Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/vhkdkpH7R7NUCZDKQS-JDva6vmA.roa
File: vhkdkpH7R7NUCZDKQS-JDva6vmA.roa (raw, json)
Hash identifier: KiM6g3oTeMfpQftRjRi/vVSdfXh5aMXzZfzMhSe7yEI=
Subject key identifier: BE:19:1D:92:91:FB:47:B3:54:09:90:CA:41:2F:89:0E:F6:BA:BE:60
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 0197A249939BCA4E367CC7328A245834AC28
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/vhkdkpH7R7NUCZDKQS-JDva6vmA.roa
Signing time: Tue 24 Jun 2025 14:13:40 +0000
ROA not before: Tue 24 Jun 2025 14:13:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 24 Jun 2025 15:04:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a2:49:93:9b:ca:4e:36:7c:c7:32:8a:24:58:34:ac:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 24 14:13:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=be191d9291fb47b3540990ca412f890ef6babe60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:da:d5:1d:b4:4b:83:50:be:f5:2a:62:6f:dd:
7f:14:09:e0:0b:72:35:b2:44:6d:91:05:8c:f8:73:
34:c7:26:ba:2f:e9:b7:39:41:d3:b9:2d:6a:2d:5a:
95:d8:a1:bb:bd:b5:16:3c:4f:bc:34:88:35:6e:27:
0f:9b:b1:c4:9f:88:ae:23:68:f2:55:3e:3f:9f:14:
90:a9:4a:2e:fb:60:ba:96:84:f7:e6:fa:c5:da:45:
17:ca:88:a1:83:7c:6c:70:f4:f6:7c:6b:b9:89:99:
59:02:58:2b:57:55:b1:ed:73:3e:e5:5d:e4:20:06:
58:79:51:25:fb:50:eb:d0:d5:cd:9d:b1:a9:a0:2d:
50:b5:63:94:56:e8:4d:60:10:68:5b:f5:d9:4f:4e:
bb:68:33:f1:be:81:26:0b:80:b1:2c:f9:4e:6b:25:
ed:93:57:e1:5c:8a:5e:25:f9:e3:69:aa:25:b1:5b:
dc:06:e9:75:b4:e3:5c:ab:b8:05:e4:87:61:06:37:
99:bf:55:f7:25:7e:e9:e3:8a:12:88:6c:6f:6a:26:
4e:95:16:70:95:ac:62:79:d0:fb:8a:d1:7c:87:0d:
5d:2d:1f:25:b4:e4:21:53:95:6c:49:c1:ee:52:49:
38:d8:80:e8:49:b6:cc:f6:90:42:04:0a:19:e6:01:
2b:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:19:1D:92:91:FB:47:B3:54:09:90:CA:41:2F:89:0E:F6:BA:BE:60
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/vhkdkpH7R7NUCZDKQS-JDva6vmA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
12:06:d3:ce:c7:27:1d:f2:d8:ae:f4:c6:9b:9e:96:ca:a9:00:
76:97:ac:c8:b8:0d:bb:36:c2:65:50:eb:e9:f8:75:36:c1:39:
20:ac:80:b5:cf:f2:8b:dc:39:8c:dd:d6:6c:99:8f:e6:88:54:
b3:b6:67:25:b7:4f:f7:b9:d2:f1:a0:ba:c6:7a:e0:42:12:3f:
6c:95:82:79:a6:c6:89:60:6c:b3:68:2f:64:a6:ff:dc:f6:c7:
c4:51:e5:91:5f:7e:18:82:38:2e:b7:d5:e6:27:23:f0:b6:1f:
66:b0:7d:ba:fc:d2:80:fe:12:d4:c9:b2:e3:6d:18:7b:06:76:
55:fc:09:e3:f7:8b:9c:08:7a:14:15:3e:5c:b5:a9:90:bf:44:
7c:5b:0e:02:52:f9:0d:40:71:6c:ac:34:98:37:f4:78:5a:a4:
72:1f:4e:80:db:f8:66:d4:02:a0:3c:9a:82:94:a1:05:ca:d7:
36:40:cd:70:f5:e4:fe:45:ab:e2:be:37:18:5d:19:12:06:66:
ee:66:c3:82:48:4f:f9:f3:65:d9:b1:8b:c7:8d:d0:c4:d3:cf:
7b:6e:63:b3:0b:6f:4b:ab:57:52:fb:df:9f:f8:ab:fb:03:a5:
66:e9:50:24:60:6a:61:d4:de:db:4b:e9:96:5a:49:63:02:79:
2a:62:b3:86
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZeiSZObyk42fMcyiiRYNKwoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjI0MTQxMzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTE5MWQ5MjkxZmI0N2IzNTQwOTkwY2E0MTJmODkwZWY2YmFiZTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo9rVHbRLg1C+9Spib91/FAngC3I1
skRtkQWM+HM0xya6L+m3OUHTuS1qLVqV2KG7vbUWPE+8NIg1bicPm7HEn4iuI2jy
VT4/nxSQqUou+2C6loT35vrF2kUXyoihg3xscPT2fGu5iZlZAlgrV1Wx7XM+5V3k
IAZYeVEl+1Dr0NXNnbGpoC1QtWOUVuhNYBBoW/XZT067aDPxvoEmC4CxLPlOayXt
k1fhXIpeJfnjaaolsVvcBul1tONcq7gF5IdhBjeZv1X3JX7p44oSiGxvaiZOlRZw
laxiedD7itF8hw1dLR8ltOQhU5VsScHuUkk42IDoSbbM9pBCBAoZ5gErewIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFL4ZHZKR+0ezVAmQykEviQ72ur5gMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvdmhrZGtwSDdSN05VQ1pES1FTLUpEdmE2dm1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAEgbTzscnHfLYrvTGm56WyqkA
dpesyLgNuzbCZVDr6fh1NsE5IKyAtc/yi9w5jN3WbJmP5ohUs7ZnJbdP97nS8aC6
xnrgQhI/bJWCeabGiWBss2gvZKb/3PbHxFHlkV9+GII4LrfV5icj8LYfZrB9uvzS
gP4S1Mmy420YewZ2VfwJ4/eLnAh6FBU+XLWpkL9EfFsOAlL5DUBxbKw0mDf0eFqk
ch9OgNv4ZtQCoDyagpShBcrXNkDNcPXk/kWr4r43GF0ZEgZm7mbDgkhP+fNl2bGL
x43QxNPPe25jswtvS6tXUvvfn/ir+wOlZulQJGBqYdTe20vpllpJYwJ5KmKzhg==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:42:51 2025 by rpki-client