Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/TwhX8zsoZYl1oRu8TBQrtckgyVc.roa
File: TwhX8zsoZYl1oRu8TBQrtckgyVc.roa (raw, json)
Hash identifier: dA9Q2+ADlnYOTnbuzEOXQ/TGtuJYaRoyQdGzHrTlV2A=
Subject key identifier: 4F:08:57:F3:3B:28:65:89:75:A1:1B:BC:4C:14:2B:B5:C9:20:C9:57
Certificate issuer: /CN=7b9447fe9a4acc7d6ff72d6c798d43d66cd50c3f
Certificate serial: 01975DBD51CE73A2649F883ED8788F9D021B
Authority key identifier: 7B:94:47:FE:9A:4A:CC:7D:6F:F7:2D:6C:79:8D:43:D6:6C:D5:0C:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e5RH_ppKzH1v9y1seY1D1mzVDD8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/TwhX8zsoZYl1oRu8TBQrtckgyVc.roa
Signing time: Wed 11 Jun 2025 06:46:17 +0000
ROA not before: Wed 11 Jun 2025 06:46:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209641
IP address blocks: 2a09:da46::/32 maxlen: 32
2a0c:ac0::/32 maxlen: 32
2a0c:ac4::/32 maxlen: 32
2a0d:adc7::/32 maxlen: 32
2a11:5a45::/32 maxlen: 32
2a12:7307::/32 maxlen: 32
2a14:9701::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 17 Jun 2025 21:21:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:5d:bd:51:ce:73:a2:64:9f:88:3e:d8:78:8f:9d:02:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b9447fe9a4acc7d6ff72d6c798d43d66cd50c3f
Validity
Not Before: Jun 11 06:46:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4f0857f33b28658975a11bbc4c142bb5c920c957
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:6f:b8:c1:bf:d9:0c:5f:ef:ea:cd:e8:53:8d:
95:f7:1d:15:12:e2:56:49:6b:ca:65:ef:8b:1d:84:
7f:0e:9a:76:2c:f0:f0:c4:4e:82:43:9e:2c:5d:e8:
e3:11:01:33:64:13:d6:4e:53:a3:0c:6e:2a:5f:08:
89:ee:bb:17:9d:3c:89:ee:91:f7:95:54:9e:b3:48:
06:c1:36:91:45:5b:bb:e4:0b:fb:b5:ed:ee:e0:45:
01:7a:72:08:b9:ee:11:7c:3e:89:df:8e:55:4f:35:
cc:6d:aa:33:32:2b:02:7e:89:33:2f:89:8f:4b:c3:
45:08:05:4e:6e:83:f5:29:46:f7:c7:bb:29:22:a2:
72:e4:61:f2:07:e6:3b:ad:c4:3a:ea:e3:5e:85:6d:
3c:19:f4:b9:4e:fd:05:8d:77:03:70:72:4d:9c:9c:
66:fd:6c:93:28:f9:5f:12:e5:73:5c:4a:28:b9:00:
fd:e5:76:59:f6:27:13:0b:a8:39:62:8d:9f:4a:3c:
f9:59:6a:44:40:94:0a:26:23:2c:e4:d6:61:e6:6e:
b6:73:cb:ab:81:6e:4e:1f:bd:bf:b8:7a:4e:79:3e:
51:24:14:f9:86:e7:43:7e:a2:2a:19:31:2a:a9:75:
56:06:79:e2:2c:62:65:44:0d:92:a6:67:35:57:1d:
c0:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:08:57:F3:3B:28:65:89:75:A1:1B:BC:4C:14:2B:B5:C9:20:C9:57
X509v3 Authority Key Identifier:
keyid:7B:94:47:FE:9A:4A:CC:7D:6F:F7:2D:6C:79:8D:43:D6:6C:D5:0C:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5RH_ppKzH1v9y1seY1D1mzVDD8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/TwhX8zsoZYl1oRu8TBQrtckgyVc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/e5RH_ppKzH1v9y1seY1D1mzVDD8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:da46::/32
2a0c:ac0::/32
2a0c:ac4::/32
2a0d:adc7::/32
2a11:5a45::/32
2a12:7307::/32
2a14:9701::/32
Signature Algorithm: sha256WithRSAEncryption
b7:55:f3:32:66:f4:da:d9:cf:ce:24:d9:25:11:d8:33:a6:b8:
7d:a1:7d:f6:f5:f0:ae:86:70:ff:77:4b:ee:ee:6e:22:8c:f2:
52:cf:0a:1a:37:24:91:d0:3f:d8:53:4a:72:40:a1:47:db:14:
df:13:2e:e6:1f:e0:17:81:ce:ba:f4:02:a1:66:eb:a6:59:15:
fa:dc:9b:59:02:5b:fa:c3:b0:74:8f:d6:48:13:70:9b:77:c5:
25:63:a8:c7:03:e5:20:95:2f:2b:b5:75:6b:f0:ba:ce:61:10:
e4:a0:b9:21:ee:0d:9c:0f:8c:94:8f:5f:32:d2:fa:1f:07:b3:
3b:33:c7:60:75:a3:5c:2d:7f:70:63:7d:28:54:28:01:8a:bb:
2e:cf:d0:2f:4b:46:71:a2:0f:f9:ba:eb:84:9e:80:d5:4e:93:
f8:d6:22:eb:55:68:f6:b8:58:55:24:d1:13:e8:27:28:34:28:
b0:26:eb:01:ef:45:b8:b7:04:00:bc:58:2d:dc:24:34:f9:2e:
98:b4:a7:fa:d3:9b:f7:5c:d8:dd:0f:80:8f:c2:bd:ac:ac:3b:
dc:49:df:8f:dc:40:8d:ed:14:43:6e:50:4d:37:98:3a:3f:77:
b3:a1:4c:4e:54:93:45:82:42:cb:d6:be:70:22:8c:d1:33:7e:
99:1e:01:bd
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZddvVHOc6Jkn4g+2HiPnQIbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiOTQ0N2ZlOWE0YWNjN2Q2ZmY3MmQ2Yzc5OGQ0M2Q2NmNk
NTBjM2YwHhcNMjUwNjExMDY0NjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjA4NTdmMzNiMjg2NTg5NzVhMTFiYmM0YzE0MmJiNWM5MjBjOTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvW+4wb/ZDF/v6s3oU42V9x0VEuJW
SWvKZe+LHYR/Dpp2LPDwxE6CQ54sXejjEQEzZBPWTlOjDG4qXwiJ7rsXnTyJ7pH3
lVSes0gGwTaRRVu75Av7te3u4EUBenIIue4RfD6J345VTzXMbaozMisCfokzL4mP
S8NFCAVOboP1KUb3x7spIqJy5GHyB+Y7rcQ66uNehW08GfS5Tv0FjXcDcHJNnJxm
/WyTKPlfEuVzXEoouQD95XZZ9icTC6g5Yo2fSjz5WWpEQJQKJiMs5NZh5m62c8ur
gW5OH72/uHpOeT5RJBT5hudDfqIqGTEqqXVWBnniLGJlRA2Spmc1Vx3AhwIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFE8IV/M7KGWJdaEbvEwUK7XJIMlXMB8GA1UdIwQY
MBaAFHuUR/6aSsx9b/ctbHmNQ9Zs1Qw/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTVSSF9wcEt6SDF2OXkxc2VZMUQxbXpWREQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9hYzI0ZGYtMDlkNi00NDU3LTlkMmUt
OWZjZWI0NWQ2ZmRiLzEvVHdoWDh6c29aWWwxb1J1OFRCUXJ0Y2tneVZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9hYzI0ZGYtMDlkNi00NDU3LTlkMmUtOWZjZWI0NWQ2ZmRi
LzEvZTVSSF9wcEt6SDF2OXkxc2VZMUQxbXpWREQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAAjAxAwUAKgnaRgMF
ACoMCsADBQAqDArEAwUAKg2txwMFACoRWkUDBQAqEnMHAwUAKhSXATANBgkqhkiG
9w0BAQsFAAOCAQEAt1XzMmb02tnPziTZJRHYM6a4faF99vXwroZw/3dL7u5uIozy
Us8KGjckkdA/2FNKckChR9sU3xMu5h/gF4HOuvQCoWbrplkV+tybWQJb+sOwdI/W
SBNwm3fFJWOoxwPlIJUvK7V1a/C6zmEQ5KC5Ie4NnA+MlI9fMtL6HwezOzPHYHWj
XC1/cGN9KFQoAYq7Ls/QL0tGcaIP+brrhJ6A1U6T+NYi61Vo9rhYVSTRE+gnKDQo
sCbrAe9FuLcEALxYLdwkNPkumLSn+tOb91zY3Q+Aj8K9rKw73Enfj9xAje0UQ25Q
TTeYOj93s6FMTlSTRYJCy9a+cCKM0TN+mR4BvQ==
-----END CERTIFICATE-----
Generated at Sun Jul 27 07:10:51 2025 by rpki-client