Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/25c95e-7f27-4d69-856d-a38b6795fb24/1/ajy8JngBelbIIZHuuTksdmkH8vk.roa
File: ajy8JngBelbIIZHuuTksdmkH8vk.roa (raw, json)
Hash identifier: OSBpfcEwsQAdr3G5My4hQOG2eVKQvMdDAqDJjwM6em0=
Subject key identifier: 6A:3C:BC:26:78:01:7A:56:C8:21:91:EE:B9:39:2C:76:69:07:F2:F9
Certificate issuer: /CN=d5e6733fa239c5fb0c438c82f7c230f55d478cb1
Certificate serial: 0194244553CCFCDBC1082CB21972A5045085
Authority key identifier: D5:E6:73:3F:A2:39:C5:FB:0C:43:8C:82:F7:C2:30:F5:5D:47:8C:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1eZzP6I5xfsMQ4yC98Iw9V1HjLE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/25c95e-7f27-4d69-856d-a38b6795fb24/1/ajy8JngBelbIIZHuuTksdmkH8vk.roa
Signing time: Wed 01 Jan 2025 23:48:30 +0000
ROA not before: Wed 01 Jan 2025 23:48:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3320
IP address blocks: 45.81.255.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 06 Jan 2025 07:24:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:53:cc:fc:db:c1:08:2c:b2:19:72:a5:04:50:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5e6733fa239c5fb0c438c82f7c230f55d478cb1
Validity
Not Before: Jan 1 23:48:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6a3cbc2678017a56c82191eeb9392c766907f2f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:b5:04:48:ea:53:a2:8e:0e:59:59:45:0a:49:
bd:56:99:e6:55:c1:8e:40:74:5f:b2:50:be:73:1b:
3a:09:0d:28:4c:cd:f1:f4:2d:c1:d7:c0:83:95:7a:
72:db:fa:17:4f:35:65:8a:b2:5e:e2:b6:93:5b:b7:
ae:b4:84:f7:73:c8:10:ad:31:6d:ea:96:08:e2:0f:
0f:46:26:95:62:d7:34:47:f7:4a:8b:41:88:7d:ac:
2a:27:d6:ea:07:c0:71:d7:53:8a:ac:56:c3:c1:7d:
83:d7:4b:b5:a8:60:e6:9f:07:8a:37:e7:94:d4:80:
0d:a8:64:b9:ce:89:57:9d:c7:76:46:05:e6:e4:78:
54:87:6c:b6:4e:ed:21:b7:9e:6b:b2:44:71:cf:a4:
16:ab:f6:07:99:7d:40:79:41:38:8d:35:9c:fa:4a:
15:e6:4c:0e:2d:40:80:e0:23:42:38:02:c1:47:cc:
58:43:9c:b7:3c:75:2b:fe:72:9e:89:5e:03:61:6f:
e0:72:50:80:06:65:67:81:e3:89:2b:e5:4f:6d:4f:
8f:5a:04:1b:32:ad:c4:95:12:3b:51:92:b4:08:22:
60:0d:53:52:a8:00:36:ea:05:1c:b5:8a:44:17:70:
03:df:10:1a:3b:62:b4:b4:2f:d8:32:8d:de:d2:5b:
3a:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:3C:BC:26:78:01:7A:56:C8:21:91:EE:B9:39:2C:76:69:07:F2:F9
X509v3 Authority Key Identifier:
keyid:D5:E6:73:3F:A2:39:C5:FB:0C:43:8C:82:F7:C2:30:F5:5D:47:8C:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1eZzP6I5xfsMQ4yC98Iw9V1HjLE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/25c95e-7f27-4d69-856d-a38b6795fb24/1/ajy8JngBelbIIZHuuTksdmkH8vk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/25c95e-7f27-4d69-856d-a38b6795fb24/1/1eZzP6I5xfsMQ4yC98Iw9V1HjLE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.255.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:56:df:81:43:5c:36:e6:0f:d6:e2:58:f8:83:cc:e3:49:62:
1d:a9:6f:cf:9e:80:9e:36:d4:32:67:6b:8d:39:a0:8c:b5:2e:
fc:99:c8:05:24:b8:5d:38:93:43:e3:ff:1f:94:92:b8:6e:7f:
cc:00:65:f7:2c:72:63:9f:44:88:93:c6:98:6d:25:54:34:f3:
38:6d:74:7a:00:8a:ad:d2:a3:c3:f1:74:04:5d:c3:63:37:64:
19:d3:6a:2f:a5:6e:55:20:9d:52:c0:92:01:d1:60:36:49:7a:
f1:66:1b:05:4c:5b:fc:0b:f1:ba:90:8a:4e:c5:82:1d:f1:cc:
5d:3a:5b:b5:b1:8c:d1:d9:a2:2c:5c:0a:37:1b:18:51:6f:e8:
97:22:d8:44:36:62:28:65:3f:82:82:e5:f1:ad:ab:04:1b:32:
99:85:7d:c0:9a:d4:e4:d6:1e:68:37:63:0b:bc:6d:c1:d2:45:
54:ce:88:42:cf:c9:94:79:64:6e:4f:55:30:a2:bf:94:dd:57:
48:66:f6:cf:bd:95:30:ca:7d:d3:db:59:5d:65:9a:86:34:96:
ff:8c:ae:cd:b5:bf:99:a0:d5:b9:5e:37:7c:cc:d9:8c:6e:6c:
0f:c7:23:53:ed:37:eb:04:50:f5:dc:b6:fd:a4:f4:c6:ad:05:
78:6b:30:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRVPM/NvBCCyyGXKlBFCFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1ZTY3MzNmYTIzOWM1ZmIwYzQzOGM4MmY3YzIzMGY1NWQ0
NzhjYjEwHhcNMjUwMTAxMjM0ODMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTNjYmMyNjc4MDE3YTU2YzgyMTkxZWViOTM5MmM3NjY5MDdmMmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAibUESOpToo4OWVlFCkm9VpnmVcGO
QHRfslC+cxs6CQ0oTM3x9C3B18CDlXpy2/oXTzVlirJe4raTW7eutIT3c8gQrTFt
6pYI4g8PRiaVYtc0R/dKi0GIfawqJ9bqB8Bx11OKrFbDwX2D10u1qGDmnweKN+eU
1IANqGS5zolXncd2RgXm5HhUh2y2Tu0ht55rskRxz6QWq/YHmX1AeUE4jTWc+koV
5kwOLUCA4CNCOALBR8xYQ5y3PHUr/nKeiV4DYW/gclCABmVngeOJK+VPbU+PWgQb
Mq3ElRI7UZK0CCJgDVNSqAA26gUctYpEF3AD3xAaO2K0tC/YMo3e0ls6mQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGo8vCZ4AXpWyCGR7rk5LHZpB/L5MB8GA1UdIwQY
MBaAFNXmcz+iOcX7DEOMgvfCMPVdR4yxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWVaelA2STV4ZnNNUTR5Qzk4SXc5VjFIakxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8yNWM5NWUtN2YyNy00ZDY5LTg1NmQt
YTM4YjY3OTVmYjI0LzEvYWp5OEpuZ0JlbGJJSVpIdXVUa3NkbWtIOHZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8yNWM5NWUtN2YyNy00ZDY5LTg1NmQtYTM4YjY3OTVmYjI0
LzEvMWVaelA2STV4ZnNNUTR5Qzk4SXc5VjFIakxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVH/MA0G
CSqGSIb3DQEBCwUAA4IBAQBdVt+BQ1w25g/W4lj4g8zjSWIdqW/PnoCeNtQyZ2uN
OaCMtS78mcgFJLhdOJND4/8flJK4bn/MAGX3LHJjn0SIk8aYbSVUNPM4bXR6AIqt
0qPD8XQEXcNjN2QZ02ovpW5VIJ1SwJIB0WA2SXrxZhsFTFv8C/G6kIpOxYId8cxd
Olu1sYzR2aIsXAo3GxhRb+iXIthENmIoZT+CguXxrasEGzKZhX3AmtTk1h5oN2ML
vG3B0kVUzohCz8mUeWRuT1Uwor+U3VdIZvbPvZUwyn3T21ldZZqGNJb/jK7Ntb+Z
oNW5Xjd8zNmMbmwPxyNT7TfrBFD13Lb9pPTGrQV4azAm
-----END CERTIFICATE-----
Generated at Sat Apr 19 00:04:31 2025 by rpki-client