Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/0fNocdovcBpPRFNc1LcVv2DS8Q0.roa
File: 0fNocdovcBpPRFNc1LcVv2DS8Q0.roa (raw, json)
Hash identifier: rXzshrPdjGYZILMFwBVh/eEUILt5aHRjLPsZhgNcPl8=
Subject key identifier: D1:F3:68:71:DA:2F:70:1A:4F:44:53:5C:D4:B7:15:BF:60:D2:F1:0D
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 01976E5CB1088D9BC855EEC10D79A47D1C9B
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/0fNocdovcBpPRFNc1LcVv2DS8Q0.roa
Signing time: Sat 14 Jun 2025 12:14:17 +0000
ROA not before: Sat 14 Jun 2025 12:14:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 14 Jun 2025 13:04:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:6e:5c:b1:08:8d:9b:c8:55:ee:c1:0d:79:a4:7d:1c:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 14 12:14:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d1f36871da2f701a4f44535cd4b715bf60d2f10d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:42:db:6d:d3:41:f4:51:be:05:62:64:e2:ca:
72:af:4e:fb:cb:0b:f4:03:56:3f:ea:3b:b7:e3:ad:
88:d4:0f:cb:c4:a6:2d:db:ab:4d:24:35:9d:5a:8c:
0a:f6:be:3d:dc:6b:23:7c:41:f4:83:d6:28:fe:cc:
42:d5:9e:6c:ea:ef:5a:cf:97:b8:f1:e6:bf:94:ae:
27:7c:79:ba:e8:5b:21:3c:fc:28:3b:5d:de:60:a3:
05:39:78:ec:e5:e4:39:d2:4c:18:5e:25:a0:89:66:
d7:b2:1c:cd:74:8f:c5:30:9d:b9:58:f9:6e:91:ee:
2d:5c:6d:d5:28:06:30:ab:14:b5:f1:f7:91:2b:35:
02:70:dd:f5:15:62:bf:b7:c8:51:4e:bb:27:7a:fd:
fe:30:05:68:c2:c9:55:81:89:92:a9:1e:bc:48:a0:
3b:24:87:2f:b6:f7:a1:39:76:5f:9a:16:2f:9e:c1:
d4:f1:f3:45:cb:d4:5d:b9:f4:3a:b7:53:1b:d1:63:
99:2e:9d:7f:cb:29:92:da:34:3c:71:af:91:50:0e:
1a:2c:b4:04:1c:c1:1f:e7:8f:20:ad:dc:a8:13:0c:
97:b1:89:e1:c6:76:fd:17:3d:d4:54:a1:a7:d1:38:
47:02:40:ea:bd:aa:d1:e9:9e:07:c3:72:43:b6:25:
3c:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:F3:68:71:DA:2F:70:1A:4F:44:53:5C:D4:B7:15:BF:60:D2:F1:0D
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/0fNocdovcBpPRFNc1LcVv2DS8Q0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
4f:1f:55:93:b8:e6:39:b4:43:72:57:c0:6b:38:b5:18:d1:47:
52:8a:62:93:9e:20:8a:27:42:85:f6:9d:9a:b8:8f:7f:89:cf:
46:13:68:62:63:d4:63:96:83:6d:fd:ee:dc:85:ea:17:71:92:
20:67:ba:d7:d0:64:ba:f6:2e:7b:6b:4e:df:2f:e7:1b:ee:0a:
00:b6:9c:9d:f0:3e:7e:c1:c8:50:b7:23:83:ec:11:cc:03:0a:
f3:4f:f0:3f:91:60:93:a7:f0:ee:66:d2:33:e3:c4:f2:be:1b:
2d:db:9d:37:7e:31:da:cc:0a:e3:c7:08:89:92:cd:54:42:4d:
1d:a7:29:b9:2a:47:ad:9b:29:21:b4:6c:d7:56:46:1e:e9:ed:
82:99:55:9c:30:95:e5:e6:75:59:76:25:97:f6:1b:fa:3c:a8:
50:b2:c5:1d:f8:c4:35:91:e0:80:cd:1f:db:73:8d:60:c7:8c:
7b:12:17:1f:f2:3d:5c:3e:aa:33:fd:8a:0b:66:80:7f:19:8d:
3b:0b:91:7f:41:dd:5d:42:4f:74:2e:ae:14:c4:a1:97:87:72:
bb:a1:37:a3:82:93:2c:41:d7:35:19:6d:dd:09:a5:31:72:7f:
f0:b2:77:d6:52:4e:27:85:d2:42:ba:a4:95:b6:bd:19:36:2e:
13:35:75:ae
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZduXLEIjZvIVe7BDXmkfRybMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjE0MTIxNDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWYzNjg3MWRhMmY3MDFhNGY0NDUzNWNkNGI3MTViZjYwZDJmMTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4kLbbdNB9FG+BWJk4spyr077ywv0
A1Y/6ju3462I1A/LxKYt26tNJDWdWowK9r493GsjfEH0g9Yo/sxC1Z5s6u9az5e4
8ea/lK4nfHm66FshPPwoO13eYKMFOXjs5eQ50kwYXiWgiWbXshzNdI/FMJ25WPlu
ke4tXG3VKAYwqxS18feRKzUCcN31FWK/t8hRTrsnev3+MAVowslVgYmSqR68SKA7
JIcvtvehOXZfmhYvnsHU8fNFy9RdufQ6t1Mb0WOZLp1/yymS2jQ8ca+RUA4aLLQE
HMEf548grdyoEwyXsYnhxnb9Fz3UVKGn0ThHAkDqvarR6Z4Hw3JDtiU8yQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFNHzaHHaL3AaT0RTXNS3Fb9g0vENMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvMGZOb2Nkb3ZjQnBQUkZOYzFMY1Z2MkRTOFEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEATx9Vk7jmObRDclfAazi1GNFH
Uopik54giidChfadmriPf4nPRhNoYmPUY5aDbf3u3IXqF3GSIGe619BkuvYue2tO
3y/nG+4KALacnfA+fsHIULcjg+wRzAMK80/wP5Fgk6fw7mbSM+PE8r4bLdudN34x
2swK48cIiZLNVEJNHacpuSpHrZspIbRs11ZGHuntgplVnDCV5eZ1WXYll/Yb+jyo
ULLFHfjENZHggM0f23ONYMeMexIXH/I9XD6qM/2KC2aAfxmNOwuRf0HdXUJPdC6u
FMShl4dyu6E3o4KTLEHXNRlt3QmlMXJ/8LJ31lJOJ4XSQrqklba9GTYuEzV1rg==
-----END CERTIFICATE-----
Generated at Sun Jun 15 08:52:54 2025 by rpki-client