Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/112ce7-7415-4c5d-a890-ec95148fd236/1/ayXQLJcu5PQmAdfPU8WfCMcWBOA.roa
File: ayXQLJcu5PQmAdfPU8WfCMcWBOA.roa (raw, json)
Hash identifier: 6XtKUGnTsswxaOPzKtNJccwCPJl2Ql6pNkNosUZBkb0=
Subject key identifier: 6B:25:D0:2C:97:2E:E4:F4:26:01:D7:CF:53:C5:9F:08:C7:16:04:E0
Certificate issuer: /CN=331706b915bab8dac2b5547fbc87adeb61e6aede
Certificate serial: 0194692E543FAD0A7BB1A4D72FD9CEE705A8
Authority key identifier: 33:17:06:B9:15:BA:B8:DA:C2:B5:54:7F:BC:87:AD:EB:61:E6:AE:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MxcGuRW6uNrCtVR_vIet62Hmrt4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/112ce7-7415-4c5d-a890-ec95148fd236/1/ayXQLJcu5PQmAdfPU8WfCMcWBOA.roa
Signing time: Wed 15 Jan 2025 08:57:11 +0000
ROA not before: Wed 15 Jan 2025 08:57:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12306
IP address blocks: 2a05:c700:1::/48 maxlen: 128
2a05:c700:14::/48 maxlen: 128
Validation: Failed, certificate revoked on Wed 15 Jan 2025 15:11:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:69:2e:54:3f:ad:0a:7b:b1:a4:d7:2f:d9:ce:e7:05:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=331706b915bab8dac2b5547fbc87adeb61e6aede
Validity
Not Before: Jan 15 08:57:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6b25d02c972ee4f42601d7cf53c59f08c71604e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:78:3c:68:8e:41:0c:79:16:f2:e7:8a:c6:6c:
35:0b:a2:67:dd:94:26:60:a5:cf:32:c0:d5:a1:6d:
34:3f:49:64:2d:06:6b:c3:ca:f9:bb:f7:88:fd:73:
62:77:80:2d:f7:2f:4d:e0:e0:d5:32:14:82:7e:1e:
62:50:db:12:05:90:39:a1:63:79:f3:5b:95:a3:9a:
8a:df:7a:55:4d:25:d6:96:fc:5b:af:d6:b8:c0:b2:
cd:c1:20:3d:da:45:03:ee:6b:e3:c3:0b:2a:d5:7d:
dc:cf:55:41:37:d4:7c:12:b6:c5:99:d2:61:c1:6c:
89:66:e9:d2:86:15:f8:00:8b:5a:42:0e:d7:2f:d7:
fd:26:26:73:a5:8f:b6:a8:3c:a6:42:32:09:01:95:
21:18:f2:d2:af:e8:d3:b8:18:49:dc:12:89:bb:d2:
34:1f:ef:cf:36:8a:c0:c0:72:6f:95:db:3d:6f:23:
99:30:94:2f:99:9c:83:5c:f0:85:10:46:57:6d:c7:
6d:7a:e7:60:c7:a2:eb:1f:aa:2f:b0:c4:ba:b9:ba:
0d:a6:ed:c4:43:0f:df:46:9a:d5:ae:1c:8a:42:cf:
a6:d7:37:97:c3:4a:b4:18:b6:f1:7f:91:69:ee:1c:
dd:ec:3d:1d:81:8a:61:41:55:23:22:1f:fb:6b:90:
82:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:25:D0:2C:97:2E:E4:F4:26:01:D7:CF:53:C5:9F:08:C7:16:04:E0
X509v3 Authority Key Identifier:
keyid:33:17:06:B9:15:BA:B8:DA:C2:B5:54:7F:BC:87:AD:EB:61:E6:AE:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MxcGuRW6uNrCtVR_vIet62Hmrt4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/112ce7-7415-4c5d-a890-ec95148fd236/1/ayXQLJcu5PQmAdfPU8WfCMcWBOA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/112ce7-7415-4c5d-a890-ec95148fd236/1/MxcGuRW6uNrCtVR_vIet62Hmrt4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:c700:1::/48
2a05:c700:14::/48
Signature Algorithm: sha256WithRSAEncryption
9c:d2:8a:30:ec:ef:57:ea:c4:ca:61:02:76:f5:ca:c5:6e:e8:
fa:04:6f:92:88:4b:02:71:01:43:87:cf:44:ca:e1:6c:9b:0e:
80:39:52:cf:52:35:56:22:e6:7a:84:42:d0:41:14:80:c3:a4:
55:d7:76:92:70:0a:9e:4c:55:10:06:e8:5a:a2:5e:c6:54:2e:
10:cc:74:2d:fd:2f:78:65:d5:30:a5:9d:ff:c7:3b:91:f0:ca:
ff:d0:4f:2b:13:5c:24:ce:ac:0d:39:89:54:20:a6:b6:a2:16:
89:e3:27:44:54:fc:1f:76:69:fb:c5:88:ec:95:fa:47:9b:78:
16:ba:d5:2e:72:68:8f:04:a5:59:e0:a7:3f:9c:c6:de:a5:0a:
79:e7:cd:54:69:ff:c2:b5:5a:ab:4a:7b:2f:6c:91:63:7d:6e:
a4:f8:6f:97:20:66:79:2e:e5:9d:cf:0b:01:95:49:05:fd:c9:
89:ce:fd:86:da:bf:7d:7a:1c:ca:46:c2:e5:b8:a2:a3:9d:64:
15:c5:f4:e8:1d:b3:f3:e0:d8:24:ea:a3:34:6d:b9:d4:e3:97:
b5:6a:64:9a:fd:51:aa:74:f2:19:90:17:f5:57:90:4c:24:db:
00:3a:99:cd:e1:31:6d:9a:53:66:12:c2:6c:00:e1:50:29:32:
89:aa:c1:57
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZRpLlQ/rQp7saTXL9nO5wWoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzMTcwNmI5MTViYWI4ZGFjMmI1NTQ3ZmJjODdhZGViNjFl
NmFlZGUwHhcNMjUwMTE1MDg1NzExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjI1ZDAyYzk3MmVlNGY0MjYwMWQ3Y2Y1M2M1OWYwOGM3MTYwNGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArHg8aI5BDHkW8ueKxmw1C6Jn3ZQm
YKXPMsDVoW00P0lkLQZrw8r5u/eI/XNid4At9y9N4ODVMhSCfh5iUNsSBZA5oWN5
81uVo5qK33pVTSXWlvxbr9a4wLLNwSA92kUD7mvjwwsq1X3cz1VBN9R8ErbFmdJh
wWyJZunShhX4AItaQg7XL9f9JiZzpY+2qDymQjIJAZUhGPLSr+jTuBhJ3BKJu9I0
H+/PNorAwHJvlds9byOZMJQvmZyDXPCFEEZXbcdteudgx6LrH6ovsMS6uboNpu3E
Qw/fRprVrhyKQs+m1zeXw0q0GLbxf5Fp7hzd7D0dgYphQVUjIh/7a5CChQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGsl0CyXLuT0JgHXz1PFnwjHFgTgMB8GA1UdIwQY
MBaAFDMXBrkVurjawrVUf7yHreth5q7eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXhjR3VSVzZ1TnJDdFZSX3ZJZXQ2MkhtcnQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8xMTJjZTctNzQxNS00YzVkLWE4OTAt
ZWM5NTE0OGZkMjM2LzEvYXlYUUxKY3U1UFFtQWRmUFU4V2ZDTWNXQk9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC8xMTJjZTctNzQxNS00YzVkLWE4OTAtZWM5NTE0OGZkMjM2
LzEvTXhjR3VSVzZ1TnJDdFZSX3ZJZXQ2MkhtcnQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgXHAAAB
AwcAKgXHAAAUMA0GCSqGSIb3DQEBCwUAA4IBAQCc0oow7O9X6sTKYQJ29crFbuj6
BG+SiEsCcQFDh89EyuFsmw6AOVLPUjVWIuZ6hELQQRSAw6RV13aScAqeTFUQBuha
ol7GVC4QzHQt/S94ZdUwpZ3/xzuR8Mr/0E8rE1wkzqwNOYlUIKa2ohaJ4ydEVPwf
dmn7xYjslfpHm3gWutUucmiPBKVZ4Kc/nMbepQp5581Uaf/CtVqrSnsvbJFjfW6k
+G+XIGZ5LuWdzwsBlUkF/cmJzv2G2r99ehzKRsLluKKjnWQVxfToHbPz4Ngk6qM0
bbnU45e1amSa/VGqdPIZkBf1V5BMJNsAOpnN4TFtmlNmEsJsAOFQKTKJqsFX
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:48:25 2025 by rpki-client