Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/zyLmw6YTMdUzzagP_y_9mTKMO6Q.roa
File: zyLmw6YTMdUzzagP_y_9mTKMO6Q.roa (raw, json)
Hash identifier: Zqe85LwumM6XdEMEgzJ9XUj4p5O66mXKa1Mt23K6LuI=
Subject key identifier: CF:22:E6:C3:A6:13:31:D5:33:CD:A8:0F:FF:2F:FD:99:32:8C:3B:A4
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 01976DECFF6624DEFA395FC323A3E193B641
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/zyLmw6YTMdUzzagP_y_9mTKMO6Q.roa
Signing time: Sat 14 Jun 2025 10:12:17 +0000
ROA not before: Sat 14 Jun 2025 10:12:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 14 Jun 2025 11:04:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:6d:ec:ff:66:24:de:fa:39:5f:c3:23:a3:e1:93:b6:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 14 10:12:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cf22e6c3a61331d533cda80fff2ffd99328c3ba4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:30:88:3f:a2:ce:d0:0e:0c:a2:b8:d7:93:0b:
f1:0b:00:fa:5e:98:51:b4:85:21:b9:93:50:f7:aa:
a0:57:88:32:77:ed:e4:a3:87:68:81:6c:6b:12:c9:
87:3b:fa:1a:06:d1:40:a7:c9:23:70:4d:77:68:33:
2f:7f:43:54:0b:51:42:e3:6b:e4:15:6e:26:c0:36:
5d:bf:de:a9:d2:01:15:af:d5:59:67:4c:8c:59:58:
b7:55:a1:b2:35:00:b9:85:ba:d9:f4:94:3b:e7:d1:
7c:ce:60:9b:3f:78:7a:84:64:2d:9b:b6:8a:99:2a:
68:46:43:01:0f:b8:f0:f9:3a:5a:2f:ab:67:1f:f2:
e3:3a:1d:3c:e6:90:b2:63:d2:e8:57:ed:9d:db:f2:
aa:d3:0f:43:ae:1c:ce:e7:60:2e:72:3d:ec:69:0f:
19:37:b2:86:a7:c9:59:05:87:a8:46:7b:17:62:03:
db:da:db:85:db:96:9c:a7:1e:12:74:d6:ac:2c:a3:
b5:81:22:49:4e:70:69:ff:a5:c7:b0:a4:9e:8d:31:
dd:63:03:3e:1a:1f:d4:ca:5a:c6:5a:d6:5a:ea:11:
d5:c2:d6:0e:02:86:e0:b1:91:d4:86:c1:e0:0f:c5:
69:e0:31:6b:6a:6b:59:48:fa:7d:0b:5b:bf:fd:ac:
19:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:22:E6:C3:A6:13:31:D5:33:CD:A8:0F:FF:2F:FD:99:32:8C:3B:A4
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/zyLmw6YTMdUzzagP_y_9mTKMO6Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
4f:aa:19:43:ed:8a:7d:bb:0b:06:91:db:bf:b1:97:ec:5d:51:
80:ee:45:0f:53:13:c1:77:ba:70:6b:94:19:3b:c1:c6:3e:2f:
ea:03:8a:6c:58:69:b1:75:00:5d:64:55:e9:c8:36:b4:7f:b7:
70:4d:58:c3:cd:62:c9:96:6c:0d:10:fe:a3:3c:00:48:81:89:
ed:2d:73:43:c8:b5:4d:f1:e7:9f:1d:1f:e4:5e:be:5a:96:f4:
1e:56:36:76:1b:95:65:a8:ee:52:3d:29:f9:c6:f7:b2:c2:fd:
14:fd:8d:e2:af:50:c9:1d:8e:9d:91:c7:8c:8d:4b:26:ca:88:
a7:38:fd:cf:12:17:bb:cb:5d:49:6e:ac:be:1c:c2:0c:47:2d:
ff:c3:e8:3f:b6:d5:a7:94:93:39:82:31:bf:1c:39:de:11:b1:
07:8b:fd:8f:4b:5c:07:80:19:8d:8a:ea:49:bb:40:0c:a7:b5:
e8:a0:af:07:07:90:67:21:f9:da:45:a3:a6:1f:e3:b2:68:7b:
96:df:f1:ee:e9:c9:12:c8:27:38:3c:b3:51:26:1c:89:18:64:
20:9b:eb:d8:cc:d3:3f:61:da:66:8c:dc:c7:5f:58:3c:f8:9d:
3d:16:e5:b4:d3:4e:5b:93:97:62:f7:90:0d:1c:3e:6a:df:8f:
43:c1:53:96
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZdt7P9mJN76OV/DI6Phk7ZBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjE0MTAxMjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjIyZTZjM2E2MTMzMWQ1MzNjZGE4MGZmZjJmZmQ5OTMyOGMzYmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnTCIP6LO0A4MorjXkwvxCwD6XphR
tIUhuZNQ96qgV4gyd+3ko4dogWxrEsmHO/oaBtFAp8kjcE13aDMvf0NUC1FC42vk
FW4mwDZdv96p0gEVr9VZZ0yMWVi3VaGyNQC5hbrZ9JQ759F8zmCbP3h6hGQtm7aK
mSpoRkMBD7jw+TpaL6tnH/LjOh085pCyY9LoV+2d2/Kq0w9DrhzO52Aucj3saQ8Z
N7KGp8lZBYeoRnsXYgPb2tuF25acpx4SdNasLKO1gSJJTnBp/6XHsKSejTHdYwM+
Gh/UylrGWtZa6hHVwtYOAobgsZHUhsHgD8Vp4DFramtZSPp9C1u//awZwQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFM8i5sOmEzHVM82oD/8v/ZkyjDukMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvenlMbXc2WVRNZFV6emFnUF95XzltVEtNTzZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAT6oZQ+2KfbsLBpHbv7GX7F1R
gO5FD1MTwXe6cGuUGTvBxj4v6gOKbFhpsXUAXWRV6cg2tH+3cE1Yw81iyZZsDRD+
ozwASIGJ7S1zQ8i1TfHnnx0f5F6+Wpb0HlY2dhuVZajuUj0p+cb3ssL9FP2N4q9Q
yR2OnZHHjI1LJsqIpzj9zxIXu8tdSW6svhzCDEct/8PoP7bVp5STOYIxvxw53hGx
B4v9j0tcB4AZjYrqSbtADKe16KCvBweQZyH52kWjph/jsmh7lt/x7unJEsgnODyz
USYciRhkIJvr2MzTP2HaZozcx19YPPidPRbltNNOW5OXYveQDRw+at+PQ8FTlg==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:51:29 2025 by rpki-client