Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/vMQahpQpioMKCLhWI3sS_4iZCfM.roa
File: vMQahpQpioMKCLhWI3sS_4iZCfM.roa (raw, json)
Hash identifier: JWQoivI8sNl8S6poKgthqYjaRr+UvEkC2OKbiSj1j9Y=
Subject key identifier: BC:C4:1A:86:94:29:8A:83:0A:08:B8:56:23:7B:12:FF:88:99:09:F3
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 0197B44EF419EF3D5833DE9A8776AD7E9A30
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/vMQahpQpioMKCLhWI3sS_4iZCfM.roa
Signing time: Sat 28 Jun 2025 02:12:42 +0000
ROA not before: Sat 28 Jun 2025 02:12:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 28 Jun 2025 03:08:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b4:4e:f4:19:ef:3d:58:33:de:9a:87:76:ad:7e:9a:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 28 02:12:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bcc41a8694298a830a08b856237b12ff889909f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:52:58:10:97:99:63:8c:59:98:2f:80:76:48:
94:e3:18:4c:67:1d:d8:53:6b:88:79:5e:ed:5e:6b:
d8:6e:1e:75:76:71:d9:3e:88:d5:e4:cc:c1:39:19:
23:98:e6:e6:6b:6e:5d:44:94:94:9e:b4:f4:de:f8:
58:71:94:f3:53:b2:12:ba:c6:42:cc:52:2c:3a:1f:
7e:6f:ca:20:fb:3c:66:b4:6c:01:d8:61:53:03:a3:
1a:23:14:0c:1d:e0:fc:ab:68:2d:40:e8:41:a4:98:
7e:da:c8:94:87:d0:f2:44:95:20:69:c8:9a:f7:eb:
22:d7:28:db:27:e9:c1:fb:22:27:18:6c:85:c3:5c:
f8:5a:4f:38:6c:37:be:13:cb:82:5f:65:ab:91:27:
23:44:f7:99:3a:2e:22:7d:0f:24:8f:20:ca:72:37:
89:75:f8:ee:05:6c:2a:46:2e:65:36:83:00:58:03:
af:37:76:7e:35:0f:ab:08:be:87:d4:ab:fa:57:4d:
f9:29:73:db:82:76:74:50:9e:c0:56:e9:24:7f:37:
f8:25:9d:a9:f9:5a:41:5e:cb:24:2f:41:79:5e:f2:
00:52:62:9d:50:87:13:91:64:ae:aa:6d:ee:f4:50:
b9:e4:6e:34:11:51:b9:7e:40:14:d4:ff:1a:d3:b6:
3d:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:C4:1A:86:94:29:8A:83:0A:08:B8:56:23:7B:12:FF:88:99:09:F3
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/vMQahpQpioMKCLhWI3sS_4iZCfM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
22:36:f4:e2:e0:89:b5:63:e5:7d:81:77:f0:63:ad:07:16:57:
24:4c:87:11:84:f8:20:47:b7:e9:25:4e:b7:f3:a7:3e:59:8b:
26:8c:ff:bc:04:6b:93:37:f4:60:4f:0c:bf:5b:2f:c4:f1:a3:
20:0a:3d:d3:5d:7b:07:59:ea:8b:7a:05:8b:1a:cb:5c:19:97:
a7:16:3f:d2:ac:97:8a:7b:f0:c5:05:db:13:c7:5c:62:15:3b:
a4:b0:93:12:b2:c6:17:32:c5:59:17:09:c6:5e:01:2c:b7:04:
fa:1d:2c:3b:07:7e:b2:b5:8c:26:b7:7e:b1:f5:63:96:f2:07:
6b:65:e3:0e:79:a3:5c:36:a8:c7:51:e1:dd:24:3d:ef:74:04:
39:ae:92:89:7b:fd:3c:68:d0:c6:89:b1:40:07:8c:50:b8:8d:
a9:e3:be:ef:dc:b3:e0:6a:5c:d0:26:0f:d5:55:e0:39:e5:71:
02:95:ce:95:e7:8d:2d:c3:2b:db:af:1c:45:6d:27:e9:05:59:
68:19:c7:47:79:fb:62:e3:fa:9e:29:ad:d5:9a:11:9a:f1:10:
2a:4c:f9:62:1f:08:df:4b:75:08:a6:f2:34:c3:f9:c6:e5:87:
a9:a3:bc:41:fa:f0:30:8e:cd:63:e2:e4:9a:bf:25:b2:47:de:
df:48:2f:85
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZe0TvQZ7z1YM96ah3atfpowMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjI4MDIxMjQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2M0MWE4Njk0Mjk4YTgzMGEwOGI4NTYyMzdiMTJmZjg4OTkwOWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAulJYEJeZY4xZmC+AdkiU4xhMZx3Y
U2uIeV7tXmvYbh51dnHZPojV5MzBORkjmObma25dRJSUnrT03vhYcZTzU7ISusZC
zFIsOh9+b8og+zxmtGwB2GFTA6MaIxQMHeD8q2gtQOhBpJh+2siUh9DyRJUgacia
9+si1yjbJ+nB+yInGGyFw1z4Wk84bDe+E8uCX2WrkScjRPeZOi4ifQ8kjyDKcjeJ
dfjuBWwqRi5lNoMAWAOvN3Z+NQ+rCL6H1Kv6V035KXPbgnZ0UJ7AVukkfzf4JZ2p
+VpBXsskL0F5XvIAUmKdUIcTkWSuqm3u9FC55G40EVG5fkAU1P8a07Y9YQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFLzEGoaUKYqDCgi4ViN7Ev+ImQnzMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvdk1RYWhwUXBpb01LQ0xoV0kzc1NfNGlaQ2ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAIjb04uCJtWPlfYF38GOtBxZX
JEyHEYT4IEe36SVOt/OnPlmLJoz/vARrkzf0YE8Mv1svxPGjIAo90117B1nqi3oF
ixrLXBmXpxY/0qyXinvwxQXbE8dcYhU7pLCTErLGFzLFWRcJxl4BLLcE+h0sOwd+
srWMJrd+sfVjlvIHa2XjDnmjXDaox1Hh3SQ973QEOa6SiXv9PGjQxomxQAeMULiN
qeO+79yz4Gpc0CYP1VXgOeVxApXOleeNLcMr268cRW0n6QVZaBnHR3n7YuP6nimt
1ZoRmvEQKkz5Yh8I30t1CKbyNMP5xuWHqaO8QfrwMI7NY+Lkmr8lskfe30gvhQ==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:20:10 2025 by rpki-client