Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/AikxKuQWJG8_yDzdAOAEUEd5AuM.roa
File: AikxKuQWJG8_yDzdAOAEUEd5AuM.roa (raw, json)
Hash identifier: XDZ4Bs+22NhvRbSimilPzqKEUhsYgnbE/DH78vQCc3s=
Subject key identifier: 02:29:31:2A:E4:16:24:6F:3F:C8:3C:DD:00:E0:04:50:47:79:02:E3
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 01970347A044D1025EEA7C485DBDA4AD5720
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/AikxKuQWJG8_yDzdAOAEUEd5AuM.roa
Signing time: Sat 24 May 2025 17:11:54 +0000
ROA not before: Sat 24 May 2025 17:11:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 24 May 2025 18:04:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:03:47:a0:44:d1:02:5e:ea:7c:48:5d:bd:a4:ad:57:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 24 17:11:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0229312ae416246f3fc83cdd00e00450477902e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:e0:d1:68:a4:ee:0a:43:5a:81:71:87:d3:e3:
8e:b3:98:19:4f:98:c7:73:6b:34:f1:6b:28:0e:ed:
76:86:cf:77:25:0c:c8:4e:92:92:0e:05:23:7e:dc:
83:b3:a1:3a:80:d9:b7:28:b9:03:d3:07:d5:3e:77:
ad:4f:da:c3:f9:f9:5b:e6:f0:43:03:37:5a:c0:81:
af:2f:4e:b7:3e:97:62:57:60:61:ce:82:ad:e9:90:
cf:71:43:53:f9:be:bc:74:c1:c2:1f:50:0e:33:98:
97:17:39:f2:3f:03:6e:09:61:57:21:dc:49:48:ba:
5b:cf:af:ab:89:77:7a:4b:cf:7c:cf:41:44:b5:7c:
a4:3c:43:75:8b:0a:63:6f:b8:ed:32:16:a1:7d:e4:
4e:f7:a0:5e:e1:71:12:f9:20:b8:ec:34:37:c1:a9:
80:8e:6a:c1:12:e5:72:d7:9b:25:eb:ce:75:41:95:
2c:f2:d9:f6:83:04:33:94:64:54:d6:98:3f:98:34:
0e:92:08:53:fc:05:14:3b:69:66:f0:c4:c5:12:25:
24:4d:92:b4:c6:5b:9c:35:8d:cf:85:e8:b5:7a:12:
44:71:64:65:fb:3f:d4:12:ac:6a:63:1e:da:85:c6:
34:f7:9b:0e:8b:16:37:c6:94:9b:35:ab:28:2c:5e:
b9:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:29:31:2A:E4:16:24:6F:3F:C8:3C:DD:00:E0:04:50:47:79:02:E3
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/AikxKuQWJG8_yDzdAOAEUEd5AuM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
Signature Algorithm: sha256WithRSAEncryption
c4:c1:c9:3e:95:77:c7:47:33:e0:1b:8b:cb:27:56:7f:0a:a5:
4d:1a:13:93:66:ef:8b:48:79:66:0c:57:89:ae:34:ce:49:b8:
26:90:73:7f:26:2c:12:af:8d:b8:30:1c:99:40:3e:7f:e2:f5:
f0:5b:51:74:db:55:36:f4:1c:58:bb:ef:e5:f2:6a:e3:1f:51:
59:b0:f2:c8:eb:b9:08:42:cd:cd:b0:b8:df:be:7e:e4:80:85:
e8:81:cf:bf:86:78:7f:ea:cb:6f:47:8f:82:8c:a5:e2:25:ed:
91:7d:fb:dc:45:7e:29:6a:42:81:0f:8f:4d:6a:c7:00:0e:db:
be:c5:1d:f3:9e:77:db:77:3c:36:d3:2d:83:2b:b1:01:82:53:
7c:55:d1:36:39:ab:f1:19:17:c2:7f:4f:4c:50:82:4a:8e:49:
c6:04:34:ee:b8:aa:2f:bd:1f:88:3c:de:d7:57:09:df:b5:e4:
5a:77:83:e0:6d:63:7c:2d:f7:fd:93:71:e7:88:cc:83:bc:1e:
0d:9e:af:3b:ef:a3:a8:75:87:0f:66:ee:38:2d:1f:d9:12:08:
c3:16:47:24:f1:57:8a:65:09:a5:31:e2:e6:53:66:56:a1:69:
c3:c1:75:61:45:bb:8f:0c:38:83:17:9c:c2:e0:c7:04:52:e2:
d9:92:c0:4d
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZcDR6BE0QJe6nxIXb2krVcgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTI0MTcxMTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjI5MzEyYWU0MTYyNDZmM2ZjODNjZGQwMGUwMDQ1MDQ3NzkwMmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmODRaKTuCkNagXGH0+OOs5gZT5jH
c2s08WsoDu12hs93JQzITpKSDgUjftyDs6E6gNm3KLkD0wfVPnetT9rD+flb5vBD
AzdawIGvL063PpdiV2BhzoKt6ZDPcUNT+b68dMHCH1AOM5iXFznyPwNuCWFXIdxJ
SLpbz6+riXd6S898z0FEtXykPEN1iwpjb7jtMhahfeRO96Be4XES+SC47DQ3wamA
jmrBEuVy15sl6851QZUs8tn2gwQzlGRU1pg/mDQOkghT/AUUO2lm8MTFEiUkTZK0
xlucNY3Phei1ehJEcWRl+z/UEqxqYx7ahcY095sOixY3xpSbNasoLF65YwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFAIpMSrkFiRvP8g83QDgBFBHeQLjMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvQWlreEt1UVdKRzhfeUR6ZEFPQUVVRWQ1QXVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGW7V2MKDANBgkqhkiG9w0BAQsFAAOCAQEAxMHJPpV3x0cz4BuLyydWfwql
TRoTk2bvi0h5ZgxXia40zkm4JpBzfyYsEq+NuDAcmUA+f+L18FtRdNtVNvQcWLvv
5fJq4x9RWbDyyOu5CELNzbC4375+5ICF6IHPv4Z4f+rLb0ePgoyl4iXtkX373EV+
KWpCgQ+PTWrHAA7bvsUd855323c8NtMtgyuxAYJTfFXRNjmr8RkXwn9PTFCCSo5J
xgQ07riqL70fiDze11cJ37XkWneD4G1jfC33/ZNx54jMg7weDZ6vO++jqHWHD2bu
OC0f2RIIwxZHJPFXimUJpTHi5lNmVqFpw8F1YUW7jww4gxecwuDHBFLi2ZLATQ==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:28:45 2025 by rpki-client