Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS211405.roa
File: AS211405.roa (raw, json)
Hash identifier: nS8SS+d/k//ELWAeuNqqkLyDMXQgu5Z/whvJ3zNbHTY=
Subject key identifier: E1:C7:9B:F6:2C:F3:6C:3B:29:4A:13:D5:B7:E1:9E:88:AC:CA:67:60
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 611A1332260CC551C5645CBC1126BB8F882C1B8A
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS211405.roa
Signing time: Mon 09 Mar 2026 17:15:31 +0000
ROA not before: Mon 09 Mar 2026 17:10:31 +0000
ROA not after: Mon 08 Mar 2027 17:15:31 +0000
asID: 211405
IP address blocks: 2a14:7581:fec::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 22 Mar 2026 07:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:1a:13:32:26:0c:c5:51:c5:64:5c:bc:11:26:bb:8f:88:2c:1b:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Mar 9 17:10:31 2026 GMT
Not After : Mar 8 17:15:31 2027 GMT
Subject: CN=E1C79BF62CF36C3B294A13D5B7E19E88ACCA6760
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:15:74:fe:41:26:e6:64:1e:85:09:fb:ea:4e:
ab:b3:07:28:42:15:6a:7d:d6:e0:eb:02:55:ef:7d:
4d:27:c3:27:97:c2:72:b3:4b:3e:aa:4c:c6:e7:84:
f5:0e:30:9d:6c:b8:d9:2e:f6:a9:cf:33:ec:6b:f0:
0b:2a:d4:10:4f:cd:4e:79:40:21:8a:49:3a:20:fa:
0b:f7:76:e0:51:90:3a:6c:5d:60:52:e6:da:95:f5:
6f:e4:32:9c:13:dc:e9:9d:d4:55:eb:e6:8b:9a:f7:
c5:05:46:5f:d3:32:07:ce:9c:3e:07:86:53:9d:48:
20:fc:7e:84:be:cb:2c:ff:57:57:16:0b:eb:3c:9a:
11:be:98:42:0f:06:e5:07:e5:d5:fd:f3:3d:a1:7b:
a5:f1:4e:3c:1e:23:1b:cb:dc:68:30:70:a1:63:b5:
9e:0e:4d:35:8f:2e:a0:3a:75:7b:0c:be:bb:7c:e1:
4e:90:4e:8d:bc:ac:fc:57:fd:4d:f7:54:0d:b7:f0:
7f:f7:9a:c7:c4:69:ea:af:f4:62:64:72:68:1b:4c:
ee:dd:a0:d4:d4:5a:03:e5:00:c9:b9:38:89:33:be:
e0:df:95:e4:ba:28:16:af:87:cd:4f:9a:f3:e1:8b:
21:0c:4d:8a:47:bb:26:30:c8:d6:73:c9:73:27:e3:
d7:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:C7:9B:F6:2C:F3:6C:3B:29:4A:13:D5:B7:E1:9E:88:AC:CA:67:60
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS211405.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:fec::/48
Signature Algorithm: sha256WithRSAEncryption
03:10:2e:0b:9d:c4:60:d4:86:d9:e2:78:99:21:72:78:24:64:
44:a5:f1:0b:9f:84:04:76:6b:7c:75:06:01:f1:48:37:6c:67:
11:aa:6b:5a:05:28:68:5d:7c:6c:72:21:51:9b:8c:31:8b:68:
5c:13:d7:04:12:56:36:8a:7d:a5:df:24:0a:7c:dd:d8:f6:ba:
2c:ce:7e:ef:33:46:4b:6c:3c:d4:04:c7:43:84:55:94:98:3b:
ef:46:76:12:e5:60:b7:ef:89:b6:aa:b1:08:d1:94:73:4f:eb:
62:61:35:fd:c7:6b:5c:96:50:50:85:64:d4:48:90:a1:05:ae:
07:14:5b:a1:a8:16:c9:23:6d:13:a7:80:b0:85:8c:b2:77:24:
9c:b4:36:dc:a7:b7:21:01:bf:58:66:12:c7:29:24:26:cd:12:
bc:46:d6:3e:32:81:f9:fc:0f:0f:38:d6:6c:74:0f:6a:ce:ce:
ad:a4:1b:81:9e:79:d7:e0:45:4a:8e:e7:d8:25:62:5c:3f:85:
37:2e:9f:1a:51:e2:cf:f0:47:b1:fb:89:a5:3a:54:dd:ed:aa:
2d:34:29:81:35:00:bd:8c:3e:0b:d3:bf:f4:8d:15:7d:b2:40:
f3:05:e9:bf:8c:fb:cb:0b:aa:bc:8e:00:f0:1e:e9:27:e7:ee:
ad:ee:75:8d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUYRoTMiYMxVHFZFy8ESa7j4gsG4owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNjAzMDkxNzEwMzFaFw0yNzAzMDgxNzE1MzFaMDMxMTAvBgNV
BAMTKEUxQzc5QkY2MkNGMzZDM0IyOTRBMTNENUI3RTE5RTg4QUNDQTY3NjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDhFXT+QSbmZB6FCfvqTquzByhC
FWp91uDrAlXvfU0nwyeXwnKzSz6qTMbnhPUOMJ1suNku9qnPM+xr8Asq1BBPzU55
QCGKSTog+gv3duBRkDpsXWBS5tqV9W/kMpwT3Omd1FXr5oua98UFRl/TMgfOnD4H
hlOdSCD8foS+yyz/V1cWC+s8mhG+mEIPBuUH5dX98z2he6XxTjweIxvL3GgwcKFj
tZ4OTTWPLqA6dXsMvrt84U6QTo28rPxX/U33VA238H/3msfEaeqv9GJkcmgbTO7d
oNTUWgPlAMm5OIkzvuDfleS6KBavh81PmvPhiyEMTYpHuyYwyNZzyXMn49eZAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQU4ceb9izzbDspShPVt+GeiKzKZ2AwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMjExNDA1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1
gQ/sMA0GCSqGSIb3DQEBCwUAA4IBAQADEC4LncRg1IbZ4niZIXJ4JGREpfELn4QE
dmt8dQYB8Ug3bGcRqmtaBShoXXxsciFRm4wxi2hcE9cEElY2in2l3yQKfN3Y9ros
zn7vM0ZLbDzUBMdDhFWUmDvvRnYS5WC374m2qrEI0ZRzT+tiYTX9x2tcllBQhWTU
SJChBa4HFFuhqBbJI20Tp4CwhYyydySctDbcp7chAb9YZhLHKSQmzRK8RtY+MoH5
/A8PONZsdA9qzs6tpBuBnnnX4EVKjufYJWJcP4U3Lp8aUeLP8Eex+4mlOlTd7aot
NCmBNQC9jD4L07/0jRV9skDzBem/jPvLC6q8jgDwHukn5+6t7nWN
-----END CERTIFICATE-----
Generated at Sun May 31 18:40:52 2026 by rpki-client