Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/8r7t-b2e_EfXl9RRs5_1IFRyNrs.roa
File: 8r7t-b2e_EfXl9RRs5_1IFRyNrs.roa (raw, json)
Hash identifier: 3TJUxM+AkCdJEf5nh+cTQupJ1vwGY1vydjkX1hVECCo=
Subject key identifier: F2:BE:ED:F9:BD:9E:FC:47:D7:97:D4:51:B3:9F:F5:20:54:72:36:BB
Certificate issuer: /CN=ca9ccd830b7e03308bf5cf25e67a7fc2bde0957c
Certificate serial: 0195908C52159108F65BAB3A16C00D886C18
Authority key identifier: CA:9C:CD:83:0B:7E:03:30:8B:F5:CF:25:E6:7A:7F:C2:BD:E0:95:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ypzNgwt-AzCL9c8l5np_wr3glXw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/8r7t-b2e_EfXl9RRs5_1IFRyNrs.roa
Signing time: Thu 13 Mar 2025 17:27:49 +0000
ROA not before: Thu 13 Mar 2025 17:27:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209641
IP address blocks: 2a11:2085::/32 maxlen: 32
2a11:6504::/32 maxlen: 32
2a11:8f85::/32 maxlen: 32
2a11:f186::/32 maxlen: 32
2a11:fb45::/32 maxlen: 32
2a12:1804::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 07 Apr 2025 18:49:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:90:8c:52:15:91:08:f6:5b:ab:3a:16:c0:0d:88:6c:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca9ccd830b7e03308bf5cf25e67a7fc2bde0957c
Validity
Not Before: Mar 13 17:27:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f2beedf9bd9efc47d797d451b39ff520547236bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:1e:d4:45:7e:93:a9:6b:a0:73:b4:d3:b6:f3:
40:9d:42:29:a0:ea:81:8e:1f:20:33:ae:9d:96:d1:
04:d8:12:b6:dc:7b:f3:a7:42:8d:67:1a:74:f9:e2:
4e:55:0a:26:6e:15:c0:ee:24:28:c0:ec:84:2c:c6:
06:69:2e:88:54:2f:7b:e7:e3:45:ce:89:91:22:cf:
0d:63:04:01:d8:74:31:4e:20:d7:7c:d6:75:51:80:
bb:41:f8:96:7a:84:ca:42:07:08:f3:6a:28:97:da:
0a:7f:d5:84:b5:7d:74:de:0e:ec:d8:7f:13:01:b1:
b4:f9:02:d8:da:d9:23:22:fe:b8:8b:c9:5b:af:5b:
2a:d1:b9:41:ad:55:ed:87:7c:cc:41:81:e9:58:ae:
e6:38:96:44:e1:9e:54:27:b4:d5:1f:6e:22:ad:6e:
4c:e9:d0:2a:bd:31:f5:ac:27:2b:35:2b:14:2d:4b:
60:26:a9:a9:ad:b8:19:a8:e7:b6:f3:99:7d:41:10:
30:f0:dd:4c:1d:51:9c:45:58:4a:49:27:e0:b9:b0:
a9:67:88:a0:d0:13:01:ae:86:f4:f2:43:0c:9a:f1:
f7:c8:89:d3:25:ff:ee:5c:1c:b1:a6:66:e8:7e:a2:
4b:86:56:ae:20:5c:52:bd:75:62:02:68:87:77:03:
6b:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:BE:ED:F9:BD:9E:FC:47:D7:97:D4:51:B3:9F:F5:20:54:72:36:BB
X509v3 Authority Key Identifier:
keyid:CA:9C:CD:83:0B:7E:03:30:8B:F5:CF:25:E6:7A:7F:C2:BD:E0:95:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ypzNgwt-AzCL9c8l5np_wr3glXw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/8r7t-b2e_EfXl9RRs5_1IFRyNrs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/ypzNgwt-AzCL9c8l5np_wr3glXw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:2085::/32
2a11:6504::/32
2a11:8f85::/32
2a11:f186::/32
2a11:fb45::/32
2a12:1804::/32
Signature Algorithm: sha256WithRSAEncryption
06:cc:13:cd:73:6b:77:e1:1a:55:58:d2:9c:68:c7:83:b9:42:
03:14:7c:bc:9e:b1:de:d5:d2:0d:15:9c:4e:08:fe:bb:38:e8:
db:a8:5f:29:2e:99:cc:4a:93:c6:f4:7e:32:04:09:c6:0b:f5:
65:42:14:81:9f:b2:a1:6d:12:68:45:07:8b:48:29:d2:06:b0:
b2:27:56:91:ab:90:9f:c5:e5:b6:11:95:85:92:90:14:53:be:
c7:33:64:f3:87:7d:6b:32:fe:e3:81:41:e3:0b:a4:7f:fb:51:
45:fc:44:a5:fb:e0:65:df:0a:77:af:e2:e9:f1:99:18:4a:91:
60:31:4f:30:4c:8b:af:45:78:7d:98:8f:d4:17:fd:b9:13:5a:
2d:4d:07:30:90:c5:37:9b:cd:73:22:37:13:ba:f0:90:f8:81:
68:7e:6b:3f:6b:6f:76:b4:19:2e:bb:75:bc:03:26:dc:dc:87:
52:ac:71:b3:36:80:b3:40:ef:6f:56:44:a0:6d:28:08:bc:08:
bf:b0:0e:37:1d:fd:62:4b:87:38:c0:4e:55:b0:16:27:95:24:
9b:ed:8d:0b:d1:f2:be:b7:92:4a:ef:b8:25:78:fb:c0:61:c3:
a4:5a:9c:ef:96:77:0b:b8:64:09:77:46:b6:5a:4c:7a:a1:75:
f2:d9:01:48
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZWQjFIVkQj2W6s6FsANiGwYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhOWNjZDgzMGI3ZTAzMzA4YmY1Y2YyNWU2N2E3ZmMyYmRl
MDk1N2MwHhcNMjUwMzEzMTcyNzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmJlZWRmOWJkOWVmYzQ3ZDc5N2Q0NTFiMzlmZjUyMDU0NzIzNmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkB7URX6TqWugc7TTtvNAnUIpoOqB
jh8gM66dltEE2BK23Hvzp0KNZxp0+eJOVQombhXA7iQowOyELMYGaS6IVC975+NF
zomRIs8NYwQB2HQxTiDXfNZ1UYC7QfiWeoTKQgcI82ool9oKf9WEtX103g7s2H8T
AbG0+QLY2tkjIv64i8lbr1sq0blBrVXth3zMQYHpWK7mOJZE4Z5UJ7TVH24irW5M
6dAqvTH1rCcrNSsULUtgJqmprbgZqOe285l9QRAw8N1MHVGcRVhKSSfgubCpZ4ig
0BMBrob08kMMmvH3yInTJf/uXByxpmbofqJLhlauIFxSvXViAmiHdwNrGwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFPK+7fm9nvxH15fUUbOf9SBUcja7MB8GA1UdIwQY
MBaAFMqczYMLfgMwi/XPJeZ6f8K94JV8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXB6Tmd3dC1BekNMOWM4bDVucF93cjNnbFh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9hNjhmMjEtOWZmOC00YTQ0LWEzNmQt
ZDFjZGUyNDY1Zjg5LzEvOHI3dC1iMmVfRWZYbDlSUnM1XzFJRlJ5TnJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9hNjhmMjEtOWZmOC00YTQ0LWEzNmQtZDFjZGUyNDY1Zjg5
LzEveXB6Tmd3dC1BekNMOWM4bDVucF93cjNnbFh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUAKhEghQMF
ACoRZQQDBQAqEY+FAwUAKhHxhgMFACoR+0UDBQAqEhgEMA0GCSqGSIb3DQEBCwUA
A4IBAQAGzBPNc2t34RpVWNKcaMeDuUIDFHy8nrHe1dINFZxOCP67OOjbqF8pLpnM
SpPG9H4yBAnGC/VlQhSBn7KhbRJoRQeLSCnSBrCyJ1aRq5CfxeW2EZWFkpAUU77H
M2Tzh31rMv7jgUHjC6R/+1FF/ESl++Bl3wp3r+Lp8ZkYSpFgMU8wTIuvRXh9mI/U
F/25E1otTQcwkMU3m81zIjcTuvCQ+IFofms/a292tBkuu3W8Aybc3IdSrHGzNoCz
QO9vVkSgbSgIvAi/sA43Hf1iS4c4wE5VsBYnlSSb7Y0L0fK+t5JK77glePvAYcOk
WpzvlncLuGQJd0a2Wkx6oXXy2QFI
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:32:47 2025 by rpki-client