Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/pKbQAMFrqMl6dGo-DmMik2IH2gM.roa
File: pKbQAMFrqMl6dGo-DmMik2IH2gM.roa (raw, json)
Hash identifier: ly2fPIYyqKGclIf/KbkzBrYUll5sEM9F566yLdRZxFw=
Subject key identifier: A4:A6:D0:00:C1:6B:A8:C9:7A:74:6A:3E:0E:63:22:93:62:07:DA:03
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 019768894BE1EBD12140DE8EBA7A9BDC5DFC
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/pKbQAMFrqMl6dGo-DmMik2IH2gM.roa
Signing time: Fri 13 Jun 2025 09:05:17 +0000
ROA not before: Fri 13 Jun 2025 09:05:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
2001:67c:64:ffff:0:197:6888:e0e4/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 13 Jun 2025 09:13:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:68:89:4b:e1:eb:d1:21:40:de:8e:ba:7a:9b:dc:5d:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 13 09:05:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a4a6d000c16ba8c97a746a3e0e6322936207da03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:be:71:8b:9e:b2:66:cc:61:07:db:cb:26:de:
a4:18:45:fd:a6:64:7b:a5:8d:bc:89:51:2c:56:fc:
bd:00:9c:a7:b7:86:3a:e2:18:3c:93:5f:66:ca:92:
bb:72:01:8e:14:ee:80:c1:50:c6:cb:5d:4d:30:91:
e1:51:73:20:bb:3b:db:f0:17:b3:6e:14:21:82:eb:
d1:f1:ba:8c:ed:85:48:c9:3f:c7:19:bd:61:67:99:
49:5f:85:4f:08:ca:03:bc:89:f8:cb:57:a7:9a:e9:
2c:b7:dd:e3:e5:45:5a:bf:53:c1:63:ba:8e:9b:64:
7e:f5:1d:f5:e2:a4:c9:50:a5:d7:03:9e:88:ef:d8:
ce:8b:f1:d4:ed:26:5d:16:70:a9:85:10:91:43:4e:
10:1e:0c:25:36:26:23:75:fa:c3:35:dd:6a:b7:7c:
7b:93:76:82:b1:4d:0f:fa:c4:d7:32:3b:23:b0:ec:
bf:7e:8d:68:8b:52:02:b4:7c:9a:cb:dc:e1:6e:ec:
bb:d0:0b:88:68:75:cb:1f:cc:1f:db:5b:28:49:6b:
43:61:02:d6:c6:3b:e4:cf:bf:50:58:fb:6c:ac:34:
b0:30:66:11:f4:10:7a:df:37:ed:b4:1e:66:bb:90:
a8:6b:a7:39:70:74:97:f4:c0:5b:de:d2:7b:91:75:
f0:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:A6:D0:00:C1:6B:A8:C9:7A:74:6A:3E:0E:63:22:93:62:07:DA:03
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/pKbQAMFrqMl6dGo-DmMik2IH2gM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
2001:67c:64:ffff:0:197:6888:e0e4/128
Signature Algorithm: sha256WithRSAEncryption
1a:30:ea:96:c9:e9:4e:d5:f1:bf:74:a6:d0:6a:b0:ff:ac:50:
4a:d5:6c:eb:ed:11:32:d7:2e:62:18:c9:1a:90:75:56:da:fc:
30:c9:0b:6a:e4:57:8f:e7:66:b8:2c:63:4d:67:31:1a:b2:cf:
d6:f0:69:24:a8:c9:11:3d:2d:76:2c:ca:17:02:40:ed:d9:e6:
78:92:41:ee:80:76:8c:8f:ee:da:3e:82:47:cb:c6:96:15:9b:
b7:05:48:c8:5b:d0:7a:b0:4b:1d:bd:ec:7e:f0:77:3d:98:fb:
78:f1:13:72:04:18:10:1d:98:4d:28:99:1c:0f:c6:43:f1:eb:
f9:23:ba:9d:18:63:01:11:fe:d6:95:d7:b7:be:30:8b:e8:4b:
f5:c4:eb:80:85:d8:c8:45:ec:b1:9f:a0:9a:94:b7:83:a6:f0:
62:89:92:f9:2b:66:59:16:0a:2b:be:8f:b7:db:a8:dc:c2:c7:
76:0c:68:3a:5d:cc:fb:91:55:73:3e:66:a6:51:45:f8:75:d6:
0c:4f:eb:dc:d0:50:f7:bf:3f:26:f3:e6:d8:8c:f4:ca:5d:8d:
f8:9c:7d:d3:1c:1d:06:7a:10:a5:5a:e0:7a:99:a0:d9:94:9f:
fa:8b:3d:ca:aa:af:91:fd:c8:4c:87:11:d8:f2:48:d9:c6:65:
88:e1:76:5a
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZdoiUvh69EhQN6Ounqb3F38MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjEzMDkwNTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGE2ZDAwMGMxNmJhOGM5N2E3NDZhM2UwZTYzMjI5MzYyMDdkYTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6r5xi56yZsxhB9vLJt6kGEX9pmR7
pY28iVEsVvy9AJynt4Y64hg8k19mypK7cgGOFO6AwVDGy11NMJHhUXMguzvb8Bez
bhQhguvR8bqM7YVIyT/HGb1hZ5lJX4VPCMoDvIn4y1enmukst93j5UVav1PBY7qO
m2R+9R314qTJUKXXA56I79jOi/HU7SZdFnCphRCRQ04QHgwlNiYjdfrDNd1qt3x7
k3aCsU0P+sTXMjsjsOy/fo1oi1ICtHyay9zhbuy70AuIaHXLH8wf21soSWtDYQLW
xjvkz79QWPtsrDSwMGYR9BB63zfttB5mu5Coa6c5cHSX9MBb3tJ7kXXwJwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFKSm0ADBa6jJenRqPg5jIpNiB9oDMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvcEtiUUFNRnJxTWw2ZEdvLURtTWlrMklIMmdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGXaFF4nAMRACABBnwAZP//AAABl2iI4OQwDQYJKoZIhvcNAQELBQADggEB
ABow6pbJ6U7V8b90ptBqsP+sUErVbOvtETLXLmIYyRqQdVba/DDJC2rkV4/nZrgs
Y01nMRqyz9bwaSSoyRE9LXYsyhcCQO3Z5niSQe6AdoyP7to+gkfLxpYVm7cFSMhb
0HqwSx297H7wdz2Y+3jxE3IEGBAdmE0omRwPxkPx6/kjup0YYwER/taV17e+MIvo
S/XE64CF2MhF7LGfoJqUt4Om8GKJkvkrZlkWCiu+j7fbqNzCx3YMaDpdzPuRVXM+
ZqZRRfh11gxP69zQUPe/Pybz5tiM9MpdjficfdMcHQZ6EKVa4HqZoNmUn/qLPcqq
r5H9yEyHEdjySNnGZYjhdlo=
-----END CERTIFICATE-----
Generated at Sun Jun 15 08:56:41 2025 by rpki-client