Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/ajtePPFzxUqrAnQqAUEKFa0OljU.roa
File: ajtePPFzxUqrAnQqAUEKFa0OljU.roa (raw, json)
Hash identifier: PXLLPoZAlk7TrXNhpVtdOPO0K/2LgfpUI/vlW4984yM=
Subject key identifier: 6A:3B:5E:3C:F1:73:C5:4A:AB:02:74:2A:01:41:0A:15:AD:0E:96:35
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 019631D4013C018438FAC15250E7FF958FE5
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/ajtePPFzxUqrAnQqAUEKFa0OljU.roa
Signing time: Mon 14 Apr 2025 01:04:59 +0000
ROA not before: Mon 14 Apr 2025 01:04:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:31d3:53f0/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 14 Apr 2025 01:12:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:31:d4:01:3c:01:84:38:fa:c1:52:50:e7:ff:95:8f:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Apr 14 01:04:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6a3b5e3cf173c54aab02742a01410a15ad0e9635
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:28:5b:2a:6f:95:9d:16:27:9b:49:c5:f9:fd:
9f:5e:b3:ad:6a:f5:4d:e3:d7:51:9e:4b:77:3b:a6:
c5:48:ee:79:84:bf:9a:1d:d8:f6:53:ca:c4:ad:5e:
41:66:6e:9a:bc:e4:8d:ed:27:f8:0b:36:38:cf:a1:
1e:d2:95:2e:7a:14:60:34:fd:cc:f3:a3:36:46:eb:
8f:d1:00:41:5c:ff:1e:f2:bf:d1:4d:57:e9:2b:90:
d4:6d:d6:20:ed:80:61:4d:a8:5f:32:b4:40:71:07:
f0:cc:90:91:b0:1d:21:10:30:5f:81:93:78:b2:ea:
b8:a1:ac:c7:0b:5f:fc:85:ba:3f:68:73:74:49:f3:
e4:c8:d6:77:63:40:3b:c7:c0:b5:a6:5d:af:6c:34:
50:c3:63:a2:70:48:81:36:21:92:63:b6:18:8f:90:
88:8d:97:04:fa:97:c6:87:d2:6e:2a:6b:d3:e3:ba:
6f:43:1d:cc:d6:24:de:3b:07:39:0c:20:f1:96:94:
75:17:40:28:9c:42:53:42:62:b5:32:55:96:3f:fa:
ef:64:42:9e:df:90:5c:89:47:81:2c:62:1d:54:ed:
0b:2b:0b:f9:10:1b:2c:40:1e:bc:2f:05:7d:d1:7e:
aa:c6:b7:27:2c:d2:62:2a:32:55:c6:95:e5:b3:1d:
44:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:3B:5E:3C:F1:73:C5:4A:AB:02:74:2A:01:41:0A:15:AD:0E:96:35
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/ajtePPFzxUqrAnQqAUEKFa0OljU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:31d3:53f0/128
Signature Algorithm: sha256WithRSAEncryption
95:93:e3:2a:b1:93:7f:1f:8a:e4:bd:e9:c8:10:5c:ac:f5:32:
45:86:30:2b:ec:58:4e:fc:0e:26:9b:73:17:61:5b:6f:89:62:
be:30:fa:90:1e:3a:45:03:49:9c:6d:0c:03:e9:84:85:08:6f:
d2:e9:61:6f:95:62:8a:f5:bc:e9:b1:1a:fd:44:53:8a:49:c5:
14:4c:6c:d4:71:d1:8e:ca:31:eb:04:8a:2c:de:43:47:8e:56:
bd:f5:35:61:6e:2a:34:ec:26:e6:20:64:4c:41:d2:66:c2:5b:
33:48:f5:3e:c4:9b:35:b1:9e:1e:54:2e:7e:d5:76:43:e2:96:
06:80:29:12:c2:66:37:c4:56:db:d8:81:22:ca:83:15:97:2d:
b6:7f:4c:b7:71:a1:db:fd:22:07:05:bf:a7:c3:35:83:be:a9:
a0:3c:ed:3c:43:cf:79:12:97:72:ac:60:76:c2:3a:6c:b5:3f:
29:a7:ec:1f:0a:1e:51:fc:6c:e6:00:20:a0:1c:4d:cf:22:67:
f7:08:8f:a7:56:a0:d4:12:24:06:cf:e2:ad:89:de:63:84:ed:
8b:a5:45:c3:e2:e6:c6:b7:1a:f0:38:0b:1d:29:dd:12:48:f6:
39:ec:a0:5c:0c:2d:17:51:28:fb:9f:9d:10:b5:dd:53:8f:4b:
7e:5e:e6:58
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZYx1AE8AYQ4+sFSUOf/lY/lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNDE0MDEwNDU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTNiNWUzY2YxNzNjNTRhYWIwMjc0MmEwMTQxMGExNWFkMGU5NjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7ChbKm+VnRYnm0nF+f2fXrOtavVN
49dRnkt3O6bFSO55hL+aHdj2U8rErV5BZm6avOSN7Sf4CzY4z6Ee0pUuehRgNP3M
86M2RuuP0QBBXP8e8r/RTVfpK5DUbdYg7YBhTahfMrRAcQfwzJCRsB0hEDBfgZN4
suq4oazHC1/8hbo/aHN0SfPkyNZ3Y0A7x8C1pl2vbDRQw2OicEiBNiGSY7YYj5CI
jZcE+pfGh9JuKmvT47pvQx3M1iTeOwc5DCDxlpR1F0AonEJTQmK1MlWWP/rvZEKe
35BciUeBLGIdVO0LKwv5EBssQB68LwV90X6qxrcnLNJiKjJVxpXlsx1EgQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFGo7Xjzxc8VKqwJ0KgFBChWtDpY1MB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvYWp0ZVBQRnp4VXFyQW5RcUFVRUtGYTBPbGpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGWMdNT8DANBgkqhkiG9w0BAQsFAAOCAQEAlZPjKrGTfx+K5L3pyBBcrPUy
RYYwK+xYTvwOJptzF2Fbb4livjD6kB46RQNJnG0MA+mEhQhv0ulhb5ViivW86bEa
/URTiknFFExs1HHRjsox6wSKLN5DR45WvfU1YW4qNOwm5iBkTEHSZsJbM0j1PsSb
NbGeHlQuftV2Q+KWBoApEsJmN8RW29iBIsqDFZcttn9Mt3Gh2/0iBwW/p8M1g76p
oDztPEPPeRKXcqxgdsI6bLU/KafsHwoeUfxs5gAgoBxNzyJn9wiPp1ag1BIkBs/i
rYneY4Tti6VFw+Lmxrca8DgLHSndEkj2OeygXAwtF1Eo+5+dELXdU49Lfl7mWA==
-----END CERTIFICATE-----
Generated at Sun Jun 8 04:19:22 2025 by rpki-client