Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/ekb-Xs4Al4xbi6OpTT-ZcP9qcDc.roa
File: ekb-Xs4Al4xbi6OpTT-ZcP9qcDc.roa (raw, json)
Hash identifier: xQvKgH+fHvQ7u1QndXYLzWVpYSbwZH/7LVxWfJN9BYM=
Subject key identifier: 7A:46:FE:5E:CE:00:97:8C:5B:8B:A3:A9:4D:3F:99:70:FF:6A:70:37
Certificate issuer: /CN=7b9447fe9a4acc7d6ff72d6c798d43d66cd50c3f
Certificate serial: 01970E0E1A72A9479464453B6AB0791B6C18
Authority key identifier: 7B:94:47:FE:9A:4A:CC:7D:6F:F7:2D:6C:79:8D:43:D6:6C:D5:0C:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e5RH_ppKzH1v9y1seY1D1mzVDD8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/ekb-Xs4Al4xbi6OpTT-ZcP9qcDc.roa
Signing time: Mon 26 May 2025 19:24:54 +0000
ROA not before: Mon 26 May 2025 19:24:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209641
IP address blocks: 2a09:3701::/32 maxlen: 32
2a0d:adc2::/32 maxlen: 32
2a11:5a41::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 02 Jun 2025 18:54:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:0e:0e:1a:72:a9:47:94:64:45:3b:6a:b0:79:1b:6c:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b9447fe9a4acc7d6ff72d6c798d43d66cd50c3f
Validity
Not Before: May 26 19:24:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7a46fe5ece00978c5b8ba3a94d3f9970ff6a7037
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:87:2a:ce:37:1c:d5:de:33:1f:b0:96:b1:52:
66:df:eb:69:59:0c:94:3e:31:07:8e:a4:b2:3c:45:
3f:cc:39:bd:aa:15:fa:ad:96:cd:88:48:75:c8:04:
e3:fe:de:d9:8b:69:dc:93:d7:2c:e4:03:17:41:b4:
15:f4:ac:dd:21:13:12:28:54:24:76:9c:0e:03:fb:
46:9d:04:7a:cf:88:01:51:2b:82:ac:c9:c1:d7:02:
12:69:03:f6:c8:04:76:43:6d:ba:8e:c9:1e:5c:48:
ba:4d:d8:f8:1c:87:0d:a5:88:41:89:d7:9b:d1:9a:
e8:0a:11:f7:f6:e6:3c:42:1c:8e:9e:dc:15:19:d5:
66:0c:e8:39:90:2f:23:45:0f:7b:1e:74:a2:0b:0e:
84:bf:01:b2:12:fc:04:a5:c9:dc:3b:9b:77:49:41:
10:76:1b:6d:2b:37:0b:76:9e:93:24:0c:aa:4d:09:
a4:9f:cf:ef:6a:4b:5a:9b:e1:85:97:40:17:5f:4f:
a0:7b:18:6a:18:f1:4a:7f:c7:49:d7:da:d7:0f:7e:
fe:a7:2c:56:33:3f:9f:42:cd:8f:e9:6c:51:fb:d3:
da:66:85:58:f4:56:8e:d3:b0:73:e3:a0:01:c4:f4:
18:e3:65:27:70:f5:3f:0f:c0:f1:7f:a3:17:66:c2:
2f:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:46:FE:5E:CE:00:97:8C:5B:8B:A3:A9:4D:3F:99:70:FF:6A:70:37
X509v3 Authority Key Identifier:
keyid:7B:94:47:FE:9A:4A:CC:7D:6F:F7:2D:6C:79:8D:43:D6:6C:D5:0C:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5RH_ppKzH1v9y1seY1D1mzVDD8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/ekb-Xs4Al4xbi6OpTT-ZcP9qcDc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/e5RH_ppKzH1v9y1seY1D1mzVDD8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:3701::/32
2a0d:adc2::/32
2a11:5a41::/32
Signature Algorithm: sha256WithRSAEncryption
b0:6f:a8:fd:07:1a:4e:7e:11:9f:f8:61:f8:37:d9:a5:ce:b7:
58:ad:6a:09:3d:f9:d9:8f:39:47:bb:d7:0d:ba:11:95:17:ce:
f7:4b:1c:ef:1b:d4:38:f8:93:5d:9d:3e:54:52:56:60:17:4f:
23:53:c9:5f:f0:df:aa:9a:92:1f:53:15:71:16:18:5b:1a:88:
53:55:de:0c:a4:58:94:1e:2a:e8:f4:41:f6:39:28:a0:99:02:
4f:0d:92:13:5a:c5:0f:d2:9f:4f:bd:3c:c8:8c:97:4f:fd:e6:
b1:ef:f1:e0:09:33:90:ec:d0:a8:11:61:19:7e:a8:9c:29:78:
46:e4:0d:35:13:58:58:00:86:f4:c9:48:be:11:72:79:1f:bb:
1e:0e:23:0a:26:4c:7b:fa:af:01:38:ca:2b:55:fc:3c:8a:cc:
1d:4f:5e:44:3a:56:da:e6:63:d2:67:e4:35:8a:ca:31:de:58:
4f:51:b0:07:69:51:3f:94:14:dd:bc:74:6d:e8:2c:60:2f:e2:
94:09:c2:6b:96:3e:aa:05:80:49:3d:b5:e5:d9:c9:a9:20:38:
70:5f:32:e1:38:f5:20:6e:93:b4:7b:eb:d2:3d:f1:f0:5c:99:
ab:f2:a7:01:bb:fd:5d:f0:85:d5:58:02:e8:4a:b9:03:8c:83:
7c:0f:d0:93
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZcODhpyqUeUZEU7arB5G2wYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiOTQ0N2ZlOWE0YWNjN2Q2ZmY3MmQ2Yzc5OGQ0M2Q2NmNk
NTBjM2YwHhcNMjUwNTI2MTkyNDU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTQ2ZmU1ZWNlMDA5NzhjNWI4YmEzYTk0ZDNmOTk3MGZmNmE3MDM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt4cqzjcc1d4zH7CWsVJm3+tpWQyU
PjEHjqSyPEU/zDm9qhX6rZbNiEh1yATj/t7Zi2nck9cs5AMXQbQV9KzdIRMSKFQk
dpwOA/tGnQR6z4gBUSuCrMnB1wISaQP2yAR2Q226jskeXEi6Tdj4HIcNpYhBideb
0ZroChH39uY8QhyOntwVGdVmDOg5kC8jRQ97HnSiCw6EvwGyEvwEpcncO5t3SUEQ
dhttKzcLdp6TJAyqTQmkn8/vaktam+GFl0AXX0+gexhqGPFKf8dJ19rXD37+pyxW
Mz+fQs2P6WxR+9PaZoVY9FaO07Bz46ABxPQY42UncPU/D8Dxf6MXZsIveQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHpG/l7OAJeMW4ujqU0/mXD/anA3MB8GA1UdIwQY
MBaAFHuUR/6aSsx9b/ctbHmNQ9Zs1Qw/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTVSSF9wcEt6SDF2OXkxc2VZMUQxbXpWREQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9hYzI0ZGYtMDlkNi00NDU3LTlkMmUt
OWZjZWI0NWQ2ZmRiLzEvZWtiLVhzNEFsNHhiaTZPcFRULVpjUDlxY0RjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9hYzI0ZGYtMDlkNi00NDU3LTlkMmUtOWZjZWI0NWQ2ZmRi
LzEvZTVSSF9wcEt6SDF2OXkxc2VZMUQxbXpWREQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKgk3AQMF
ACoNrcIDBQAqEVpBMA0GCSqGSIb3DQEBCwUAA4IBAQCwb6j9BxpOfhGf+GH4N9ml
zrdYrWoJPfnZjzlHu9cNuhGVF873SxzvG9Q4+JNdnT5UUlZgF08jU8lf8N+qmpIf
UxVxFhhbGohTVd4MpFiUHiro9EH2OSigmQJPDZITWsUP0p9PvTzIjJdP/eax7/Hg
CTOQ7NCoEWEZfqicKXhG5A01E1hYAIb0yUi+EXJ5H7seDiMKJkx7+q8BOMorVfw8
iswdT15EOlba5mPSZ+Q1isox3lhPUbAHaVE/lBTdvHRt6CxgL+KUCcJrlj6qBYBJ
PbXl2cmpIDhwXzLhOPUgbpO0e+vSPfHwXJmr8qcBu/1d8IXVWALoSrkDjIN8D9CT
-----END CERTIFICATE-----
Generated at Tue Jun 3 23:11:05 2025 by rpki-client