Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/858ed8-731a-4761-82c0-6b0179ee1dd9/1/AK-4a0SRRl3FXNthit5tJgrEQKg.roa
File: AK-4a0SRRl3FXNthit5tJgrEQKg.roa (raw, json)
Hash identifier: 9r3fcezVm0JwNLXddommAYSyYWrd4mttMzhSUmdRzNY=
Subject key identifier: 00:AF:B8:6B:44:91:46:5D:C5:5C:DB:61:8A:DE:6D:26:0A:C4:40:A8
Certificate issuer: /CN=a0cef1caa3459b8b039c217813648dcabce8c2d3
Certificate serial: 0195F45D9B07CEDE55DAB64B14A4C3395270
Authority key identifier: A0:CE:F1:CA:A3:45:9B:8B:03:9C:21:78:13:64:8D:CA:BC:E8:C2:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oM7xyqNFm4sDnCF4E2SNyrzowtM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/858ed8-731a-4761-82c0-6b0179ee1dd9/1/AK-4a0SRRl3FXNthit5tJgrEQKg.roa
Signing time: Wed 02 Apr 2025 02:38:50 +0000
ROA not before: Wed 02 Apr 2025 02:38:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59475
IP address blocks: 81.161.120.0/21 maxlen: 22
109.197.162.0/23 maxlen: 23
193.0.168.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 03 Apr 2025 08:52:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f4:5d:9b:07:ce:de:55:da:b6:4b:14:a4:c3:39:52:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0cef1caa3459b8b039c217813648dcabce8c2d3
Validity
Not Before: Apr 2 02:38:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=00afb86b4491465dc55cdb618ade6d260ac440a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:ff:db:6b:7d:22:c2:f3:4a:aa:7d:63:f4:b8:
af:0a:ad:12:e8:6a:44:41:f5:83:f0:e0:7b:8a:52:
f3:b6:d3:f7:87:a3:fd:66:9a:fb:1a:ed:35:87:ac:
d0:8d:f2:6f:99:46:76:8f:73:31:58:d5:86:6a:c1:
05:3e:8f:b8:d8:2e:68:c2:86:8c:7c:4d:ce:8d:42:
f1:81:65:79:61:2d:16:5a:36:0b:c0:51:37:83:7a:
ce:7d:ba:94:f9:27:8c:50:a0:d6:0c:95:ad:45:17:
8c:ba:db:96:51:4f:94:98:9b:c5:f2:65:91:e5:8f:
3b:92:de:e6:75:3c:89:8e:d5:84:be:e2:a7:d8:8a:
14:72:54:75:20:1b:5d:da:a4:4c:fe:0e:29:1a:e2:
c5:07:b5:f4:5b:bd:88:f3:93:e0:eb:89:bd:6e:29:
e4:7b:83:d3:91:33:81:90:c6:c3:f2:62:1d:4b:cf:
95:b5:73:0e:7a:2d:46:ee:00:e0:8b:86:d2:fa:83:
58:be:1c:ec:e1:5e:14:3d:bc:65:61:b2:f7:58:a7:
29:92:57:38:42:2d:d0:08:f5:d3:51:87:48:61:85:
de:f7:1b:f2:ff:86:4a:52:30:a7:a4:bd:b4:2d:9a:
70:bf:29:8b:50:d3:de:21:6d:79:25:b2:86:52:1b:
36:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:AF:B8:6B:44:91:46:5D:C5:5C:DB:61:8A:DE:6D:26:0A:C4:40:A8
X509v3 Authority Key Identifier:
keyid:A0:CE:F1:CA:A3:45:9B:8B:03:9C:21:78:13:64:8D:CA:BC:E8:C2:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oM7xyqNFm4sDnCF4E2SNyrzowtM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/858ed8-731a-4761-82c0-6b0179ee1dd9/1/AK-4a0SRRl3FXNthit5tJgrEQKg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/858ed8-731a-4761-82c0-6b0179ee1dd9/1/oM7xyqNFm4sDnCF4E2SNyrzowtM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.161.120.0/21
109.197.162.0/23
193.0.168.0/23
Signature Algorithm: sha256WithRSAEncryption
11:9b:f2:81:76:9e:14:de:da:21:7d:80:34:39:76:2a:4d:10:
c3:9b:d6:ac:f0:75:cc:e6:4a:4d:36:17:a0:07:46:0f:f9:40:
28:ff:d5:af:ca:89:25:d2:9a:a8:aa:98:1e:96:73:e4:c8:c9:
d3:e5:79:f7:36:a9:0e:63:42:52:05:84:9b:a4:82:00:9e:99:
67:df:91:9e:97:f0:e8:8b:ee:a8:86:c1:3a:da:5c:57:21:4a:
eb:b6:81:8d:1c:4b:06:0d:2a:00:b7:69:f4:e9:f2:c7:21:2e:
2e:e0:27:ce:03:f3:0e:dd:86:d3:dd:8e:e8:cb:ed:8f:2c:d5:
81:ae:2c:5e:09:92:01:05:47:bf:9c:90:15:b0:a9:51:5f:d5:
8e:ac:ec:dc:8b:4f:00:e4:60:fa:62:68:f0:40:27:b8:ee:16:
e0:37:2e:84:a5:1e:c2:df:7c:cf:a1:26:e9:04:16:fb:27:bb:
e4:b1:43:b5:0e:b3:ef:94:21:ff:ca:b8:31:a4:7c:ff:2f:ef:
38:20:c9:65:9c:6c:76:f6:52:cf:c6:72:6e:d6:60:a5:c3:4b:
e4:bc:c9:9f:d4:d3:20:f0:07:03:8e:49:e5:05:ec:8b:4b:bf:
2d:8d:fd:8b:1b:47:89:6c:ce:9c:15:f9:c1:89:d0:c2:70:05:
f6:68:54:43
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZX0XZsHzt5V2rZLFKTDOVJwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwY2VmMWNhYTM0NTliOGIwMzljMjE3ODEzNjQ4ZGNhYmNl
OGMyZDMwHhcNMjUwNDAyMDIzODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGFmYjg2YjQ0OTE0NjVkYzU1Y2RiNjE4YWRlNmQyNjBhYzQ0MGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApf/ba30iwvNKqn1j9LivCq0S6GpE
QfWD8OB7ilLzttP3h6P9Zpr7Gu01h6zQjfJvmUZ2j3MxWNWGasEFPo+42C5owoaM
fE3OjULxgWV5YS0WWjYLwFE3g3rOfbqU+SeMUKDWDJWtRReMutuWUU+UmJvF8mWR
5Y87kt7mdTyJjtWEvuKn2IoUclR1IBtd2qRM/g4pGuLFB7X0W72I85Pg64m9bink
e4PTkTOBkMbD8mIdS8+VtXMOei1G7gDgi4bS+oNYvhzs4V4UPbxlYbL3WKcpklc4
Qi3QCPXTUYdIYYXe9xvy/4ZKUjCnpL20LZpwvymLUNPeIW15JbKGUhs2VwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFACvuGtEkUZdxVzbYYrebSYKxECoMB8GA1UdIwQY
MBaAFKDO8cqjRZuLA5wheBNkjcq86MLTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb003eHlxTkZtNHNEbkNGNEUyU055cnpvd3RNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy84NThlZDgtNzMxYS00NzYxLTgyYzAt
NmIwMTc5ZWUxZGQ5LzEvQUstNGEwU1JSbDNGWE50aGl0NXRKZ3JFUUtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy84NThlZDgtNzMxYS00NzYxLTgyYzAtNmIwMTc5ZWUxZGQ5
LzEvb003eHlxTkZtNHNEbkNGNEUyU055cnpvd3RNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDUaF4AwQB
bcWiAwQBwQCoMA0GCSqGSIb3DQEBCwUAA4IBAQARm/KBdp4U3tohfYA0OXYqTRDD
m9as8HXM5kpNNhegB0YP+UAo/9Wvyokl0pqoqpgelnPkyMnT5Xn3NqkOY0JSBYSb
pIIAnpln35Gel/Doi+6ohsE62lxXIUrrtoGNHEsGDSoAt2n06fLHIS4u4CfOA/MO
3YbT3Y7oy+2PLNWBrixeCZIBBUe/nJAVsKlRX9WOrOzci08A5GD6YmjwQCe47hbg
Ny6EpR7C33zPoSbpBBb7J7vksUO1DrPvlCH/yrgxpHz/L+84IMllnGx29lLPxnJu
1mClw0vkvMmf1NMg8AcDjknlBeyLS78tjf2LG0eJbM6cFfnBidDCcAX2aFRD
-----END CERTIFICATE-----
Generated at Sun Jun 15 13:00:44 2025 by rpki-client