Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/y0wmmKsHosRek55S6Dq7I_4jTHM.roa
File: y0wmmKsHosRek55S6Dq7I_4jTHM.roa (raw, json)
Hash identifier: yKEOkMCmXZeSumGpdioXDJVjVm8EbVFiKwgjEc+aA84=
Subject key identifier: CB:4C:26:98:AB:07:A2:C4:5E:93:9E:52:E8:3A:BB:23:FE:23:4C:73
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 0197A3CB037864483258B3025746093E0A32
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/y0wmmKsHosRek55S6Dq7I_4jTHM.roa
Signing time: Tue 24 Jun 2025 21:14:40 +0000
ROA not before: Tue 24 Jun 2025 21:14:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 24 Jun 2025 22:04:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a3:cb:03:78:64:48:32:58:b3:02:57:46:09:3e:0a:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 24 21:14:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cb4c2698ab07a2c45e939e52e83abb23fe234c73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:e2:80:b0:99:b0:6f:bf:d8:ec:7e:29:91:96:
b8:71:41:2b:a2:28:ea:a5:18:3d:3b:6e:18:d8:64:
5e:16:b7:63:ea:11:55:1b:ba:5c:8b:d6:94:56:11:
00:a8:7f:e3:09:39:b3:1b:a0:ae:44:ce:b2:a5:74:
23:6d:79:8f:a6:b8:06:ba:2e:06:21:92:42:70:55:
fc:27:b3:23:81:8c:01:fd:36:7b:b1:7d:95:18:01:
c1:c8:91:44:43:89:b7:d3:1d:76:24:14:c4:7b:e3:
f8:b8:0d:77:60:c1:83:57:ab:cd:2a:90:af:e4:d4:
c8:ff:e5:cd:f1:18:99:03:6e:b7:ac:b6:46:0b:5e:
b7:57:64:14:45:4d:52:d6:11:e9:dc:7e:f0:f7:c5:
83:f4:b9:c4:d4:2f:56:29:4c:41:8b:a2:41:52:44:
cf:57:ac:7f:67:c3:7d:d5:f3:07:3d:25:b2:09:14:
44:ad:ee:65:a8:d5:18:69:6d:54:a7:c5:a0:61:2c:
83:5e:01:41:15:d2:23:c5:e5:6b:f8:d9:35:92:fa:
31:53:0d:2f:b6:43:c3:bd:8b:e8:e6:05:b4:12:8a:
73:f6:52:64:88:3d:b5:84:61:d8:28:ff:f3:dd:e0:
f7:39:03:ba:22:fb:23:31:e8:75:b6:a6:9c:a4:19:
23:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:4C:26:98:AB:07:A2:C4:5E:93:9E:52:E8:3A:BB:23:FE:23:4C:73
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/y0wmmKsHosRek55S6Dq7I_4jTHM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
26:1b:b1:c9:dc:e7:fb:73:e5:9b:81:d9:fd:83:5a:9f:a5:90:
a1:27:cf:8c:53:fc:47:15:6d:f2:c3:b6:17:a2:9a:cb:32:11:
e8:7c:8e:f7:d0:89:a4:c3:9e:8e:19:f3:33:87:f7:b9:97:2f:
72:77:7f:48:9b:0c:bc:19:1f:73:f0:e0:de:e6:b1:21:30:32:
06:45:81:cb:1b:39:29:d4:18:be:4e:da:e3:96:11:ca:4d:27:
9b:03:e5:d3:62:d6:fa:a2:9f:7c:f7:9e:a3:d3:ac:b6:60:71:
83:80:58:97:5d:84:ad:28:fb:e1:c7:9b:95:75:24:5e:16:39:
39:d7:69:c7:87:54:74:16:b1:36:77:c1:0a:37:90:27:01:4c:
e3:48:78:6a:18:9c:d7:a0:af:8e:8b:c4:23:2d:e8:0d:90:63:
c9:fe:40:8a:2f:f4:04:bd:fb:4b:52:3c:0c:e6:b2:9b:e6:52:
c3:65:0d:66:c1:e7:c0:7b:ee:c8:0c:8d:9b:3c:e3:58:fc:48:
cf:38:dd:bc:1c:ad:16:fd:9a:ab:f5:50:b1:a0:6b:8c:2e:e7:
d4:f6:65:9f:ff:f8:e0:52:18:b3:3b:ae:f9:fb:ce:82:86:4e:
64:d0:a8:22:50:37:f2:15:ba:d7:3e:96:1d:69:6a:8c:6f:53:
55:dd:5e:74
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZejywN4ZEgyWLMCV0YJPgoyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjI0MjExNDQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjRjMjY5OGFiMDdhMmM0NWU5MzllNTJlODNhYmIyM2ZlMjM0YzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqeKAsJmwb7/Y7H4pkZa4cUEroijq
pRg9O24Y2GReFrdj6hFVG7pci9aUVhEAqH/jCTmzG6CuRM6ypXQjbXmPprgGui4G
IZJCcFX8J7MjgYwB/TZ7sX2VGAHByJFEQ4m30x12JBTEe+P4uA13YMGDV6vNKpCv
5NTI/+XN8RiZA263rLZGC163V2QURU1S1hHp3H7w98WD9LnE1C9WKUxBi6JBUkTP
V6x/Z8N91fMHPSWyCRREre5lqNUYaW1Up8WgYSyDXgFBFdIjxeVr+Nk1kvoxUw0v
tkPDvYvo5gW0Eopz9lJkiD21hGHYKP/z3eD3OQO6IvsjMeh1tqacpBkj7wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFMtMJpirB6LEXpOeUug6uyP+I0xzMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEveTB3bW1Lc0hvc1JlazU1UzZEcTdJXzRqVEhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAJhuxydzn+3Plm4HZ/YNan6WQ
oSfPjFP8RxVt8sO2F6KayzIR6HyO99CJpMOejhnzM4f3uZcvcnd/SJsMvBkfc/Dg
3uaxITAyBkWByxs5KdQYvk7a45YRyk0nmwPl02LW+qKffPeeo9OstmBxg4BYl12E
rSj74ceblXUkXhY5Oddpx4dUdBaxNnfBCjeQJwFM40h4ahic16CvjovEIy3oDZBj
yf5Aii/0BL37S1I8DOaym+ZSw2UNZsHnwHvuyAyNmzzjWPxIzzjdvBytFv2aq/VQ
saBrjC7n1PZln//44FIYszuu+fvOgoZOZNCoIlA38hW61z6WHWlqjG9TVd1edA==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:41:29 2025 by rpki-client