Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/HUC9iEZPwaoOm8hC5pLAIk1WgMA.roa
File: HUC9iEZPwaoOm8hC5pLAIk1WgMA.roa (raw, json)
Hash identifier: FVoucINVhCElYsYZh+9Put/07hM7gigFpd8s8BbkWuo=
Subject key identifier: 1D:40:BD:88:46:4F:C1:AA:0E:9B:C8:42:E6:92:C0:22:4D:56:80:C0
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 0197669AEA6F629925C6FEC123F3D8C900B7
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/HUC9iEZPwaoOm8hC5pLAIk1WgMA.roa
Signing time: Fri 13 Jun 2025 00:05:17 +0000
ROA not before: Fri 13 Jun 2025 00:05:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:669a:b286/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 13 Jun 2025 00:15:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:66:9a:ea:6f:62:99:25:c6:fe:c1:23:f3:d8:c9:00:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 13 00:05:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1d40bd88464fc1aa0e9bc842e692c0224d5680c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:e3:20:8f:b4:44:dc:5b:60:75:57:bc:78:8b:
99:b4:63:90:c7:2e:e0:c2:35:e2:2c:c5:af:39:6e:
f7:d3:8e:b9:94:90:72:64:a6:fb:7b:17:ad:31:af:
f1:e6:bf:da:b1:c4:a2:41:ec:d3:cc:14:04:a2:57:
8d:e0:6a:a0:54:1b:cb:a6:81:ea:e3:72:cd:24:14:
9a:ad:b9:a0:b2:88:07:96:6a:4f:a9:f9:b8:3e:85:
32:27:08:84:f3:08:58:e9:6a:06:a0:6d:de:2f:40:
9b:7b:f1:9c:78:19:52:e9:1f:18:fd:f2:7f:26:c4:
fe:7a:14:82:4f:68:73:fc:78:2e:96:2c:af:55:16:
89:f6:bd:67:c6:90:78:53:97:9b:86:a8:fa:62:ee:
f3:05:d7:0a:d3:d3:03:8e:28:1a:77:52:cb:8b:72:
f3:ce:20:86:f1:38:da:46:4e:33:8b:d9:64:3f:7e:
57:b8:4a:2a:4b:74:b2:81:69:c1:be:fb:c0:09:26:
2c:b6:03:8a:bc:b9:80:3f:c2:64:0b:0a:24:4c:0c:
07:e2:fa:45:91:cf:7c:b4:aa:1d:b5:7c:02:81:e9:
ef:7c:48:70:49:3f:60:15:11:fe:31:ba:8f:06:f4:
38:fc:f7:f1:b5:19:1a:56:e3:c2:1f:32:be:5f:8b:
ea:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:40:BD:88:46:4F:C1:AA:0E:9B:C8:42:E6:92:C0:22:4D:56:80:C0
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/HUC9iEZPwaoOm8hC5pLAIk1WgMA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:669a:b286/128
Signature Algorithm: sha256WithRSAEncryption
47:95:67:e5:cc:5e:1e:b3:d6:d9:c6:0b:ee:09:b6:8f:84:8f:
e8:d3:82:6c:4a:32:08:35:d7:61:35:1f:77:0e:7a:be:c7:ee:
c8:64:d2:cf:6b:4f:41:da:02:86:9b:c3:03:88:5e:e3:c8:69:
d1:d1:11:a7:a5:a1:b1:67:a9:89:7f:1b:62:04:24:70:39:43:
05:4c:0b:7b:4e:cf:dd:79:6d:0c:27:d7:2f:b9:97:23:45:9a:
53:f7:61:57:24:27:5b:e2:72:20:d6:9a:01:a1:19:67:03:3b:
4a:24:57:95:43:eb:c5:d6:bd:36:9f:cd:0b:89:8b:71:54:7d:
a9:db:0e:39:b4:1c:09:82:85:77:b2:82:6b:f9:b2:64:0a:49:
26:1b:a8:7d:a5:ba:eb:ba:71:d0:29:2f:6a:63:50:29:1e:40:
e8:6a:fa:54:94:c0:e7:58:13:41:82:3f:0a:f3:19:0b:a5:33:
29:7c:10:00:c0:02:26:7b:a1:4b:2a:1b:53:df:00:e0:7f:45:
29:6a:ff:98:46:b9:a9:9a:17:e5:d4:d4:39:1e:68:59:c5:de:
23:55:1b:7b:3e:62:53:42:38:5b:ca:08:9d:cc:79:c5:01:d9:
57:6e:73:9e:55:25:e8:aa:ea:b6:3a:5d:bc:8a:d1:3c:3c:5a:
93:92:40:81
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZdmmupvYpklxv7BI/PYyQC3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjEzMDAwNTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDQwYmQ4ODQ2NGZjMWFhMGU5YmM4NDJlNjkyYzAyMjRkNTY4MGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+Mgj7RE3FtgdVe8eIuZtGOQxy7g
wjXiLMWvOW730465lJByZKb7exetMa/x5r/ascSiQezTzBQEoleN4GqgVBvLpoHq
43LNJBSarbmgsogHlmpPqfm4PoUyJwiE8whY6WoGoG3eL0Cbe/GceBlS6R8Y/fJ/
JsT+ehSCT2hz/HguliyvVRaJ9r1nxpB4U5ebhqj6Yu7zBdcK09MDjigad1LLi3Lz
ziCG8TjaRk4zi9lkP35XuEoqS3SygWnBvvvACSYstgOKvLmAP8JkCwokTAwH4vpF
kc98tKodtXwCgenvfEhwST9gFRH+MbqPBvQ4/PfxtRkaVuPCHzK+X4vqMQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFB1AvYhGT8GqDpvIQuaSwCJNVoDAMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvSFVDOWlFWlB3YW9PbThoQzVwTEFJazFXZ01BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXZpqyhjANBgkqhkiG9w0BAQsFAAOCAQEAR5Vn5cxeHrPW2cYL7gm2j4SP
6NOCbEoyCDXXYTUfdw56vsfuyGTSz2tPQdoChpvDA4he48hp0dERp6WhsWepiX8b
YgQkcDlDBUwLe07P3XltDCfXL7mXI0WaU/dhVyQnW+JyINaaAaEZZwM7SiRXlUPr
xda9Np/NC4mLcVR9qdsOObQcCYKFd7KCa/myZApJJhuofaW667px0CkvamNQKR5A
6Gr6VJTA51gTQYI/CvMZC6UzKXwQAMACJnuhSyobU98A4H9FKWr/mEa5qZoX5dTU
OR5oWcXeI1Ubez5iU0I4W8oIncx5xQHZV25znlUl6KrqtjpdvIrRPDxak5JAgQ==
-----END CERTIFICATE-----
Generated at Sun Jun 15 08:58:02 2025 by rpki-client