Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/qG9EJMGiRHLh1b6htqVcJTOGZ8s.roa
File: qG9EJMGiRHLh1b6htqVcJTOGZ8s.roa (raw, json)
Hash identifier: 2iHHmyvgpBOQEjByhKhgrCtd+tOfTD8KkVBlf+XW19w=
Subject key identifier: A8:6F:44:24:C1:A2:44:72:E1:D5:BE:A1:B6:A5:5C:25:33:86:67:CB
Certificate issuer: /CN=7b9447fe9a4acc7d6ff72d6c798d43d66cd50c3f
Certificate serial: 0197ADD5D9B607F6892216311F22D61E1AAF
Authority key identifier: 7B:94:47:FE:9A:4A:CC:7D:6F:F7:2D:6C:79:8D:43:D6:6C:D5:0C:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e5RH_ppKzH1v9y1seY1D1mzVDD8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/qG9EJMGiRHLh1b6htqVcJTOGZ8s.roa
Signing time: Thu 26 Jun 2025 20:02:42 +0000
ROA not before: Thu 26 Jun 2025 20:02:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204916
IP address blocks: 2a11:3081::/32 maxlen: 32
2a11:7082::/32 maxlen: 32
2a12:35c5::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 27 Jun 2025 08:23:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ad:d5:d9:b6:07:f6:89:22:16:31:1f:22:d6:1e:1a:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b9447fe9a4acc7d6ff72d6c798d43d66cd50c3f
Validity
Not Before: Jun 26 20:02:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a86f4424c1a24472e1d5bea1b6a55c25338667cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:57:d8:00:eb:25:06:78:e6:e7:5e:72:bf:10:
d6:63:41:e1:f5:74:24:36:bd:bf:28:f4:13:b4:b4:
8f:74:53:24:e2:00:a5:7a:3e:d5:ff:5b:1c:78:58:
b5:4a:2e:2e:9d:90:8d:59:76:9c:a8:fa:2a:ba:56:
2b:c6:81:52:b5:b3:b8:6e:f5:31:84:1b:65:a7:43:
7c:23:e8:6d:c0:0a:4b:70:a2:b6:40:3f:32:c5:32:
65:36:f0:46:9d:8a:78:ef:18:11:d8:1f:23:75:97:
ed:24:84:ea:20:74:da:85:72:8b:bc:04:0e:2e:93:
f9:e1:7d:1c:af:cb:d8:65:b3:ed:43:38:3f:46:d7:
02:db:40:16:77:45:03:e4:90:35:ba:92:c1:1a:fb:
d3:2a:01:aa:24:05:61:2d:0b:85:cb:12:59:b7:c1:
ad:75:4c:50:50:cf:64:16:0c:22:a7:bc:8c:f2:ae:
04:7e:9b:6e:d9:d3:dd:b7:08:ac:c9:61:6b:8b:b6:
c3:d2:b7:87:77:5f:f2:6e:76:06:29:27:ee:aa:82:
ae:0d:8b:bf:01:a2:b9:4a:09:94:a6:8f:7d:82:c3:
4e:d2:75:ca:13:0f:cd:11:f7:ed:de:da:45:ce:68:
0f:82:44:5b:0b:d5:f1:3e:8e:c1:29:0b:be:f3:78:
ed:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:6F:44:24:C1:A2:44:72:E1:D5:BE:A1:B6:A5:5C:25:33:86:67:CB
X509v3 Authority Key Identifier:
keyid:7B:94:47:FE:9A:4A:CC:7D:6F:F7:2D:6C:79:8D:43:D6:6C:D5:0C:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5RH_ppKzH1v9y1seY1D1mzVDD8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/qG9EJMGiRHLh1b6htqVcJTOGZ8s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/e5RH_ppKzH1v9y1seY1D1mzVDD8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:3081::/32
2a11:7082::/32
2a12:35c5::/32
Signature Algorithm: sha256WithRSAEncryption
6d:83:cb:20:af:c7:fb:be:4a:02:7e:eb:7b:58:34:27:4e:b1:
97:35:6d:e2:89:32:92:3f:b6:6b:a8:ed:f6:24:cc:b5:65:4f:
5a:82:96:24:e9:6c:35:00:71:2f:fd:16:4e:03:86:63:40:50:
05:b4:ba:6f:0d:e4:a8:f9:7c:9e:4c:25:c6:cf:c6:5f:e1:48:
e8:13:a6:23:61:d6:cc:a3:16:32:96:93:8a:11:ae:da:68:8c:
3b:19:2a:33:db:dc:fb:85:90:f7:4e:08:8d:f9:f0:9e:1b:fd:
3c:1f:bc:a3:b1:00:c3:20:b3:dd:8f:23:fc:2a:82:19:19:d6:
44:87:48:26:9d:62:d2:2e:ef:12:d0:98:12:16:e5:e4:2f:4c:
80:90:29:51:ca:29:e1:a2:6a:76:1d:f3:6e:94:02:0f:a3:37:
d9:6b:f3:e5:6a:d9:a8:0f:49:8b:83:ce:38:ad:e3:f6:0e:34:
e4:fc:0a:83:5a:f0:12:fa:d4:fb:d3:0c:79:43:28:f7:af:66:
ea:27:6c:4e:c0:f7:77:84:c4:40:ec:63:e1:67:3f:3d:e9:92:
61:ac:cf:9d:12:56:b7:b3:d9:36:d7:97:5e:59:a4:8e:7e:6e:
07:19:1f:b5:35:31:41:12:0a:b8:b7:be:ac:49:df:ad:80:c6:
3f:18:5e:f5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZet1dm2B/aJIhYxHyLWHhqvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiOTQ0N2ZlOWE0YWNjN2Q2ZmY3MmQ2Yzc5OGQ0M2Q2NmNk
NTBjM2YwHhcNMjUwNjI2MjAwMjQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODZmNDQyNGMxYTI0NDcyZTFkNWJlYTFiNmE1NWMyNTMzODY2N2NiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3VfYAOslBnjm515yvxDWY0Hh9XQk
Nr2/KPQTtLSPdFMk4gClej7V/1sceFi1Si4unZCNWXacqPoqulYrxoFStbO4bvUx
hBtlp0N8I+htwApLcKK2QD8yxTJlNvBGnYp47xgR2B8jdZftJITqIHTahXKLvAQO
LpP54X0cr8vYZbPtQzg/RtcC20AWd0UD5JA1upLBGvvTKgGqJAVhLQuFyxJZt8Gt
dUxQUM9kFgwip7yM8q4Efptu2dPdtwisyWFri7bD0reHd1/ybnYGKSfuqoKuDYu/
AaK5SgmUpo99gsNO0nXKEw/NEfft3tpFzmgPgkRbC9XxPo7BKQu+83jtowIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKhvRCTBokRy4dW+obalXCUzhmfLMB8GA1UdIwQY
MBaAFHuUR/6aSsx9b/ctbHmNQ9Zs1Qw/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTVSSF9wcEt6SDF2OXkxc2VZMUQxbXpWREQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9hYzI0ZGYtMDlkNi00NDU3LTlkMmUt
OWZjZWI0NWQ2ZmRiLzEvcUc5RUpNR2lSSExoMWI2aHRxVmNKVE9HWjhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9hYzI0ZGYtMDlkNi00NDU3LTlkMmUtOWZjZWI0NWQ2ZmRi
LzEvZTVSSF9wcEt6SDF2OXkxc2VZMUQxbXpWREQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKhEwgQMF
ACoRcIIDBQAqEjXFMA0GCSqGSIb3DQEBCwUAA4IBAQBtg8sgr8f7vkoCfut7WDQn
TrGXNW3iiTKSP7ZrqO32JMy1ZU9agpYk6Ww1AHEv/RZOA4ZjQFAFtLpvDeSo+Xye
TCXGz8Zf4UjoE6YjYdbMoxYylpOKEa7aaIw7GSoz29z7hZD3TgiN+fCeG/08H7yj
sQDDILPdjyP8KoIZGdZEh0gmnWLSLu8S0JgSFuXkL0yAkClRyinhomp2HfNulAIP
ozfZa/PlatmoD0mLg844reP2DjTk/AqDWvAS+tT70wx5Qyj3r2bqJ2xOwPd3hMRA
7GPhZz896ZJhrM+dEla3s9k215deWaSOfm4HGR+1NTFBEgq4t76sSd+tgMY/GF71
-----END CERTIFICATE-----
Generated at Sun Jul 27 07:30:20 2025 by rpki-client