Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/aFAlY_M1AoqS_HXNq1qkjWxmbbk.roa
File: aFAlY_M1AoqS_HXNq1qkjWxmbbk.roa (raw, json)
Hash identifier: jcGSSp9s3HYkJOESqVY73KhqIwEAeNEA5bnvivY2Eyo=
Subject key identifier: 68:50:25:63:F3:35:02:8A:92:FC:75:CD:AB:5A:A4:8D:6C:66:6D:B9
Certificate issuer: /CN=1ba51a0bc0f0afebbf6d5d927fe1f9816f52352d
Certificate serial: 0196C41767ECE2EA886A2B5DC39965A88324
Authority key identifier: 1B:A5:1A:0B:C0:F0:AF:EB:BF:6D:5D:92:7F:E1:F9:81:6F:52:35:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/aFAlY_M1AoqS_HXNq1qkjWxmbbk.roa
Signing time: Mon 12 May 2025 10:43:10 +0000
ROA not before: Mon 12 May 2025 10:43:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 18046
IP address blocks: 14.102.83.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 20 May 2025 06:59:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c4:17:67:ec:e2:ea:88:6a:2b:5d:c3:99:65:a8:83:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ba51a0bc0f0afebbf6d5d927fe1f9816f52352d
Validity
Not Before: May 12 10:43:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=68502563f335028a92fc75cdab5aa48d6c666db9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:f8:cd:2c:5c:82:3e:5b:62:29:ff:d3:90:05:
ef:00:8f:4a:08:49:45:87:e0:53:88:09:b6:6b:4c:
e0:64:8d:1b:d8:36:49:15:d1:2a:47:c2:a9:8d:a6:
66:05:ac:3d:5e:40:b0:a9:c6:75:3c:e6:01:d1:4b:
2c:dc:c6:50:57:26:b0:94:5a:2e:3a:67:e2:37:68:
ea:76:2a:7f:33:ec:31:eb:f5:9c:99:e4:60:88:13:
e3:89:66:ff:eb:66:31:a0:bd:fe:75:b7:36:79:71:
be:6e:eb:97:95:b5:53:cd:73:7d:f5:81:21:29:02:
9e:cc:ac:f7:19:6e:d2:09:d3:a5:25:9f:62:ed:59:
e3:a1:12:56:97:78:c8:52:a1:42:15:a9:ae:fb:d8:
fa:0d:1c:fe:9f:a7:a7:50:74:65:73:59:d5:82:1c:
80:ab:85:a9:00:07:32:05:db:2c:a1:6a:70:f9:2c:
77:75:fd:40:ac:78:c4:aa:c4:17:aa:81:06:af:73:
a3:d5:59:e0:c3:f3:a7:8d:f3:ef:15:0c:06:99:fb:
49:eb:56:4f:d1:44:6d:aa:da:1c:5b:4a:3d:58:a3:
a7:c3:1b:4b:16:80:6c:45:8a:77:16:33:4b:11:1f:
99:be:b8:11:d5:74:28:c8:07:8c:38:0c:36:6e:d3:
4e:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:50:25:63:F3:35:02:8A:92:FC:75:CD:AB:5A:A4:8D:6C:66:6D:B9
X509v3 Authority Key Identifier:
keyid:1B:A5:1A:0B:C0:F0:AF:EB:BF:6D:5D:92:7F:E1:F9:81:6F:52:35:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/aFAlY_M1AoqS_HXNq1qkjWxmbbk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.83.0/24
Signature Algorithm: sha256WithRSAEncryption
69:cd:99:1e:4e:da:f2:2c:a1:eb:ec:bb:33:af:be:7b:d5:9b:
d5:8e:3a:bc:29:15:07:5a:21:f2:0f:4f:75:c2:32:b7:bf:33:
32:9a:5e:c8:13:5e:77:29:b0:01:c2:bf:7e:5e:94:19:8a:86:
b8:9f:d7:50:8f:e1:8c:9f:74:86:8d:c6:d1:ab:3b:57:0f:6c:
da:e1:e0:9f:78:68:5a:53:d3:24:99:18:18:37:69:2e:f4:26:
fc:47:a1:f3:82:03:92:dd:4a:c4:a4:74:7a:82:18:58:3b:57:
e4:27:28:35:a5:8a:40:9e:69:c7:a0:b9:b3:ab:89:58:e3:15:
df:2d:58:19:7c:db:01:e5:13:3a:de:a4:5e:c3:84:ad:ad:45:
84:86:76:02:d7:91:4f:44:b3:5f:0c:4d:d7:ab:01:7d:e7:6e:
b8:ac:c0:a3:96:b7:45:47:d8:78:fd:d4:1b:c6:a5:4e:0f:fa:
1e:94:c5:be:7d:96:07:b3:f0:81:2c:ed:29:9d:68:a1:28:9e:
d2:83:f9:7f:bc:1f:42:75:4a:1a:21:d6:17:e7:9a:f7:15:65:
f9:a9:60:29:29:eb:53:c4:b8:22:99:9c:d1:ea:9f:eb:7f:ab:
44:fc:49:d8:f1:ce:6d:e9:9e:25:fb:b2:c1:31:4e:35:2a:d9:
bb:34:4c:3c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZbEF2fs4uqIaitdw5llqIMkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiYTUxYTBiYzBmMGFmZWJiZjZkNWQ5MjdmZTFmOTgxNmY1
MjM1MmQwHhcNMjUwNTEyMTA0MzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODUwMjU2M2YzMzUwMjhhOTJmYzc1Y2RhYjVhYTQ4ZDZjNjY2ZGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwfjNLFyCPltiKf/TkAXvAI9KCElF
h+BTiAm2a0zgZI0b2DZJFdEqR8KpjaZmBaw9XkCwqcZ1POYB0Uss3MZQVyawlFou
OmfiN2jqdip/M+wx6/WcmeRgiBPjiWb/62YxoL3+dbc2eXG+buuXlbVTzXN99YEh
KQKezKz3GW7SCdOlJZ9i7VnjoRJWl3jIUqFCFamu+9j6DRz+n6enUHRlc1nVghyA
q4WpAAcyBdssoWpw+Sx3df1ArHjEqsQXqoEGr3Oj1Vngw/OnjfPvFQwGmftJ61ZP
0URtqtocW0o9WKOnwxtLFoBsRYp3FjNLER+ZvrgR1XQoyAeMOAw2btNO7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGhQJWPzNQKKkvx1zatapI1sZm25MB8GA1UdIwQY
MBaAFBulGgvA8K/rv21dkn/h+YFvUjUtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzZVYUM4RHdyLXVfYlYyU2YtSDVnVzlTTlMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS80ZjIxMWUtNzlkNy00NTA0LTllYWQt
ODcxZjllZDcwOGUwLzEvYUZBbFlfTTFBb3FTX0hYTnExcWtqV3htYmJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS80ZjIxMWUtNzlkNy00NTA0LTllYWQtODcxZjllZDcwOGUw
LzEvRzZVYUM4RHdyLXVfYlYyU2YtSDVnVzlTTlMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQADmZTMA0G
CSqGSIb3DQEBCwUAA4IBAQBpzZkeTtryLKHr7Lszr7571ZvVjjq8KRUHWiHyD091
wjK3vzMyml7IE153KbABwr9+XpQZioa4n9dQj+GMn3SGjcbRqztXD2za4eCfeGha
U9MkmRgYN2ku9Cb8R6HzggOS3UrEpHR6ghhYO1fkJyg1pYpAnmnHoLmzq4lY4xXf
LVgZfNsB5RM63qRew4StrUWEhnYC15FPRLNfDE3XqwF95264rMCjlrdFR9h4/dQb
xqVOD/oelMW+fZYHs/CBLO0pnWihKJ7Sg/l/vB9CdUoaIdYX55r3FWX5qWApKetT
xLgimZzR6p/rf6tE/EnY8c5t6Z4l+7LBMU41Ktm7NEw8
-----END CERTIFICATE-----
Generated at Sun Jun 8 02:15:35 2025 by rpki-client