Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/9CE7tBnlGEO7SxXuN0JbEYelahU.roa
File: 9CE7tBnlGEO7SxXuN0JbEYelahU.roa (raw, json)
Hash identifier: QihpVj+K3h+/Y+xPYHh0HIEBKB4DsnmkmGfLnbIeMiA=
Subject key identifier: F4:21:3B:B4:19:E5:18:43:BB:4B:15:EE:37:42:5B:11:87:A5:6A:15
Certificate issuer: /CN=7b9447fe9a4acc7d6ff72d6c798d43d66cd50c3f
Certificate serial: 0197F4FBC007DFCD29294117BE6A167AF0A3
Authority key identifier: 7B:94:47:FE:9A:4A:CC:7D:6F:F7:2D:6C:79:8D:43:D6:6C:D5:0C:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e5RH_ppKzH1v9y1seY1D1mzVDD8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/9CE7tBnlGEO7SxXuN0JbEYelahU.roa
Signing time: Thu 10 Jul 2025 15:37:08 +0000
ROA not before: Thu 10 Jul 2025 15:37:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200019
IP address blocks: 2a11:d384::/32 maxlen: 32
2a12:24c2::/32 maxlen: 32
2a12:41c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 10 Jul 2025 15:45:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:f4:fb:c0:07:df:cd:29:29:41:17:be:6a:16:7a:f0:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b9447fe9a4acc7d6ff72d6c798d43d66cd50c3f
Validity
Not Before: Jul 10 15:37:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f4213bb419e51843bb4b15ee37425b1187a56a15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:4a:81:e0:7e:ce:37:a4:7f:2c:6d:e8:7c:86:
e6:b3:7f:e7:56:9a:98:f3:ea:09:fd:cf:14:08:d5:
b6:01:4c:b6:16:92:0b:a6:3d:0c:f1:3b:c2:f3:fb:
e5:1a:7a:76:a2:a1:d7:c3:3d:5b:f9:ad:76:d0:86:
ee:e5:58:28:d0:f5:74:9b:5f:38:e4:0b:f2:98:b2:
05:6a:9e:f0:83:b6:99:c5:80:38:4e:25:dc:be:e2:
c1:97:ac:06:97:19:2c:c0:8d:b5:aa:3b:1e:fe:b4:
88:9b:f2:8e:35:22:ef:10:54:24:6b:67:99:94:9e:
d9:13:e7:d6:fe:e0:c3:e3:b2:6d:81:10:48:ba:74:
35:c3:ec:4a:2d:67:ce:c0:39:63:f7:0b:15:1b:5c:
47:8a:24:8b:1f:73:2d:7e:b4:3d:3c:64:6e:9e:bf:
9a:68:43:05:b9:04:7a:71:52:e0:87:3b:9f:a0:c3:
88:db:a8:64:fd:b4:41:7c:60:57:cb:e2:ae:df:89:
d0:8a:f2:31:43:4b:2f:86:07:82:eb:55:65:50:26:
e1:1c:4a:b2:e0:05:08:9c:c6:6f:44:c9:37:51:21:
13:3e:b5:13:79:f2:82:94:81:27:66:a0:4b:59:3c:
ea:18:f3:0a:b7:e5:36:4d:3a:90:2b:97:f1:eb:c6:
3f:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:21:3B:B4:19:E5:18:43:BB:4B:15:EE:37:42:5B:11:87:A5:6A:15
X509v3 Authority Key Identifier:
keyid:7B:94:47:FE:9A:4A:CC:7D:6F:F7:2D:6C:79:8D:43:D6:6C:D5:0C:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5RH_ppKzH1v9y1seY1D1mzVDD8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/9CE7tBnlGEO7SxXuN0JbEYelahU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/e5RH_ppKzH1v9y1seY1D1mzVDD8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:d384::/32
2a12:24c2::/32
2a12:41c0::/32
Signature Algorithm: sha256WithRSAEncryption
38:9f:b8:f8:c0:59:92:3f:35:7e:35:7c:4f:17:d5:96:df:50:
6f:e4:a3:36:c1:2d:61:9c:da:3d:50:2b:06:23:9f:0d:aa:62:
40:5e:c9:84:bb:2a:58:a4:39:5d:ec:e1:5e:a8:c1:b1:d1:1d:
05:7b:f2:4a:58:83:90:bc:74:91:2c:c2:22:2d:a9:fd:1b:fb:
a3:22:a9:78:f2:51:6b:82:be:c4:4d:16:cf:be:b4:4c:3c:c4:
8b:7b:9b:60:bc:40:a4:59:be:30:98:b5:be:bb:e3:d3:42:1f:
b5:1a:80:23:d9:3d:dc:8c:c6:4e:59:f0:67:c0:53:93:38:76:
dd:e6:80:55:a6:b6:61:e7:85:41:69:03:a1:67:fc:7a:ef:de:
e1:01:e5:70:0b:af:bd:a4:a4:e4:ec:f5:c8:b7:94:52:86:e4:
18:22:bf:fd:50:c6:6d:4c:1a:c3:d6:7a:90:16:f7:96:3f:84:
78:3a:22:86:da:9f:08:af:ac:73:a1:f6:36:8f:1b:7e:28:f6:
db:b6:3b:a8:49:a0:a5:e7:6a:cc:45:8b:f4:28:87:c6:9f:40:
fc:4f:22:11:08:c3:d1:95:a8:bf:41:6e:8e:1e:12:54:9b:85:
98:2c:61:8c:91:a0:34:00:dc:21:69:ed:fe:29:25:9d:13:1b:
8e:10:bb:54
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZf0+8AH380pKUEXvmoWevCjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiOTQ0N2ZlOWE0YWNjN2Q2ZmY3MmQ2Yzc5OGQ0M2Q2NmNk
NTBjM2YwHhcNMjUwNzEwMTUzNzA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDIxM2JiNDE5ZTUxODQzYmI0YjE1ZWUzNzQyNWIxMTg3YTU2YTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7kqB4H7ON6R/LG3ofIbms3/nVpqY
8+oJ/c8UCNW2AUy2FpILpj0M8TvC8/vlGnp2oqHXwz1b+a120Ibu5Vgo0PV0m184
5AvymLIFap7wg7aZxYA4TiXcvuLBl6wGlxkswI21qjse/rSIm/KONSLvEFQka2eZ
lJ7ZE+fW/uDD47JtgRBIunQ1w+xKLWfOwDlj9wsVG1xHiiSLH3MtfrQ9PGRunr+a
aEMFuQR6cVLghzufoMOI26hk/bRBfGBXy+Ku34nQivIxQ0svhgeC61VlUCbhHEqy
4AUInMZvRMk3USETPrUTefKClIEnZqBLWTzqGPMKt+U2TTqQK5fx68Y/QQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPQhO7QZ5RhDu0sV7jdCWxGHpWoVMB8GA1UdIwQY
MBaAFHuUR/6aSsx9b/ctbHmNQ9Zs1Qw/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTVSSF9wcEt6SDF2OXkxc2VZMUQxbXpWREQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9hYzI0ZGYtMDlkNi00NDU3LTlkMmUt
OWZjZWI0NWQ2ZmRiLzEvOUNFN3RCbmxHRU83U3hYdU4wSmJFWWVsYWhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9hYzI0ZGYtMDlkNi00NDU3LTlkMmUtOWZjZWI0NWQ2ZmRi
LzEvZTVSSF9wcEt6SDF2OXkxc2VZMUQxbXpWREQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKhHThAMF
ACoSJMIDBQAqEkHAMA0GCSqGSIb3DQEBCwUAA4IBAQA4n7j4wFmSPzV+NXxPF9WW
31Bv5KM2wS1hnNo9UCsGI58NqmJAXsmEuypYpDld7OFeqMGx0R0Fe/JKWIOQvHSR
LMIiLan9G/ujIql48lFrgr7ETRbPvrRMPMSLe5tgvECkWb4wmLW+u+PTQh+1GoAj
2T3cjMZOWfBnwFOTOHbd5oBVprZh54VBaQOhZ/x6797hAeVwC6+9pKTk7PXIt5RS
huQYIr/9UMZtTBrD1nqQFveWP4R4OiKG2p8Ir6xzofY2jxt+KPbbtjuoSaCl52rM
RYv0KIfGn0D8TyIRCMPRlai/QW6OHhJUm4WYLGGMkaA0ANwhae3+KSWdExuOELtU
-----END CERTIFICATE-----
Generated at Sun Jul 27 07:16:04 2025 by rpki-client