Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/7W--Foj1WbdtXSrpYYhwTn8mO9M.roa
File: 7W--Foj1WbdtXSrpYYhwTn8mO9M.roa (raw, json)
Hash identifier: AZ9KQie2HIcUFSDbW5NOhfRee1UK7iB7/ptatxz5ktA=
Subject key identifier: ED:6F:BE:16:88:F5:59:B7:6D:5D:2A:E9:61:88:70:4E:7F:26:3B:D3
Certificate issuer: /CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Certificate serial: 01970DC5C7ED1B73DEC45A9587FDB7D9BDC8
Authority key identifier: 63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/7W--Foj1WbdtXSrpYYhwTn8mO9M.roa
Signing time: Mon 26 May 2025 18:05:54 +0000
ROA not before: Mon 26 May 2025 18:05:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44812
IP address blocks: 2a11:7686::/32 maxlen: 32
2a11:8307::/32 maxlen: 32
2a11:fec5::/32 maxlen: 32
2a12:1cc7::/32 maxlen: 32
2a12:3b44::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 29 May 2025 16:56:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:0d:c5:c7:ed:1b:73:de:c4:5a:95:87:fd:b7:d9:bd:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Validity
Not Before: May 26 18:05:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ed6fbe1688f559b76d5d2ae96188704e7f263bd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:46:56:38:d1:8b:52:75:2f:1b:01:86:42:25:
7b:05:87:63:21:4f:0a:38:7e:0c:46:94:09:bb:bb:
af:82:b1:5d:e8:84:80:01:2b:53:ea:53:37:e9:61:
8f:c1:9e:49:26:47:08:dd:73:f7:df:3f:bb:a1:74:
8e:66:8d:e2:cb:05:fd:80:dc:dc:4b:00:a2:ef:c1:
68:a8:c3:a9:ca:bb:48:18:a4:0a:34:82:bf:1c:4d:
6e:dd:ee:a6:e5:9f:12:bd:f0:5b:36:50:d3:5a:17:
5f:c0:71:10:f8:71:c2:ef:a6:bf:44:8a:c4:9b:1c:
80:05:68:d8:ab:2f:fb:a2:b0:25:46:ec:72:df:32:
19:dd:c4:81:65:eb:ae:2e:e9:b4:ed:5f:b8:75:c6:
62:2b:fe:a2:b3:6c:b3:96:27:64:84:4e:e6:b3:4c:
6d:95:8e:ca:35:5d:42:92:fb:b0:32:b5:10:b7:b2:
86:7b:d2:f7:90:d2:b7:45:33:54:6c:d5:d6:d4:93:
a5:8f:05:1b:fa:40:fa:07:36:52:e4:4c:46:85:59:
af:ee:d0:6b:4f:17:9b:bd:17:e2:86:c6:ee:00:1a:
6c:27:fa:24:9d:31:df:5b:12:64:3f:e5:d2:cb:5f:
78:90:07:5e:a2:6a:ec:dd:10:57:95:2e:7e:6b:b2:
bb:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:6F:BE:16:88:F5:59:B7:6D:5D:2A:E9:61:88:70:4E:7F:26:3B:D3
X509v3 Authority Key Identifier:
keyid:63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/7W--Foj1WbdtXSrpYYhwTn8mO9M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/YyzYf-q-QHUi4GVT8usFoMFgL78.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:7686::/32
2a11:8307::/32
2a11:fec5::/32
2a12:1cc7::/32
2a12:3b44::/32
Signature Algorithm: sha256WithRSAEncryption
7e:43:15:9a:42:5b:f4:bd:d7:39:c8:f6:e7:8c:2e:3f:46:27:
20:15:9b:2c:ef:f1:74:5a:b7:8c:68:cf:d4:f2:87:84:10:09:
29:ae:c7:42:b4:28:0c:b1:fd:3c:07:c4:02:05:ba:06:54:1d:
97:7c:04:f9:28:92:94:3b:ff:6d:4b:d6:46:c8:55:7f:79:4e:
0f:4a:14:40:31:15:19:f4:58:41:9f:36:72:a2:92:87:4c:25:
aa:74:8b:27:70:94:27:4d:8d:aa:36:ed:07:fc:41:2f:cd:d4:
ad:09:22:54:64:dc:7d:30:c3:c9:1a:73:96:8e:e0:53:6b:64:
38:b2:ee:f3:0f:31:c3:37:20:dd:96:6c:ba:ff:a5:02:71:46:
98:b7:0b:a1:37:e4:7e:3f:ed:3c:59:e8:6d:68:4f:97:70:81:
13:27:81:70:f3:39:66:77:49:c5:c0:d9:c9:47:c5:16:8a:2a:
15:57:c1:b5:e2:b8:65:47:50:1a:cf:c9:53:e5:84:92:62:6a:
81:db:dc:a3:ad:c9:81:10:47:65:5f:d8:19:e7:d4:b4:db:d4:
1e:18:c9:cf:b6:75:20:7e:93:b7:5c:43:fd:6a:9b:ad:69:15:
1c:b1:a4:2b:11:25:13:d2:91:e5:7f:1e:a8:7d:2b:1a:70:88:
63:75:ed:e7
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZcNxcftG3PexFqVh/232b3IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMmNkODdmZWFiZTQwNzUyMmUwNjU1M2YyZWIwNWEwYzE2
MDJmYmYwHhcNMjUwNTI2MTgwNTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDZmYmUxNjg4ZjU1OWI3NmQ1ZDJhZTk2MTg4NzA0ZTdmMjYzYmQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyUZWONGLUnUvGwGGQiV7BYdjIU8K
OH4MRpQJu7uvgrFd6ISAAStT6lM36WGPwZ5JJkcI3XP33z+7oXSOZo3iywX9gNzc
SwCi78FoqMOpyrtIGKQKNIK/HE1u3e6m5Z8SvfBbNlDTWhdfwHEQ+HHC76a/RIrE
mxyABWjYqy/7orAlRuxy3zIZ3cSBZeuuLum07V+4dcZiK/6is2yzlidkhE7ms0xt
lY7KNV1CkvuwMrUQt7KGe9L3kNK3RTNUbNXW1JOljwUb+kD6BzZS5ExGhVmv7tBr
TxebvRfihsbuABpsJ/oknTHfWxJkP+XSy194kAdeomrs3RBXlS5+a7K7FwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFO1vvhaI9Vm3bV0q6WGIcE5/JjvTMB8GA1UdIwQY
MBaAFGMs2H/qvkB1IuBlU/LrBaDBYC+/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYt
NTUxMDQxNzNiMTgwLzEvN1ctLUZvajFXYmR0WFNycFlZaHdUbjhtTzlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYtNTUxMDQxNzNiMTgw
LzEvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUAKhF2hgMF
ACoRgwcDBQAqEf7FAwUAKhIcxwMFACoSO0QwDQYJKoZIhvcNAQELBQADggEBAH5D
FZpCW/S91znI9ueMLj9GJyAVmyzv8XRat4xoz9Tyh4QQCSmux0K0KAyx/TwHxAIF
ugZUHZd8BPkokpQ7/21L1kbIVX95Tg9KFEAxFRn0WEGfNnKikodMJap0iydwlCdN
jao27Qf8QS/N1K0JIlRk3H0ww8kac5aO4FNrZDiy7vMPMcM3IN2WbLr/pQJxRpi3
C6E35H4/7TxZ6G1oT5dwgRMngXDzOWZ3ScXA2clHxRaKKhVXwbXiuGVHUBrPyVPl
hJJiaoHb3KOtyYEQR2Vf2Bnn1LTb1B4Yyc+2dSB+k7dcQ/1qm61pFRyxpCsRJRPS
keV/Hqh9KxpwiGN17ec=
-----END CERTIFICATE-----
Generated at Wed Jun 18 23:04:27 2025 by rpki-client