Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/yRwyTJjtD8njPhM4SjRId1TmAPw.roa
File: yRwyTJjtD8njPhM4SjRId1TmAPw.roa (raw, json)
Hash identifier: +4L349TY1EX8HDkTKDMishJYjlmc0g0vDIcKSchowvI=
Subject key identifier: C9:1C:32:4C:98:ED:0F:C9:E3:3E:13:38:4A:34:48:77:54:E6:00:FC
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 0197A6CC0E492A872E2F7849670B3F2A87D6
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/yRwyTJjtD8njPhM4SjRId1TmAPw.roa
Signing time: Wed 25 Jun 2025 11:14:40 +0000
ROA not before: Wed 25 Jun 2025 11:14:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 25 Jun 2025 12:04:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a6:cc:0e:49:2a:87:2e:2f:78:49:67:0b:3f:2a:87:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 25 11:14:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c91c324c98ed0fc9e33e13384a34487754e600fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:6e:af:3c:7b:01:04:60:34:32:71:4a:bd:59:
66:01:2e:da:6c:37:d0:54:10:fb:be:a3:d6:e0:b6:
81:78:1a:13:6f:7d:71:26:37:5f:0d:b0:2f:ce:21:
fc:01:2d:c6:4e:8c:84:76:0d:d5:07:2b:d5:f7:f4:
b2:c4:d2:54:ec:09:88:56:2e:d0:39:1f:51:28:a3:
5a:a4:b9:c7:60:97:94:96:04:ae:ce:da:b5:63:02:
26:3c:1a:29:ef:00:08:88:65:27:57:c5:dc:42:4d:
82:51:fa:b9:13:99:47:df:0d:e4:4e:fe:0f:0e:d3:
5b:e1:5a:85:c4:53:bb:62:ab:f3:3e:ee:07:31:7a:
f5:e7:ac:59:1b:70:a0:27:3a:eb:fc:dc:03:31:4e:
db:a8:d7:fc:d9:82:4c:39:f1:3c:48:e8:cd:2d:2c:
5d:c0:21:c8:bd:df:06:76:96:33:53:56:33:ec:4b:
26:14:07:52:75:a4:ae:ba:72:e6:2d:a4:d0:49:af:
14:d0:4f:b1:4a:df:ef:7a:39:f4:ed:e0:a9:d8:e9:
5a:52:b4:bd:d2:ec:e0:3e:1d:b9:85:e1:aa:dc:6e:
e2:60:4c:30:b0:46:67:88:e7:3a:95:95:18:c7:16:
5c:cb:e3:6c:39:9e:8f:20:64:4e:c0:97:0f:be:7e:
34:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:1C:32:4C:98:ED:0F:C9:E3:3E:13:38:4A:34:48:77:54:E6:00:FC
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/yRwyTJjtD8njPhM4SjRId1TmAPw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
08:ee:de:88:cf:d7:16:a6:b3:4e:f7:f1:cd:71:0b:ec:57:18:
8b:9a:4c:c6:22:96:44:74:68:d5:5d:a3:d6:29:c5:58:02:57:
f5:2f:e7:ef:6b:22:83:97:ab:5d:a3:df:fb:f6:0e:a0:d2:01:
7a:5c:e3:d1:ca:03:80:78:87:9a:0e:9d:d3:6c:77:5c:c7:24:
c1:fa:f5:e1:ea:3c:ef:74:9a:c7:7f:ad:d3:b5:4b:5f:61:3b:
12:63:1f:b5:96:7f:86:34:50:90:75:4a:09:08:5c:db:3d:34:
55:41:f6:f4:d8:4b:9d:ea:d7:d6:e3:29:13:92:ad:ec:2d:4c:
b5:cc:49:8d:11:7e:b9:bc:04:99:1b:66:2a:20:64:28:40:30:
92:e6:9d:d2:7f:a7:e4:0e:4d:17:bf:dd:85:7b:4e:0e:b4:5d:
6d:d2:c1:1c:1c:be:d2:f0:ae:50:7a:d1:6c:e6:23:1b:4d:94:
b1:00:23:ff:8b:b7:64:1a:5b:b2:4e:4f:9d:9f:62:58:8b:9b:
8a:80:6f:4f:e8:2c:cc:53:ca:d6:1b:12:0b:9e:d0:0e:0e:3d:
7d:84:ac:41:17:72:e4:3f:b7:71:28:0a:78:af:f0:e9:63:9f:
6c:6a:a5:65:77:99:40:02:3d:a9:ff:d8:ae:71:dc:06:9d:5d:
c6:05:2b:f2
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZemzA5JKocuL3hJZws/KofWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjI1MTExNDQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTFjMzI0Yzk4ZWQwZmM5ZTMzZTEzMzg0YTM0NDg3NzU0ZTYwMGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxm6vPHsBBGA0MnFKvVlmAS7abDfQ
VBD7vqPW4LaBeBoTb31xJjdfDbAvziH8AS3GToyEdg3VByvV9/SyxNJU7AmIVi7Q
OR9RKKNapLnHYJeUlgSuztq1YwImPBop7wAIiGUnV8XcQk2CUfq5E5lH3w3kTv4P
DtNb4VqFxFO7YqvzPu4HMXr156xZG3CgJzrr/NwDMU7bqNf82YJMOfE8SOjNLSxd
wCHIvd8GdpYzU1Yz7EsmFAdSdaSuunLmLaTQSa8U0E+xSt/vejn07eCp2OlaUrS9
0uzgPh25heGq3G7iYEwwsEZniOc6lZUYxxZcy+NsOZ6PIGROwJcPvn407QIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFMkcMkyY7Q/J4z4TOEo0SHdU5gD8MB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEveVJ3eVRKanREOG5qUGhNNFNqUklkMVRtQVB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEACO7eiM/XFqazTvfxzXEL7FcY
i5pMxiKWRHRo1V2j1inFWAJX9S/n72sig5erXaPf+/YOoNIBelzj0coDgHiHmg6d
02x3XMckwfr14eo873Sax3+t07VLX2E7EmMftZZ/hjRQkHVKCQhc2z00VUH29NhL
nerX1uMpE5Kt7C1MtcxJjRF+ubwEmRtmKiBkKEAwkuad0n+n5A5NF7/dhXtODrRd
bdLBHBy+0vCuUHrRbOYjG02UsQAj/4u3ZBpbsk5PnZ9iWIubioBvT+gszFPK1hsS
C57QDg49fYSsQRdy5D+3cSgKeK/w6WOfbGqlZXeZQAI9qf/YrnHcBp1dxgUr8g==
-----END CERTIFICATE-----
Generated at Sat Jul 5 16:05:59 2025 by rpki-client