Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/W3YNDz60OnLXNayFWqzOFjjRSPA.roa
File: W3YNDz60OnLXNayFWqzOFjjRSPA.roa (raw, json)
Hash identifier: Q7qTrEEcsrOyK80VeNTiC4w4P8YhhykXsYhzV42zmvQ=
Subject key identifier: 5B:76:0D:0F:3E:B4:3A:72:D7:35:AC:85:5A:AC:CE:16:38:D1:48:F0
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 01976B527E374547709E91A036BFB5602559
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/W3YNDz60OnLXNayFWqzOFjjRSPA.roa
Signing time: Fri 13 Jun 2025 22:04:17 +0000
ROA not before: Fri 13 Jun 2025 22:04:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
2001:67c:64:ffff:0:197:6b52:7937/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 13 Jun 2025 22:13:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:6b:52:7e:37:45:47:70:9e:91:a0:36:bf:b5:60:25:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 13 22:04:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5b760d0f3eb43a72d735ac855aacce1638d148f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:ae:fe:f2:19:5a:3b:20:f9:45:0c:2e:07:7d:
d7:30:c2:b6:db:ec:7c:7e:3e:b6:2d:af:02:ea:79:
f4:a4:c1:3a:11:9c:57:2c:77:b3:97:a4:de:a5:51:
b2:d0:61:47:01:b3:90:78:16:e3:37:eb:69:cc:bd:
b9:ad:2e:c2:4f:69:9e:ce:95:18:95:05:a2:05:c1:
e2:67:59:c2:f2:9f:89:ab:51:c4:1b:7c:ad:d8:34:
37:bf:b2:2e:9c:bf:44:f6:e6:ac:48:32:1f:3c:f1:
78:78:87:ea:21:58:fa:f3:46:d8:e3:4f:07:83:3c:
8c:9f:18:7e:99:dd:c9:d1:40:74:d5:14:31:f9:b0:
27:3e:4a:e2:db:c2:82:4f:63:82:ec:4a:45:06:11:
3b:5a:ee:09:44:5e:f1:06:66:b1:09:b9:3a:61:b0:
0f:fd:e7:c9:39:72:f8:d7:d1:c2:3d:da:f3:1c:be:
f7:a1:c3:de:93:24:2c:0b:ea:b5:06:e0:64:86:e3:
2c:1a:6f:a2:ac:d4:c5:72:2d:82:de:50:c5:6c:cd:
19:15:c0:f1:b9:14:df:98:81:91:ea:93:85:57:7f:
f6:cd:af:d2:40:cd:7f:1b:31:13:a1:2c:bc:4e:56:
8f:51:5b:9a:db:a0:35:fd:81:92:ad:4b:e2:d1:04:
60:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:76:0D:0F:3E:B4:3A:72:D7:35:AC:85:5A:AC:CE:16:38:D1:48:F0
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/W3YNDz60OnLXNayFWqzOFjjRSPA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
2001:67c:64:ffff:0:197:6b52:7937/128
Signature Algorithm: sha256WithRSAEncryption
55:33:a1:f1:64:1c:14:23:98:5f:e1:3a:cf:38:d0:9d:fc:f8:
d2:bd:c4:c0:33:d8:43:56:87:61:6b:94:24:38:a3:04:c1:73:
3b:28:ee:33:29:cd:11:34:08:57:dd:ea:4c:1e:9b:28:2e:c0:
fa:3d:39:03:5b:59:cb:4b:2b:ac:46:dd:b1:df:61:1a:ba:95:
9c:81:1a:ff:59:de:3f:18:57:b7:bc:08:db:38:14:03:b6:00:
0b:86:98:8f:b3:19:71:06:17:01:6e:84:f3:f7:5e:e1:a3:3a:
71:f5:7d:92:3f:a0:2f:d3:87:d6:89:b4:95:21:e6:1c:37:c4:
bb:24:74:b5:6b:ea:8d:9e:19:b8:82:90:d2:07:b7:83:c9:1a:
63:1c:c1:d7:1c:73:68:4f:7d:bc:32:03:b1:81:12:3e:44:35:
eb:f6:e1:d0:97:21:aa:23:f8:1f:81:fe:f0:a1:20:aa:51:fa:
f7:45:6f:fd:01:f1:9d:79:36:55:77:f6:b2:34:4b:67:97:58:
39:40:bd:64:93:53:34:db:27:05:da:c4:fe:8d:fc:6c:ab:a9:
7b:be:02:a2:db:30:ef:2d:a6:76:40:52:60:dc:b4:bf:f5:3a:
50:0d:c6:af:9d:6a:07:a0:57:4f:c9:c6:57:37:18:6c:6f:87:
41:e7:4c:f2
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZdrUn43RUdwnpGgNr+1YCVZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjEzMjIwNDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Yjc2MGQwZjNlYjQzYTcyZDczNWFjODU1YWFjY2UxNjM4ZDE0OGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt67+8hlaOyD5RQwuB33XMMK22+x8
fj62La8C6nn0pME6EZxXLHezl6TepVGy0GFHAbOQeBbjN+tpzL25rS7CT2mezpUY
lQWiBcHiZ1nC8p+Jq1HEG3yt2DQ3v7IunL9E9uasSDIfPPF4eIfqIVj680bY408H
gzyMnxh+md3J0UB01RQx+bAnPkri28KCT2OC7EpFBhE7Wu4JRF7xBmaxCbk6YbAP
/efJOXL419HCPdrzHL73ocPekyQsC+q1BuBkhuMsGm+irNTFci2C3lDFbM0ZFcDx
uRTfmIGR6pOFV3/2za/SQM1/GzEToSy8TlaPUVua26A1/YGSrUvi0QRgjQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFFt2DQ8+tDpy1zWshVqszhY40UjwMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvVzNZTkR6NjBPbkxYTmF5Rldxek9GampSU1BBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGXaFF4nAMRACABBnwAZP//AAABl2tSeTcwDQYJKoZIhvcNAQELBQADggEB
AFUzofFkHBQjmF/hOs840J38+NK9xMAz2ENWh2FrlCQ4owTBczso7jMpzRE0CFfd
6kwemyguwPo9OQNbWctLK6xG3bHfYRq6lZyBGv9Z3j8YV7e8CNs4FAO2AAuGmI+z
GXEGFwFuhPP3XuGjOnH1fZI/oC/Th9aJtJUh5hw3xLskdLVr6o2eGbiCkNIHt4PJ
GmMcwdccc2hPfbwyA7GBEj5ENev24dCXIaoj+B+B/vChIKpR+vdFb/0B8Z15NlV3
9rI0S2eXWDlAvWSTUzTbJwXaxP6N/GyrqXu+AqLbMO8tpnZAUmDctL/1OlANxq+d
agegV0/Jxlc3GGxvh0HnTPI=
-----END CERTIFICATE-----
Generated at Sun Jun 15 09:17:09 2025 by rpki-client