Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/v3plheg9RYvJds7Zy_gcOwctz6E.roa
File: v3plheg9RYvJds7Zy_gcOwctz6E.roa (raw, json)
Hash identifier: D7WRN3eaoQuPEIHq2hXxQKRoKfAR7DwNEXSw3o85eAY=
Subject key identifier: BF:7A:65:85:E8:3D:45:8B:C9:76:CE:D9:CB:F8:1C:3B:07:2D:CF:A1
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 01976D40E096E298889FAEAE916F3DA61119
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/v3plheg9RYvJds7Zy_gcOwctz6E.roa
Signing time: Sat 14 Jun 2025 07:04:17 +0000
ROA not before: Sat 14 Jun 2025 07:04:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
2001:67c:64:ffff:0:197:6d40:daba/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 14 Jun 2025 07:12:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:6d:40:e0:96:e2:98:88:9f:ae:ae:91:6f:3d:a6:11:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 14 07:04:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bf7a6585e83d458bc976ced9cbf81c3b072dcfa1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:0d:ca:ec:8b:a4:bb:b0:43:ea:83:60:c5:70:
ff:7d:ca:af:6f:fc:e9:e0:cb:82:a2:8a:c8:2e:89:
88:8a:06:6e:05:65:38:86:e3:e1:5e:57:47:d4:4d:
54:99:62:67:43:5a:94:9d:c0:62:b3:6d:69:fe:f1:
30:3b:d8:31:3d:30:21:c2:b7:c8:60:44:81:32:22:
4c:8b:73:47:0a:8d:9e:84:7b:28:90:59:d7:df:58:
1d:58:37:b5:58:b6:cd:e7:65:db:31:9b:d3:16:da:
8a:f7:cf:63:af:14:9e:df:a8:d8:58:8e:aa:da:25:
b6:b6:2a:52:ec:51:69:84:b2:cc:2e:21:4c:3e:97:
8a:0b:5e:47:00:5f:2b:d8:36:90:52:1d:19:71:b7:
44:b2:bd:22:9f:9d:0e:a5:40:1c:82:c2:57:6f:76:
b7:42:ee:7c:67:04:2d:2c:48:06:66:6f:75:47:80:
ae:3c:89:e1:29:1c:97:ce:a2:96:5e:a9:01:5c:a9:
b5:4d:5b:62:06:d5:19:23:ef:84:95:90:78:23:41:
12:a8:d1:c9:53:54:3e:02:a5:e3:98:96:5d:05:19:
3a:13:d9:72:1e:b7:bd:dd:90:4b:30:c5:f0:02:4e:
26:aa:9b:e4:77:d5:d4:98:55:0c:c9:7b:79:d1:5e:
85:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:7A:65:85:E8:3D:45:8B:C9:76:CE:D9:CB:F8:1C:3B:07:2D:CF:A1
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/v3plheg9RYvJds7Zy_gcOwctz6E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
2001:67c:64:ffff:0:197:6d40:daba/128
Signature Algorithm: sha256WithRSAEncryption
1b:99:40:8a:9b:b4:10:ab:b6:06:31:42:84:f6:a5:f8:f1:44:
3f:92:2f:cd:cd:c0:5e:ef:d2:37:86:c9:41:6a:66:c9:f5:d6:
0f:57:e5:99:55:6e:0f:5c:10:7d:d1:21:50:e0:65:d0:49:50:
83:29:23:0e:8f:e6:9e:45:62:07:25:a1:ec:8e:29:89:ce:04:
06:0c:0c:48:d2:d8:19:46:f4:b6:f2:f5:d9:10:1a:0a:cb:3c:
f3:c0:8d:c4:14:1f:c9:79:ab:e3:e3:d1:7d:0f:31:f1:31:8f:
2c:6d:08:6e:8c:7e:3d:52:6f:c1:73:f6:77:ed:78:de:6d:7e:
b0:19:6b:d1:ef:a0:3f:5f:fb:47:3f:f1:94:a8:0d:ce:d3:cb:
32:87:de:28:98:2d:47:e0:3e:a1:09:82:81:20:11:65:be:b4:
e9:db:40:30:0e:8d:7d:6e:b6:4f:b8:0c:81:33:0b:7c:12:2c:
31:80:91:28:dd:58:34:df:ba:c3:1b:57:4a:6c:3c:9f:7b:f9:
5c:58:98:d6:a6:fb:c2:43:71:50:82:ef:09:f4:b9:f5:05:1f:
d1:31:76:5e:1a:8c:ec:a5:98:dc:0c:29:d7:2d:91:35:81:ad:
c8:dd:d2:3d:a3:b2:3b:1a:09:83:3d:8e:14:3b:8f:63:7e:49:
de:18:69:d8
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZdtQOCW4piIn66ukW89phEZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjE0MDcwNDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjdhNjU4NWU4M2Q0NThiYzk3NmNlZDljYmY4MWMzYjA3MmRjZmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQ3K7Iuku7BD6oNgxXD/fcqvb/zp
4MuCoorILomIigZuBWU4huPhXldH1E1UmWJnQ1qUncBis21p/vEwO9gxPTAhwrfI
YESBMiJMi3NHCo2ehHsokFnX31gdWDe1WLbN52XbMZvTFtqK989jrxSe36jYWI6q
2iW2tipS7FFphLLMLiFMPpeKC15HAF8r2DaQUh0ZcbdEsr0in50OpUAcgsJXb3a3
Qu58ZwQtLEgGZm91R4CuPInhKRyXzqKWXqkBXKm1TVtiBtUZI++ElZB4I0ESqNHJ
U1Q+AqXjmJZdBRk6E9lyHre93ZBLMMXwAk4mqpvkd9XUmFUMyXt50V6FMQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFL96ZYXoPUWLyXbO2cv4HDsHLc+hMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvdjNwbGhlZzlSWXZKZHM3WnlfZ2NPd2N0ejZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGXaFF4nAMRACABBnwAZP//AAABl21A2rowDQYJKoZIhvcNAQELBQADggEB
ABuZQIqbtBCrtgYxQoT2pfjxRD+SL83NwF7v0jeGyUFqZsn11g9X5ZlVbg9cEH3R
IVDgZdBJUIMpIw6P5p5FYgcloeyOKYnOBAYMDEjS2BlG9Lby9dkQGgrLPPPAjcQU
H8l5q+Pj0X0PMfExjyxtCG6Mfj1Sb8Fz9nfteN5tfrAZa9HvoD9f+0c/8ZSoDc7T
yzKH3iiYLUfgPqEJgoEgEWW+tOnbQDAOjX1utk+4DIEzC3wSLDGAkSjdWDTfusMb
V0psPJ97+VxYmNam+8JDcVCC7wn0ufUFH9Exdl4ajOylmNwMKdctkTWBrcjd0j2j
sjsaCYM9jhQ7j2N+Sd4Yadg=
-----END CERTIFICATE-----
Generated at Sat Jun 14 23:04:20 2025 by rpki-client