Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/uHsPebZNpVKMbSzT_EKDbx5RzF4.roa
File: uHsPebZNpVKMbSzT_EKDbx5RzF4.roa (raw, json)
Hash identifier: fVO3NzFitNdZvrut+E5XjEHLGMbf11XCtnpyk+v8EJQ=
Subject key identifier: B8:7B:0F:79:B6:4D:A5:52:8C:6D:2C:D3:FC:42:83:6F:1E:51:CC:5E
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 0197790E1E59EC28BC9290A14B2F9A6B73E6
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/uHsPebZNpVKMbSzT_EKDbx5RzF4.roa
Signing time: Mon 16 Jun 2025 14:04:17 +0000
ROA not before: Mon 16 Jun 2025 14:04:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
2001:67c:64:ffff:0:197:790e:70/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 16 Jun 2025 14:13:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:79:0e:1e:59:ec:28:bc:92:90:a1:4b:2f:9a:6b:73:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 16 14:04:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b87b0f79b64da5528c6d2cd3fc42836f1e51cc5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:ce:de:cd:08:fb:c2:7e:b6:6e:cd:f6:ea:ac:
c6:3c:43:62:de:5f:4e:d5:f5:d2:9c:bb:d2:25:60:
02:3a:a5:1f:8d:1f:18:e1:e7:4d:2e:fa:a2:a4:40:
f9:7e:f8:9c:3c:f5:b3:64:d9:87:ab:be:69:e3:c4:
6b:90:b3:79:36:2b:70:10:96:c9:08:62:7d:dc:40:
73:77:0b:66:3f:7c:ae:95:89:c3:ad:ca:45:34:db:
f3:61:dd:70:c3:a5:ad:33:b3:4e:fa:77:ce:37:5d:
39:88:92:b1:65:f6:9b:cb:56:04:7b:47:e3:ee:72:
99:cd:f1:7e:ef:5a:21:5e:b9:cf:c2:60:53:2a:d9:
ae:9a:8d:a6:bb:92:00:c6:51:d8:d3:74:13:86:bc:
cb:2b:35:a1:ff:78:bb:b3:3d:35:1b:6e:9f:ac:79:
cc:c0:ed:aa:d0:7a:70:f3:fa:79:c3:33:25:77:30:
ce:a3:90:72:ea:a1:5f:6b:45:19:19:7c:ed:c0:17:
3b:84:f1:81:3e:8c:5b:3a:45:76:0e:81:fc:8e:4e:
42:5f:79:ca:0f:ef:6d:49:df:8e:2d:f1:3c:8b:7b:
bc:01:f8:0e:ac:09:aa:d5:be:29:53:6a:89:ee:ed:
41:e5:1f:71:cd:fc:4e:cd:7c:c5:a1:6c:c5:71:4d:
98:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:7B:0F:79:B6:4D:A5:52:8C:6D:2C:D3:FC:42:83:6F:1E:51:CC:5E
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/uHsPebZNpVKMbSzT_EKDbx5RzF4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
2001:67c:64:ffff:0:197:790e:70/128
Signature Algorithm: sha256WithRSAEncryption
82:bd:6b:b4:38:49:af:94:d9:8b:38:bc:5f:a5:84:57:19:1e:
fd:79:25:7d:b5:33:38:b3:18:c1:7b:94:bc:3c:e5:99:33:a8:
26:5f:0f:98:3c:80:07:8b:c2:7a:a3:00:7e:3e:1a:14:fd:5e:
c1:7a:d7:09:5c:70:13:93:6a:e3:c8:f7:27:2c:17:c1:68:50:
4a:9b:69:71:cd:ee:e2:cd:5f:75:d4:91:fc:67:2d:86:f8:a3:
e0:9f:38:5c:ee:18:8c:14:fd:a5:94:aa:5d:56:c7:53:b2:17:
bf:e8:b1:59:26:e5:ab:0a:ff:2f:cb:8b:03:45:b7:9a:51:82:
2e:d4:85:87:60:74:63:2b:d8:16:c5:98:70:b3:83:f2:07:f1:
38:ec:bc:dd:e4:58:5c:30:b0:6f:77:5b:23:dc:c3:2a:ff:6f:
7e:05:a5:12:77:89:e4:25:f4:95:d0:52:fa:3b:c6:71:85:23:
da:4f:4c:d3:52:d5:46:35:9a:01:99:b8:73:e4:64:47:f8:94:
d3:91:d7:29:67:eb:90:2b:17:74:f5:bd:a3:9c:99:9b:3e:bf:
4b:96:5e:e9:3b:6e:b0:80:24:78:cf:8a:6f:5a:59:8e:39:03:
58:a1:e7:9e:9a:a3:61:6b:0b:b9:81:c1:8a:85:21:55:dc:36:
a4:c4:7d:19
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZd5Dh5Z7Ci8kpChSy+aa3PmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjE2MTQwNDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODdiMGY3OWI2NGRhNTUyOGM2ZDJjZDNmYzQyODM2ZjFlNTFjYzVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwM7ezQj7wn62bs326qzGPENi3l9O
1fXSnLvSJWACOqUfjR8Y4edNLvqipED5fvicPPWzZNmHq75p48RrkLN5NitwEJbJ
CGJ93EBzdwtmP3yulYnDrcpFNNvzYd1ww6WtM7NO+nfON105iJKxZfaby1YEe0fj
7nKZzfF+71ohXrnPwmBTKtmumo2mu5IAxlHY03QThrzLKzWh/3i7sz01G26frHnM
wO2q0Hpw8/p5wzMldzDOo5By6qFfa0UZGXztwBc7hPGBPoxbOkV2DoH8jk5CX3nK
D+9tSd+OLfE8i3u8AfgOrAmq1b4pU2qJ7u1B5R9xzfxOzXzFoWzFcU2Y7QIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFLh7D3m2TaVSjG0s0/xCg28eUcxeMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvdUhzUGViWk5wVktNYlN6VF9FS0RieDVSekY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGXaFF4nAMRACABBnwAZP//AAABl3kOAHAwDQYJKoZIhvcNAQELBQADggEB
AIK9a7Q4Sa+U2Ys4vF+lhFcZHv15JX21MzizGMF7lLw85ZkzqCZfD5g8gAeLwnqj
AH4+GhT9XsF61wlccBOTauPI9ycsF8FoUEqbaXHN7uLNX3XUkfxnLYb4o+CfOFzu
GIwU/aWUql1Wx1OyF7/osVkm5asK/y/LiwNFt5pRgi7UhYdgdGMr2BbFmHCzg/IH
8TjsvN3kWFwwsG93WyPcwyr/b34FpRJ3ieQl9JXQUvo7xnGFI9pPTNNS1UY1mgGZ
uHPkZEf4lNOR1yln65ArF3T1vaOcmZs+v0uWXuk7brCAJHjPim9aWY45A1ih556a
o2FrC7mBwYqFIVXcNqTEfRk=
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:53:48 2025 by rpki-client