Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/pz3Pgc1RlJvU6-2sQyO4MCeY8Ew.roa
File: pz3Pgc1RlJvU6-2sQyO4MCeY8Ew.roa (raw, json)
Hash identifier: lsjgyguhN95eyw2yLltvFCuImh5P3TswDXa8Bs7aFxg=
Subject key identifier: A7:3D:CF:81:CD:51:94:9B:D4:EB:ED:AC:43:23:B8:30:27:98:F0:4C
Certificate issuer: /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial: 0196C9B4C8FA7AB2021BDCFF3428417ED6C8
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/pz3Pgc1RlJvU6-2sQyO4MCeY8Ew.roa
Signing time: Tue 13 May 2025 12:53:10 +0000
ROA not before: Tue 13 May 2025 12:53:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213861
IP address blocks: 2a11:3b40::/29 maxlen: 32
2a13:ba00::/29 maxlen: 29
2a14:c0::/29 maxlen: 29
2a14:f40::/29 maxlen: 32
Validation: Failed, certificate revoked on Fri 16 May 2025 20:43:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c9:b4:c8:fa:7a:b2:02:1b:dc:ff:34:28:41:7e:d6:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Validity
Not Before: May 13 12:53:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a73dcf81cd51949bd4ebedac4323b8302798f04c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:a6:e5:33:6d:52:bd:80:8a:a4:84:95:fe:20:
79:39:b1:98:4b:dd:07:13:19:43:88:9f:5d:aa:cd:
91:83:4d:13:7f:55:56:7b:c6:bf:cc:0a:d1:9e:4d:
3f:86:e4:2e:5b:a7:fd:28:44:7b:3c:dc:ad:9b:3d:
f0:00:67:61:e4:de:ce:3f:92:f2:ec:8a:21:53:d4:
06:5d:21:ac:a4:8f:cc:a1:f2:20:c6:5b:2a:f8:2b:
0d:f0:31:1d:e1:1f:c7:ad:4f:c8:1d:af:37:4d:19:
8f:e9:a4:5a:b7:31:a7:bd:9a:a3:d7:30:fd:f3:fd:
a1:c8:86:a2:48:42:39:85:25:bb:2e:a3:a7:96:00:
05:f7:cb:6a:22:00:af:8d:0e:68:ad:4a:78:86:7e:
16:5a:7f:d7:05:f2:78:35:d0:7e:43:ca:44:19:d4:
93:f6:37:dc:74:22:c8:f0:7b:98:76:d4:28:6d:e6:
0b:51:34:25:39:a1:02:5d:54:5b:a0:80:4b:42:69:
46:e3:78:e8:b5:36:fe:b3:84:26:f9:c4:01:99:5c:
59:68:ae:31:5a:40:6f:05:3d:8c:17:76:97:92:17:
d3:85:b9:98:42:8c:2c:e2:3e:d7:83:9a:f0:c4:34:
ac:76:a9:da:f3:c3:d5:b8:44:a9:94:eb:8f:a5:e3:
e2:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:3D:CF:81:CD:51:94:9B:D4:EB:ED:AC:43:23:B8:30:27:98:F0:4C
X509v3 Authority Key Identifier:
keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/pz3Pgc1RlJvU6-2sQyO4MCeY8Ew.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:3b40::/29
2a13:ba00::/29
2a14:c0::/29
2a14:f40::/29
Signature Algorithm: sha256WithRSAEncryption
bc:93:4e:19:b1:0e:5c:45:b9:de:08:fd:65:0d:31:0c:50:ba:
94:82:9e:6c:14:8d:0f:07:08:0f:6a:1b:be:a3:41:91:52:4b:
dd:71:50:ee:b2:25:a8:e6:75:6f:9a:a7:cf:06:99:b4:15:f6:
5b:cf:5a:47:dc:ff:78:3e:ae:10:d9:1f:73:c8:3f:e3:fe:d4:
15:53:df:4f:ac:88:c1:34:ba:86:a8:e2:29:e0:75:45:8a:4e:
77:ab:75:02:3e:d2:7f:29:5c:c1:fe:64:13:15:9c:3b:c0:d9:
17:cc:09:17:52:6f:2c:e4:39:04:e3:e6:e5:e1:f2:14:b1:b5:
43:59:7b:ac:da:5a:ba:9f:4b:c8:c4:ba:60:c8:71:89:18:ad:
1a:85:48:f6:09:90:44:fe:37:17:4f:2b:25:68:fd:5a:b7:af:
d0:c8:e0:a3:1e:0d:a6:aa:b9:bf:02:4e:b7:6a:d9:46:bf:1c:
69:05:92:cc:c4:b8:b4:1c:09:2a:76:9b:39:6e:e4:6e:33:2e:
6d:f0:b4:6f:96:bb:a5:d9:9a:59:9d:e8:d2:d0:53:c5:f5:f4:
16:7e:f8:82:98:fc:5e:b8:c3:af:10:1f:56:dd:43:7a:bf:d7:
da:5a:0e:58:f7:30:db:0f:d1:74:96:bc:03:ba:ad:f2:8a:2b:
83:5d:39:c3
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZbJtMj6erICG9z/NChBftbIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjUwNTEzMTI1MzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzNkY2Y4MWNkNTE5NDliZDRlYmVkYWM0MzIzYjgzMDI3OThmMDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArablM21SvYCKpISV/iB5ObGYS90H
ExlDiJ9dqs2Rg00Tf1VWe8a/zArRnk0/huQuW6f9KER7PNytmz3wAGdh5N7OP5Ly
7IohU9QGXSGspI/MofIgxlsq+CsN8DEd4R/HrU/IHa83TRmP6aRatzGnvZqj1zD9
8/2hyIaiSEI5hSW7LqOnlgAF98tqIgCvjQ5orUp4hn4WWn/XBfJ4NdB+Q8pEGdST
9jfcdCLI8HuYdtQobeYLUTQlOaECXVRboIBLQmlG43jotTb+s4Qm+cQBmVxZaK4x
WkBvBT2MF3aXkhfThbmYQows4j7Xg5rwxDSsdqna88PVuESplOuPpePiCwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFKc9z4HNUZSb1OvtrEMjuDAnmPBMMB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEvcHozUGdjMVJsSnZVNi0yc1F5TzRNQ2VZOEV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKhE7QAMF
AyoTugADBQMqFADAAwUDKhQPQDANBgkqhkiG9w0BAQsFAAOCAQEAvJNOGbEOXEW5
3gj9ZQ0xDFC6lIKebBSNDwcID2obvqNBkVJL3XFQ7rIlqOZ1b5qnzwaZtBX2W89a
R9z/eD6uENkfc8g/4/7UFVPfT6yIwTS6hqjiKeB1RYpOd6t1Aj7Sfylcwf5kExWc
O8DZF8wJF1JvLOQ5BOPm5eHyFLG1Q1l7rNpaup9LyMS6YMhxiRitGoVI9gmQRP43
F08rJWj9Wrev0Mjgox4Npqq5vwJOt2rZRr8caQWSzMS4tBwJKnabOW7kbjMubfC0
b5a7pdmaWZ3o0tBTxfX0Fn74gpj8XrjDrxAfVt1Der/X2loOWPcw2w/RdJa8A7qt
8oorg105ww==
-----END CERTIFICATE-----
Generated at Sun Jun 8 06:25:59 2025 by rpki-client