Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/aQ6I41_QRPvjiU5_qo41tOo2WTI.roa
File: aQ6I41_QRPvjiU5_qo41tOo2WTI.roa (raw, json)
Hash identifier: /IaHjjTynvY919oXe4RI1UBce0aF6SrvJgv1JXcNU5M=
Subject key identifier: 69:0E:88:E3:5F:D0:44:FB:E3:89:4E:7F:AA:8E:35:B4:EA:36:59:32
Certificate issuer: /CN=26a5aa918cbfeb3e12997f33890feb258907b343
Certificate serial: 019424B3A6590E44F2F0B73FBCA12CAC2334
Authority key identifier: 26:A5:AA:91:8C:BF:EB:3E:12:99:7F:33:89:0F:EB:25:89:07:B3:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/aQ6I41_QRPvjiU5_qo41tOo2WTI.roa
Signing time: Thu 02 Jan 2025 01:49:00 +0000
ROA not before: Thu 02 Jan 2025 01:49:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31229
IP address blocks: 2.57.136.0/22 maxlen: 22
2a14:4bc0::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 06 Mar 2025 23:25:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:a6:59:0e:44:f2:f0:b7:3f:bc:a1:2c:ac:23:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26a5aa918cbfeb3e12997f33890feb258907b343
Validity
Not Before: Jan 2 01:49:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=690e88e35fd044fbe3894e7faa8e35b4ea365932
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:2d:18:79:f0:b6:f1:e9:65:9a:91:20:6b:7b:
09:62:7e:41:f8:8e:8f:bf:2a:4f:f6:06:20:26:7c:
59:ca:46:a2:db:60:15:3d:f2:c8:e4:2e:b4:af:3e:
3f:69:52:cc:e1:a5:43:bc:f0:83:19:bf:18:ac:32:
70:5b:22:dc:56:d3:f1:a3:f6:9e:62:5c:ec:03:9e:
25:79:c7:ea:ea:19:c1:45:cd:e2:8b:cb:9e:be:f8:
4c:90:10:c8:d8:c4:e8:dc:f7:81:f9:9f:d7:53:5c:
08:89:da:bc:b7:08:c1:6f:b9:ff:94:f1:de:af:49:
9c:04:62:15:15:68:72:39:6f:23:2d:d1:48:b7:4e:
e4:ba:56:6b:a7:96:29:5e:f6:82:60:60:4d:fb:c2:
37:c3:9b:4e:b6:c3:4c:35:54:af:9d:02:1f:09:9f:
7f:c2:9c:ab:9b:b6:68:8c:22:aa:9a:04:22:d0:9e:
92:6c:a7:9d:c2:5f:9c:97:0d:53:2c:06:2e:f6:d0:
d2:4a:0a:cd:f4:4b:d6:18:ff:ca:da:03:ff:85:21:
f3:92:e4:d9:40:39:eb:32:c6:72:e4:58:94:80:c5:
56:61:36:53:12:7f:fd:4a:a7:fa:7e:f2:62:27:24:
d0:5d:69:01:b7:ee:d0:a0:b3:d4:c7:f2:97:11:b3:
ac:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:0E:88:E3:5F:D0:44:FB:E3:89:4E:7F:AA:8E:35:B4:EA:36:59:32
X509v3 Authority Key Identifier:
keyid:26:A5:AA:91:8C:BF:EB:3E:12:99:7F:33:89:0F:EB:25:89:07:B3:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/aQ6I41_QRPvjiU5_qo41tOo2WTI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.136.0/22
IPv6:
2a14:4bc0::/32
Signature Algorithm: sha256WithRSAEncryption
a0:e7:e6:b3:82:dc:a5:26:22:ff:35:f2:7b:b2:b5:d7:37:aa:
42:ad:c6:3b:01:cf:77:3a:d2:64:a1:4f:88:45:3f:06:ba:c1:
a5:ff:81:c8:53:3e:75:27:6d:ac:14:12:b2:bd:be:89:d8:c4:
30:0c:49:e5:7a:1c:6e:9c:eb:95:cc:d1:d1:75:ad:89:c5:ec:
e8:75:b8:44:f0:87:d0:98:17:bd:0d:3b:2a:b0:04:b1:38:2e:
8b:2e:99:4c:e7:c7:0a:e5:5c:25:17:da:46:81:ca:8a:e0:40:
5c:69:fd:69:91:25:11:e1:b9:68:e7:a0:99:42:66:fb:84:fa:
fa:7d:e8:c1:9d:3c:35:bd:d6:87:8e:c9:eb:01:42:84:9b:82:
21:0f:a5:62:1f:3a:1d:1c:46:ec:e1:37:8f:48:7d:37:c5:47:
2a:52:3d:fb:a3:41:8b:3e:bb:9a:c1:b7:15:a5:24:b4:07:b2:
ff:a0:c2:ae:c7:d0:18:47:70:2a:8d:8b:f6:b7:9d:5b:57:62:
16:7d:e4:f0:b2:e8:ef:22:42:c4:3c:87:45:f0:ed:f5:80:b2:
84:bb:c1:80:25:3e:f5:c4:7d:71:a5:b1:58:fa:20:b6:ec:f3:
37:62:13:d0:84:e9:a0:45:6b:5b:b3:3e:81:dd:dc:46:b6:d2:
b0:e7:cb:5f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQks6ZZDkTy8Lc/vKEsrCM0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2YTVhYTkxOGNiZmViM2UxMjk5N2YzMzg5MGZlYjI1ODkw
N2IzNDMwHhcNMjUwMTAyMDE0OTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTBlODhlMzVmZDA0NGZiZTM4OTRlN2ZhYThlMzViNGVhMzY1OTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4C0YefC28ellmpEga3sJYn5B+I6P
vypP9gYgJnxZykai22AVPfLI5C60rz4/aVLM4aVDvPCDGb8YrDJwWyLcVtPxo/ae
YlzsA54lecfq6hnBRc3ii8uevvhMkBDI2MTo3PeB+Z/XU1wIidq8twjBb7n/lPHe
r0mcBGIVFWhyOW8jLdFIt07kulZrp5YpXvaCYGBN+8I3w5tOtsNMNVSvnQIfCZ9/
wpyrm7ZojCKqmgQi0J6SbKedwl+clw1TLAYu9tDSSgrN9EvWGP/K2gP/hSHzkuTZ
QDnrMsZy5FiUgMVWYTZTEn/9Sqf6fvJiJyTQXWkBt+7QoLPUx/KXEbOsuwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGkOiONf0ET744lOf6qONbTqNlkyMB8GA1UdIwQY
MBaAFCalqpGMv+s+Epl/M4kP6yWJB7NDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnFXcWtZeV82ejRTbVg4emlRX3JKWWtIczBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC8xNDMzZWEtMTA4MC00NmU1LWI2MTIt
Mjk3ZTI4MmQ2NmE4LzEvYVE2STQxX1FSUHZqaVU1X3FvNDF0T28yV1RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC8xNDMzZWEtMTA4MC00NmU1LWI2MTItMjk3ZTI4MmQ2NmE4
LzEvSnFXcWtZeV82ejRTbVg4emlRX3JKWWtIczBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCAjmIMA0E
AgACMAcDBQAqFEvAMA0GCSqGSIb3DQEBCwUAA4IBAQCg5+azgtylJiL/NfJ7srXX
N6pCrcY7Ac93OtJkoU+IRT8GusGl/4HIUz51J22sFBKyvb6J2MQwDEnlehxunOuV
zNHRda2JxezodbhE8IfQmBe9DTsqsASxOC6LLplM58cK5VwlF9pGgcqK4EBcaf1p
kSUR4blo56CZQmb7hPr6fejBnTw1vdaHjsnrAUKEm4IhD6ViHzodHEbs4TePSH03
xUcqUj37o0GLPruawbcVpSS0B7L/oMKux9AYR3AqjYv2t51bV2IWfeTwsujvIkLE
PIdF8O31gLKEu8GAJT71xH1xpbFY+iC27PM3YhPQhOmgRWtbsz6B3dxGttKw58tf
-----END CERTIFICATE-----
Generated at Fri Apr 18 20:19:25 2025 by rpki-client