Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/25Xh86jECyNMcdv6VIIYcDa-pEc.roa
File: 25Xh86jECyNMcdv6VIIYcDa-pEc.roa (raw, json)
Hash identifier: W1BWzd8t/1nNynCXvB1p968G9pUctIAwBAVGUzYP/DM=
Subject key identifier: DB:95:E1:F3:A8:C4:0B:23:4C:71:DB:FA:54:82:18:70:36:BE:A4:47
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 0197B9AC3E2DC2FE8741FFBFFA9BA9BAA681
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/25Xh86jECyNMcdv6VIIYcDa-pEc.roa
Signing time: Sun 29 Jun 2025 03:12:42 +0000
ROA not before: Sun 29 Jun 2025 03:12:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 29 Jun 2025 04:04:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b9:ac:3e:2d:c2:fe:87:41:ff:bf:fa:9b:a9:ba:a6:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 29 03:12:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=db95e1f3a8c40b234c71dbfa5482187036bea447
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:10:2e:fc:0c:ee:39:e9:98:73:24:80:4d:63:
5f:1d:8f:4f:9f:61:f5:2b:34:bc:e5:70:40:75:e0:
2b:fb:67:df:91:b7:4e:36:f4:61:56:43:51:26:b3:
c6:6c:1f:c1:b6:12:a9:c0:90:7c:db:42:e8:af:01:
58:32:45:62:45:cc:eb:1c:ed:ab:cb:49:32:c6:f4:
27:81:3a:03:a3:a7:72:cb:94:85:26:3c:ae:00:9a:
ec:1b:d9:af:55:5e:df:58:07:ab:d9:1d:97:be:b6:
aa:cb:75:1c:b4:44:6b:be:7a:fe:67:90:d2:8b:1a:
9b:c7:10:00:91:f2:d9:dd:5d:80:9a:9a:bf:38:4e:
1a:b7:16:67:c4:2b:55:e5:5e:07:35:8c:61:1f:e8:
83:db:51:fb:c0:15:3e:12:8a:af:40:1c:6a:83:7b:
99:cd:f8:ff:f2:70:55:d1:48:da:2b:fa:86:55:b4:
c4:fc:11:4a:60:0d:7f:f3:0f:6e:e6:83:e4:17:27:
0a:d4:62:b4:f4:68:70:43:ae:f7:0b:8b:ed:77:7e:
7a:3f:a7:bf:8e:f1:7c:ff:58:72:a4:0c:c8:8b:44:
ac:92:03:9f:8d:cb:97:2f:f0:86:fc:71:7b:55:68:
2a:b6:5a:88:58:00:db:26:a3:4a:5b:20:74:7a:ec:
18:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:95:E1:F3:A8:C4:0B:23:4C:71:DB:FA:54:82:18:70:36:BE:A4:47
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/25Xh86jECyNMcdv6VIIYcDa-pEc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:197:6851:789c/128
Signature Algorithm: sha256WithRSAEncryption
2b:a0:81:24:b0:8c:58:b4:a5:5f:0f:91:7e:e3:cd:28:b0:96:
0b:bc:59:e4:dc:68:b8:ad:df:dc:00:d5:c4:45:f5:96:18:48:
45:f2:9b:eb:0c:11:ce:b5:7f:74:bd:bc:9b:29:fa:99:15:91:
46:24:03:23:a2:5a:8f:d7:f2:e5:73:64:82:4d:4c:25:4f:c8:
91:24:ca:ad:5e:ad:4c:7b:b9:63:36:46:db:b8:3b:be:91:34:
db:c5:4c:e2:d2:4a:33:d8:74:d2:87:66:c5:11:02:ab:d5:a8:
dd:59:83:1d:93:4b:bb:74:8d:9c:35:22:71:0f:73:93:8d:af:
53:7f:5b:3f:a0:64:aa:51:89:3f:08:fd:4e:4f:7c:1c:b6:65:
46:8e:d5:80:db:d2:1b:f0:21:d5:ce:6b:17:a2:ae:8d:eb:3f:
87:a8:41:68:94:f8:57:e6:a6:d8:e4:13:8f:2c:24:ca:53:b0:
99:9f:a5:73:a8:5f:4e:b1:95:0f:1c:32:f6:22:40:e6:16:42:
a8:8d:b9:83:41:f0:3f:2a:02:cc:5b:d3:d7:36:6f:32:04:a4:
07:aa:10:e3:3d:e5:d4:de:3d:4c:00:e4:e6:fd:f1:b5:c4:02:
2e:da:56:ba:c7:39:a1:40:18:ba:79:54:fa:71:b9:c3:e4:69:
9f:22:27:06
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZe5rD4twv6HQf+/+pupuqaBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjI5MDMxMjQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjk1ZTFmM2E4YzQwYjIzNGM3MWRiZmE1NDgyMTg3MDM2YmVhNDQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4BAu/AzuOemYcySATWNfHY9Pn2H1
KzS85XBAdeAr+2ffkbdONvRhVkNRJrPGbB/BthKpwJB820LorwFYMkViRczrHO2r
y0kyxvQngToDo6dyy5SFJjyuAJrsG9mvVV7fWAer2R2Xvraqy3UctERrvnr+Z5DS
ixqbxxAAkfLZ3V2Ampq/OE4atxZnxCtV5V4HNYxhH+iD21H7wBU+EoqvQBxqg3uZ
zfj/8nBV0UjaK/qGVbTE/BFKYA1/8w9u5oPkFycK1GK09GhwQ673C4vtd356P6e/
jvF8/1hypAzIi0SskgOfjcuXL/CG/HF7VWgqtlqIWADbJqNKWyB0euwYkwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFNuV4fOoxAsjTHHb+lSCGHA2vqRHMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvMjVYaDg2akVDeU5NY2R2NlZJSVljRGEtcEVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAK6CBJLCMWLSlXw+RfuPNKLCW
C7xZ5NxouK3f3ADVxEX1lhhIRfKb6wwRzrV/dL28myn6mRWRRiQDI6Jaj9fy5XNk
gk1MJU/IkSTKrV6tTHu5YzZG27g7vpE028VM4tJKM9h00odmxRECq9Wo3VmDHZNL
u3SNnDUicQ9zk42vU39bP6BkqlGJPwj9Tk98HLZlRo7VgNvSG/Ah1c5rF6Kujes/
h6hBaJT4V+am2OQTjywkylOwmZ+lc6hfTrGVDxwy9iJA5hZCqI25g0HwPyoCzFvT
1zZvMgSkB6oQ4z3l1N49TADk5v3xtcQCLtpWusc5oUAYunlU+nG5w+RpnyInBg==
-----END CERTIFICATE-----
Generated at Sun Jun 29 11:25:02 2025 by rpki-client