Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/l-F1zUJNKat7TeyM-6PQW2fGbcg.roa
File: l-F1zUJNKat7TeyM-6PQW2fGbcg.roa (raw, json)
Hash identifier: 4i/amGr4upDL0PtLgp6ZdniWU9xAb6iUGQ8txrF/ao4=
Subject key identifier: 97:E1:75:CD:42:4D:29:AB:7B:4D:EC:8C:FB:A3:D0:5B:67:C6:6D:C8
Certificate issuer: /CN=7b9447fe9a4acc7d6ff72d6c798d43d66cd50c3f
Certificate serial: 01978801B7A1AB3797664DDF6D793B2E215A
Authority key identifier: 7B:94:47:FE:9A:4A:CC:7D:6F:F7:2D:6C:79:8D:43:D6:6C:D5:0C:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e5RH_ppKzH1v9y1seY1D1mzVDD8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/l-F1zUJNKat7TeyM-6PQW2fGbcg.roa
Signing time: Thu 19 Jun 2025 11:45:03 +0000
ROA not before: Thu 19 Jun 2025 11:45:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204490
IP address blocks: 2a11:21c1::/32 maxlen: 32
2a11:3085::/32 maxlen: 32
2a11:35c4::/32 maxlen: 32
2a11:3d00::/32 maxlen: 32
2a11:3d04::/32 maxlen: 32
2a11:7083::/32 maxlen: 32
2a11:d381::/32 maxlen: 32
2a11:d703::/32 maxlen: 32
2a12:24c3::/32 maxlen: 32
2a12:41c1::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 20 Jun 2025 18:50:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:88:01:b7:a1:ab:37:97:66:4d:df:6d:79:3b:2e:21:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b9447fe9a4acc7d6ff72d6c798d43d66cd50c3f
Validity
Not Before: Jun 19 11:45:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=97e175cd424d29ab7b4dec8cfba3d05b67c66dc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:81:10:63:2f:88:8f:9f:23:50:7f:97:6e:a3:
ad:8a:21:05:bb:e9:3f:93:b0:bd:7f:64:c5:05:18:
d7:ca:f6:50:56:2c:db:50:e6:0e:82:ac:a1:96:a7:
2a:73:3f:ad:e4:e8:53:e6:75:9b:9f:fe:cd:3e:f8:
f3:1f:7c:49:4c:41:9a:c0:fb:e6:ee:54:04:20:4a:
ca:5e:41:88:fd:c7:94:8f:29:a0:54:d5:63:1b:2f:
61:ea:2e:42:ce:4b:1d:e4:40:60:7a:6e:c4:a5:2c:
cd:89:f9:a8:51:a9:7f:67:b9:b4:46:ed:48:f3:24:
df:cf:22:6b:d9:25:6c:11:69:0e:e1:26:17:06:bb:
ae:08:1e:1b:28:68:fb:22:11:0c:8c:b8:71:3b:5f:
83:e8:36:7b:3f:19:44:f3:5c:e6:90:48:c9:16:d3:
c2:a3:37:7a:c3:62:ba:1e:46:09:7b:2b:9d:70:12:
13:21:0d:a2:59:de:48:9a:ea:a6:6d:4f:16:2d:72:
13:31:a0:e8:dd:0a:de:9c:8d:30:93:f7:25:e5:cc:
62:37:af:52:5d:08:29:80:e1:e1:2d:00:77:9c:a6:
db:82:95:02:e9:19:0a:07:90:53:5a:63:8d:74:75:
9e:fa:86:19:6b:c1:6c:b1:34:c0:8a:44:46:90:2f:
61:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:E1:75:CD:42:4D:29:AB:7B:4D:EC:8C:FB:A3:D0:5B:67:C6:6D:C8
X509v3 Authority Key Identifier:
keyid:7B:94:47:FE:9A:4A:CC:7D:6F:F7:2D:6C:79:8D:43:D6:6C:D5:0C:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5RH_ppKzH1v9y1seY1D1mzVDD8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/l-F1zUJNKat7TeyM-6PQW2fGbcg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/e5RH_ppKzH1v9y1seY1D1mzVDD8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:21c1::/32
2a11:3085::/32
2a11:35c4::/32
2a11:3d00::/32
2a11:3d04::/32
2a11:7083::/32
2a11:d381::/32
2a11:d703::/32
2a12:24c3::/32
2a12:41c1::/32
Signature Algorithm: sha256WithRSAEncryption
0e:64:95:d6:e5:61:0f:34:3c:cd:98:28:67:f3:c4:6e:97:f1:
26:27:00:08:04:e7:d2:85:94:a6:37:6b:06:41:fb:0e:17:d8:
ac:4c:aa:2a:f8:e0:60:f8:e7:9a:5d:f1:fd:73:7d:0a:9d:8f:
8f:ef:a1:3d:03:c9:fa:19:ad:54:5b:6f:21:c1:50:79:77:cb:
8a:b4:a4:12:cb:bc:d3:67:0b:08:5c:dc:06:49:6b:ba:24:80:
55:be:6b:c9:bf:6c:55:a4:9d:8d:e3:a7:a3:eb:95:06:72:f7:
d3:b5:1a:80:17:c9:cd:87:37:97:4a:c1:c5:cb:a2:3d:3e:db:
5b:ab:64:01:02:7b:e0:b5:40:c8:da:22:63:49:f0:aa:65:a8:
f0:58:5b:a6:95:0d:75:cd:71:c1:ca:24:aa:76:e8:79:e3:02:
a2:53:f8:b6:4d:af:62:e5:b0:f6:f0:0f:1d:24:20:66:23:1d:
f3:ae:bf:78:f6:64:f8:72:e8:f1:06:67:10:05:85:70:10:14:
9e:b9:3c:8d:2a:6c:af:d7:f8:39:63:ea:58:7d:57:33:11:77:
44:0a:99:bb:ba:15:9a:f5:96:33:cb:c1:9f:1e:e3:ca:5d:27:
24:f3:17:de:a4:79:a5:56:35:bc:74:63:82:86:22:0d:cc:1c:
29:1d:0f:5c
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZeIAbehqzeXZk3fbXk7LiFaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiOTQ0N2ZlOWE0YWNjN2Q2ZmY3MmQ2Yzc5OGQ0M2Q2NmNk
NTBjM2YwHhcNMjUwNjE5MTE0NTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2UxNzVjZDQyNGQyOWFiN2I0ZGVjOGNmYmEzZDA1YjY3YzY2ZGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqYEQYy+Ij58jUH+XbqOtiiEFu+k/
k7C9f2TFBRjXyvZQVizbUOYOgqyhlqcqcz+t5OhT5nWbn/7NPvjzH3xJTEGawPvm
7lQEIErKXkGI/ceUjymgVNVjGy9h6i5Czksd5EBgem7EpSzNifmoUal/Z7m0Ru1I
8yTfzyJr2SVsEWkO4SYXBruuCB4bKGj7IhEMjLhxO1+D6DZ7PxlE81zmkEjJFtPC
ozd6w2K6HkYJeyudcBITIQ2iWd5ImuqmbU8WLXITMaDo3QrenI0wk/cl5cxiN69S
XQgpgOHhLQB3nKbbgpUC6RkKB5BTWmONdHWe+oYZa8FssTTAikRGkC9hwwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFJfhdc1CTSmre03sjPuj0Ftnxm3IMB8GA1UdIwQY
MBaAFHuUR/6aSsx9b/ctbHmNQ9Zs1Qw/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTVSSF9wcEt6SDF2OXkxc2VZMUQxbXpWREQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9hYzI0ZGYtMDlkNi00NDU3LTlkMmUt
OWZjZWI0NWQ2ZmRiLzEvbC1GMXpVSk5LYXQ3VGV5TS02UFFXMmZHYmNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9hYzI0ZGYtMDlkNi00NDU3LTlkMmUtOWZjZWI0NWQ2ZmRi
LzEvZTVSSF9wcEt6SDF2OXkxc2VZMUQxbXpWREQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAAjBGAwUAKhEhwQMF
ACoRMIUDBQAqETXEAwUAKhE9AAMFACoRPQQDBQAqEXCDAwUAKhHTgQMFACoR1wMD
BQAqEiTDAwUAKhJBwTANBgkqhkiG9w0BAQsFAAOCAQEADmSV1uVhDzQ8zZgoZ/PE
bpfxJicACATn0oWUpjdrBkH7DhfYrEyqKvjgYPjnml3x/XN9Cp2Pj++hPQPJ+hmt
VFtvIcFQeXfLirSkEsu802cLCFzcBklruiSAVb5ryb9sVaSdjeOno+uVBnL307Ua
gBfJzYc3l0rBxcuiPT7bW6tkAQJ74LVAyNoiY0nwqmWo8FhbppUNdc1xwcokqnbo
eeMColP4tk2vYuWw9vAPHSQgZiMd866/ePZk+HLo8QZnEAWFcBAUnrk8jSpsr9f4
OWPqWH1XMxF3RAqZu7oVmvWWM8vBnx7jyl0nJPMX3qR5pVY1vHRjgoYiDcwcKR0P
XA==
-----END CERTIFICATE-----
Generated at Sun Jul 27 07:10:50 2025 by rpki-client