Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/TPuaAVLFlxX1Qa9PPgCGBaCrsqw.roa
File: TPuaAVLFlxX1Qa9PPgCGBaCrsqw.roa (raw, json)
Hash identifier: qB5cfuD0Wz7vGA6err7xZu6cpNXgylA/hIXHS1qU7+E=
Subject key identifier: 4C:FB:9A:01:52:C5:97:15:F5:41:AF:4F:3E:00:86:05:A0:AB:B2:AC
Certificate issuer: /CN=7b9447fe9a4acc7d6ff72d6c798d43d66cd50c3f
Certificate serial: 0197F50312AB76FEAA712A587494DCF1AE50
Authority key identifier: 7B:94:47:FE:9A:4A:CC:7D:6F:F7:2D:6C:79:8D:43:D6:6C:D5:0C:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e5RH_ppKzH1v9y1seY1D1mzVDD8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/TPuaAVLFlxX1Qa9PPgCGBaCrsqw.roa
Signing time: Thu 10 Jul 2025 15:45:08 +0000
ROA not before: Thu 10 Jul 2025 15:45:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204916
IP address blocks: 2a11:7086::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 14 Jul 2025 17:04:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:f5:03:12:ab:76:fe:aa:71:2a:58:74:94:dc:f1:ae:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b9447fe9a4acc7d6ff72d6c798d43d66cd50c3f
Validity
Not Before: Jul 10 15:45:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4cfb9a0152c59715f541af4f3e008605a0abb2ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:f6:bc:1c:7c:de:c5:3e:d9:a3:e1:d2:b1:88:
10:eb:84:4e:10:aa:7a:6d:e2:32:f1:b4:03:74:14:
f4:e9:2b:9a:61:ac:c5:c9:3a:70:0e:3d:44:ce:d6:
32:aa:15:16:ac:b3:22:2e:d1:0a:07:e7:fa:2b:7f:
b1:df:d7:eb:6c:44:e9:0a:4b:34:df:18:05:83:10:
e7:86:9c:83:9f:eb:33:98:96:d7:46:ef:6e:9b:f7:
69:b0:64:d9:fe:8d:02:68:ec:af:d3:95:ef:ba:b3:
b4:be:6a:4d:58:4a:d4:0d:b9:50:5f:a8:f9:71:d3:
fc:51:7e:28:a0:ad:93:c9:83:17:93:b5:c3:24:12:
49:eb:7e:d2:cd:b9:49:9b:a6:82:59:1c:02:97:dd:
44:a9:b6:3c:2a:d7:16:ae:da:82:90:86:7c:8e:e9:
01:ad:71:7e:11:0a:02:b0:6b:dc:2c:83:4c:44:1d:
cc:ff:d6:41:e7:ec:31:52:2d:bf:94:4e:e6:dc:47:
52:22:59:dd:f6:3f:19:82:c8:6e:fc:95:98:cd:7d:
75:78:bb:78:ef:86:74:da:03:1c:33:00:5d:99:79:
af:74:55:06:e5:14:56:29:ec:f1:ba:36:c0:10:b2:
00:6c:df:a0:18:c2:bb:fb:58:10:63:b7:46:81:29:
55:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:FB:9A:01:52:C5:97:15:F5:41:AF:4F:3E:00:86:05:A0:AB:B2:AC
X509v3 Authority Key Identifier:
keyid:7B:94:47:FE:9A:4A:CC:7D:6F:F7:2D:6C:79:8D:43:D6:6C:D5:0C:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5RH_ppKzH1v9y1seY1D1mzVDD8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/TPuaAVLFlxX1Qa9PPgCGBaCrsqw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/e5RH_ppKzH1v9y1seY1D1mzVDD8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:7086::/32
Signature Algorithm: sha256WithRSAEncryption
2b:1e:7a:fe:93:76:9e:13:26:8c:8e:70:1c:fa:25:ea:88:82:
c2:ad:d8:95:2b:5d:94:03:ed:ad:28:c4:d6:3a:ad:3a:75:35:
0d:ce:83:3c:8d:c1:f7:fc:26:95:ce:4f:ff:c2:25:3d:ec:9e:
4a:62:06:a2:3c:57:62:62:b4:28:0c:1c:ad:55:6a:92:31:31:
85:53:38:d7:bc:c2:dd:4e:23:e3:bf:9a:d2:1e:9e:9a:f4:0b:
8f:d8:aa:71:ab:0b:c4:4f:28:c0:49:48:ed:9a:63:07:ee:6e:
2e:3a:f3:76:12:a4:ec:80:d5:fb:af:32:33:6d:78:6e:07:e1:
a6:a5:75:39:fb:42:e3:d0:ed:cb:65:cf:ca:df:7d:d5:05:97:
05:04:29:81:b9:ea:f7:89:71:5e:1e:7b:1b:5a:d5:40:31:55:
a7:62:f2:f7:81:33:1e:29:12:28:4a:b7:59:85:e8:90:26:fb:
fb:3b:21:0e:71:38:b3:e4:5c:d5:27:28:fc:cb:14:93:76:5f:
61:19:7b:ab:a2:8e:aa:57:14:6f:83:5f:6f:bb:7f:29:fb:20:
74:f4:09:9e:81:7f:79:36:70:ac:9b:07:43:bd:16:88:4f:5f:
31:23:3e:0b:56:f0:59:28:88:ac:c8:7c:69:4c:11:f3:01:9d:
d6:03:6f:ee
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZf1AxKrdv6qcSpYdJTc8a5QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiOTQ0N2ZlOWE0YWNjN2Q2ZmY3MmQ2Yzc5OGQ0M2Q2NmNk
NTBjM2YwHhcNMjUwNzEwMTU0NTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2ZiOWEwMTUyYzU5NzE1ZjU0MWFmNGYzZTAwODYwNWEwYWJiMmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvPa8HHzexT7Zo+HSsYgQ64ROEKp6
beIy8bQDdBT06SuaYazFyTpwDj1EztYyqhUWrLMiLtEKB+f6K3+x39frbETpCks0
3xgFgxDnhpyDn+szmJbXRu9um/dpsGTZ/o0CaOyv05XvurO0vmpNWErUDblQX6j5
cdP8UX4ooK2TyYMXk7XDJBJJ637SzblJm6aCWRwCl91EqbY8KtcWrtqCkIZ8jukB
rXF+EQoCsGvcLINMRB3M/9ZB5+wxUi2/lE7m3EdSIlnd9j8Zgshu/JWYzX11eLt4
74Z02gMcMwBdmXmvdFUG5RRWKezxujbAELIAbN+gGMK7+1gQY7dGgSlV0wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFEz7mgFSxZcV9UGvTz4AhgWgq7KsMB8GA1UdIwQY
MBaAFHuUR/6aSsx9b/ctbHmNQ9Zs1Qw/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTVSSF9wcEt6SDF2OXkxc2VZMUQxbXpWREQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9hYzI0ZGYtMDlkNi00NDU3LTlkMmUt
OWZjZWI0NWQ2ZmRiLzEvVFB1YUFWTEZseFgxUWE5UFBnQ0dCYUNyc3F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9hYzI0ZGYtMDlkNi00NDU3LTlkMmUtOWZjZWI0NWQ2ZmRi
LzEvZTVSSF9wcEt6SDF2OXkxc2VZMUQxbXpWREQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhFwhjAN
BgkqhkiG9w0BAQsFAAOCAQEAKx56/pN2nhMmjI5wHPol6oiCwq3YlStdlAPtrSjE
1jqtOnU1Dc6DPI3B9/wmlc5P/8IlPeyeSmIGojxXYmK0KAwcrVVqkjExhVM417zC
3U4j47+a0h6emvQLj9iqcasLxE8owElI7ZpjB+5uLjrzdhKk7IDV+68yM214bgfh
pqV1OftC49Dty2XPyt991QWXBQQpgbnq94lxXh57G1rVQDFVp2Ly94EzHikSKEq3
WYXokCb7+zshDnE4s+Rc1Sco/MsUk3ZfYRl7q6KOqlcUb4Nfb7t/KfsgdPQJnoF/
eTZwrJsHQ70WiE9fMSM+C1bwWSiIrMh8aUwR8wGd1gNv7g==
-----END CERTIFICATE-----
Generated at Sun Jul 27 07:30:31 2025 by rpki-client