Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/zPDupc8SUoHDmLbskvs8OGExccw.roa
File: zPDupc8SUoHDmLbskvs8OGExccw.roa (raw, json)
Hash identifier: CNW1eOtknb49T9JDBy6lVJF/OZy9ifEVaFxvCR8X2a8=
Subject key identifier: CC:F0:EE:A5:CF:12:52:81:C3:98:B6:EC:92:FB:3C:38:61:31:71:CC
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 0197A4370C133F692D0D5270B0D299BDBD33
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/zPDupc8SUoHDmLbskvs8OGExccw.roa
Signing time: Tue 24 Jun 2025 23:12:40 +0000
ROA not before: Tue 24 Jun 2025 23:12:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 25 Jun 2025 00:04:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a4:37:0c:13:3f:69:2d:0d:52:70:b0:d2:99:bd:bd:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 24 23:12:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ccf0eea5cf125281c398b6ec92fb3c38613171cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:d1:ec:15:94:30:d4:03:1b:23:1b:3d:da:41:
59:df:1d:43:80:50:2b:ef:84:af:82:af:76:34:02:
9e:33:b0:82:c0:ea:5c:05:22:91:07:fc:80:46:b6:
da:04:52:f1:08:89:14:fa:51:7e:7e:b5:eb:0f:db:
34:45:2b:99:22:95:10:e1:7d:0f:94:c7:3c:2f:aa:
a4:97:1f:c5:88:c9:cf:b3:1b:8a:07:b5:73:18:ba:
8e:93:79:78:c8:a4:87:9d:9d:4a:98:e3:e4:31:ed:
a6:dd:e2:88:ce:9a:57:3d:98:ca:ad:1b:67:4d:4b:
ce:8a:d8:65:bf:cc:2a:12:4c:4d:de:22:5e:e3:f3:
18:1e:ce:31:4a:ad:52:28:e5:ea:51:39:76:0a:07:
33:6c:d3:70:77:99:fb:de:e6:58:82:ed:1c:e2:07:
2c:86:91:37:92:ff:8c:c8:85:7a:94:95:bf:24:14:
b3:b7:72:aa:fc:51:fa:35:6f:93:de:69:c4:58:e3:
82:f1:b3:6a:b5:75:75:35:1d:ea:c3:06:a9:ba:ff:
e1:e2:dc:c8:4f:cf:6f:de:ff:16:6a:44:ba:74:0a:
42:9b:5b:38:5a:88:1e:de:ab:de:c8:b3:01:3b:af:
87:5c:1f:9c:7b:11:3d:c1:4c:69:18:7e:ce:c6:2e:
c8:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:F0:EE:A5:CF:12:52:81:C3:98:B6:EC:92:FB:3C:38:61:31:71:CC
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/zPDupc8SUoHDmLbskvs8OGExccw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
1c:af:1e:68:0d:04:3b:e0:57:6d:39:76:d7:b2:1d:c2:a6:10:
db:ec:b5:bf:b0:77:24:8c:c4:42:f8:0d:6c:0d:46:aa:d4:82:
33:63:16:9e:98:62:30:dc:f4:51:cf:1f:be:81:75:7c:d2:86:
2c:bb:68:bd:13:1d:8c:fc:06:79:cb:d5:fe:bd:28:ae:84:6a:
0d:80:af:ad:21:e4:16:75:f1:ba:97:06:e7:b7:d6:13:73:d9:
5b:53:09:76:cf:2e:c6:9b:46:15:81:e7:be:df:55:94:87:4f:
c6:97:4a:e4:75:33:ec:13:54:5d:d0:6e:8e:b9:3b:af:ff:ce:
08:bf:61:12:c7:31:2a:96:bd:07:40:56:64:58:11:6d:62:90:
85:50:c4:5f:fe:1a:86:7d:cc:9e:2f:95:94:ef:c5:d9:3b:34:
78:ab:88:cc:2b:58:bf:5f:78:90:b9:d0:5d:b8:c6:d1:ac:3e:
e6:a7:f2:5f:5e:cd:bb:5e:e7:44:90:05:86:b8:70:87:82:ec:
28:b2:8f:d8:20:3b:44:f0:d5:a4:77:61:91:48:49:10:1e:86:
5f:50:a1:fe:fc:99:56:82:57:cd:7e:b1:3e:de:69:3a:4b:be:
b1:bf:c1:fe:17:16:5b:0d:e2:16:1b:63:13:8b:65:8f:59:92:
f5:90:93:01
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZekNwwTP2ktDVJwsNKZvb0zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjI0MjMxMjQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2YwZWVhNWNmMTI1MjgxYzM5OGI2ZWM5MmZiM2MzODYxMzE3MWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsdHsFZQw1AMbIxs92kFZ3x1DgFAr
74Svgq92NAKeM7CCwOpcBSKRB/yARrbaBFLxCIkU+lF+frXrD9s0RSuZIpUQ4X0P
lMc8L6qklx/FiMnPsxuKB7VzGLqOk3l4yKSHnZ1KmOPkMe2m3eKIzppXPZjKrRtn
TUvOithlv8wqEkxN3iJe4/MYHs4xSq1SKOXqUTl2CgczbNNwd5n73uZYgu0c4gcs
hpE3kv+MyIV6lJW/JBSzt3Kq/FH6NW+T3mnEWOOC8bNqtXV1NR3qwwapuv/h4tzI
T89v3v8WakS6dApCm1s4Woge3qveyLMBO6+HXB+cexE9wUxpGH7Oxi7IyQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFMzw7qXPElKBw5i27JL7PDhhMXHMMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvelBEdXBjOFNVb0hEbUxic2t2czhPR0V4Y2N3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAHK8eaA0EO+BXbTl217IdwqYQ
2+y1v7B3JIzEQvgNbA1GqtSCM2MWnphiMNz0Uc8fvoF1fNKGLLtovRMdjPwGecvV
/r0oroRqDYCvrSHkFnXxupcG57fWE3PZW1MJds8uxptGFYHnvt9VlIdPxpdK5HUz
7BNUXdBujrk7r//OCL9hEscxKpa9B0BWZFgRbWKQhVDEX/4ahn3Mni+VlO/F2Ts0
eKuIzCtYv194kLnQXbjG0aw+5qfyX17Nu17nRJAFhrhwh4LsKLKP2CA7RPDVpHdh
kUhJEB6GX1Ch/vyZVoJXzX6xPt5pOku+sb/B/hcWWw3iFhtjE4tlj1mS9ZCTAQ==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:14:37 2025 by rpki-client