Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/L2pPh60pSeFj1pzRLTHMjwtdnUc.roa
File: L2pPh60pSeFj1pzRLTHMjwtdnUc.roa (raw, json)
Hash identifier: MdVcObZRosJFoGs7uVMaIo/Ni0EY2Jz/4NoJjf6YsWg=
Subject key identifier: 2F:6A:4F:87:AD:29:49:E1:63:D6:9C:D1:2D:31:CC:8F:0B:5D:9D:47
Certificate issuer: /CN=7b9447fe9a4acc7d6ff72d6c798d43d66cd50c3f
Certificate serial: 01977FC3A5965250A1129FD753BC7A096F8A
Authority key identifier: 7B:94:47:FE:9A:4A:CC:7D:6F:F7:2D:6C:79:8D:43:D6:6C:D5:0C:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e5RH_ppKzH1v9y1seY1D1mzVDD8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/L2pPh60pSeFj1pzRLTHMjwtdnUc.roa
Signing time: Tue 17 Jun 2025 21:20:17 +0000
ROA not before: Tue 17 Jun 2025 21:20:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206873
IP address blocks: 2a11:3083::/32 maxlen: 32
2a11:35c5::/32 maxlen: 32
2a11:3d06::/32 maxlen: 32
2a11:d383::/32 maxlen: 32
2a11:d705::/32 maxlen: 32
2a12:35c6::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 20 Jun 2025 18:47:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:7f:c3:a5:96:52:50:a1:12:9f:d7:53:bc:7a:09:6f:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b9447fe9a4acc7d6ff72d6c798d43d66cd50c3f
Validity
Not Before: Jun 17 21:20:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2f6a4f87ad2949e163d69cd12d31cc8f0b5d9d47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:b4:15:03:e7:77:ee:28:99:cb:1a:73:05:be:
cd:85:d5:df:ce:1e:64:2e:07:b6:5b:6f:d2:27:fc:
99:cc:77:bf:42:76:89:dc:47:05:32:6e:71:66:be:
95:56:88:0e:a5:99:f2:a8:4e:88:11:c8:c6:35:88:
f3:b0:26:55:04:a5:14:31:62:76:3c:f0:f1:63:fe:
f2:e2:ff:07:df:1e:f9:45:eb:b6:54:09:e4:e7:25:
49:35:18:7a:19:e8:e0:d8:2b:75:a8:f4:51:12:30:
8b:3a:50:a2:6f:a4:b4:0e:91:98:3e:d7:d3:54:42:
f7:a8:cd:18:ef:ae:12:56:e7:d3:d6:5a:08:47:b5:
a5:5e:a0:be:83:4d:84:17:7f:c8:fe:0f:be:f0:43:
54:d8:dd:4a:26:99:20:74:35:83:8a:fb:09:9a:c4:
6a:8b:8c:ba:0b:74:29:d1:6c:ee:81:b2:9c:bf:01:
30:92:ab:b7:16:91:5f:b3:21:fd:72:aa:81:f6:1e:
b5:08:33:7f:89:65:56:22:b2:53:2c:af:d8:9b:87:
c3:1f:f3:0a:99:d8:7c:1c:ec:26:f5:96:6d:a2:70:
d6:6e:35:00:9b:56:67:6a:ed:47:c5:91:ec:5e:ea:
af:96:33:57:f8:40:49:60:eb:34:b0:af:ec:4f:e6:
f8:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:6A:4F:87:AD:29:49:E1:63:D6:9C:D1:2D:31:CC:8F:0B:5D:9D:47
X509v3 Authority Key Identifier:
keyid:7B:94:47:FE:9A:4A:CC:7D:6F:F7:2D:6C:79:8D:43:D6:6C:D5:0C:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5RH_ppKzH1v9y1seY1D1mzVDD8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/L2pPh60pSeFj1pzRLTHMjwtdnUc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/e5RH_ppKzH1v9y1seY1D1mzVDD8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:3083::/32
2a11:35c5::/32
2a11:3d06::/32
2a11:d383::/32
2a11:d705::/32
2a12:35c6::/32
Signature Algorithm: sha256WithRSAEncryption
31:df:74:6e:11:d9:86:2c:04:b3:c5:a2:e9:7f:0d:7a:47:65:
70:2d:a2:73:78:89:03:7a:6e:b8:e9:e1:70:18:43:e3:69:eb:
d0:f7:b0:a3:f9:38:0e:f4:17:31:3c:68:a8:cd:2f:3e:e8:42:
57:7d:8f:d3:ca:23:ab:59:40:70:9b:ef:0f:e4:49:b1:a2:ba:
06:2d:1f:24:40:ca:7c:11:f3:a6:ac:fa:1a:3f:5a:cb:51:f0:
30:30:0f:0a:b8:1e:9d:7b:ed:a5:f9:0a:02:b2:c8:ea:00:f8:
68:9f:67:cd:80:d0:8c:51:1e:07:d3:d9:7d:70:37:c5:f5:0c:
be:e8:a7:cc:42:1a:9b:b2:94:c1:53:60:70:d6:a5:23:16:c1:
15:8c:e5:58:00:6c:b6:fc:1c:49:15:d8:20:ef:7f:94:52:48:
56:fb:77:22:e8:ae:09:a1:dd:7a:48:c6:2d:96:00:c4:50:f7:
2a:e6:8b:a8:85:ba:9b:1d:74:de:22:6c:e0:d5:88:3e:8b:07:
4f:29:72:ca:88:b0:f9:9e:1f:24:88:ce:0c:56:8c:46:ee:4c:
51:01:59:69:78:35:dd:af:5d:48:18:3b:00:3a:dd:3b:66:7c:
fc:f3:03:e6:e8:e9:1b:ee:e5:08:09:59:d6:b3:1e:b8:b8:fb:
2e:5a:47:4c
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZd/w6WWUlChEp/XU7x6CW+KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiOTQ0N2ZlOWE0YWNjN2Q2ZmY3MmQ2Yzc5OGQ0M2Q2NmNk
NTBjM2YwHhcNMjUwNjE3MjEyMDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjZhNGY4N2FkMjk0OWUxNjNkNjljZDEyZDMxY2M4ZjBiNWQ5ZDQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzbQVA+d37iiZyxpzBb7NhdXfzh5k
Lge2W2/SJ/yZzHe/QnaJ3EcFMm5xZr6VVogOpZnyqE6IEcjGNYjzsCZVBKUUMWJ2
PPDxY/7y4v8H3x75Reu2VAnk5yVJNRh6Gejg2Ct1qPRREjCLOlCib6S0DpGYPtfT
VEL3qM0Y764SVufT1loIR7WlXqC+g02EF3/I/g++8ENU2N1KJpkgdDWDivsJmsRq
i4y6C3Qp0WzugbKcvwEwkqu3FpFfsyH9cqqB9h61CDN/iWVWIrJTLK/Ym4fDH/MK
mdh8HOwm9ZZtonDWbjUAm1Znau1HxZHsXuqvljNX+EBJYOs0sK/sT+b4vQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFC9qT4etKUnhY9ac0S0xzI8LXZ1HMB8GA1UdIwQY
MBaAFHuUR/6aSsx9b/ctbHmNQ9Zs1Qw/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTVSSF9wcEt6SDF2OXkxc2VZMUQxbXpWREQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9hYzI0ZGYtMDlkNi00NDU3LTlkMmUt
OWZjZWI0NWQ2ZmRiLzEvTDJwUGg2MHBTZUZqMXB6UkxUSE1qd3RkblVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9hYzI0ZGYtMDlkNi00NDU3LTlkMmUtOWZjZWI0NWQ2ZmRi
LzEvZTVSSF9wcEt6SDF2OXkxc2VZMUQxbXpWREQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUAKhEwgwMF
ACoRNcUDBQAqET0GAwUAKhHTgwMFACoR1wUDBQAqEjXGMA0GCSqGSIb3DQEBCwUA
A4IBAQAx33RuEdmGLASzxaLpfw16R2VwLaJzeIkDem646eFwGEPjaevQ97Cj+TgO
9BcxPGiozS8+6EJXfY/TyiOrWUBwm+8P5EmxoroGLR8kQMp8EfOmrPoaP1rLUfAw
MA8KuB6de+2l+QoCssjqAPhon2fNgNCMUR4H09l9cDfF9Qy+6KfMQhqbspTBU2Bw
1qUjFsEVjOVYAGy2/BxJFdgg73+UUkhW+3ci6K4Jod16SMYtlgDEUPcq5ouohbqb
HXTeImzg1Yg+iwdPKXLKiLD5nh8kiM4MVoxG7kxRAVlpeDXdr11IGDsAOt07Znz8
8wPm6Okb7uUICVnWsx64uPsuWkdM
-----END CERTIFICATE-----
Generated at Sun Jul 27 07:30:18 2025 by rpki-client