Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/E_tZAuUsdiN2zsfYpEEBOGzU-i4.roa
File: E_tZAuUsdiN2zsfYpEEBOGzU-i4.roa (raw, json)
Hash identifier: XsMVH4lE+Luw4csh/q+l/QoJ2Qk+HC9nzs5FP5h+E9Y=
Subject key identifier: 13:FB:59:02:E5:2C:76:23:76:CE:C7:D8:A4:41:01:38:6C:D4:FA:2E
Certificate issuer: /CN=7b9447fe9a4acc7d6ff72d6c798d43d66cd50c3f
Certificate serial: 01977FC2BC94D2910682D0612CC80E26EECB
Authority key identifier: 7B:94:47:FE:9A:4A:CC:7D:6F:F7:2D:6C:79:8D:43:D6:6C:D5:0C:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e5RH_ppKzH1v9y1seY1D1mzVDD8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/E_tZAuUsdiN2zsfYpEEBOGzU-i4.roa
Signing time: Tue 17 Jun 2025 21:19:17 +0000
ROA not before: Tue 17 Jun 2025 21:19:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204916
IP address blocks: 2a11:3081::/32 maxlen: 32
2a11:7082::/32 maxlen: 32
2a14:9700::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 20 Jun 2025 18:51:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:7f:c2:bc:94:d2:91:06:82:d0:61:2c:c8:0e:26:ee:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b9447fe9a4acc7d6ff72d6c798d43d66cd50c3f
Validity
Not Before: Jun 17 21:19:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=13fb5902e52c762376cec7d8a44101386cd4fa2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:aa:ec:6e:52:30:30:30:3f:e2:1e:2e:f4:7e:
fb:2b:3c:bd:c5:7e:77:a9:d2:0a:60:bd:1d:99:ad:
d8:ca:4d:f9:bd:d0:cd:a6:19:ed:53:a6:25:05:33:
3d:19:36:09:8f:41:cf:dc:44:05:5a:bf:8e:74:75:
af:fc:07:6f:03:27:b3:84:8e:06:1e:aa:43:e1:94:
16:14:24:92:a6:04:76:fb:64:bb:7f:2b:f4:90:26:
4d:cb:11:26:a7:93:fe:b9:58:76:6f:e9:a2:7e:1c:
69:5f:27:e7:55:2a:98:a0:6a:43:f6:d2:23:09:45:
8e:5f:fa:65:17:c3:dd:cf:e7:ca:e1:86:59:a9:85:
1f:a1:db:ea:1a:29:bb:18:21:ac:71:8c:59:f1:52:
4a:32:ab:4d:31:b0:0c:49:62:a7:e6:ef:0e:43:47:
d6:ae:a4:bd:38:30:d9:22:c7:f5:04:24:d0:c2:34:
97:98:13:b7:d8:15:7e:ff:00:b3:11:08:96:24:de:
03:93:78:16:4e:a7:82:90:a1:f1:02:4a:d3:16:8f:
81:60:9f:35:c6:a5:db:b5:57:e1:2e:5f:82:00:51:
6a:a1:3c:3a:3e:d0:2c:79:36:3b:d7:fa:99:61:1f:
50:08:1a:d0:25:92:50:ef:43:f4:07:1e:95:eb:49:
c2:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:FB:59:02:E5:2C:76:23:76:CE:C7:D8:A4:41:01:38:6C:D4:FA:2E
X509v3 Authority Key Identifier:
keyid:7B:94:47:FE:9A:4A:CC:7D:6F:F7:2D:6C:79:8D:43:D6:6C:D5:0C:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5RH_ppKzH1v9y1seY1D1mzVDD8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/E_tZAuUsdiN2zsfYpEEBOGzU-i4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/e5RH_ppKzH1v9y1seY1D1mzVDD8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:3081::/32
2a11:7082::/32
2a14:9700::/32
Signature Algorithm: sha256WithRSAEncryption
c4:67:54:ce:fe:fb:60:3b:46:eb:d8:32:3e:39:27:b7:40:b7:
61:df:00:0d:40:d6:da:9b:79:31:59:d4:26:56:ad:8d:1f:2f:
84:82:b7:22:8f:db:48:5d:4c:81:41:eb:6f:5e:38:ab:52:6a:
25:37:41:7c:65:4d:e8:8d:49:53:58:1b:cd:4c:b1:66:3a:09:
e4:9a:a2:cc:74:28:cd:6c:86:bc:0a:a0:5d:5e:c1:73:79:97:
51:d3:d5:78:fa:80:7d:cf:7a:b6:fd:cb:0d:9a:14:19:9b:20:
1b:fe:5a:2a:0f:61:62:6b:31:b8:2c:89:84:4c:c7:ce:20:43:
4d:39:e0:b7:6a:d7:44:c8:54:95:17:fb:17:06:72:b0:56:a1:
72:d2:bf:ef:27:7c:58:9a:a3:90:95:5f:b4:a1:79:59:30:02:
3e:6e:7c:25:89:e6:9a:70:a5:ca:4b:92:a8:90:de:f1:0d:88:
8b:9c:f5:84:12:ce:ae:d7:f4:7f:5e:ee:f7:1c:48:89:90:97:
11:63:52:3b:6d:ef:0a:26:1d:52:8e:32:26:33:fd:ce:61:eb:
84:c3:e4:cb:fa:df:a2:f1:51:8b:7d:d2:2a:2d:d5:de:f2:f0:
20:fa:da:65:ad:01:70:f9:46:97:7b:2f:c6:a1:70:71:24:6c:
78:79:58:a1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZd/wryU0pEGgtBhLMgOJu7LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiOTQ0N2ZlOWE0YWNjN2Q2ZmY3MmQ2Yzc5OGQ0M2Q2NmNk
NTBjM2YwHhcNMjUwNjE3MjExOTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxM2ZiNTkwMmU1MmM3NjIzNzZjZWM3ZDhhNDQxMDEzODZjZDRmYTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKrsblIwMDA/4h4u9H77Kzy9xX53
qdIKYL0dma3Yyk35vdDNphntU6YlBTM9GTYJj0HP3EQFWr+OdHWv/AdvAyezhI4G
HqpD4ZQWFCSSpgR2+2S7fyv0kCZNyxEmp5P+uVh2b+mifhxpXyfnVSqYoGpD9tIj
CUWOX/plF8Pdz+fK4YZZqYUfodvqGim7GCGscYxZ8VJKMqtNMbAMSWKn5u8OQ0fW
rqS9ODDZIsf1BCTQwjSXmBO32BV+/wCzEQiWJN4Dk3gWTqeCkKHxAkrTFo+BYJ81
xqXbtVfhLl+CAFFqoTw6PtAseTY71/qZYR9QCBrQJZJQ70P0Bx6V60nCOwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBP7WQLlLHYjds7H2KRBAThs1PouMB8GA1UdIwQY
MBaAFHuUR/6aSsx9b/ctbHmNQ9Zs1Qw/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTVSSF9wcEt6SDF2OXkxc2VZMUQxbXpWREQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9hYzI0ZGYtMDlkNi00NDU3LTlkMmUt
OWZjZWI0NWQ2ZmRiLzEvRV90WkF1VXNkaU4yenNmWXBFRUJPR3pVLWk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9hYzI0ZGYtMDlkNi00NDU3LTlkMmUtOWZjZWI0NWQ2ZmRi
LzEvZTVSSF9wcEt6SDF2OXkxc2VZMUQxbXpWREQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKhEwgQMF
ACoRcIIDBQAqFJcAMA0GCSqGSIb3DQEBCwUAA4IBAQDEZ1TO/vtgO0br2DI+OSe3
QLdh3wANQNbam3kxWdQmVq2NHy+Egrcij9tIXUyBQetvXjirUmolN0F8ZU3ojUlT
WBvNTLFmOgnkmqLMdCjNbIa8CqBdXsFzeZdR09V4+oB9z3q2/csNmhQZmyAb/loq
D2FiazG4LImETMfOIENNOeC3atdEyFSVF/sXBnKwVqFy0r/vJ3xYmqOQlV+0oXlZ
MAI+bnwlieaacKXKS5KokN7xDYiLnPWEEs6u1/R/Xu73HEiJkJcRY1I7be8KJh1S
jjImM/3OYeuEw+TL+t+i8VGLfdIqLdXe8vAg+tplrQFw+UaXey/GoXBxJGx4eVih
-----END CERTIFICATE-----
Generated at Sun Jul 27 07:12:01 2025 by rpki-client