Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/57LYVmBVWCVWUxHodoI3_eU-hh4.roa
File: 57LYVmBVWCVWUxHodoI3_eU-hh4.roa (raw, json)
Hash identifier: 9tbo+RnLNN+cqZKAyScGJW5q0K55uo26beTWQ4bsnw8=
Subject key identifier: E7:B2:D8:56:60:55:58:25:56:53:11:E8:76:82:37:FD:E5:3E:86:1E
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 019CAB0AA309F5FA62C5F47D23C75BABC825
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/57LYVmBVWCVWUxHodoI3_eU-hh4.roa
Signing time: Sun 01 Mar 2026 20:15:26 +0000
ROA not before: Sun 01 Mar 2026 20:15:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:19c:1eac:7d76/128 maxlen: 128
2001:67c:64:ffff:0:19c:2f30:cc98/128 maxlen: 128
2001:67c:64:ffff:0:19c:4770:2527/128 maxlen: 128
2001:67c:64:ffff:0:19c:5298:96f7/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 01 Mar 2026 21:04:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ab:0a:a3:09:f5:fa:62:c5:f4:7d:23:c7:5b:ab:c8:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Mar 1 20:15:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e7b2d85660555825565311e8768237fde53e861e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:71:c0:59:6a:87:0b:9b:31:f4:a0:2b:6c:b3:
a4:e7:ad:85:18:55:5d:22:b8:c6:38:50:51:0b:dc:
6c:b3:d9:6c:63:c5:3f:91:e5:99:24:6a:17:6b:ed:
65:4f:d8:52:84:0c:34:b8:25:bd:05:d9:10:f3:5e:
64:7b:59:ee:16:2a:3e:03:77:fb:c2:06:e0:d0:de:
d9:90:04:b2:df:57:fd:55:91:98:19:47:65:80:9f:
05:c6:c3:38:c1:b4:b5:f2:e2:5c:2b:7a:4d:28:02:
59:a3:47:cb:d8:6e:ad:d7:cf:43:00:fc:7e:94:7e:
88:54:f7:ac:23:00:0e:d0:8d:ef:1c:6d:64:bd:27:
00:32:26:fb:af:60:8e:40:1c:93:f6:33:5c:bd:e6:
5b:52:b7:b3:34:55:77:a6:b3:6f:c1:56:15:97:1c:
50:74:95:6a:59:21:ca:a3:e8:62:95:26:dc:69:df:
a5:c1:da:ed:34:6b:f4:77:f9:91:4e:38:94:d1:65:
fe:04:13:6f:14:93:d3:24:b9:0e:b7:1b:55:b8:d8:
70:be:ec:5a:a2:ba:b1:f3:fa:e5:e3:1e:7e:74:17:
36:77:4b:2c:5c:f3:4b:54:5e:57:a3:8e:88:17:86:
44:95:db:ec:5e:93:f3:19:8b:be:5c:bb:e1:89:4a:
d5:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:B2:D8:56:60:55:58:25:56:53:11:E8:76:82:37:FD:E5:3E:86:1E
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/57LYVmBVWCVWUxHodoI3_eU-hh4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:19c:1eac:7d76/128
2001:67c:64:ffff:0:19c:2f30:cc98/128
2001:67c:64:ffff:0:19c:4770:2527/128
2001:67c:64:ffff:0:19c:5298:96f7/128
Signature Algorithm: sha256WithRSAEncryption
1d:82:4d:f0:82:5c:53:0f:be:db:9a:d8:d0:19:e4:b5:2b:ed:
03:2c:83:3a:18:4b:bc:46:2c:e7:c1:9d:2c:37:41:2c:8b:f9:
27:8c:e3:c6:95:95:3e:d2:e1:9f:f9:de:2e:07:c7:01:10:b4:
a3:ab:68:39:2d:13:10:6b:86:ac:ea:fd:7b:e7:67:f8:8c:ad:
a8:a0:9f:50:a0:89:c2:86:57:f0:ff:6e:3c:b5:0a:df:e3:a2:
01:22:c5:99:59:4b:8f:2c:46:cf:08:25:29:60:45:15:af:51:
08:4b:1a:56:81:7b:99:f2:29:59:b8:96:66:e3:61:d6:e6:78:
a0:3b:24:97:7d:9a:e9:41:42:ff:92:93:44:d2:f9:25:89:7b:
8d:5a:da:9d:9c:1e:86:db:dc:5b:69:5f:3d:be:2e:4c:03:2d:
65:cd:ca:45:7d:eb:0e:9c:46:d0:81:a7:1e:3f:6a:f1:4d:b0:
93:26:f7:b0:1c:07:40:ff:41:b8:52:cb:8a:fc:99:c3:15:a8:
9d:f5:f0:ea:bd:c8:c9:57:b0:6c:fd:53:aa:55:2b:46:4d:cf:
e0:57:aa:16:2a:91:0b:db:71:61:05:39:ba:83:26:c8:cc:ce:
05:16:21:2d:c1:8b:e0:a7:01:02:f7:e9:fb:52:06:ee:b2:f8:
bc:6e:08:2d
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZyrCqMJ9fpixfR9I8dbq8glMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjYwMzAxMjAxNTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2IyZDg1NjYwNTU1ODI1NTY1MzExZTg3NjgyMzdmZGU1M2U4NjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw3HAWWqHC5sx9KArbLOk562FGFVd
IrjGOFBRC9xss9lsY8U/keWZJGoXa+1lT9hShAw0uCW9BdkQ815ke1nuFio+A3f7
wgbg0N7ZkASy31f9VZGYGUdlgJ8FxsM4wbS18uJcK3pNKAJZo0fL2G6t189DAPx+
lH6IVPesIwAO0I3vHG1kvScAMib7r2COQByT9jNcveZbUrezNFV3prNvwVYVlxxQ
dJVqWSHKo+hilSbcad+lwdrtNGv0d/mRTjiU0WX+BBNvFJPTJLkOtxtVuNhwvuxa
orqx8/rl4x5+dBc2d0ssXPNLVF5Xo46IF4ZEldvsXpPzGYu+XLvhiUrVdQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFOey2FZgVVglVlMR6HaCN/3lPoYeMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvNTdMWVZtQlZXQ1ZXVXhIb2RvSTNfZVUtaGg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAAjBMAxEAIAEGfABk
//8AAAGcHqx9dgMRACABBnwAZP//AAABnC8wzJgDEQAgAQZ8AGT//wAAAZxHcCUn
AxEAIAEGfABk//8AAAGcUpiW9zANBgkqhkiG9w0BAQsFAAOCAQEAHYJN8IJcUw++
25rY0BnktSvtAyyDOhhLvEYs58GdLDdBLIv5J4zjxpWVPtLhn/neLgfHARC0o6to
OS0TEGuGrOr9e+dn+IytqKCfUKCJwoZX8P9uPLUK3+OiASLFmVlLjyxGzwglKWBF
Fa9RCEsaVoF7mfIpWbiWZuNh1uZ4oDskl32a6UFC/5KTRNL5JYl7jVranZwehtvc
W2lfPb4uTAMtZc3KRX3rDpxG0IGnHj9q8U2wkyb3sBwHQP9BuFLLivyZwxWonfXw
6r3IyVewbP1TqlUrRk3P4FeqFiqRC9txYQU5uoMmyMzOBRYhLcGL4KcBAvfp+1IG
7rL4vG4ILQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 00:40:53 2026 by rpki-client