Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/hfXH4CE1zT5D3xNKQH9HDxWVXeU.roa
File: hfXH4CE1zT5D3xNKQH9HDxWVXeU.roa (raw, json)
Hash identifier: QS9kvO8wR+W+qYUy6XkSwaca21QQI/zehmMC60MhXKo=
Subject key identifier: 85:F5:C7:E0:21:35:CD:3E:43:DF:13:4A:40:7F:47:0F:15:95:5D:E5
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 0198745D50D9A3855D4CA605B4B55046CFC4
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/hfXH4CE1zT5D3xNKQH9HDxWVXeU.roa
Signing time: Mon 04 Aug 2025 09:15:29 +0000
ROA not before: Mon 04 Aug 2025 09:15:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:198:55a3:fcb4/128 maxlen: 128
2001:67c:64:ffff:0:198:5ff0:79dc/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 04 Aug 2025 10:04:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:74:5d:50:d9:a3:85:5d:4c:a6:05:b4:b5:50:46:cf:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Aug 4 09:15:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=85f5c7e02135cd3e43df134a407f470f15955de5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:aa:f2:eb:5a:f3:c1:a6:e5:0a:df:d3:65:43:
d9:3c:e2:13:ac:2d:c8:0d:7f:2c:b9:08:83:db:6b:
fd:4f:86:ef:a3:e1:ce:df:29:46:26:07:f9:db:b8:
e1:f0:79:5b:a2:d1:ad:51:fb:e4:17:84:e5:29:f0:
06:56:fd:0e:ae:55:3a:b5:85:58:70:8e:fe:63:6d:
4b:fa:9d:3b:4c:41:ad:97:47:60:09:73:98:dc:a1:
c8:15:e5:1e:c6:d9:58:c0:c3:a7:30:50:3f:07:0b:
bf:02:bc:47:39:f3:5b:fa:5c:b8:6b:42:0b:a9:09:
b4:cd:50:71:43:1f:c6:e7:e0:ab:5b:69:dd:2f:01:
2f:01:ba:96:88:ce:2c:ac:7d:ed:f6:1c:09:2c:82:
46:4f:1c:1f:cb:d5:d0:cd:48:cc:8a:2d:df:42:89:
6b:05:d1:e4:6f:7f:81:51:6c:c6:10:46:ac:4f:9b:
44:bd:22:14:ad:79:f3:7e:54:96:a5:0d:ff:52:66:
14:a4:1e:27:c6:e0:82:2b:df:40:e5:78:01:e9:55:
07:76:cc:d0:90:91:5a:ff:92:0a:07:a8:0e:52:ca:
13:3f:98:da:92:ea:84:56:06:d0:2d:2d:b3:56:2f:
21:4b:ad:8d:ed:e2:58:72:48:52:34:a3:79:03:31:
5c:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:F5:C7:E0:21:35:CD:3E:43:DF:13:4A:40:7F:47:0F:15:95:5D:E5
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/hfXH4CE1zT5D3xNKQH9HDxWVXeU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:198:55a3:fcb4/128
2001:67c:64:ffff:0:198:5ff0:79dc/128
Signature Algorithm: sha256WithRSAEncryption
41:09:5a:4a:a6:2c:9f:de:b9:96:61:9f:95:78:19:f6:14:b5:
43:ba:bc:e3:dc:85:50:3c:ba:a6:93:cc:8d:24:cc:24:9a:39:
5b:62:67:1c:76:37:32:19:2d:77:86:4d:cd:8f:21:93:bf:3e:
9d:20:2c:98:2a:05:03:3e:9c:bf:b3:71:f0:b7:e1:7f:5c:4e:
be:a8:9a:93:c3:70:d4:d1:ec:8e:83:07:a3:a6:4c:af:a4:3a:
5b:4c:d4:07:b4:9f:39:88:4e:d5:ce:79:43:f5:8c:b0:17:6f:
b8:55:e3:cf:82:fb:8b:0c:99:98:ff:0c:fd:80:a3:15:4a:10:
c1:c0:38:12:f7:f7:3d:2a:66:64:fd:5a:4d:77:c0:1b:58:54:
de:db:80:3d:58:7c:b4:ef:cf:ea:cb:e8:6d:20:da:27:42:6f:
43:02:e4:4a:d2:d1:b2:27:5a:06:8f:ee:98:70:54:6f:39:77:
a7:70:0e:c4:2d:71:53:34:e1:f3:64:bc:44:60:00:65:91:ab:
25:dd:f5:31:9b:22:da:5f:f7:57:95:80:ed:90:53:b8:37:f5:
fd:a6:1f:bc:d5:85:a3:41:64:b6:05:01:7e:d3:43:75:e0:50:
fb:73:be:33:13:fc:91:c6:90:1f:d7:84:34:1e:5d:83:f5:01:
f3:12:7c:72
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZh0XVDZo4VdTKYFtLVQRs/EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwODA0MDkxNTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWY1YzdlMDIxMzVjZDNlNDNkZjEzNGE0MDdmNDcwZjE1OTU1ZGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvqry61rzwablCt/TZUPZPOITrC3I
DX8suQiD22v9T4bvo+HO3ylGJgf527jh8HlbotGtUfvkF4TlKfAGVv0OrlU6tYVY
cI7+Y21L+p07TEGtl0dgCXOY3KHIFeUextlYwMOnMFA/Bwu/ArxHOfNb+ly4a0IL
qQm0zVBxQx/G5+CrW2ndLwEvAbqWiM4srH3t9hwJLIJGTxwfy9XQzUjMii3fQolr
BdHkb3+BUWzGEEasT5tEvSIUrXnzflSWpQ3/UmYUpB4nxuCCK99A5XgB6VUHdszQ
kJFa/5IKB6gOUsoTP5jakuqEVgbQLS2zVi8hS62N7eJYckhSNKN5AzFcqwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFIX1x+AhNc0+Q98TSkB/Rw8VlV3lMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvaGZYSDRDRTF6VDVEM3hOS1FIOUhEeFdWWGVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGYVaP8tAMRACABBnwAZP//AAABmF/wedwwDQYJKoZIhvcNAQELBQADggEB
AEEJWkqmLJ/euZZhn5V4GfYUtUO6vOPchVA8uqaTzI0kzCSaOVtiZxx2NzIZLXeG
Tc2PIZO/Pp0gLJgqBQM+nL+zcfC34X9cTr6ompPDcNTR7I6DB6OmTK+kOltM1Ae0
nzmITtXOeUP1jLAXb7hV48+C+4sMmZj/DP2AoxVKEMHAOBL39z0qZmT9Wk13wBtY
VN7bgD1YfLTvz+rL6G0g2idCb0MC5ErS0bInWgaP7phwVG85d6dwDsQtcVM04fNk
vERgAGWRqyXd9TGbItpf91eVgO2QU7g39f2mH7zVhaNBZLYFAX7TQ3XgUPtzvjMT
/JHGkB/XhDQeXYP1AfMSfHI=
-----END CERTIFICATE-----
Generated at Wed Aug 6 16:10:42 2025 by rpki-client