Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/YgsfqmESSpuX_4nwybGDnnD43wk.roa
File: YgsfqmESSpuX_4nwybGDnnD43wk.roa (raw, json)
Hash identifier: e8D4cn2AzF22kCY1Oee/BbfipkKfPF1Bvhcm/xHqEz0=
Subject key identifier: 62:0B:1F:AA:61:12:4A:9B:97:FF:89:F0:C9:B1:83:9E:70:F8:DF:09
Certificate issuer: /CN=7b9447fe9a4acc7d6ff72d6c798d43d66cd50c3f
Certificate serial: 0197F503127CD6DA6E69A07893C928FF5910
Authority key identifier: 7B:94:47:FE:9A:4A:CC:7D:6F:F7:2D:6C:79:8D:43:D6:6C:D5:0C:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e5RH_ppKzH1v9y1seY1D1mzVDD8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/YgsfqmESSpuX_4nwybGDnnD43wk.roa
Signing time: Thu 10 Jul 2025 15:45:08 +0000
ROA not before: Thu 10 Jul 2025 15:45:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204490
IP address blocks: 2a11:3082::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 22 Jul 2025 19:49:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:f5:03:12:7c:d6:da:6e:69:a0:78:93:c9:28:ff:59:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b9447fe9a4acc7d6ff72d6c798d43d66cd50c3f
Validity
Not Before: Jul 10 15:45:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=620b1faa61124a9b97ff89f0c9b1839e70f8df09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:8a:cb:a0:9a:e7:cf:0f:d8:6e:67:ce:50:1e:
c3:fd:5a:88:88:1d:2f:b3:3a:09:b6:5a:b5:9e:02:
0a:31:03:01:e7:6c:b4:21:a2:62:9b:9e:27:bc:55:
3e:00:01:d6:71:eb:f3:ba:df:d5:ce:63:c8:9b:15:
fe:c7:b4:e2:de:bd:06:81:cc:73:a8:ce:af:fd:47:
fe:f9:a7:8d:7b:7e:a4:7d:0a:9c:41:80:6b:e5:a3:
b0:04:31:95:40:5b:83:4e:b1:9d:cb:66:8a:85:ac:
43:4e:f0:73:50:df:1f:17:6a:21:2b:8d:18:4c:7f:
cd:f7:d7:7f:f8:18:ec:3e:00:5d:07:1a:c6:4e:0c:
8a:7a:5e:04:e1:fd:f4:86:d3:84:69:5e:ca:c1:b4:
fa:f5:f5:cb:f6:a3:6d:92:5e:05:d4:d1:72:c8:92:
9d:50:47:74:ed:00:c4:82:6f:7b:8b:0f:fc:bf:db:
3f:03:93:77:d2:d6:9f:57:d8:45:10:3b:c7:36:3b:
aa:6a:a0:15:9b:ee:f2:57:16:75:48:19:07:46:3f:
11:24:73:56:78:ce:dd:a3:44:df:df:58:e3:ab:f7:
84:3a:da:35:58:48:15:99:c1:ad:11:90:e1:18:af:
4f:59:ec:cb:41:72:4c:35:0c:ed:8b:6b:2c:67:3e:
5e:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:0B:1F:AA:61:12:4A:9B:97:FF:89:F0:C9:B1:83:9E:70:F8:DF:09
X509v3 Authority Key Identifier:
keyid:7B:94:47:FE:9A:4A:CC:7D:6F:F7:2D:6C:79:8D:43:D6:6C:D5:0C:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5RH_ppKzH1v9y1seY1D1mzVDD8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/YgsfqmESSpuX_4nwybGDnnD43wk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/e5RH_ppKzH1v9y1seY1D1mzVDD8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:3082::/32
Signature Algorithm: sha256WithRSAEncryption
7a:45:a3:38:4f:9b:68:7f:ed:04:00:18:c5:87:a1:0a:e3:c8:
49:d3:54:36:2a:2e:1a:0a:6c:40:c6:55:1b:d7:c1:a7:2d:88:
64:23:5a:1a:bb:11:b6:bd:ab:4a:0f:00:93:f0:84:23:2b:ec:
b2:73:c3:41:53:87:91:b7:71:5c:36:ed:b9:b4:74:c6:04:31:
07:ef:d0:73:12:79:32:28:be:f6:ec:4c:cf:bc:ad:c2:8a:f1:
ad:02:14:40:46:2d:98:6f:1b:6a:d9:4f:2b:9e:d1:7f:68:7c:
8a:3a:a6:3e:07:b0:38:d6:06:e7:e8:96:cb:bf:63:00:25:5f:
6a:8e:7a:39:ad:41:d0:6e:5a:d1:dc:a7:61:8a:e0:0c:30:e1:
94:7d:57:50:f9:04:b6:9a:11:1e:a4:8b:b2:51:62:e8:e8:cc:
82:54:e3:94:d0:c6:ba:dc:0d:df:62:fb:2a:da:46:52:9f:be:
d2:43:c1:f4:5d:6b:05:5c:31:2d:c7:29:0c:17:13:c4:17:a8:
10:af:d2:88:04:24:cd:8a:a0:01:e0:4b:9a:44:c2:bb:61:87:
f1:d8:e5:c7:e4:92:43:48:6c:ea:3b:86:a5:d2:27:5a:89:14:
e8:63:c2:03:00:07:1d:df:54:3d:3f:00:d5:17:cc:bb:94:bb:
81:c6:1a:fb
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZf1AxJ81tpuaaB4k8ko/1kQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiOTQ0N2ZlOWE0YWNjN2Q2ZmY3MmQ2Yzc5OGQ0M2Q2NmNk
NTBjM2YwHhcNMjUwNzEwMTU0NTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjBiMWZhYTYxMTI0YTliOTdmZjg5ZjBjOWIxODM5ZTcwZjhkZjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy4rLoJrnzw/YbmfOUB7D/VqIiB0v
szoJtlq1ngIKMQMB52y0IaJim54nvFU+AAHWcevzut/VzmPImxX+x7Ti3r0Ggcxz
qM6v/Uf++aeNe36kfQqcQYBr5aOwBDGVQFuDTrGdy2aKhaxDTvBzUN8fF2ohK40Y
TH/N99d/+BjsPgBdBxrGTgyKel4E4f30htOEaV7KwbT69fXL9qNtkl4F1NFyyJKd
UEd07QDEgm97iw/8v9s/A5N30tafV9hFEDvHNjuqaqAVm+7yVxZ1SBkHRj8RJHNW
eM7do0Tf31jjq/eEOto1WEgVmcGtEZDhGK9PWezLQXJMNQzti2ssZz5emQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFGILH6phEkqbl/+J8Mmxg55w+N8JMB8GA1UdIwQY
MBaAFHuUR/6aSsx9b/ctbHmNQ9Zs1Qw/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTVSSF9wcEt6SDF2OXkxc2VZMUQxbXpWREQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9hYzI0ZGYtMDlkNi00NDU3LTlkMmUt
OWZjZWI0NWQ2ZmRiLzEvWWdzZnFtRVNTcHVYXzRud3liR0RubkQ0M3drLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9hYzI0ZGYtMDlkNi00NDU3LTlkMmUtOWZjZWI0NWQ2ZmRi
LzEvZTVSSF9wcEt6SDF2OXkxc2VZMUQxbXpWREQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhEwgjAN
BgkqhkiG9w0BAQsFAAOCAQEAekWjOE+baH/tBAAYxYehCuPISdNUNiouGgpsQMZV
G9fBpy2IZCNaGrsRtr2rSg8Ak/CEIyvssnPDQVOHkbdxXDbtubR0xgQxB+/QcxJ5
Mii+9uxMz7ytworxrQIUQEYtmG8batlPK57Rf2h8ijqmPgewONYG5+iWy79jACVf
ao56Oa1B0G5a0dynYYrgDDDhlH1XUPkEtpoRHqSLslFi6OjMglTjlNDGutwN32L7
KtpGUp++0kPB9F1rBVwxLccpDBcTxBeoEK/SiAQkzYqgAeBLmkTCu2GH8djlx+SS
Q0hs6juGpdInWokU6GPCAwAHHd9UPT8A1RfMu5S7gcYa+w==
-----END CERTIFICATE-----
Generated at Sun Jul 27 07:10:49 2025 by rpki-client