Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/bP9YCiL7gx2Z8MVZVFj3wJB7AqI.roa
File: bP9YCiL7gx2Z8MVZVFj3wJB7AqI.roa (raw, json)
Hash identifier: PRmhtrzq+Gry0i/4xlKviIXjzcqRWvh127nRbWaclk0=
Subject key identifier: 6C:FF:58:0A:22:FB:83:1D:99:F0:C5:59:54:58:F7:C0:90:7B:02:A2
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 0199FD3FC5B46A61B72FFC418139DB7A653F
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/bP9YCiL7gx2Z8MVZVFj3wJB7AqI.roa
Signing time: Sun 19 Oct 2025 16:13:58 +0000
ROA not before: Sun 19 Oct 2025 16:13:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:198:55a3:fcb4/128 maxlen: 128
2001:67c:64:ffff:0:198:5ff0:79dc/128 maxlen: 128
2001:67c:64:ffff:0:198:ad2f:c10a/128 maxlen: 128
2001:67c:64:ffff:0:199:70e1:b209/128 maxlen: 128
2001:67c:64:ffff:0:199:7262:3881/128 maxlen: 128
2001:67c:64:ffff:0:199:befc:c22a/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 19 Oct 2025 17:04:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fd:3f:c5:b4:6a:61:b7:2f:fc:41:81:39:db:7a:65:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Oct 19 16:13:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6cff580a22fb831d99f0c5595458f7c0907b02a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:91:85:d1:a2:1f:c5:db:ab:98:06:a5:c5:5b:
33:da:5d:8e:3d:5f:b3:07:29:d6:3a:94:95:c3:12:
70:40:ca:79:c0:70:cd:53:b3:a7:f5:46:f6:cb:96:
78:9a:ab:1c:38:1b:7b:21:3e:88:8c:26:ae:11:30:
fd:35:f9:d6:f6:9a:6d:13:b0:eb:cb:6b:3f:4a:bf:
5a:28:fc:4b:ac:9e:88:e2:23:e4:5e:cd:63:69:65:
ec:41:82:0c:56:dc:bb:a3:70:7d:89:4e:cc:ce:c2:
45:6c:d5:5f:b1:01:c4:07:9e:04:ed:e4:74:1c:4f:
09:ad:16:79:9d:08:1a:0b:4d:2e:ad:9f:5c:63:e9:
d7:e7:3a:cf:b2:b5:ad:8a:80:77:ee:45:5d:d0:a3:
a0:23:74:86:65:b1:b6:25:0f:e2:f2:d7:7e:7d:67:
cf:ad:ec:73:2e:f0:2f:7b:7a:d5:17:fc:61:74:e6:
e4:3d:ba:e7:ae:35:e2:3c:47:80:15:9f:58:14:0e:
56:32:bf:5a:0d:b3:db:ed:77:5d:2c:94:8c:49:ae:
eb:2a:b7:9b:bc:17:7d:a8:06:e8:c0:93:6b:df:2d:
d3:f7:f0:cb:6c:1a:71:c1:9d:61:f9:a9:b3:34:4f:
98:83:41:cd:58:5b:b0:f1:0d:28:b2:dc:30:89:62:
83:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:FF:58:0A:22:FB:83:1D:99:F0:C5:59:54:58:F7:C0:90:7B:02:A2
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/bP9YCiL7gx2Z8MVZVFj3wJB7AqI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:198:55a3:fcb4/128
2001:67c:64:ffff:0:198:5ff0:79dc/128
2001:67c:64:ffff:0:198:ad2f:c10a/128
2001:67c:64:ffff:0:199:70e1:b209/128
2001:67c:64:ffff:0:199:7262:3881/128
2001:67c:64:ffff:0:199:befc:c22a/128
Signature Algorithm: sha256WithRSAEncryption
28:80:8e:80:3c:80:f8:1e:5e:bc:f7:d7:93:88:2a:73:5f:3a:
ce:57:98:19:2c:ad:0d:11:0c:89:e9:88:b3:73:26:ae:4b:1a:
6a:42:6b:fe:c1:91:7a:94:fa:62:23:fe:04:5e:86:58:f8:4c:
08:da:fe:92:f4:60:03:b3:9d:6b:17:0f:13:a2:6b:ec:df:79:
d1:58:1b:fc:09:c0:d4:e6:89:64:74:55:d5:6e:96:81:33:1a:
2b:4d:a7:92:7c:0f:51:0b:6c:5c:3a:3d:ec:a5:e3:3b:78:51:
f5:0e:9e:e1:78:9e:ed:4d:7c:88:94:45:e3:b0:10:a8:6a:11:
c0:a2:5b:8d:38:e7:a8:e2:df:e3:34:f3:b7:45:5b:3b:e9:46:
85:d4:ee:c3:44:f2:b8:70:08:1d:b1:99:9a:1d:3e:65:3e:27:
d0:01:92:12:95:7b:4c:23:de:14:9f:39:0c:22:f6:7c:73:b1:
70:9f:d1:ad:f5:aa:16:0e:2b:7a:fe:93:17:5b:8b:25:01:ba:
22:70:84:b7:ac:87:b7:9e:43:ab:59:df:10:7a:e1:8e:b8:91:
0a:87:d0:20:6e:f4:8d:ab:a5:a5:e5:1e:1d:30:11:2e:05:10:
a6:35:7c:35:81:ba:58:0a:44:e6:fa:90:ee:8b:80:1e:42:44:
ab:db:5a:02
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAZn9P8W0amG3L/xBgTnbemU/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUxMDE5MTYxMzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2ZmNTgwYTIyZmI4MzFkOTlmMGM1NTk1NDU4ZjdjMDkwN2IwMmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzpGF0aIfxdurmAalxVsz2l2OPV+z
BynWOpSVwxJwQMp5wHDNU7On9Ub2y5Z4mqscOBt7IT6IjCauETD9NfnW9pptE7Dr
y2s/Sr9aKPxLrJ6I4iPkXs1jaWXsQYIMVty7o3B9iU7MzsJFbNVfsQHEB54E7eR0
HE8JrRZ5nQgaC00urZ9cY+nX5zrPsrWtioB37kVd0KOgI3SGZbG2JQ/i8td+fWfP
rexzLvAve3rVF/xhdObkPbrnrjXiPEeAFZ9YFA5WMr9aDbPb7XddLJSMSa7rKreb
vBd9qAbowJNr3y3T9/DLbBpxwZ1h+amzNE+Yg0HNWFuw8Q0ostwwiWKDIwIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFGz/WAoi+4MdmfDFWVRY98CQewKiMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvYlA5WUNpTDdneDJaOE1WWlZGajN3SkI3QXFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHoweAQCAAIwcgMRACABBnwA
ZP//AAABmFWj/LQDEQAgAQZ8AGT//wAAAZhf8HncAxEAIAEGfABk//8AAAGYrS/B
CgMRACABBnwAZP//AAABmXDhsgkDEQAgAQZ8AGT//wAAAZlyYjiBAxEAIAEGfABk
//8AAAGZvvzCKjANBgkqhkiG9w0BAQsFAAOCAQEAKICOgDyA+B5evPfXk4gqc186
zleYGSytDREMiemIs3MmrksaakJr/sGRepT6YiP+BF6GWPhMCNr+kvRgA7OdaxcP
E6Jr7N950Vgb/AnA1OaJZHRV1W6WgTMaK02nknwPUQtsXDo97KXjO3hR9Q6e4Xie
7U18iJRF47AQqGoRwKJbjTjnqOLf4zTzt0VbO+lGhdTuw0TyuHAIHbGZmh0+ZT4n
0AGSEpV7TCPeFJ85DCL2fHOxcJ/RrfWqFg4rev6TF1uLJQG6InCEt6yHt55Dq1nf
EHrhjriRCofQIG70jaulpeUeHTARLgUQpjV8NYG6WApE5vqQ7ouAHkJEq9taAg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:42:31 2025 by rpki-client