Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/yVvascMuo9rXg2Ya-2AXB9UjaKY.roa
File: yVvascMuo9rXg2Ya-2AXB9UjaKY.roa (raw, json)
Hash identifier: 9I4AklvqcVrTDVExY1cgNs26tsIQ6ZZ1ZJ3IY2GGJ+E=
Subject key identifier: C9:5B:DA:B1:C3:2E:A3:DA:D7:83:66:1A:FB:60:17:07:D5:23:68:A6
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 0197C1D3A5459EDD5CCECF606DFCCAC61868
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/yVvascMuo9rXg2Ya-2AXB9UjaKY.roa
Signing time: Mon 30 Jun 2025 17:12:42 +0000
ROA not before: Mon 30 Jun 2025 17:12:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 30 Jun 2025 18:04:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c1:d3:a5:45:9e:dd:5c:ce:cf:60:6d:fc:ca:c6:18:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 30 17:12:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c95bdab1c32ea3dad783661afb601707d52368a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:a8:d9:c7:4a:52:9e:2b:2a:81:de:52:2f:41:
f0:e6:bd:4e:ff:b3:95:f4:47:a8:82:ab:d8:1d:6e:
81:90:64:b6:ce:97:fa:ed:c7:cf:68:0c:1f:65:1a:
6c:d7:bd:b8:38:ab:60:3c:22:14:b4:0a:24:d5:05:
4e:4f:50:d3:41:16:af:f1:75:ca:72:da:71:fd:a3:
1e:f4:c5:8e:c4:6e:fa:2c:eb:d1:e4:c6:32:0d:c5:
f3:63:4b:79:2a:e0:80:b3:22:f1:e1:ed:b8:25:cc:
cf:88:f6:57:8b:df:46:3f:58:8d:59:f9:5b:fa:02:
c9:27:3b:76:85:26:73:d3:4a:ef:76:9c:e9:05:76:
b3:08:5d:e2:5a:f9:1a:e0:f5:81:11:d6:53:50:dd:
4c:e8:e1:8e:19:21:9e:6b:79:61:e7:95:56:89:0f:
89:4e:35:19:f8:f8:7f:e5:66:7b:f0:76:1a:3b:96:
57:d3:ff:a7:3a:38:ba:3a:b0:c5:02:59:d3:bf:9c:
33:47:fa:ce:de:a2:27:f2:37:41:18:a0:27:de:ec:
ba:f8:53:2a:5f:73:df:41:59:5f:5e:30:b6:02:72:
eb:5d:ef:89:bc:30:16:ae:cf:c2:08:d8:38:ad:ac:
1d:7a:32:61:ea:16:92:36:ac:9a:e6:b2:f0:e5:d5:
07:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:5B:DA:B1:C3:2E:A3:DA:D7:83:66:1A:FB:60:17:07:D5:23:68:A6
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/yVvascMuo9rXg2Ya-2AXB9UjaKY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
0d:40:c4:e4:81:1a:ab:33:07:84:45:76:5e:19:02:91:16:e6:
72:ad:ee:19:ee:ef:7e:28:e5:06:87:c2:40:f9:b0:bf:6d:01:
1f:02:29:fe:5b:e5:c0:00:6a:c8:be:70:d7:2d:44:ee:43:bb:
1f:85:ad:e2:97:83:ba:aa:54:62:01:aa:b9:d2:a1:c2:d6:ad:
10:56:ed:4a:fc:3b:4f:31:ac:a6:2c:df:2e:00:6d:49:03:19:
e5:58:30:ec:bb:ce:d5:3e:96:73:9d:d8:7b:17:c2:62:a2:f1:
4a:ec:a1:6e:13:a6:51:16:03:a4:31:1b:38:f5:24:76:7b:d3:
1f:59:0a:64:fa:dd:81:12:38:61:d4:dc:ba:ed:76:7d:5c:6f:
04:a9:ae:45:be:93:f2:c1:6f:ba:ea:69:15:2e:5f:15:3d:6b:
8c:de:88:30:c2:93:01:20:46:45:b3:67:eb:77:31:e7:fe:66:
a0:65:89:77:57:b1:bb:32:cf:c6:20:f9:f3:93:07:b9:a6:21:
1e:89:f1:81:03:df:8c:6b:fc:3f:f7:16:45:9f:28:a4:29:46:
27:0a:45:c0:37:fb:76:26:09:52:84:6b:ac:f9:4e:20:96:9b:
29:14:33:dc:5e:40:49:5a:5c:cc:b9:55:35:f9:f4:b2:62:93:
db:8b:72:c4
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZfB06VFnt1czs9gbfzKxhhoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjMwMTcxMjQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTViZGFiMWMzMmVhM2RhZDc4MzY2MWFmYjYwMTcwN2Q1MjM2OGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzKjZx0pSnisqgd5SL0Hw5r1O/7OV
9EeogqvYHW6BkGS2zpf67cfPaAwfZRps1724OKtgPCIUtAok1QVOT1DTQRav8XXK
ctpx/aMe9MWOxG76LOvR5MYyDcXzY0t5KuCAsyLx4e24JczPiPZXi99GP1iNWflb
+gLJJzt2hSZz00rvdpzpBXazCF3iWvka4PWBEdZTUN1M6OGOGSGea3lh55VWiQ+J
TjUZ+Ph/5WZ78HYaO5ZX0/+nOji6OrDFAlnTv5wzR/rO3qIn8jdBGKAn3uy6+FMq
X3PfQVlfXjC2AnLrXe+JvDAWrs/CCNg4rawdejJh6haSNqya5rLw5dUH5wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFMlb2rHDLqPa14NmGvtgFwfVI2imMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEveVZ2YXNjTXVvOXJYZzJZYS0yQVhCOVVqYUtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEADUDE5IEaqzMHhEV2XhkCkRbm
cq3uGe7vfijlBofCQPmwv20BHwIp/lvlwABqyL5w1y1E7kO7H4Wt4peDuqpUYgGq
udKhwtatEFbtSvw7TzGspizfLgBtSQMZ5Vgw7LvO1T6Wc53YexfCYqLxSuyhbhOm
URYDpDEbOPUkdnvTH1kKZPrdgRI4YdTcuu12fVxvBKmuRb6T8sFvuuppFS5fFT1r
jN6IMMKTASBGRbNn63cx5/5moGWJd1exuzLPxiD585MHuaYhHonxgQPfjGv8P/cW
RZ8opClGJwpFwDf7diYJUoRrrPlOIJabKRQz3F5ASVpczLlVNfn0smKT24tyxA==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:06:51 2025 by rpki-client