLilrLBhRO/ijC8OBCivk3RoOWQS63oQ545CDItkw/
Ws5M4IHybjm5hJ4X2U8FO54vof32aPUB3zAyLWyuTJESiBxSup4rdenqEwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFLXoaChx4iaLYuNIMkK9juLNLi97MB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvdGVob0tISGlKb3RpNDBneVFyMk80czB1TDNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGXaFF4nAMRACABBnwAZP//AAABl5YFzxMwDQYJKoZIhvcNAQELBQADggEB
AFAtG3/lx2MkXr3MAKk7eb8wRCOQ+Ut0zlpYLqatqM1ICNWl+Z8FReZMAMkIcjxR
H8UnbtolLLFgV2iITrVuH5HHKa82YSUTl/fhss9dOqSg9/kEgCHMZ0krQQBrfA1O
D/mXYWsRy4YYLJpL6fWvWXysncKrTzvgE6HsuZkNz7NiRymXe5KIlHSL7/snsGKF
LBp/nKRMQgeW24oc255DgT0lnpc/rQT3gjXHuUfDZmvtNhuHcyiwlbr7E6uf7us7
x5BQRcorIn5II3cx7fc7Vx69iBieY1gw26TywFIRa33wwaxY+PWeN0MyKzH+b95B
+5A71Cq3BfQJfSwX/SCiq3M=
-----END CERTIFICATE-----
Generated at Sat Jul 5 16:05:59 2025 by rpki-client