Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/mFoVIjJscWMoy0a8IZMT6422mzs.roa
File: mFoVIjJscWMoy0a8IZMT6422mzs.roa (raw, json)
Hash identifier: RHirdXFwPaCyBRNe+Zr0kTk9In7VguAXauxtdEKtrOY=
Subject key identifier: 98:5A:15:22:32:6C:71:63:28:CB:46:BC:21:93:13:EB:8D:B6:9B:3B
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 01976F6D858B9C3B8BFE8A3731E31E4CFFA9
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/mFoVIjJscWMoy0a8IZMT6422mzs.roa
Signing time: Sat 14 Jun 2025 17:12:17 +0000
ROA not before: Sat 14 Jun 2025 17:12:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 14 Jun 2025 18:05:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:6f:6d:85:8b:9c:3b:8b:fe:8a:37:31:e3:1e:4c:ff:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 14 17:12:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=985a1522326c716328cb46bc219313eb8db69b3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:30:f7:6c:82:5a:4b:66:e1:5a:59:66:09:9f:
e7:88:a2:21:b2:64:1b:9f:a1:1f:23:c1:72:16:a2:
b9:ac:58:7b:6b:73:1b:ea:2d:d6:6f:b1:7c:99:ed:
2f:4b:d6:a3:a7:cc:63:2b:fc:70:d0:60:0c:ff:ce:
c6:e7:07:c5:98:b0:e4:3c:48:0b:d4:56:17:71:f9:
d2:c8:ed:a5:f9:98:dd:21:6f:22:de:d7:2b:fd:49:
e9:da:f6:14:7b:cb:2c:29:43:51:af:69:6e:e7:89:
c9:91:1d:86:75:26:74:f0:f8:46:e4:3a:26:7f:9f:
ae:29:3e:83:7c:ed:94:ad:4d:f4:6f:80:a0:6b:0e:
cd:71:ef:0c:8d:83:70:f3:f6:04:7c:02:da:ec:cb:
1e:c5:20:c6:87:cd:90:38:e6:d0:d6:cd:da:b2:a5:
4c:2b:b7:0d:cb:ca:78:7e:af:67:9b:bb:19:00:74:
c6:28:ff:67:30:81:5a:1b:7d:52:9d:78:57:89:af:
e9:3f:e3:f6:06:0f:ed:c0:02:08:9e:1e:e9:e9:d5:
38:55:a4:20:2e:38:95:a5:db:35:2f:2b:6e:c4:9d:
cb:77:27:f7:b2:63:e7:bd:08:60:c6:a7:9b:a2:ad:
ef:6b:ad:e6:81:74:a5:70:ba:34:a1:44:26:02:e4:
7f:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:5A:15:22:32:6C:71:63:28:CB:46:BC:21:93:13:EB:8D:B6:9B:3B
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/mFoVIjJscWMoy0a8IZMT6422mzs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
7d:ce:c5:62:54:7a:95:de:40:60:e8:29:e7:1a:f7:fb:5a:aa:
75:ad:e6:c6:57:e1:ca:ba:8e:e5:3a:5e:ed:8a:64:54:d8:01:
a4:1d:f2:eb:c2:c2:d8:4c:cb:f2:f4:3b:08:0f:ea:da:3f:77:
58:c5:de:52:17:aa:1d:46:4a:97:61:e9:88:f5:f1:ee:38:4b:
50:5d:50:1c:2d:39:ae:e6:5f:5e:86:ca:b4:7a:25:48:e7:87:
af:64:03:64:02:df:46:bb:6f:4a:b0:19:8e:f2:b0:57:2c:e0:
84:71:c6:b5:f7:67:d3:87:3d:e3:1f:a2:b2:40:86:a0:5d:e2:
b6:23:43:a4:30:4b:70:30:46:68:74:ca:0c:32:4b:d7:e8:50:
d0:3b:ac:05:d6:a1:46:ba:8f:01:c7:8f:68:45:63:ad:70:f6:
d8:0d:60:34:bb:14:d2:13:16:19:86:d5:20:ff:3a:04:25:04:
56:e6:b7:48:43:e5:2d:4b:68:0e:4d:5b:f9:b3:72:cc:04:7b:
0d:a5:4f:c1:30:6c:cf:b2:27:2f:84:e0:c0:84:3e:92:32:0b:
05:de:78:cd:68:76:f7:2b:91:11:6b:9a:d4:54:fa:a3:a8:6d:
38:e3:bf:07:2b:20:bd:6c:81:c9:b7:14:c5:07:9e:fc:24:c2:
60:c8:ca:79
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZdvbYWLnDuL/oo3MeMeTP+pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjE0MTcxMjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODVhMTUyMjMyNmM3MTYzMjhjYjQ2YmMyMTkzMTNlYjhkYjY5YjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzTD3bIJaS2bhWllmCZ/niKIhsmQb
n6EfI8FyFqK5rFh7a3Mb6i3Wb7F8me0vS9ajp8xjK/xw0GAM/87G5wfFmLDkPEgL
1FYXcfnSyO2l+ZjdIW8i3tcr/Unp2vYUe8ssKUNRr2lu54nJkR2GdSZ08PhG5Dom
f5+uKT6DfO2UrU30b4Cgaw7Nce8MjYNw8/YEfALa7MsexSDGh82QOObQ1s3asqVM
K7cNy8p4fq9nm7sZAHTGKP9nMIFaG31SnXhXia/pP+P2Bg/twAIInh7p6dU4VaQg
LjiVpds1LytuxJ3Ldyf3smPnvQhgxqeboq3va63mgXSlcLo0oUQmAuR//wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFJhaFSIybHFjKMtGvCGTE+uNtps7MB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvbUZvVklqSnNjV01veTBhOElaTVQ2NDIybXpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAfc7FYlR6ld5AYOgp5xr3+1qq
da3mxlfhyrqO5Tpe7YpkVNgBpB3y68LC2EzL8vQ7CA/q2j93WMXeUheqHUZKl2Hp
iPXx7jhLUF1QHC05ruZfXobKtHolSOeHr2QDZALfRrtvSrAZjvKwVyzghHHGtfdn
04c94x+iskCGoF3itiNDpDBLcDBGaHTKDDJL1+hQ0DusBdahRrqPAcePaEVjrXD2
2A1gNLsU0hMWGYbVIP86BCUEVua3SEPlLUtoDk1b+bNyzAR7DaVPwTBsz7InL4Tg
wIQ+kjILBd54zWh29yuREWua1FT6o6htOOO/BysgvWyBybcUxQee/CTCYMjKeQ==
-----END CERTIFICATE-----
Generated at Sun Jun 15 08:59:13 2025 by rpki-client