Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/PzoMdbsLSPkJnViAz1MwzO-qUzY.roa
File: PzoMdbsLSPkJnViAz1MwzO-qUzY.roa (raw, json)
Hash identifier: rMo9Po6MhTvqbUHk1GO2xF43xKAxM19DdE1ehtw8Z5E=
Subject key identifier: 3F:3A:0C:75:BB:0B:48:F9:09:9D:58:80:CF:53:30:CC:EF:AA:53:36
Certificate issuer: /CN=7b9447fe9a4acc7d6ff72d6c798d43d66cd50c3f
Certificate serial: 0197CC5BDF61C4482DD38AF2E27D48D67BEC
Authority key identifier: 7B:94:47:FE:9A:4A:CC:7D:6F:F7:2D:6C:79:8D:43:D6:6C:D5:0C:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e5RH_ppKzH1v9y1seY1D1mzVDD8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/PzoMdbsLSPkJnViAz1MwzO-qUzY.roa
Signing time: Wed 02 Jul 2025 18:17:42 +0000
ROA not before: Wed 02 Jul 2025 18:17:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204916
IP address blocks: 2a11:21c2::/32 maxlen: 32
2a11:7086::/32 maxlen: 32
2a12:24c1::/32 maxlen: 32
2a12:35c5::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 10 Jul 2025 15:37:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:cc:5b:df:61:c4:48:2d:d3:8a:f2:e2:7d:48:d6:7b:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b9447fe9a4acc7d6ff72d6c798d43d66cd50c3f
Validity
Not Before: Jul 2 18:17:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3f3a0c75bb0b48f9099d5880cf5330ccefaa5336
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:eb:2a:09:5d:ab:0a:cb:66:b0:d0:15:b3:42:
22:fc:46:6a:31:b3:91:d3:77:0e:c7:87:05:64:3c:
74:86:6d:ae:1f:a5:5d:7f:0b:ec:9e:41:98:b1:2d:
05:bf:e3:f4:57:3c:f2:ea:97:32:48:70:6d:44:38:
30:f2:b0:63:54:45:7f:b5:76:df:24:6b:f8:d6:34:
6c:ff:f5:f9:66:fe:40:ff:a2:c4:9d:02:50:cc:52:
e5:9a:8a:05:a3:d7:1b:87:99:da:32:f0:f3:c0:ab:
7f:98:13:5e:ea:e1:4b:8a:a9:fc:58:0f:92:b1:1b:
31:34:08:36:d5:b8:2d:5d:81:ce:50:fe:ac:6c:4b:
cd:26:35:b1:ed:c9:26:e8:c6:de:57:2a:e7:f6:d7:
b4:6c:3a:e8:04:5c:da:7f:e0:00:81:d0:34:36:bf:
53:e0:85:e2:77:8b:fe:07:1b:50:66:b4:76:07:a8:
93:a7:99:f1:b6:5c:cf:7b:c5:d3:fa:97:73:f0:12:
a2:98:b6:91:80:9f:c4:0e:a0:3c:b0:fd:d4:f0:11:
88:6d:f8:2e:bf:f4:97:0a:ea:bb:58:ad:4c:d2:d3:
78:81:ce:9c:57:da:db:f1:46:1e:50:ad:ee:e6:6e:
c0:5f:68:f8:58:4d:c5:69:9b:93:b6:ea:3e:0e:ad:
1a:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:3A:0C:75:BB:0B:48:F9:09:9D:58:80:CF:53:30:CC:EF:AA:53:36
X509v3 Authority Key Identifier:
keyid:7B:94:47:FE:9A:4A:CC:7D:6F:F7:2D:6C:79:8D:43:D6:6C:D5:0C:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5RH_ppKzH1v9y1seY1D1mzVDD8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/PzoMdbsLSPkJnViAz1MwzO-qUzY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/e5RH_ppKzH1v9y1seY1D1mzVDD8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:21c2::/32
2a11:7086::/32
2a12:24c1::/32
2a12:35c5::/32
Signature Algorithm: sha256WithRSAEncryption
2c:95:58:4f:c4:c9:1f:2a:ce:38:91:bd:f0:b4:52:9e:99:a8:
1a:73:6a:d9:3f:25:9d:82:a9:71:7e:13:29:01:14:c6:aa:48:
a1:1c:26:27:9a:a3:a5:6b:42:6f:88:f9:9f:e4:39:1b:07:5a:
b4:44:2f:e3:f1:47:15:46:b9:44:41:85:4c:72:50:6a:0c:0d:
ae:3e:00:5c:7b:32:c6:bd:be:f6:70:5b:e8:8d:5c:13:01:5f:
47:5f:a0:fe:3f:13:71:c6:a0:20:2d:e8:82:ef:35:45:85:6e:
f2:5c:af:8d:1f:70:4f:d3:ee:e1:46:e1:8a:28:13:a5:24:5e:
c6:56:7c:35:24:78:95:a1:57:9c:c0:6e:8c:18:c1:05:52:14:
94:a3:7d:03:0c:83:f0:ff:a8:4f:7c:62:07:a1:8e:a4:eb:54:
0b:59:08:29:ce:1d:cd:2e:f4:f9:49:d4:ed:8d:70:f3:29:30:
ca:03:f3:15:4a:4c:39:22:3a:a9:ac:9c:b7:1e:1d:16:55:3d:
6f:f3:46:70:14:ec:e1:f5:c9:e8:76:66:fa:88:e1:a7:03:ff:
21:57:e0:11:9f:c4:b6:6c:85:94:05:09:11:bd:ae:ec:2f:bb:
06:9a:78:b5:08:67:cc:58:2a:e6:dd:60:2d:2c:20:a1:2e:e4:
02:18:88:e4
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZfMW99hxEgt04ry4n1I1nvsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiOTQ0N2ZlOWE0YWNjN2Q2ZmY3MmQ2Yzc5OGQ0M2Q2NmNk
NTBjM2YwHhcNMjUwNzAyMTgxNzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjNhMGM3NWJiMGI0OGY5MDk5ZDU4ODBjZjUzMzBjY2VmYWE1MzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzusqCV2rCstmsNAVs0Ii/EZqMbOR
03cOx4cFZDx0hm2uH6VdfwvsnkGYsS0Fv+P0Vzzy6pcySHBtRDgw8rBjVEV/tXbf
JGv41jRs//X5Zv5A/6LEnQJQzFLlmooFo9cbh5naMvDzwKt/mBNe6uFLiqn8WA+S
sRsxNAg21bgtXYHOUP6sbEvNJjWx7ckm6MbeVyrn9te0bDroBFzaf+AAgdA0Nr9T
4IXid4v+BxtQZrR2B6iTp5nxtlzPe8XT+pdz8BKimLaRgJ/EDqA8sP3U8BGIbfgu
v/SXCuq7WK1M0tN4gc6cV9rb8UYeUK3u5m7AX2j4WE3FaZuTtuo+Dq0aqwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFD86DHW7C0j5CZ1YgM9TMMzvqlM2MB8GA1UdIwQY
MBaAFHuUR/6aSsx9b/ctbHmNQ9Zs1Qw/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTVSSF9wcEt6SDF2OXkxc2VZMUQxbXpWREQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9hYzI0ZGYtMDlkNi00NDU3LTlkMmUt
OWZjZWI0NWQ2ZmRiLzEvUHpvTWRic0xTUGtKblZpQXoxTXd6Ty1xVXpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9hYzI0ZGYtMDlkNi00NDU3LTlkMmUtOWZjZWI0NWQ2ZmRi
LzEvZTVSSF9wcEt6SDF2OXkxc2VZMUQxbXpWREQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUAKhEhwgMF
ACoRcIYDBQAqEiTBAwUAKhI1xTANBgkqhkiG9w0BAQsFAAOCAQEALJVYT8TJHyrO
OJG98LRSnpmoGnNq2T8lnYKpcX4TKQEUxqpIoRwmJ5qjpWtCb4j5n+Q5GwdatEQv
4/FHFUa5REGFTHJQagwNrj4AXHsyxr2+9nBb6I1cEwFfR1+g/j8TccagIC3ogu81
RYVu8lyvjR9wT9Pu4UbhiigTpSRexlZ8NSR4laFXnMBujBjBBVIUlKN9AwyD8P+o
T3xiB6GOpOtUC1kIKc4dzS70+UnU7Y1w8ykwygPzFUpMOSI6qayctx4dFlU9b/NG
cBTs4fXJ6HZm+ojhpwP/IVfgEZ/EtmyFlAUJEb2u7C+7Bpp4tQhnzFgq5t1gLSwg
oS7kAhiI5A==
-----END CERTIFICATE-----
Generated at Sun Jul 27 07:10:10 2025 by rpki-client