Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/JEITH9AAdoKjfCECdKzeM6anfWM.roa
File: JEITH9AAdoKjfCECdKzeM6anfWM.roa (raw, json)
Hash identifier: GhboczoFf4bWvkMcsv8InbG0dm6oVKEuMJFFoS1iYow=
Subject key identifier: 24:42:13:1F:D0:00:76:82:A3:7C:21:02:74:AC:DE:33:A6:A7:7D:63
Certificate issuer: /CN=7b9447fe9a4acc7d6ff72d6c798d43d66cd50c3f
Certificate serial: 0197B07C4089A26A8496B5BAEBEE74E7BB53
Authority key identifier: 7B:94:47:FE:9A:4A:CC:7D:6F:F7:2D:6C:79:8D:43:D6:6C:D5:0C:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e5RH_ppKzH1v9y1seY1D1mzVDD8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/JEITH9AAdoKjfCECdKzeM6anfWM.roa
Signing time: Fri 27 Jun 2025 08:23:42 +0000
ROA not before: Fri 27 Jun 2025 08:23:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204916
IP address blocks: 2a11:21c2::/32 maxlen: 32
2a11:3081::/32 maxlen: 32
2a11:7082::/32 maxlen: 32
2a12:24c1::/32 maxlen: 32
2a12:35c5::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 27 Jun 2025 16:21:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b0:7c:40:89:a2:6a:84:96:b5:ba:eb:ee:74:e7:bb:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b9447fe9a4acc7d6ff72d6c798d43d66cd50c3f
Validity
Not Before: Jun 27 08:23:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2442131fd0007682a37c210274acde33a6a77d63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:ce:6c:17:f5:af:49:c2:6c:20:6c:bb:5b:92:
d0:8a:7c:0c:31:20:4f:ce:49:4c:81:f5:e3:1d:08:
84:c2:8d:2a:4d:39:2b:87:d0:69:cc:84:02:99:90:
6e:54:7d:cd:c6:70:43:5d:63:4e:0c:57:73:b0:17:
8f:2a:67:ff:15:c8:df:0c:42:ba:16:8d:88:a7:94:
5a:90:8e:75:8b:54:1c:41:a2:17:b3:fc:b9:df:f7:
0c:b0:6c:3d:a1:12:55:a5:d2:23:37:d9:c5:48:44:
97:10:c5:ed:90:d8:16:9d:09:dc:be:70:53:ba:0a:
62:cc:28:4e:c5:6a:c2:d5:ff:0f:1a:ce:67:f2:69:
d1:3f:50:68:f1:b5:fd:39:5a:5e:77:76:68:00:5c:
bd:b8:84:27:a9:03:c4:eb:bc:72:59:be:87:92:0f:
55:ec:f6:6c:c7:4b:65:d5:75:d2:7a:c1:16:d0:69:
fb:b6:2d:8a:33:90:11:b3:dd:ef:b8:10:38:a9:88:
e4:12:0a:18:1b:b8:b4:98:d4:cf:1f:84:08:2c:d9:
d9:e2:29:f0:67:f4:79:1f:02:23:14:da:48:d7:f3:
f3:c5:7a:7b:5b:d7:96:0f:35:8d:f4:73:71:e8:6f:
f3:03:3d:3e:86:79:59:9f:49:a6:d7:c6:06:3d:38:
85:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:42:13:1F:D0:00:76:82:A3:7C:21:02:74:AC:DE:33:A6:A7:7D:63
X509v3 Authority Key Identifier:
keyid:7B:94:47:FE:9A:4A:CC:7D:6F:F7:2D:6C:79:8D:43:D6:6C:D5:0C:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5RH_ppKzH1v9y1seY1D1mzVDD8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/JEITH9AAdoKjfCECdKzeM6anfWM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/e5RH_ppKzH1v9y1seY1D1mzVDD8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:21c2::/32
2a11:3081::/32
2a11:7082::/32
2a12:24c1::/32
2a12:35c5::/32
Signature Algorithm: sha256WithRSAEncryption
33:4c:ff:ed:2c:ae:ba:a6:7b:dd:7e:9d:6a:02:18:52:86:ca:
69:7f:fe:ee:9a:7a:bc:55:a0:e8:e9:e0:8e:d8:d8:85:79:20:
3b:24:8a:31:e3:ae:2b:dc:f3:23:3e:7f:fe:73:a8:87:5b:0e:
63:c9:74:c0:a9:10:ee:39:16:bc:bd:c7:05:80:ab:dd:1d:f3:
aa:81:4d:1a:05:aa:94:53:3e:b7:aa:fc:12:48:b2:81:50:d1:
ca:2a:14:01:9e:05:77:27:17:12:48:18:e8:fc:52:1e:32:c0:
98:e3:93:cd:2f:18:6a:20:bb:65:ad:54:7d:87:9f:f2:5a:7e:
6f:93:82:3f:d3:74:23:4e:4a:1d:19:89:c1:80:4f:eb:8d:f1:
25:91:69:52:eb:78:b3:fa:ac:82:0a:1d:e5:52:c9:14:de:8c:
a4:55:d0:f9:cd:c2:7d:0b:fd:c8:2b:62:22:6e:db:94:f5:d9:
a5:f9:a5:0e:24:ce:3a:69:07:05:c9:31:32:35:8c:22:bb:32:
5f:24:8f:11:0e:67:8c:35:de:14:96:48:f7:1e:e2:08:35:ba:
9a:b7:6f:e0:df:ca:e7:2c:a1:0b:b3:71:be:1d:0f:ed:24:cf:
84:95:03:e8:f5:80:a0:d7:2c:68:35:3d:8c:0a:82:51:2c:ba:
c4:bf:9f:64
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZewfECJomqElrW66+5057tTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiOTQ0N2ZlOWE0YWNjN2Q2ZmY3MmQ2Yzc5OGQ0M2Q2NmNk
NTBjM2YwHhcNMjUwNjI3MDgyMzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDQyMTMxZmQwMDA3NjgyYTM3YzIxMDI3NGFjZGUzM2E2YTc3ZDYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyc5sF/WvScJsIGy7W5LQinwMMSBP
zklMgfXjHQiEwo0qTTkrh9BpzIQCmZBuVH3NxnBDXWNODFdzsBePKmf/FcjfDEK6
Fo2Ip5RakI51i1QcQaIXs/y53/cMsGw9oRJVpdIjN9nFSESXEMXtkNgWnQncvnBT
ugpizChOxWrC1f8PGs5n8mnRP1Bo8bX9OVped3ZoAFy9uIQnqQPE67xyWb6Hkg9V
7PZsx0tl1XXSesEW0Gn7ti2KM5ARs93vuBA4qYjkEgoYG7i0mNTPH4QILNnZ4inw
Z/R5HwIjFNpI1/PzxXp7W9eWDzWN9HNx6G/zAz0+hnlZn0mm18YGPTiFuQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFCRCEx/QAHaCo3whAnSs3jOmp31jMB8GA1UdIwQY
MBaAFHuUR/6aSsx9b/ctbHmNQ9Zs1Qw/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTVSSF9wcEt6SDF2OXkxc2VZMUQxbXpWREQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9hYzI0ZGYtMDlkNi00NDU3LTlkMmUt
OWZjZWI0NWQ2ZmRiLzEvSkVJVEg5QUFkb0tqZkNFQ2RLemVNNmFuZldNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9hYzI0ZGYtMDlkNi00NDU3LTlkMmUtOWZjZWI0NWQ2ZmRi
LzEvZTVSSF9wcEt6SDF2OXkxc2VZMUQxbXpWREQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUAKhEhwgMF
ACoRMIEDBQAqEXCCAwUAKhIkwQMFACoSNcUwDQYJKoZIhvcNAQELBQADggEBADNM
/+0srrqme91+nWoCGFKGyml//u6aerxVoOjp4I7Y2IV5IDskijHjrivc8yM+f/5z
qIdbDmPJdMCpEO45Fry9xwWAq90d86qBTRoFqpRTPreq/BJIsoFQ0coqFAGeBXcn
FxJIGOj8Uh4ywJjjk80vGGogu2WtVH2Hn/Jafm+Tgj/TdCNOSh0ZicGAT+uN8SWR
aVLreLP6rIIKHeVSyRTejKRV0PnNwn0L/cgrYiJu25T12aX5pQ4kzjppBwXJMTI1
jCK7Ml8kjxEOZ4w13hSWSPce4gg1upq3b+DfyucsoQuzcb4dD+0kz4SVA+j1gKDX
LGg1PYwKglEsusS/n2Q=
-----END CERTIFICATE-----
Generated at Sun Jul 27 07:09:58 2025 by rpki-client