Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/972db6-770f-4462-9fc7-ee9b9517f2ec/1/akAwsIPIm3ox1QUnFTp95NS6HRU.roa
File: akAwsIPIm3ox1QUnFTp95NS6HRU.roa (raw, json)
Hash identifier: NX2TylVUr4P8iDKN3RmZgB2XlfMZm0Cnub7XG/n0cqY=
Subject key identifier: 6A:40:30:B0:83:C8:9B:7A:31:D5:05:27:15:3A:7D:E4:D4:BA:1D:15
Certificate issuer: /CN=757cefe36b3fcc68a42c0aff81d144980f32777f
Certificate serial: 0195AAB3936EBEF6349BDF1DB211BA7A2579
Authority key identifier: 75:7C:EF:E3:6B:3F:CC:68:A4:2C:0A:FF:81:D1:44:98:0F:32:77:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dXzv42s_zGikLAr_gdFEmA8yd38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/972db6-770f-4462-9fc7-ee9b9517f2ec/1/akAwsIPIm3ox1QUnFTp95NS6HRU.roa
Signing time: Tue 18 Mar 2025 19:20:50 +0000
ROA not before: Tue 18 Mar 2025 19:20:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206873
IP address blocks: 2a0f:9c05::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 02 Apr 2025 14:24:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:aa:b3:93:6e:be:f6:34:9b:df:1d:b2:11:ba:7a:25:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=757cefe36b3fcc68a42c0aff81d144980f32777f
Validity
Not Before: Mar 18 19:20:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6a4030b083c89b7a31d50527153a7de4d4ba1d15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:b2:f8:f3:4e:de:e3:1e:3f:74:07:14:0e:bf:
4d:18:c7:ad:57:8d:20:82:af:f9:e9:db:02:6d:9c:
0e:f0:a0:95:4d:17:6d:84:7d:15:6a:1c:76:cc:2d:
00:13:4d:41:ab:91:72:c8:a1:16:24:b7:ad:8d:0a:
02:f4:c8:e9:ce:4b:30:2a:98:90:2c:9c:3c:5d:88:
33:eb:1e:98:ea:43:95:b9:9d:36:e9:ef:ab:34:f6:
f5:90:c0:e5:c3:c2:6d:98:a0:25:a1:71:7e:f4:6e:
ef:82:5a:d8:01:73:bd:f9:b6:ca:13:d9:18:08:a2:
a1:86:0c:4f:28:b6:cf:7e:e5:69:db:0d:bc:02:6a:
83:25:27:07:55:9f:0b:04:59:25:61:2b:df:65:e3:
44:75:1f:51:1f:ed:e4:53:28:53:2c:89:bc:b7:3b:
74:2c:4f:a9:bf:d4:3b:c0:85:9c:3f:38:b3:25:2d:
02:c3:e9:e9:93:d2:9b:73:3a:ad:14:7b:db:87:39:
32:1d:92:9e:4e:e6:96:12:31:8c:c2:bb:2e:77:94:
dd:2d:03:1a:9a:7d:a1:82:c6:31:1d:55:b7:ed:7a:
ec:63:9d:8e:f2:e4:1a:67:bd:3f:1d:3e:5a:2a:b9:
68:2a:a0:1d:fc:ac:db:fc:90:a7:70:07:a8:43:52:
3a:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:40:30:B0:83:C8:9B:7A:31:D5:05:27:15:3A:7D:E4:D4:BA:1D:15
X509v3 Authority Key Identifier:
keyid:75:7C:EF:E3:6B:3F:CC:68:A4:2C:0A:FF:81:D1:44:98:0F:32:77:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dXzv42s_zGikLAr_gdFEmA8yd38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/972db6-770f-4462-9fc7-ee9b9517f2ec/1/akAwsIPIm3ox1QUnFTp95NS6HRU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/972db6-770f-4462-9fc7-ee9b9517f2ec/1/dXzv42s_zGikLAr_gdFEmA8yd38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:9c05::/32
Signature Algorithm: sha256WithRSAEncryption
33:b6:a5:79:5d:d6:5f:17:85:d9:85:f6:c7:48:aa:5d:bf:64:
41:bf:17:ed:69:87:fc:05:7a:3d:2d:89:58:e5:ab:01:e1:dd:
48:1b:ac:1e:ec:b5:16:e4:7c:d1:6d:06:56:8b:39:b2:0d:a3:
e8:9b:49:2e:41:b4:5f:a7:90:33:90:ff:9b:f4:c6:de:04:d9:
45:0a:bd:40:f2:d4:b3:9c:40:ba:8a:bd:c9:71:0e:f8:d4:fe:
4d:14:6a:5a:cb:0a:f3:67:c9:66:45:bd:3a:fd:59:d6:e7:cb:
43:a3:f0:06:1a:ec:49:eb:ee:54:cd:a3:73:a1:8d:92:76:32:
fb:96:26:f8:c3:32:41:9a:62:29:f7:93:c3:34:fd:dd:ae:5c:
80:96:5e:e0:12:70:68:b2:d9:83:cf:95:07:70:0e:5f:73:6c:
5e:c9:da:c4:92:bd:36:da:28:db:1f:93:d2:6c:f1:48:cd:c7:
a1:56:58:69:9b:aa:e3:18:6a:57:d2:06:68:26:fe:ae:49:cc:
13:4c:13:82:35:f1:8f:f9:71:96:f4:cc:7f:c5:f5:3a:3f:3e:
eb:26:61:0e:ab:e8:b2:82:45:ee:34:2a:93:2c:fc:c8:27:74:
76:2f:38:f2:0e:77:22:16:97:33:04:40:be:2c:fb:ee:a2:17:
86:37:15:54
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZWqs5NuvvY0m98dshG6eiV5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1N2NlZmUzNmIzZmNjNjhhNDJjMGFmZjgxZDE0NDk4MGYz
Mjc3N2YwHhcNMjUwMzE4MTkyMDUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTQwMzBiMDgzYzg5YjdhMzFkNTA1MjcxNTNhN2RlNGQ0YmExZDE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxbL4807e4x4/dAcUDr9NGMetV40g
gq/56dsCbZwO8KCVTRdthH0Vahx2zC0AE01Bq5FyyKEWJLetjQoC9MjpzkswKpiQ
LJw8XYgz6x6Y6kOVuZ026e+rNPb1kMDlw8JtmKAloXF+9G7vglrYAXO9+bbKE9kY
CKKhhgxPKLbPfuVp2w28AmqDJScHVZ8LBFklYSvfZeNEdR9RH+3kUyhTLIm8tzt0
LE+pv9Q7wIWcPzizJS0Cw+npk9KbczqtFHvbhzkyHZKeTuaWEjGMwrsud5TdLQMa
mn2hgsYxHVW37XrsY52O8uQaZ70/HT5aKrloKqAd/Kzb/JCncAeoQ1I6iwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFGpAMLCDyJt6MdUFJxU6feTUuh0VMB8GA1UdIwQY
MBaAFHV87+NrP8xopCwK/4HRRJgPMnd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFh6djQyc196R2lrTEFyX2dkRkVtQTh5ZDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC85NzJkYjYtNzcwZi00NDYyLTlmYzct
ZWU5Yjk1MTdmMmVjLzEvYWtBd3NJUEltM294MVFVbkZUcDk1TlM2SFJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC85NzJkYjYtNzcwZi00NDYyLTlmYzctZWU5Yjk1MTdmMmVj
LzEvZFh6djQyc196R2lrTEFyX2dkRkVtQTh5ZDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg+cBTAN
BgkqhkiG9w0BAQsFAAOCAQEAM7aleV3WXxeF2YX2x0iqXb9kQb8X7WmH/AV6PS2J
WOWrAeHdSBusHuy1FuR80W0GVos5sg2j6JtJLkG0X6eQM5D/m/TG3gTZRQq9QPLU
s5xAuoq9yXEO+NT+TRRqWssK82fJZkW9Ov1Z1ufLQ6PwBhrsSevuVM2jc6GNknYy
+5Ym+MMyQZpiKfeTwzT93a5cgJZe4BJwaLLZg8+VB3AOX3NsXsnaxJK9Ntoo2x+T
0mzxSM3HoVZYaZuq4xhqV9IGaCb+rknME0wTgjXxj/lxlvTMf8X1Oj8+6yZhDqvo
soJF7jQqkyz8yCd0di848g53IhaXMwRAviz77qIXhjcVVA==
-----END CERTIFICATE-----
Generated at Fri Apr 18 21:13:40 2025 by rpki-client