Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/B2MCNak0MrTKwNy5i9lEse_c-lE.roa
File: B2MCNak0MrTKwNy5i9lEse_c-lE.roa (raw, json)
Hash identifier: VA8R0dehAtpBTmLUgjxImyCT3DBHzwDPo6NN4PwWXt8=
Subject key identifier: 07:63:02:35:A9:34:32:B4:CA:C0:DC:B9:8B:D9:44:B1:EF:DC:FA:51
Certificate issuer: /CN=7b9447fe9a4acc7d6ff72d6c798d43d66cd50c3f
Certificate serial: 0197CC5A0B927DD2004075ACA7B65B8DCD2A
Authority key identifier: 7B:94:47:FE:9A:4A:CC:7D:6F:F7:2D:6C:79:8D:43:D6:6C:D5:0C:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e5RH_ppKzH1v9y1seY1D1mzVDD8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/B2MCNak0MrTKwNy5i9lEse_c-lE.roa
Signing time: Wed 02 Jul 2025 18:15:42 +0000
ROA not before: Wed 02 Jul 2025 18:15:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206873
IP address blocks: 2a11:3086::/32 maxlen: 32
2a11:d386::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 10 Jul 2025 15:45:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:cc:5a:0b:92:7d:d2:00:40:75:ac:a7:b6:5b:8d:cd:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b9447fe9a4acc7d6ff72d6c798d43d66cd50c3f
Validity
Not Before: Jul 2 18:15:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=07630235a93432b4cac0dcb98bd944b1efdcfa51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:80:a6:38:1f:54:8b:d1:29:51:da:d0:34:d6:
bc:ae:74:1f:23:d3:ed:0e:cf:75:77:b0:b8:b9:48:
53:c0:70:6f:99:7b:f6:42:1b:0d:92:74:d8:e6:be:
1f:9a:b6:96:9a:74:ea:d9:1a:ec:db:e5:e4:e4:7d:
c9:5b:da:6f:4b:c7:3e:0c:4f:f9:60:3f:34:1f:4b:
dc:be:f4:8b:d2:23:37:28:9b:8e:7a:6b:73:a1:a7:
7c:0a:b1:d9:c5:7e:4e:9c:53:7b:c9:74:7a:2b:cc:
21:e1:6b:c0:20:ae:08:27:16:b1:34:d0:2e:40:f1:
3a:9d:5f:ac:e2:b1:c1:3f:b8:6b:3a:26:62:39:1e:
71:81:0c:99:f9:b6:87:06:df:9b:fb:17:a1:63:0e:
b2:94:24:a0:ca:7a:51:d1:6b:b3:ee:ad:84:c4:ee:
ab:f2:72:72:83:9d:93:b4:46:2a:b7:73:94:fd:2c:
b5:ce:89:d7:46:95:94:5a:18:79:40:4b:50:a9:3e:
3e:7e:fc:50:47:39:36:82:20:b8:3d:2f:01:13:3f:
99:22:91:e3:ca:7b:cf:33:70:9d:90:00:40:79:b7:
00:9b:ff:77:c8:fc:f2:02:7b:62:a1:84:2b:77:65:
bc:03:ee:61:05:ed:0b:cf:81:0b:5c:31:e2:74:52:
7e:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:63:02:35:A9:34:32:B4:CA:C0:DC:B9:8B:D9:44:B1:EF:DC:FA:51
X509v3 Authority Key Identifier:
keyid:7B:94:47:FE:9A:4A:CC:7D:6F:F7:2D:6C:79:8D:43:D6:6C:D5:0C:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5RH_ppKzH1v9y1seY1D1mzVDD8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/B2MCNak0MrTKwNy5i9lEse_c-lE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/e5RH_ppKzH1v9y1seY1D1mzVDD8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:3086::/32
2a11:d386::/32
Signature Algorithm: sha256WithRSAEncryption
42:8c:b2:98:b7:d4:27:e6:c0:53:2c:29:a7:93:44:36:3a:7e:
6e:2f:18:a7:77:10:a1:53:ae:92:1a:d8:b1:ac:82:83:c3:af:
5d:46:56:56:e3:67:bc:c5:9e:f6:4d:94:b4:7a:a6:a4:ab:04:
37:e7:1b:76:3f:e7:62:75:73:00:a9:04:db:dd:8b:d1:36:a4:
47:b7:9f:e0:f7:a3:5f:a1:b2:05:fb:19:ac:2e:87:e8:75:f1:
76:49:9c:d0:c3:19:f3:85:d1:42:d2:d4:a7:d7:01:00:a9:25:
bf:e1:c4:ad:61:b1:8d:c9:8a:49:bd:6b:9b:2f:99:1b:a7:d0:
89:35:f4:86:6c:5a:00:67:a8:cb:f4:59:8d:bc:d0:a6:75:24:
69:ad:4d:ea:94:7e:1b:d6:0b:e4:c8:f8:6f:9e:24:c3:a8:ac:
b1:d5:bd:ce:d1:cc:85:6a:c6:20:a4:b1:61:90:b4:e8:25:45:
28:c6:83:e8:3f:bb:5b:70:5b:fe:14:25:04:7c:dc:1a:cf:e9:
d4:ab:8e:67:00:65:08:d7:df:97:9d:ae:9b:a5:40:5a:59:fb:
9e:81:b1:84:35:b8:6f:b8:59:e0:f2:87:b4:1e:4e:4c:89:07:
d2:ae:23:66:fb:73:3a:f5:52:65:3a:84:1d:23:cd:40:61:6f:
c0:01:40:30
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZfMWguSfdIAQHWsp7Zbjc0qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiOTQ0N2ZlOWE0YWNjN2Q2ZmY3MmQ2Yzc5OGQ0M2Q2NmNk
NTBjM2YwHhcNMjUwNzAyMTgxNTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzYzMDIzNWE5MzQzMmI0Y2FjMGRjYjk4YmQ5NDRiMWVmZGNmYTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8YCmOB9Ui9EpUdrQNNa8rnQfI9Pt
Ds91d7C4uUhTwHBvmXv2QhsNknTY5r4fmraWmnTq2Rrs2+Xk5H3JW9pvS8c+DE/5
YD80H0vcvvSL0iM3KJuOemtzoad8CrHZxX5OnFN7yXR6K8wh4WvAIK4IJxaxNNAu
QPE6nV+s4rHBP7hrOiZiOR5xgQyZ+baHBt+b+xehYw6ylCSgynpR0Wuz7q2ExO6r
8nJyg52TtEYqt3OU/Sy1zonXRpWUWhh5QEtQqT4+fvxQRzk2giC4PS8BEz+ZIpHj
ynvPM3CdkABAebcAm/93yPzyAntioYQrd2W8A+5hBe0Lz4ELXDHidFJ+ZQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFAdjAjWpNDK0ysDcuYvZRLHv3PpRMB8GA1UdIwQY
MBaAFHuUR/6aSsx9b/ctbHmNQ9Zs1Qw/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTVSSF9wcEt6SDF2OXkxc2VZMUQxbXpWREQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9hYzI0ZGYtMDlkNi00NDU3LTlkMmUt
OWZjZWI0NWQ2ZmRiLzEvQjJNQ05hazBNclRLd055NWk5bEVzZV9jLWxFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9hYzI0ZGYtMDlkNi00NDU3LTlkMmUtOWZjZWI0NWQ2ZmRi
LzEvZTVSSF9wcEt6SDF2OXkxc2VZMUQxbXpWREQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKhEwhgMF
ACoR04YwDQYJKoZIhvcNAQELBQADggEBAEKMspi31CfmwFMsKaeTRDY6fm4vGKd3
EKFTrpIa2LGsgoPDr11GVlbjZ7zFnvZNlLR6pqSrBDfnG3Y/52J1cwCpBNvdi9E2
pEe3n+D3o1+hsgX7Gawuh+h18XZJnNDDGfOF0ULS1KfXAQCpJb/hxK1hsY3Jikm9
a5svmRun0Ik19IZsWgBnqMv0WY280KZ1JGmtTeqUfhvWC+TI+G+eJMOorLHVvc7R
zIVqxiCksWGQtOglRSjGg+g/u1twW/4UJQR83BrP6dSrjmcAZQjX35edrpulQFpZ
+56BsYQ1uG+4WeDyh7QeTkyJB9KuI2b7czr1UmU6hB0jzUBhb8ABQDA=
-----END CERTIFICATE-----
Generated at Sun Jul 27 07:15:27 2025 by rpki-client