Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/HZWFeTeDztatk_bbvV_AD5GI_DE.roa
File: HZWFeTeDztatk_bbvV_AD5GI_DE.roa (raw, json)
Hash identifier: PkQ3+UJ0zqayH0ZQhJp2XQrUaq12BKH14AdiP+Fslok=
Subject key identifier: 1D:95:85:79:37:83:CE:D6:AD:93:F6:DB:BD:5F:C0:0F:91:88:FC:31
Certificate issuer: /CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Certificate serial: 0197CC423E25743C62F38EA80006C3ECA13C
Authority key identifier: 63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/HZWFeTeDztatk_bbvV_AD5GI_DE.roa
Signing time: Wed 02 Jul 2025 17:49:42 +0000
ROA not before: Wed 02 Jul 2025 17:49:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42375
IP address blocks: 2a11:9fc0::/29 maxlen: 29
2a11:c440::/29 maxlen: 29
2a11:c540::/29 maxlen: 29
2a11:e7c0::/29 maxlen: 29
2a12:10c0::/29 maxlen: 29
2a12:15c0::/29 maxlen: 29
2a12:1880::/29 maxlen: 29
2a12:25c0::/29 maxlen: 29
2a12:34c0::/29 maxlen: 29
2a12:4500::/29 maxlen: 29
2a12:5580::/29 maxlen: 29
2a12:6600::/29 maxlen: 29
2a12:7980::/29 maxlen: 29
2a12:8800::/29 maxlen: 29
2a12:9700::/29 maxlen: 29
2a12:9e00::/29 maxlen: 29
2a12:c180::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 08 Jul 2025 18:09:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:cc:42:3e:25:74:3c:62:f3:8e:a8:00:06:c3:ec:a1:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Validity
Not Before: Jul 2 17:49:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1d9585793783ced6ad93f6dbbd5fc00f9188fc31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:65:b0:96:00:8e:3a:0c:79:20:da:bd:79:54:
5e:96:e4:49:65:10:43:14:0c:5a:d9:03:65:f5:99:
2b:f3:c3:50:3f:26:fe:2c:3e:63:ec:e5:be:cd:67:
ad:e4:f1:79:5f:61:1f:82:cc:0a:73:86:d7:13:d8:
53:b8:80:89:a5:a8:5d:cc:54:6c:2c:68:54:33:ce:
f4:97:bd:79:41:53:70:ab:72:4e:d4:0d:b8:c6:a8:
2f:40:12:db:96:90:0a:1b:6b:0f:2f:89:62:7c:30:
ab:f9:8d:17:52:40:72:33:74:80:40:63:52:b2:60:
85:bf:42:36:e8:d0:81:a9:2c:0f:37:7d:dd:9d:1d:
ad:38:dc:f0:20:3e:00:a1:e8:6d:73:34:0d:25:fc:
86:b5:12:43:3b:d5:05:a2:a8:c6:78:ce:d4:a5:cd:
0e:2e:76:0f:51:e9:9d:20:5c:cb:35:a2:8f:3e:d1:
99:1d:05:f9:47:b5:8b:0f:19:51:cd:fe:59:78:92:
7b:fb:66:14:eb:98:c0:d0:85:92:dd:2d:64:c8:67:
db:5a:12:01:7d:52:42:e0:c4:a4:55:91:e5:46:4a:
79:45:1e:0b:3c:5a:a6:0f:cf:e1:7e:1f:b8:cf:98:
15:73:04:93:ad:fd:b5:5b:21:a1:77:70:0a:dd:26:
3a:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:95:85:79:37:83:CE:D6:AD:93:F6:DB:BD:5F:C0:0F:91:88:FC:31
X509v3 Authority Key Identifier:
keyid:63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/HZWFeTeDztatk_bbvV_AD5GI_DE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/YyzYf-q-QHUi4GVT8usFoMFgL78.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:9fc0::/29
2a11:c440::/29
2a11:c540::/29
2a11:e7c0::/29
2a12:10c0::/29
2a12:15c0::/29
2a12:1880::/29
2a12:25c0::/29
2a12:34c0::/29
2a12:4500::/29
2a12:5580::/29
2a12:6600::/29
2a12:7980::/29
2a12:8800::/29
2a12:9700::/29
2a12:9e00::/29
2a12:c180::/29
Signature Algorithm: sha256WithRSAEncryption
0f:d7:c2:4c:dd:e8:5d:92:b6:cb:f7:8b:f8:77:dc:fa:f6:a1:
c1:b8:8d:0a:d1:d6:83:d2:02:7e:9e:7b:14:14:cc:b9:80:d1:
0b:20:0d:c7:ee:66:00:ad:39:13:b1:04:3b:bb:18:94:42:62:
61:eb:4e:c1:bb:ee:80:9d:0a:94:7b:4b:05:e4:d7:1d:79:3c:
35:9e:9a:2b:3a:d5:e7:2b:ed:ab:af:ef:1c:7c:9c:63:d9:ad:
f1:98:cd:4f:7f:c8:14:3f:ac:56:f3:e4:b4:8e:59:63:f7:cb:
f8:47:1e:e0:3b:d7:54:46:c1:d4:44:95:24:0f:4d:28:2a:4b:
28:da:c2:35:d6:6b:05:d4:ba:d7:dc:44:4d:02:fc:d1:db:88:
7a:87:8c:b4:ca:07:70:92:f4:f4:cd:4a:dd:df:cb:bf:98:79:
09:46:45:fe:11:f7:94:0f:db:2c:45:21:f7:e2:db:45:52:f9:
08:61:50:6a:28:2d:11:e6:85:3e:bb:71:91:d6:6c:20:5c:80:
53:de:89:d5:86:a9:0a:91:94:dc:36:31:19:1c:5b:ca:8d:d4:
1a:9c:fe:33:d0:79:09:97:47:7d:a5:9a:78:b5:0e:d3:55:d0:
5f:23:5d:11:be:2d:6a:17:bc:99:ef:63:4c:07:58:72:33:4f:
c6:2a:ee:8e
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgISAZfMQj4ldDxi846oAAbD7KE8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMmNkODdmZWFiZTQwNzUyMmUwNjU1M2YyZWIwNWEwYzE2
MDJmYmYwHhcNMjUwNzAyMTc0OTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDk1ODU3OTM3ODNjZWQ2YWQ5M2Y2ZGJiZDVmYzAwZjkxODhmYzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmWwlgCOOgx5INq9eVReluRJZRBD
FAxa2QNl9Zkr88NQPyb+LD5j7OW+zWet5PF5X2EfgswKc4bXE9hTuICJpahdzFRs
LGhUM870l715QVNwq3JO1A24xqgvQBLblpAKG2sPL4lifDCr+Y0XUkByM3SAQGNS
smCFv0I26NCBqSwPN33dnR2tONzwID4AoehtczQNJfyGtRJDO9UFoqjGeM7Upc0O
LnYPUemdIFzLNaKPPtGZHQX5R7WLDxlRzf5ZeJJ7+2YU65jA0IWS3S1kyGfbWhIB
fVJC4MSkVZHlRkp5RR4LPFqmD8/hfh+4z5gVcwSTrf21WyGhd3AK3SY67QIDAQAB
o4ICfDCCAngwHQYDVR0OBBYEFB2VhXk3g87WrZP2271fwA+RiPwxMB8GA1UdIwQY
MBaAFGMs2H/qvkB1IuBlU/LrBaDBYC+/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYt
NTUxMDQxNzNiMTgwLzEvSFpXRmVUZUR6dGF0a19iYnZWX0FENUdJX0RFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYtNTUxMDQxNzNiMTgw
LzEvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGRBggrBgEFBQcBBwEB/wSBgTB/MH0EAgACMHcDBQMqEZ/A
AwUDKhHEQAMFAyoRxUADBQMqEefAAwUDKhIQwAMFAyoSFcADBQMqEhiAAwUDKhIl
wAMFAyoSNMADBQMqEkUAAwUDKhJVgAMFAyoSZgADBQMqEnmAAwUDKhKIAAMFAyoS
lwADBQMqEp4AAwUDKhLBgDANBgkqhkiG9w0BAQsFAAOCAQEAD9fCTN3oXZK2y/eL
+Hfc+vahwbiNCtHWg9ICfp57FBTMuYDRCyANx+5mAK05E7EEO7sYlEJiYetOwbvu
gJ0KlHtLBeTXHXk8NZ6aKzrV5yvtq6/vHHycY9mt8ZjNT3/IFD+sVvPktI5ZY/fL
+Ece4DvXVEbB1ESVJA9NKCpLKNrCNdZrBdS619xETQL80duIeoeMtMoHcJL09M1K
3d/Lv5h5CUZF/hH3lA/bLEUh9+LbRVL5CGFQaigtEeaFPrtxkdZsIFyAU96J1Yap
CpGU3DYxGRxbyo3UGpz+M9B5CZdHfaWaeLUO01XQXyNdEb4tahe8me9jTAdYcjNP
xirujg==
-----END CERTIFICATE-----
Generated at Tue Jul 29 07:37:30 2025 by rpki-client