Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/d1ku53c2uTAWpU19wBvZYFC7gdo.roa
File: d1ku53c2uTAWpU19wBvZYFC7gdo.roa (raw, json)
Hash identifier: MmU+ykuE/fDAH1k1WcDQfK8F8EjqSrGoRZvDt4+QLjk=
Subject key identifier: 77:59:2E:E7:77:36:B9:30:16:A5:4D:7D:C0:1B:D9:60:50:BB:81:DA
Certificate issuer: /CN=7b9447fe9a4acc7d6ff72d6c798d43d66cd50c3f
Certificate serial: 0197CC5A0B1A1D8B87016CF2F2666A0FB08F
Authority key identifier: 7B:94:47:FE:9A:4A:CC:7D:6F:F7:2D:6C:79:8D:43:D6:6C:D5:0C:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e5RH_ppKzH1v9y1seY1D1mzVDD8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/d1ku53c2uTAWpU19wBvZYFC7gdo.roa
Signing time: Wed 02 Jul 2025 18:15:42 +0000
ROA not before: Wed 02 Jul 2025 18:15:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204490
IP address blocks: 2a11:21c6::/32 maxlen: 32
2a11:3082::/32 maxlen: 32
2a11:3084::/32 maxlen: 32
2a11:35c0::/32 maxlen: 32
2a11:3d03::/32 maxlen: 32
2a11:7085::/32 maxlen: 32
2a11:d380::/32 maxlen: 32
2a11:d700::/32 maxlen: 32
2a12:35c2::/32 maxlen: 32
2a14:9707::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 02 Jul 2025 18:32:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:cc:5a:0b:1a:1d:8b:87:01:6c:f2:f2:66:6a:0f:b0:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b9447fe9a4acc7d6ff72d6c798d43d66cd50c3f
Validity
Not Before: Jul 2 18:15:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=77592ee77736b93016a54d7dc01bd96050bb81da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:52:44:95:9c:0f:91:bd:88:b5:31:c7:67:c8:
75:d6:c3:f4:da:67:8a:c4:c3:7d:81:89:0e:ae:4b:
1f:06:57:64:8a:16:39:4c:46:ba:7c:56:2f:d5:8b:
84:74:57:b7:c9:a1:13:8b:82:9a:5a:39:58:d7:03:
31:c3:49:39:db:75:30:41:03:44:ae:0d:b0:37:0a:
f4:ac:83:b0:31:38:bf:86:34:09:a6:3f:4d:9b:2b:
96:ce:a7:e1:a9:54:be:ba:cb:05:98:55:d0:15:5e:
92:71:ae:4a:9a:e9:82:39:4a:b7:4c:c2:a4:5d:6e:
05:41:b5:b8:44:ec:58:1e:4c:80:e4:11:91:0d:22:
46:b5:8a:f5:50:dc:b3:d8:7c:6f:02:4c:e6:a2:5c:
cb:61:17:0c:c5:4f:3a:3a:27:fa:12:8a:cc:9b:af:
23:31:d6:3b:e9:0e:86:14:7c:7e:bf:1a:43:76:fc:
a1:80:c1:69:03:b6:49:98:2d:07:87:3f:fd:d1:03:
4c:33:2d:27:f9:38:29:0e:18:bf:f4:3c:ea:96:04:
1b:fc:53:7f:a5:eb:94:c3:c9:51:2f:70:c6:7a:26:
15:5b:ea:d3:d4:15:fd:f3:89:ab:be:df:e1:82:00:
61:7b:26:c6:cb:0b:bf:e0:5a:d7:07:22:5f:eb:8a:
77:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:59:2E:E7:77:36:B9:30:16:A5:4D:7D:C0:1B:D9:60:50:BB:81:DA
X509v3 Authority Key Identifier:
keyid:7B:94:47:FE:9A:4A:CC:7D:6F:F7:2D:6C:79:8D:43:D6:6C:D5:0C:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5RH_ppKzH1v9y1seY1D1mzVDD8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/d1ku53c2uTAWpU19wBvZYFC7gdo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/e5RH_ppKzH1v9y1seY1D1mzVDD8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:21c6::/32
2a11:3082::/32
2a11:3084::/32
2a11:35c0::/32
2a11:3d03::/32
2a11:7085::/32
2a11:d380::/32
2a11:d700::/32
2a12:35c2::/32
2a14:9707::/32
Signature Algorithm: sha256WithRSAEncryption
9a:11:10:1d:ad:47:d1:cc:1b:08:fd:23:fc:49:f0:65:a7:42:
e3:b1:57:68:fb:81:42:43:23:b6:a6:16:e2:95:71:6f:10:82:
a4:d2:27:82:39:48:5e:94:8f:e4:ad:ae:20:ef:78:a6:7c:71:
ca:b1:b5:53:21:bf:d9:89:58:db:52:1a:ab:eb:67:ce:99:3f:
99:38:85:68:a8:0e:ae:be:94:0f:9d:46:fb:5c:73:6d:3f:34:
1f:f6:3a:ac:9f:fb:99:be:7a:cd:d2:3e:a7:7f:75:93:62:25:
b2:67:24:2d:ac:7d:67:c7:29:ef:54:81:5a:00:4c:99:71:07:
b8:60:c1:c3:45:d1:37:3f:01:d2:0b:5a:9e:6d:ca:b6:07:08:
bb:87:85:31:b0:44:d6:0a:f6:d1:5e:0a:80:1e:69:f9:0e:88:
3a:4e:10:ee:80:55:69:cc:bb:a0:8a:d8:0f:1a:e2:8a:7d:bf:
01:ab:1c:74:6a:4c:14:ca:b8:ef:a6:5f:63:02:33:18:0e:c5:
04:77:5e:3a:ad:0b:29:29:52:88:19:3e:0e:22:7c:8a:ed:96:
57:c0:c9:7e:cc:2d:3c:d2:e7:1f:ee:3a:2b:6e:73:f7:d1:20:
8c:fb:f2:00:80:65:bd:3a:31:b7:99:6f:80:7c:3e:4b:f2:d1:
01:0d:31:12
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZfMWgsaHYuHAWzy8mZqD7CPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiOTQ0N2ZlOWE0YWNjN2Q2ZmY3MmQ2Yzc5OGQ0M2Q2NmNk
NTBjM2YwHhcNMjUwNzAyMTgxNTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzU5MmVlNzc3MzZiOTMwMTZhNTRkN2RjMDFiZDk2MDUwYmI4MWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtlJElZwPkb2ItTHHZ8h11sP02meK
xMN9gYkOrksfBldkihY5TEa6fFYv1YuEdFe3yaETi4KaWjlY1wMxw0k523UwQQNE
rg2wNwr0rIOwMTi/hjQJpj9NmyuWzqfhqVS+ussFmFXQFV6Sca5KmumCOUq3TMKk
XW4FQbW4ROxYHkyA5BGRDSJGtYr1UNyz2HxvAkzmolzLYRcMxU86Oif6EorMm68j
MdY76Q6GFHx+vxpDdvyhgMFpA7ZJmC0Hhz/90QNMMy0n+TgpDhi/9DzqlgQb/FN/
peuUw8lRL3DGeiYVW+rT1BX984mrvt/hggBheybGywu/4FrXByJf64p3wQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFHdZLud3NrkwFqVNfcAb2WBQu4HaMB8GA1UdIwQY
MBaAFHuUR/6aSsx9b/ctbHmNQ9Zs1Qw/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTVSSF9wcEt6SDF2OXkxc2VZMUQxbXpWREQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9hYzI0ZGYtMDlkNi00NDU3LTlkMmUt
OWZjZWI0NWQ2ZmRiLzEvZDFrdTUzYzJ1VEFXcFUxOXdCdlpZRkM3Z2RvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9hYzI0ZGYtMDlkNi00NDU3LTlkMmUtOWZjZWI0NWQ2ZmRi
LzEvZTVSSF9wcEt6SDF2OXkxc2VZMUQxbXpWREQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAAjBGAwUAKhEhxgMF
ACoRMIIDBQAqETCEAwUAKhE1wAMFACoRPQMDBQAqEXCFAwUAKhHTgAMFACoR1wAD
BQAqEjXCAwUAKhSXBzANBgkqhkiG9w0BAQsFAAOCAQEAmhEQHa1H0cwbCP0j/Enw
ZadC47FXaPuBQkMjtqYW4pVxbxCCpNIngjlIXpSP5K2uIO94pnxxyrG1UyG/2YlY
21Iaq+tnzpk/mTiFaKgOrr6UD51G+1xzbT80H/Y6rJ/7mb56zdI+p391k2Ilsmck
Lax9Z8cp71SBWgBMmXEHuGDBw0XRNz8B0gtanm3KtgcIu4eFMbBE1gr20V4KgB5p
+Q6IOk4Q7oBVacy7oIrYDxriin2/AascdGpMFMq476ZfYwIzGA7FBHdeOq0LKSlS
iBk+DiJ8iu2WV8DJfswtPNLnH+46K25z99EgjPvyAIBlvToxt5lvgHw+S/LRAQ0x
Eg==
-----END CERTIFICATE-----
Generated at Sun Jul 27 07:10:38 2025 by rpki-client