Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/8cdc48-2822-4599-bb69-8c456af6b6bb/1/aa72lQ2CpYDcMCeVj5kLyKCMvfw.roa
File: aa72lQ2CpYDcMCeVj5kLyKCMvfw.roa (raw, json)
Hash identifier: 2XtSJIcOpm1x2m1rNq5OtOJh7jMAfJyni24LqDLj5nc=
Subject key identifier: 69:AE:F6:95:0D:82:A5:80:DC:30:27:95:8F:99:0B:C8:A0:8C:BD:FC
Certificate issuer: /CN=256065b6166aef96fcff3a2ea56fdffd390f3166
Certificate serial: 01979D800938FD2687A2079B77DC9C713929
Authority key identifier: 25:60:65:B6:16:6A:EF:96:FC:FF:3A:2E:A5:6F:DF:FD:39:0F:31:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JWBlthZq75b8_zoupW_f_TkPMWY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/8cdc48-2822-4599-bb69-8c456af6b6bb/1/aa72lQ2CpYDcMCeVj5kLyKCMvfw.roa
Signing time: Mon 23 Jun 2025 15:55:03 +0000
ROA not before: Mon 23 Jun 2025 15:55:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214402
IP address blocks: 2a14:f704:1000::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 30 Jun 2025 20:43:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:9d:80:09:38:fd:26:87:a2:07:9b:77:dc:9c:71:39:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=256065b6166aef96fcff3a2ea56fdffd390f3166
Validity
Not Before: Jun 23 15:55:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69aef6950d82a580dc3027958f990bc8a08cbdfc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:db:46:11:28:d4:3b:4d:2c:85:83:17:6e:75:
8a:9b:66:15:b8:83:f2:a6:c3:4c:20:40:2d:d2:cc:
c4:dd:50:af:96:ac:d6:38:45:61:da:59:7d:cd:93:
5f:24:8e:0a:1d:96:20:f1:7f:ae:5d:aa:d5:32:1e:
92:69:ed:60:4c:8b:2f:51:1c:2b:77:a7:c9:af:dd:
6e:a3:b6:f6:8b:19:31:09:f9:5d:6d:c1:32:2d:5d:
d4:8d:c9:5c:a9:80:d5:ad:5c:89:24:6d:fd:ea:9e:
16:77:5c:4e:8d:d6:cb:0f:4d:6c:18:18:5b:41:2e:
fa:52:cb:e4:89:22:4d:7f:d6:3a:6d:70:13:4a:81:
61:df:9e:f8:3c:32:35:9d:b8:76:e4:50:8d:a6:28:
9f:a0:9a:b5:86:e3:c0:1d:47:33:e3:f4:82:41:8b:
3c:90:dd:14:d8:ec:14:06:ff:0b:b9:36:17:f7:e7:
3a:7f:9c:eb:2e:0f:34:e9:82:27:80:1e:3d:d8:97:
c7:54:e4:8c:88:e8:45:e0:19:bb:ed:4e:54:2c:7a:
02:04:0f:68:91:b7:b0:65:b3:0b:bf:08:02:f1:b5:
32:34:eb:5d:27:7a:b9:19:da:da:ec:65:00:5a:43:
49:47:41:84:ac:90:d6:58:21:c3:44:b0:df:66:8d:
1b:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:AE:F6:95:0D:82:A5:80:DC:30:27:95:8F:99:0B:C8:A0:8C:BD:FC
X509v3 Authority Key Identifier:
keyid:25:60:65:B6:16:6A:EF:96:FC:FF:3A:2E:A5:6F:DF:FD:39:0F:31:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JWBlthZq75b8_zoupW_f_TkPMWY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/8cdc48-2822-4599-bb69-8c456af6b6bb/1/aa72lQ2CpYDcMCeVj5kLyKCMvfw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/8cdc48-2822-4599-bb69-8c456af6b6bb/1/JWBlthZq75b8_zoupW_f_TkPMWY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:f704:1000::/40
Signature Algorithm: sha256WithRSAEncryption
42:39:13:73:bf:de:e3:f5:e8:2d:98:a3:7f:f6:12:f4:d5:e9:
e1:ea:75:4a:8c:48:86:d2:88:c2:08:d1:8d:94:04:6d:73:6b:
0f:71:ab:41:9f:76:e4:5f:b4:5f:85:59:16:c8:e5:38:5a:02:
b0:60:d7:f5:4e:8f:8c:b8:40:a6:b5:b0:f0:4f:e1:60:c9:80:
5f:84:ed:3d:8e:e2:ee:6d:e7:93:54:e1:72:0b:1c:81:66:94:
61:62:10:25:db:3a:b6:37:16:df:7d:0f:c2:d3:7b:19:49:c3:
10:e5:4a:d5:5b:58:58:51:96:36:7a:4a:e2:75:0e:af:80:c5:
59:70:81:48:4f:00:1c:26:db:3c:be:f6:3e:e8:16:d3:69:cf:
50:7f:e5:b9:64:aa:eb:73:d7:8a:ee:6b:5b:12:e2:b1:6e:61:
25:99:b0:93:f1:91:a4:12:8e:5d:5c:54:5f:2d:4e:be:13:14:
4c:b8:93:8c:8a:3c:eb:a9:0a:c5:34:aa:27:8f:e9:15:f9:99:
cc:bd:9f:7a:8a:a3:d4:1f:27:de:af:e3:df:4d:df:d0:57:8e:
22:40:bf:b6:6c:61:16:b6:b1:27:b1:74:4d:2d:05:74:2c:14:
8c:db:fd:9a:ab:fc:66:be:27:05:d5:2a:c0:71:9b:6b:e2:d4:
33:02:cc:09
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZedgAk4/SaHogebd9yccTkpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1NjA2NWI2MTY2YWVmOTZmY2ZmM2EyZWE1NmZkZmZkMzkw
ZjMxNjYwHhcNMjUwNjIzMTU1NTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWFlZjY5NTBkODJhNTgwZGMzMDI3OTU4Zjk5MGJjOGEwOGNiZGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyttGESjUO00shYMXbnWKm2YVuIPy
psNMIEAt0szE3VCvlqzWOEVh2ll9zZNfJI4KHZYg8X+uXarVMh6Sae1gTIsvURwr
d6fJr91uo7b2ixkxCfldbcEyLV3UjclcqYDVrVyJJG396p4Wd1xOjdbLD01sGBhb
QS76UsvkiSJNf9Y6bXATSoFh3574PDI1nbh25FCNpiifoJq1huPAHUcz4/SCQYs8
kN0U2OwUBv8LuTYX9+c6f5zrLg806YIngB492JfHVOSMiOhF4Bm77U5ULHoCBA9o
kbewZbMLvwgC8bUyNOtdJ3q5Gdra7GUAWkNJR0GErJDWWCHDRLDfZo0bDQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFGmu9pUNgqWA3DAnlY+ZC8igjL38MB8GA1UdIwQY
MBaAFCVgZbYWau+W/P86LqVv3/05DzFmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSldCbHRoWnE3NWI4X3pvdXBXX2ZfVGtQTVdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi84Y2RjNDgtMjgyMi00NTk5LWJiNjkt
OGM0NTZhZjZiNmJiLzEvYWE3MmxRMkNwWURjTUNlVmo1a0x5S0NNdmZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi84Y2RjNDgtMjgyMi00NTk5LWJiNjktOGM0NTZhZjZiNmJi
LzEvSldCbHRoWnE3NWI4X3pvdXBXX2ZfVGtQTVdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhT3BBAw
DQYJKoZIhvcNAQELBQADggEBAEI5E3O/3uP16C2Yo3/2EvTV6eHqdUqMSIbSiMII
0Y2UBG1zaw9xq0GfduRftF+FWRbI5ThaArBg1/VOj4y4QKa1sPBP4WDJgF+E7T2O
4u5t55NU4XILHIFmlGFiECXbOrY3Ft99D8LTexlJwxDlStVbWFhRljZ6SuJ1Dq+A
xVlwgUhPABwm2zy+9j7oFtNpz1B/5blkqutz14rua1sS4rFuYSWZsJPxkaQSjl1c
VF8tTr4TFEy4k4yKPOupCsU0qieP6RX5mcy9n3qKo9QfJ96v499N39BXjiJAv7Zs
YRa2sSexdE0tBXQsFIzb/Zqr/Ga+JwXVKsBxm2vi1DMCzAk=
-----END CERTIFICATE-----
Generated at Tue Jul 1 14:07:07 2025 by rpki-client