Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/5tnZ26We7EZLdNlJ2QJJHrIrGLM.roa
File: 5tnZ26We7EZLdNlJ2QJJHrIrGLM.roa (raw, json)
Hash identifier: e3MHPMEkivjpFWZuc1NDMhPEAwdZXjNM1bO91/3gkq0=
Subject key identifier: E6:D9:D9:DB:A5:9E:EC:46:4B:74:D9:49:D9:02:49:1E:B2:2B:18:B3
Certificate issuer: /CN=7b9447fe9a4acc7d6ff72d6c798d43d66cd50c3f
Certificate serial: 0197F5031397546BAB1704726DA504521928
Authority key identifier: 7B:94:47:FE:9A:4A:CC:7D:6F:F7:2D:6C:79:8D:43:D6:6C:D5:0C:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e5RH_ppKzH1v9y1seY1D1mzVDD8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/5tnZ26We7EZLdNlJ2QJJHrIrGLM.roa
Signing time: Thu 10 Jul 2025 15:45:08 +0000
ROA not before: Thu 10 Jul 2025 15:45:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209641
IP address blocks: 2a11:3080::/32 maxlen: 32
2a11:3d07::/32 maxlen: 32
2a12:35c1::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 16 Jul 2025 19:44:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:f5:03:13:97:54:6b:ab:17:04:72:6d:a5:04:52:19:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b9447fe9a4acc7d6ff72d6c798d43d66cd50c3f
Validity
Not Before: Jul 10 15:45:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e6d9d9dba59eec464b74d949d902491eb22b18b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:20:e5:46:cb:59:14:70:a1:4a:13:2e:b2:3e:
64:36:64:30:55:54:8f:b5:44:1b:8c:7f:a9:60:19:
6b:4e:36:69:7c:6f:77:67:02:53:2f:82:6e:cc:65:
d3:e7:1e:ab:31:67:ba:7b:b5:18:7a:3a:7e:6c:70:
9c:aa:d3:34:fd:0a:a3:1d:7a:91:1f:47:ca:3e:72:
f8:ae:64:54:3f:7a:78:65:e4:11:71:6c:a9:7a:3c:
e4:4a:54:7e:38:fa:43:fb:1f:29:ad:59:6b:76:e7:
32:28:12:7c:8d:ff:ca:3b:ed:19:3d:ce:6b:fd:6f:
c9:ae:8b:b2:da:42:85:cb:42:93:7c:af:05:1a:5f:
e2:c9:20:15:78:a1:16:46:2d:7a:a6:09:41:ec:56:
c7:2f:d5:54:8b:7b:76:06:c7:0b:f1:ca:5c:df:62:
3f:e8:57:21:10:61:c0:2d:e6:2f:d2:15:de:42:de:
6e:7e:a4:d5:fe:78:b8:13:52:2e:06:7b:ad:a0:fb:
54:f6:d9:3d:a2:cb:52:59:fc:77:80:d6:18:5f:f2:
f8:13:7a:4b:47:81:6f:d6:d0:f9:f1:79:46:61:52:
53:43:97:a8:02:75:a2:e7:cd:2b:04:33:e9:d3:5b:
01:b0:f7:0d:28:e7:69:65:91:17:ee:c3:24:8e:6b:
f4:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:D9:D9:DB:A5:9E:EC:46:4B:74:D9:49:D9:02:49:1E:B2:2B:18:B3
X509v3 Authority Key Identifier:
keyid:7B:94:47:FE:9A:4A:CC:7D:6F:F7:2D:6C:79:8D:43:D6:6C:D5:0C:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5RH_ppKzH1v9y1seY1D1mzVDD8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/5tnZ26We7EZLdNlJ2QJJHrIrGLM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/e5RH_ppKzH1v9y1seY1D1mzVDD8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:3080::/32
2a11:3d07::/32
2a12:35c1::/32
Signature Algorithm: sha256WithRSAEncryption
1c:d2:b2:2a:05:19:ff:44:db:e9:7e:36:bd:05:6d:ed:ac:4d:
1d:d1:8a:5f:31:c5:f6:81:54:ff:8c:49:48:5b:3e:3e:7a:85:
6f:94:7d:ed:22:61:61:bb:07:71:0f:ed:2f:37:5e:3f:33:66:
95:ae:51:a0:a2:d9:96:51:f0:57:fa:52:dc:46:9a:58:f5:e2:
09:b4:f3:2e:c1:e5:ae:40:75:8d:64:41:73:2d:5f:9d:1e:83:
a6:ca:9d:3c:1e:35:d8:f3:6e:3b:84:e2:c8:e1:b0:1f:e0:52:
ee:f1:e3:44:d2:93:82:8d:fc:3e:fc:55:64:c5:66:2d:ba:0b:
be:b5:6c:ac:2b:b2:16:59:2a:10:8b:0f:41:6a:a9:6e:87:8e:
a5:78:75:8b:7b:dc:00:48:4c:8a:10:db:52:d0:22:54:fb:59:
a5:fa:72:18:dd:0e:1f:31:16:6c:74:fe:26:7a:83:a4:bf:59:
cb:b0:58:82:bb:84:c4:b9:89:17:db:cd:e4:13:4f:59:b4:04:
a5:21:ee:71:0a:3f:bc:82:7b:a7:5f:a3:46:9d:70:c5:2e:91:
f4:2a:30:5c:ee:5a:a1:63:dc:ae:12:8d:6c:a6:3c:c8:06:53:
17:64:bc:53:87:f8:02:a9:b4:e4:c7:3f:81:6b:72:a4:c3:ae:
f2:d8:84:bc
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZf1AxOXVGurFwRybaUEUhkoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiOTQ0N2ZlOWE0YWNjN2Q2ZmY3MmQ2Yzc5OGQ0M2Q2NmNk
NTBjM2YwHhcNMjUwNzEwMTU0NTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmQ5ZDlkYmE1OWVlYzQ2NGI3NGQ5NDlkOTAyNDkxZWIyMmIxOGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmCDlRstZFHChShMusj5kNmQwVVSP
tUQbjH+pYBlrTjZpfG93ZwJTL4JuzGXT5x6rMWe6e7UYejp+bHCcqtM0/QqjHXqR
H0fKPnL4rmRUP3p4ZeQRcWypejzkSlR+OPpD+x8prVlrducyKBJ8jf/KO+0ZPc5r
/W/Jrouy2kKFy0KTfK8FGl/iySAVeKEWRi16pglB7FbHL9VUi3t2BscL8cpc32I/
6FchEGHALeYv0hXeQt5ufqTV/ni4E1IuBnutoPtU9tk9ostSWfx3gNYYX/L4E3pL
R4Fv1tD58XlGYVJTQ5eoAnWi580rBDPp01sBsPcNKOdpZZEX7sMkjmv05wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFObZ2dulnuxGS3TZSdkCSR6yKxizMB8GA1UdIwQY
MBaAFHuUR/6aSsx9b/ctbHmNQ9Zs1Qw/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTVSSF9wcEt6SDF2OXkxc2VZMUQxbXpWREQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9hYzI0ZGYtMDlkNi00NDU3LTlkMmUt
OWZjZWI0NWQ2ZmRiLzEvNXRuWjI2V2U3RVpMZE5sSjJRSkpIcklyR0xNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9hYzI0ZGYtMDlkNi00NDU3LTlkMmUtOWZjZWI0NWQ2ZmRi
LzEvZTVSSF9wcEt6SDF2OXkxc2VZMUQxbXpWREQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKhEwgAMF
ACoRPQcDBQAqEjXBMA0GCSqGSIb3DQEBCwUAA4IBAQAc0rIqBRn/RNvpfja9BW3t
rE0d0YpfMcX2gVT/jElIWz4+eoVvlH3tImFhuwdxD+0vN14/M2aVrlGgotmWUfBX
+lLcRppY9eIJtPMuweWuQHWNZEFzLV+dHoOmyp08HjXY8247hOLI4bAf4FLu8eNE
0pOCjfw+/FVkxWYtugu+tWysK7IWWSoQiw9Baqluh46leHWLe9wASEyKENtS0CJU
+1ml+nIY3Q4fMRZsdP4meoOkv1nLsFiCu4TEuYkX283kE09ZtASlIe5xCj+8gnun
X6NGnXDFLpH0KjBc7lqhY9yuEo1spjzIBlMXZLxTh/gCqbTkxz+Ba3Kkw67y2IS8
-----END CERTIFICATE-----
Generated at Sun Jul 27 07:10:47 2025 by rpki-client