Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/wrZPO2stfAfRKgAf7M7ikSsS25k.roa
File: wrZPO2stfAfRKgAf7M7ikSsS25k.roa (raw, json)
Hash identifier: YiLz10fNbW56pP1C66PHH39QsXaDh6f2Nah9pjdCrd8=
Subject key identifier: C2:B6:4F:3B:6B:2D:7C:07:D1:2A:00:1F:EC:CE:E2:91:2B:12:DB:99
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 019777CBD9CD75B5709673AE77BF0C7D78F6
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/wrZPO2stfAfRKgAf7M7ikSsS25k.roa
Signing time: Mon 16 Jun 2025 08:12:17 +0000
ROA not before: Mon 16 Jun 2025 08:12:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 16 Jun 2025 09:05:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:77:cb:d9:cd:75:b5:70:96:73:ae:77:bf:0c:7d:78:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 16 08:12:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c2b64f3b6b2d7c07d12a001feccee2912b12db99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:eb:92:36:51:6e:f0:d6:21:2d:a1:8c:5e:45:
62:a0:c2:d8:9f:44:6c:da:a0:b5:d5:4d:6e:5c:8e:
08:1b:0d:c3:b1:81:9a:50:e9:3e:db:34:8e:62:95:
81:c4:72:86:66:23:06:b1:a3:28:e5:73:ed:ad:01:
9f:c3:ae:e0:fe:91:21:ed:74:44:14:44:78:57:d2:
9a:a9:48:ca:ef:cd:1f:6d:2f:55:c7:51:05:6d:ac:
1d:9c:76:04:e2:c3:fd:0d:1b:05:7d:ca:9b:b2:79:
8a:75:09:01:81:76:1d:d8:0a:bb:ee:a4:fc:76:93:
4a:e0:b6:eb:39:40:34:49:59:da:b2:36:3b:67:3b:
e4:96:a2:55:e4:1b:8a:e5:9c:67:f3:13:1d:73:27:
43:98:cc:3f:9a:7b:57:ce:3e:78:79:3a:bc:f6:1e:
a4:19:b6:59:2e:1e:50:aa:3d:17:71:a0:93:0d:6f:
1e:2c:80:a2:08:0d:b3:03:74:e1:0f:7b:dc:92:7a:
84:85:ed:2b:47:3a:a7:e2:bc:0f:46:9d:5a:14:f5:
79:f8:e2:c0:8e:98:fc:16:ca:b2:39:26:54:20:fb:
35:ee:ca:64:9f:bf:3e:03:fd:b9:d9:c8:5e:d3:eb:
04:da:dc:9a:ad:04:76:5f:5f:98:7c:b5:42:99:74:
10:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:B6:4F:3B:6B:2D:7C:07:D1:2A:00:1F:EC:CE:E2:91:2B:12:DB:99
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/wrZPO2stfAfRKgAf7M7ikSsS25k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
82:8d:d3:27:24:b0:7f:dd:22:77:d9:e4:96:b9:69:13:cf:37:
9a:02:fa:5b:c0:e9:da:b3:22:5d:08:38:ca:39:e5:16:da:d3:
ae:1e:97:1f:d9:ba:4d:33:8e:39:98:c9:2a:78:6a:15:e5:3b:
9f:82:8f:53:e4:11:47:22:1a:92:62:2e:64:9f:54:2d:e7:07:
fa:2e:54:ee:84:3f:18:10:24:e9:74:28:5a:63:d7:01:2a:36:
d9:66:b2:f7:14:ec:c9:56:c2:9d:8e:1c:75:00:e0:09:4d:79:
f5:d9:13:9c:0d:6c:3d:3f:e8:4b:3c:ab:a5:2c:58:7a:b6:e8:
dd:99:eb:16:f6:63:22:b0:a2:c4:bf:ab:92:49:ea:04:54:a8:
88:50:ce:aa:4e:bc:1f:9d:2e:37:16:fe:92:a0:bc:65:fc:77:
0f:09:bc:65:95:07:65:be:fd:6f:7f:f9:4e:da:74:aa:a4:b4:
6a:45:a4:36:ba:be:ef:df:e8:b0:90:71:d6:b2:cd:44:71:b7:
33:90:6b:54:8d:e2:07:88:91:84:4f:48:c1:9f:4f:90:e2:16:
52:e2:be:83:12:7b:c0:ec:dc:9f:3d:cd:31:29:92:f3:0a:bf:
34:6f:24:76:c6:2b:f2:da:4b:a5:35:8b:f0:fe:0d:a5:63:60:
e0:06:c9:95
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZd3y9nNdbVwlnOud78MfXj2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjE2MDgxMjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmI2NGYzYjZiMmQ3YzA3ZDEyYTAwMWZlY2NlZTI5MTJiMTJkYjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyuuSNlFu8NYhLaGMXkVioMLYn0Rs
2qC11U1uXI4IGw3DsYGaUOk+2zSOYpWBxHKGZiMGsaMo5XPtrQGfw67g/pEh7XRE
FER4V9KaqUjK780fbS9Vx1EFbawdnHYE4sP9DRsFfcqbsnmKdQkBgXYd2Aq77qT8
dpNK4LbrOUA0SVnasjY7ZzvklqJV5BuK5Zxn8xMdcydDmMw/mntXzj54eTq89h6k
GbZZLh5Qqj0XcaCTDW8eLICiCA2zA3ThD3vcknqEhe0rRzqn4rwPRp1aFPV5+OLA
jpj8FsqyOSZUIPs17spkn78+A/252che0+sE2tyarQR2X1+YfLVCmXQQWQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFMK2TztrLXwH0SoAH+zO4pErEtuZMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvd3JaUE8yc3RmQWZSS2dBZjdNN2lrU3NTMjVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAgo3TJySwf90id9nklrlpE883
mgL6W8Dp2rMiXQg4yjnlFtrTrh6XH9m6TTOOOZjJKnhqFeU7n4KPU+QRRyIakmIu
ZJ9ULecH+i5U7oQ/GBAk6XQoWmPXASo22Way9xTsyVbCnY4cdQDgCU159dkTnA1s
PT/oSzyrpSxYerbo3ZnrFvZjIrCixL+rkknqBFSoiFDOqk68H50uNxb+kqC8Zfx3
Dwm8ZZUHZb79b3/5Ttp0qqS0akWkNrq+79/osJBx1rLNRHG3M5BrVI3iB4iRhE9I
wZ9PkOIWUuK+gxJ7wOzcnz3NMSmS8wq/NG8kdsYr8tpLpTWL8P4NpWNg4AbJlQ==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:18:45 2025 by rpki-client