Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/RqntTy3hk2wTFfN3jYWznl4l-nU.roa
File: RqntTy3hk2wTFfN3jYWznl4l-nU.roa (raw, json)
Hash identifier: 3saAb/LXBeTMp4pkG1Vzwh8V3aOIARApZHliDp/BYiY=
Subject key identifier: 46:A9:ED:4F:2D:E1:93:6C:13:15:F3:77:8D:85:B3:9E:5E:25:FA:75
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 0198D4B193A203F05E9889BE7044109FA3CF
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/RqntTy3hk2wTFfN3jYWznl4l-nU.roa
Signing time: Sat 23 Aug 2025 02:11:04 +0000
ROA not before: Sat 23 Aug 2025 02:11:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:198:55a3:fcb4/128 maxlen: 128
2001:67c:64:ffff:0:198:5ff0:79dc/128 maxlen: 128
2001:67c:64:ffff:0:198:ad2f:c10a/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 23 Aug 2025 03:05:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d4:b1:93:a2:03:f0:5e:98:89:be:70:44:10:9f:a3:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Aug 23 02:11:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=46a9ed4f2de1936c1315f3778d85b39e5e25fa75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:17:2d:5b:47:05:f6:41:06:27:51:0d:e9:33:
56:49:03:56:c1:d2:b3:91:d8:d8:14:33:45:44:29:
6a:c6:83:8b:55:c9:50:ac:ce:73:90:5e:4f:9a:6a:
88:99:b0:e5:42:09:1d:96:b8:14:c1:47:5d:0c:c9:
6b:88:ef:01:a6:da:b1:18:18:75:ce:15:c8:ab:f9:
01:56:3b:4f:b8:c5:b8:1d:f1:ca:74:d1:9a:66:47:
02:1e:fb:59:dc:1c:11:ac:d8:0a:b2:7b:08:1b:80:
04:65:b8:22:ca:97:17:12:48:ec:45:bf:7b:b3:3d:
ba:af:23:fc:3b:e9:1e:2e:22:81:d4:d1:3e:42:ca:
a6:01:09:e9:54:a3:40:2b:3c:8e:2c:65:e6:d9:93:
70:e3:65:a0:37:96:af:50:9c:25:b1:fb:40:87:9d:
5c:68:eb:eb:39:39:86:36:7d:4c:58:7a:21:39:a4:
95:01:cf:62:d8:4f:9c:07:95:15:51:14:82:b7:b0:
cc:8c:1b:8b:e3:74:c4:1b:2e:85:4e:19:88:41:30:
80:7e:81:53:1c:d2:8b:b0:95:3a:4c:4b:1b:1c:ff:
7d:b8:8e:d9:9d:bb:65:e9:b3:a5:1b:b3:af:bc:0d:
c7:c4:33:19:ad:b4:ca:78:09:da:51:e7:32:b5:21:
2c:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:A9:ED:4F:2D:E1:93:6C:13:15:F3:77:8D:85:B3:9E:5E:25:FA:75
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/RqntTy3hk2wTFfN3jYWznl4l-nU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:198:55a3:fcb4/128
2001:67c:64:ffff:0:198:5ff0:79dc/128
2001:67c:64:ffff:0:198:ad2f:c10a/128
Signature Algorithm: sha256WithRSAEncryption
7d:0e:68:b2:5a:84:2f:4f:24:fd:47:f0:ba:a0:bb:e1:47:42:
10:7b:d3:c3:2a:dd:12:29:24:fa:80:37:01:d2:49:25:bf:c2:
5b:18:42:4e:30:43:d2:e9:c6:33:d3:88:cb:b7:c3:24:81:e3:
2c:eb:ee:fc:20:82:ca:5f:9b:39:d5:57:46:15:5a:30:3d:10:
9d:de:17:1f:fb:27:4f:3e:89:85:72:66:ff:d2:3d:ae:97:b7:
8f:0e:1e:03:e9:32:6a:e2:87:2a:b0:bf:70:c8:59:9e:17:fa:
ca:4d:d8:0d:1c:53:83:60:bd:ff:42:e2:c5:aa:ba:b0:84:36:
8c:b7:98:7a:9c:3c:fb:f7:ad:00:f1:f5:d8:a9:b6:6a:f2:96:
0c:d9:16:07:b2:58:c7:bf:f4:f3:7d:fe:cc:82:c2:74:b9:b3:
90:10:88:54:94:1a:18:96:23:80:1d:fa:b4:a4:90:34:8b:cc:
a5:f6:9b:a0:39:14:b2:68:d2:a2:76:31:b7:52:c8:5b:48:18:
a9:1c:df:d5:fa:8c:1e:3c:f6:5f:9e:d7:c1:59:fe:9f:09:ea:
52:60:e6:68:9e:aa:00:38:e1:2e:b5:bc:71:3e:f9:ea:90:5f:
42:60:1e:f0:4c:7b:b4:21:a8:b5:36:8b:54:82:d0:9b:c8:e0:
ec:4c:24:f1
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZjUsZOiA/BemIm+cEQQn6PPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwODIzMDIxMTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmE5ZWQ0ZjJkZTE5MzZjMTMxNWYzNzc4ZDg1YjM5ZTVlMjVmYTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArxctW0cF9kEGJ1EN6TNWSQNWwdKz
kdjYFDNFRClqxoOLVclQrM5zkF5PmmqImbDlQgkdlrgUwUddDMlriO8BptqxGBh1
zhXIq/kBVjtPuMW4HfHKdNGaZkcCHvtZ3BwRrNgKsnsIG4AEZbgiypcXEkjsRb97
sz26ryP8O+keLiKB1NE+QsqmAQnpVKNAKzyOLGXm2ZNw42WgN5avUJwlsftAh51c
aOvrOTmGNn1MWHohOaSVAc9i2E+cB5UVURSCt7DMjBuL43TEGy6FThmIQTCAfoFT
HNKLsJU6TEsbHP99uI7Znbtl6bOlG7OvvA3HxDMZrbTKeAnaUecytSEs1QIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFEap7U8t4ZNsExXzd42Fs55eJfp1MB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvUnFudFR5M2hrMndURmZOM2pZV3pubDRsLW5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTA/BAIAAjA5AxEAIAEGfABk
//8AAAGYVaP8tAMRACABBnwAZP//AAABmF/wedwDEQAgAQZ8AGT//wAAAZitL8EK
MA0GCSqGSIb3DQEBCwUAA4IBAQB9DmiyWoQvTyT9R/C6oLvhR0IQe9PDKt0SKST6
gDcB0kklv8JbGEJOMEPS6cYz04jLt8MkgeMs6+78IILKX5s51VdGFVowPRCd3hcf
+ydPPomFcmb/0j2ul7ePDh4D6TJq4ocqsL9wyFmeF/rKTdgNHFODYL3/QuLFqrqw
hDaMt5h6nDz7960A8fXYqbZq8pYM2RYHsljHv/Tzff7MgsJ0ubOQEIhUlBoYliOA
Hfq0pJA0i8yl9pugORSyaNKidjG3UshbSBipHN/V+owePPZfntfBWf6fCepSYOZo
nqoAOOEutbxxPvnqkF9CYB7wTHu0Iai1NotUgtCbyODsTCTx
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:09:30 2025 by rpki-client