Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/5SHaOCrso2dyMZq04OLLdoTcNY4.roa
File: 5SHaOCrso2dyMZq04OLLdoTcNY4.roa (raw, json)
Hash identifier: 9JjX2FDZVGZkM+oFsOCjEqoOHYz+YoesKRGvjaAAtzs=
Subject key identifier: E5:21:DA:38:2A:EC:A3:67:72:31:9A:B4:E0:E2:CB:76:84:DC:35:8E
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 01976BFDB37C0B8B517A56803B28008FC5EF
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/5SHaOCrso2dyMZq04OLLdoTcNY4.roa
Signing time: Sat 14 Jun 2025 01:11:17 +0000
ROA not before: Sat 14 Jun 2025 01:11:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 14 Jun 2025 02:04:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:6b:fd:b3:7c:0b:8b:51:7a:56:80:3b:28:00:8f:c5:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 14 01:11:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e521da382aeca36772319ab4e0e2cb7684dc358e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:58:02:29:62:cd:57:46:e8:91:48:ad:64:7a:
c6:47:95:30:87:56:d0:5c:ba:36:06:eb:c5:c7:53:
2c:31:a3:26:41:15:7c:a4:1d:f5:53:f9:15:d5:0b:
61:65:f0:70:69:e6:97:32:c1:b0:01:49:ea:64:f0:
c2:6b:4e:e9:1d:c4:60:66:19:3a:59:a6:2d:a8:36:
2b:39:5c:7f:41:88:f7:f8:86:d6:2a:d7:dc:3a:15:
19:f5:37:02:34:e7:5a:49:61:3d:da:e1:06:97:00:
a3:92:3c:97:ee:6f:51:5a:4b:7a:dd:a0:7a:0e:da:
46:84:88:b7:9d:eb:8d:b9:fb:04:94:ac:ec:fa:01:
6f:f0:80:65:4b:db:52:ed:4d:f4:76:9e:a8:3c:6f:
ec:50:76:f2:16:c5:cd:4a:1e:c4:d0:8a:e0:4e:da:
cc:d6:0c:7a:cd:db:81:99:11:98:79:fd:fa:89:99:
6a:09:5a:f5:d2:02:e7:a2:a5:1c:68:29:16:09:33:
e6:5c:90:be:36:7e:96:2c:ed:60:ba:15:e8:14:8d:
85:7f:58:ae:2c:c2:c1:50:b0:ee:64:b7:3f:4a:a2:
74:23:a6:8f:4a:4c:8b:89:5b:3e:e6:f3:84:96:5e:
d1:7d:c2:97:a2:2a:e9:7f:52:b5:cd:63:b3:34:47:
4f:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:21:DA:38:2A:EC:A3:67:72:31:9A:B4:E0:E2:CB:76:84:DC:35:8E
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/5SHaOCrso2dyMZq04OLLdoTcNY4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
01:2b:a6:55:e0:e5:7a:49:8b:a3:2f:1a:a7:80:bc:c2:89:de:
49:92:41:e7:ec:28:f0:4e:e6:56:53:7d:61:dc:50:c4:15:bd:
41:50:73:20:4e:05:9e:60:ec:13:90:90:5d:4b:9c:8c:d4:06:
ad:d8:4a:e9:eb:e5:fe:bd:99:9e:44:9a:96:59:2c:f7:ba:82:
1e:fc:af:43:7e:e4:31:ca:99:f1:a3:69:e2:e0:11:bc:2a:d9:
95:a1:7c:29:c7:06:06:0f:7e:11:22:d2:d9:9e:eb:5e:15:d9:
b1:7f:29:ea:81:8d:d2:1e:03:c1:d4:c5:c8:99:1c:89:f2:39:
ea:e3:cc:09:db:84:64:5a:21:92:f2:f5:0d:3e:d4:f3:96:ca:
d7:5c:13:f6:a6:11:11:e7:b7:9e:10:10:19:46:3a:7c:39:6e:
d3:94:fd:af:ae:68:f7:31:f6:18:3a:97:46:08:ef:03:17:6e:
e7:bb:0a:cf:43:f9:52:68:e2:3d:58:de:4c:c8:1e:a2:f3:26:
e8:97:4d:3b:48:68:93:01:70:ed:ec:35:85:a5:27:49:3b:5b:
f3:4c:5c:08:47:ea:d4:c2:3f:55:d1:50:78:ae:16:b3:9e:ad:
f6:b9:43:c0:63:10:7e:2e:2f:d9:78:7b:d9:f8:92:62:6b:d8:
d7:ec:3a:cf
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZdr/bN8C4tRelaAOygAj8XvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjE0MDExMTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTIxZGEzODJhZWNhMzY3NzIzMTlhYjRlMGUyY2I3Njg0ZGMzNThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk1gCKWLNV0bokUitZHrGR5Uwh1bQ
XLo2BuvFx1MsMaMmQRV8pB31U/kV1QthZfBwaeaXMsGwAUnqZPDCa07pHcRgZhk6
WaYtqDYrOVx/QYj3+IbWKtfcOhUZ9TcCNOdaSWE92uEGlwCjkjyX7m9RWkt63aB6
DtpGhIi3neuNufsElKzs+gFv8IBlS9tS7U30dp6oPG/sUHbyFsXNSh7E0IrgTtrM
1gx6zduBmRGYef36iZlqCVr10gLnoqUcaCkWCTPmXJC+Nn6WLO1guhXoFI2Ff1iu
LMLBULDuZLc/SqJ0I6aPSkyLiVs+5vOEll7RfcKXoirpf1K1zWOzNEdPGQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFOUh2jgq7KNncjGatODiy3aE3DWOMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvNVNIYU9DcnNvMmR5TVpxMDRPTExkb1RjTlk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAASumVeDlekmLoy8ap4C8wone
SZJB5+wo8E7mVlN9YdxQxBW9QVBzIE4FnmDsE5CQXUucjNQGrdhK6evl/r2ZnkSa
llks97qCHvyvQ37kMcqZ8aNp4uARvCrZlaF8KccGBg9+ESLS2Z7rXhXZsX8p6oGN
0h4DwdTFyJkcifI56uPMCduEZFohkvL1DT7U85bK11wT9qYREee3nhAQGUY6fDlu
05T9r65o9zH2GDqXRgjvAxdu57sKz0P5UmjiPVjeTMgeovMm6JdNO0hokwFw7ew1
haUnSTtb80xcCEfq1MI/VdFQeK4Ws56t9rlDwGMQfi4v2Xh72fiSYmvY1+w6zw==
-----END CERTIFICATE-----
Generated at Sun Jun 15 09:19:46 2025 by rpki-client