Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/zWQnCRwsjuG5zBeihnqLOHLizfU.roa
File: zWQnCRwsjuG5zBeihnqLOHLizfU.roa (raw, json)
Hash identifier: nGOfbrg4zCDapJds4hibcuJlMSNjzMVIWtbPqGIIxJo=
Subject key identifier: CD:64:27:09:1C:2C:8E:E1:B9:CC:17:A2:86:7A:8B:38:72:E2:CD:F5
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 01979BD9FBB2424E46FB6B841E6D86743AF8
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/zWQnCRwsjuG5zBeihnqLOHLizfU.roa
Signing time: Mon 23 Jun 2025 08:14:03 +0000
ROA not before: Mon 23 Jun 2025 08:14:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 23 Jun 2025 09:05:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:9b:d9:fb:b2:42:4e:46:fb:6b:84:1e:6d:86:74:3a:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 23 08:14:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cd6427091c2c8ee1b9cc17a2867a8b3872e2cdf5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:a0:b4:9b:86:db:5f:39:37:16:ef:ca:1c:24:
30:0d:ab:1b:63:48:d5:3d:54:4e:34:26:27:ad:81:
84:73:7e:67:95:3c:49:8e:13:82:d8:54:fb:61:b0:
07:c3:78:ad:a3:94:79:c4:1d:3f:08:23:89:76:4c:
fa:d8:d1:54:13:10:69:df:c4:ce:d7:84:1b:58:52:
0f:65:57:9c:b6:2e:48:19:95:6b:fc:3f:cd:c7:57:
57:14:2a:a9:21:84:ec:2f:df:b4:54:32:b8:a3:ba:
45:5e:e1:5f:f3:fb:c6:a7:96:78:96:75:ab:30:95:
f3:55:8d:93:cd:e6:dd:8b:8b:06:a7:f4:57:3e:bc:
f6:70:55:96:50:cf:f4:60:0f:13:5c:75:e1:2d:b2:
17:37:4a:da:db:d3:64:1b:33:da:d9:7c:51:60:2f:
a5:6c:3d:39:81:a2:af:80:02:b0:be:65:23:fd:a6:
36:5a:27:81:7e:7a:00:49:d5:bc:09:cf:e2:1e:fa:
14:4f:36:5b:62:9b:cd:92:c1:20:04:a8:5d:8f:5f:
99:1f:2f:99:22:a3:fd:2a:91:65:e6:06:bb:e8:3f:
27:0a:19:16:f7:a5:f3:47:c2:cc:3f:99:e1:0a:2f:
b4:9f:34:3a:c0:77:7d:76:d3:61:b2:9f:c3:68:7d:
53:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:64:27:09:1C:2C:8E:E1:B9:CC:17:A2:86:7A:8B:38:72:E2:CD:F5
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/zWQnCRwsjuG5zBeihnqLOHLizfU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
63:5b:93:6b:43:00:d3:d2:d8:3f:26:37:91:0c:0f:0e:59:83:
d6:60:7e:27:66:4a:a5:66:23:84:37:12:92:a0:f9:7c:75:33:
1e:f8:f4:c4:85:5b:11:e7:59:9d:f0:62:58:6f:ed:c8:d9:55:
5c:a7:55:a8:6b:af:48:18:28:3e:b4:25:75:e2:c8:5f:bd:31:
58:51:24:38:31:21:77:8c:0f:61:ab:42:41:1b:8c:26:3f:dd:
7a:dd:b8:c8:d8:2e:4d:b7:18:7b:ef:60:39:57:fb:0b:7b:5c:
01:44:2c:76:4e:5d:32:ce:f2:26:5c:89:30:c7:17:ed:1b:c1:
e5:3a:64:8a:ec:b5:9a:93:f4:a3:9f:45:2c:f3:a4:fb:d8:ea:
2c:0e:7f:4a:cb:34:04:76:5e:63:46:9e:c6:31:11:0e:cc:df:
83:76:67:d6:be:42:59:54:ed:8d:a9:99:bb:a4:b7:6f:71:e6:
32:f0:eb:fa:7b:c0:7c:ec:13:67:d2:69:23:e8:bf:60:b4:cb:
1f:32:7d:6a:fb:fa:52:67:02:1c:85:a9:c4:55:c8:b9:9a:75:
cc:09:8d:56:9f:75:ef:2f:ce:33:24:79:e2:d3:5f:ba:e1:a7:
67:69:37:54:41:c2:ad:fd:05:36:74:22:88:b6:88:2d:28:64:
c7:82:45:9a
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZeb2fuyQk5G+2uEHm2GdDr4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjIzMDgxNDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDY0MjcwOTFjMmM4ZWUxYjljYzE3YTI4NjdhOGIzODcyZTJjZGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3aC0m4bbXzk3Fu/KHCQwDasbY0jV
PVRONCYnrYGEc35nlTxJjhOC2FT7YbAHw3ito5R5xB0/CCOJdkz62NFUExBp38TO
14QbWFIPZVecti5IGZVr/D/Nx1dXFCqpIYTsL9+0VDK4o7pFXuFf8/vGp5Z4lnWr
MJXzVY2Tzebdi4sGp/RXPrz2cFWWUM/0YA8TXHXhLbIXN0ra29NkGzPa2XxRYC+l
bD05gaKvgAKwvmUj/aY2WieBfnoASdW8Cc/iHvoUTzZbYpvNksEgBKhdj1+ZHy+Z
IqP9KpFl5ga76D8nChkW96XzR8LMP5nhCi+0nzQ6wHd9dtNhsp/DaH1TyQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFM1kJwkcLI7hucwXooZ6izhy4s31MB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEveldRbkNSd3NqdUc1ekJlaWhucUxPSExpemZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAY1uTa0MA09LYPyY3kQwPDlmD
1mB+J2ZKpWYjhDcSkqD5fHUzHvj0xIVbEedZnfBiWG/tyNlVXKdVqGuvSBgoPrQl
deLIX70xWFEkODEhd4wPYatCQRuMJj/det24yNguTbcYe+9gOVf7C3tcAUQsdk5d
Ms7yJlyJMMcX7RvB5Tpkiuy1mpP0o59FLPOk+9jqLA5/Sss0BHZeY0aexjERDszf
g3Zn1r5CWVTtjamZu6S3b3HmMvDr+nvAfOwTZ9JpI+i/YLTLHzJ9avv6UmcCHIWp
xFXIuZp1zAmNVp917y/OMyR54tNfuuGnZ2k3VEHCrf0FNnQiiLaILShkx4JFmg==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:39:33 2025 by rpki-client