Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/Mn1TvtopFj6bB5iPDf_ER3RBO5U.roa
File: Mn1TvtopFj6bB5iPDf_ER3RBO5U.roa (raw, json)
Hash identifier: V29vbEU+T4mdSD6Njnmwp9Xib+vDJNE47xXRk25kXXU=
Subject key identifier: 32:7D:53:BE:DA:29:16:3E:9B:07:98:8F:0D:FF:C4:47:74:41:3B:95
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 0198D888DA553FF2B03C4CD30595346D8D1C
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/Mn1TvtopFj6bB5iPDf_ER3RBO5U.roa
Signing time: Sat 23 Aug 2025 20:05:04 +0000
ROA not before: Sat 23 Aug 2025 20:05:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:198:55a3:fcb4/128 maxlen: 128
2001:67c:64:ffff:0:198:5ff0:79dc/128 maxlen: 128
2001:67c:64:ffff:0:198:ad2f:c10a/128 maxlen: 128
2001:67c:64:ffff:0:198:d888:1d1e/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 23 Aug 2025 20:13:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d8:88:da:55:3f:f2:b0:3c:4c:d3:05:95:34:6d:8d:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Aug 23 20:05:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=327d53beda29163e9b07988f0dffc44774413b95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:de:70:2a:6f:35:70:81:0f:26:63:5d:21:98:
cf:e3:10:7f:f7:9f:04:0b:8d:9f:64:cd:e3:1b:27:
ae:85:b4:26:d3:75:44:29:47:1e:f2:68:1b:dc:4c:
79:43:c4:49:30:ac:a2:3f:a5:30:d9:02:c0:84:a3:
e3:b1:83:30:e8:8b:4e:42:c1:49:4e:e9:8d:7e:98:
f9:58:c7:c2:cf:72:26:20:97:81:dd:e2:2f:c3:f7:
b9:aa:af:a0:2b:ec:a2:11:89:69:c3:90:52:b1:af:
bc:3c:50:ad:ee:9e:3a:f2:27:a6:dc:15:e2:e8:9c:
1f:42:34:05:2b:eb:10:11:85:2c:99:33:4d:4c:9b:
af:34:ea:92:a0:aa:b8:3e:83:bd:2a:f4:1b:f7:fa:
9f:52:be:75:e7:d4:e0:97:d0:98:76:6c:bd:5b:91:
77:1c:a1:45:15:4d:87:a9:73:6c:7c:30:55:8e:3b:
fe:75:86:3c:86:8e:41:de:fb:07:ea:87:93:09:9f:
b1:77:89:bf:07:61:9b:6c:18:b2:77:87:d5:d4:1c:
53:68:85:1d:a7:e8:54:a0:57:c9:94:ce:b7:b2:ea:
5f:19:4b:46:1e:57:f1:e5:dc:e1:a8:90:06:3c:1a:
a2:9a:96:99:2b:d0:29:ea:ff:2d:56:aa:7b:51:61:
b7:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:7D:53:BE:DA:29:16:3E:9B:07:98:8F:0D:FF:C4:47:74:41:3B:95
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/Mn1TvtopFj6bB5iPDf_ER3RBO5U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:198:55a3:fcb4/128
2001:67c:64:ffff:0:198:5ff0:79dc/128
2001:67c:64:ffff:0:198:ad2f:c10a/128
2001:67c:64:ffff:0:198:d888:1d1e/128
Signature Algorithm: sha256WithRSAEncryption
10:93:37:b7:36:71:c7:3a:a7:f3:fd:3c:d4:49:7c:f6:58:ac:
10:b7:aa:50:1b:7b:43:32:6a:7c:c5:2d:00:30:47:9a:73:be:
01:bc:da:77:32:42:59:92:17:bf:f4:7c:15:83:ee:ba:23:d7:
60:a3:fc:08:3f:c0:47:4d:1a:a8:8b:11:dd:dc:3b:21:2c:8b:
45:91:74:5b:f5:ec:72:b2:9c:02:dd:08:5e:4e:fd:1e:e2:0d:
86:ff:2b:c5:51:17:34:e7:ab:c3:7e:4a:1b:25:70:6b:95:4b:
a0:35:ff:d0:7f:44:a5:fe:3c:39:9f:cb:d5:50:1e:4a:13:21:
ae:67:94:49:b0:ab:54:9b:86:55:a8:b7:30:c3:46:99:7c:5b:
0c:78:12:61:90:da:69:88:79:4e:ab:1b:45:05:1a:93:43:a8:
92:b5:58:6c:f0:05:0d:92:c6:fc:b3:c1:be:9c:ef:c3:7e:ec:
29:27:c4:5c:ee:be:69:e7:46:38:1a:fb:c3:cb:61:0a:de:51:
b6:c2:0a:8c:00:c9:7a:82:41:4f:b2:8f:47:02:ce:16:df:da:
d6:1a:2c:70:7d:38:38:d3:30:3e:b8:f9:98:8b:f3:5e:f1:73:
9b:ba:41:8f:91:3e:7d:11:b8:3a:9c:41:49:d1:03:00:51:f2:
c6:f4:7b:ba
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZjYiNpVP/KwPEzTBZU0bY0cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwODIzMjAwNTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjdkNTNiZWRhMjkxNjNlOWIwNzk4OGYwZGZmYzQ0Nzc0NDEzYjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzt5wKm81cIEPJmNdIZjP4xB/958E
C42fZM3jGyeuhbQm03VEKUce8mgb3Ex5Q8RJMKyiP6Uw2QLAhKPjsYMw6ItOQsFJ
TumNfpj5WMfCz3ImIJeB3eIvw/e5qq+gK+yiEYlpw5BSsa+8PFCt7p468iem3BXi
6JwfQjQFK+sQEYUsmTNNTJuvNOqSoKq4PoO9KvQb9/qfUr5159Tgl9CYdmy9W5F3
HKFFFU2HqXNsfDBVjjv+dYY8ho5B3vsH6oeTCZ+xd4m/B2GbbBiyd4fV1BxTaIUd
p+hUoFfJlM63supfGUtGHlfx5dzhqJAGPBqimpaZK9Ap6v8tVqp7UWG3QwIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFDJ9U77aKRY+mweYjw3/xEd0QTuVMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvTW4xVHZ0b3BGajZiQjVpUERmX0VSM1JCTzVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAAjBMAxEAIAEGfABk
//8AAAGYVaP8tAMRACABBnwAZP//AAABmF/wedwDEQAgAQZ8AGT//wAAAZitL8EK
AxEAIAEGfABk//8AAAGY2IgdHjANBgkqhkiG9w0BAQsFAAOCAQEAEJM3tzZxxzqn
8/081El89lisELeqUBt7QzJqfMUtADBHmnO+AbzadzJCWZIXv/R8FYPuuiPXYKP8
CD/AR00aqIsR3dw7ISyLRZF0W/XscrKcAt0IXk79HuINhv8rxVEXNOerw35KGyVw
a5VLoDX/0H9Epf48OZ/L1VAeShMhrmeUSbCrVJuGVai3MMNGmXxbDHgSYZDaaYh5
TqsbRQUak0OokrVYbPAFDZLG/LPBvpzvw37sKSfEXO6+aedGOBr7w8thCt5RtsIK
jADJeoJBT7KPRwLOFt/a1hoscH04ONMwPrj5mIvzXvFzm7pBj5E+fRG4OpxBSdED
AFHyxvR7ug==
-----END CERTIFICATE-----
Generated at Sun Aug 24 04:39:16 2025 by rpki-client