Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/9c5f06-59a7-4588-ac28-efd20f6c2ec3/1/Wfp8G5KTO3LfriCjtYO9UubFiT8.roa
File: Wfp8G5KTO3LfriCjtYO9UubFiT8.roa (raw, json)
Hash identifier: 0uX5dd18zWOnIn8iaD+2zsOnnsof8RZBmix1cFfYc/M=
Subject key identifier: 59:FA:7C:1B:92:93:3B:72:DF:AE:20:A3:B5:83:BD:52:E6:C5:89:3F
Certificate issuer: /CN=334f9f83d2d74c0c0fd00da735578f737dd7da03
Certificate serial: 0196E9A55BE8AEC1CC6E2DB2C61F56E9C3E2
Authority key identifier: 33:4F:9F:83:D2:D7:4C:0C:0F:D0:0D:A7:35:57:8F:73:7D:D7:DA:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M0-fg9LXTAwP0A2nNVePc33X2gM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/9c5f06-59a7-4588-ac28-efd20f6c2ec3/1/Wfp8G5KTO3LfriCjtYO9UubFiT8.roa
Signing time: Mon 19 May 2025 17:44:10 +0000
ROA not before: Mon 19 May 2025 17:44:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16276
IP address blocks: 2a12:5340:8::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 06 Jun 2025 17:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:e9:a5:5b:e8:ae:c1:cc:6e:2d:b2:c6:1f:56:e9:c3:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=334f9f83d2d74c0c0fd00da735578f737dd7da03
Validity
Not Before: May 19 17:44:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=59fa7c1b92933b72dfae20a3b583bd52e6c5893f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:4d:2e:3f:d8:4b:76:6e:04:e4:96:e2:a3:cf:
cb:e5:f5:00:15:cf:6d:74:56:a1:36:e9:66:33:4a:
b0:da:05:24:28:00:bd:5b:b3:ae:68:87:f6:c6:82:
b5:7b:ce:cc:e7:3e:79:e2:f2:59:f6:13:13:e8:ee:
b0:69:08:f8:a5:00:78:d5:c5:09:76:3d:9e:b1:a6:
08:cc:7b:a5:15:d4:73:0a:41:56:0c:c1:96:2e:2e:
d7:05:fd:35:2e:7e:62:6b:d8:a6:d2:01:f0:ae:6c:
1a:cf:a4:59:2e:d7:44:5f:0c:97:a1:fc:c6:ac:53:
b9:7d:d5:05:5c:d4:20:39:35:fa:93:1f:5b:44:3e:
e7:0b:88:0e:4d:6b:67:d0:6d:a6:21:2a:ba:d1:a1:
a5:2a:68:b0:4e:5b:22:6e:3d:aa:d2:4c:a7:c1:20:
da:6a:e4:a9:05:01:6c:89:2e:ec:cb:d5:e9:40:df:
b8:56:c3:18:27:62:78:83:03:88:84:0f:88:1c:2d:
10:23:22:73:a0:f5:43:40:a7:f0:71:f3:bb:74:82:
7f:e3:04:47:bd:84:87:ee:76:bc:3f:9c:6d:e5:e0:
b0:34:64:f2:09:61:f4:b0:53:43:8f:5a:1b:7e:e6:
00:c7:dc:48:02:df:03:7b:74:47:b0:4e:7a:49:88:
d3:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:FA:7C:1B:92:93:3B:72:DF:AE:20:A3:B5:83:BD:52:E6:C5:89:3F
X509v3 Authority Key Identifier:
keyid:33:4F:9F:83:D2:D7:4C:0C:0F:D0:0D:A7:35:57:8F:73:7D:D7:DA:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M0-fg9LXTAwP0A2nNVePc33X2gM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/9c5f06-59a7-4588-ac28-efd20f6c2ec3/1/Wfp8G5KTO3LfriCjtYO9UubFiT8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/9c5f06-59a7-4588-ac28-efd20f6c2ec3/1/M0-fg9LXTAwP0A2nNVePc33X2gM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:5340:8::/48
Signature Algorithm: sha256WithRSAEncryption
6c:11:2d:92:cd:7e:89:58:f0:79:6f:e9:95:e6:d2:20:be:ce:
b6:fd:89:57:14:ba:ea:b4:8b:fa:a9:14:e1:3e:1d:e0:65:00:
ac:9b:88:cf:a3:de:00:13:5c:c6:32:96:58:75:80:89:65:1f:
2e:b4:76:ed:5b:36:80:b5:24:f9:b5:67:dd:2d:c0:38:28:ee:
d6:e3:d4:42:aa:3b:45:a5:40:27:58:16:49:04:22:1d:19:b0:
e1:a2:91:2f:c8:db:aa:d4:9d:00:39:0c:df:8b:8b:99:3b:94:
8a:a6:3f:56:c0:1f:24:55:25:ce:ad:92:64:7f:07:1d:1a:4d:
5a:7b:d2:df:0e:2a:8b:5d:49:a7:65:8c:c0:e9:9a:52:29:cc:
b5:a6:dd:71:c2:bf:ad:b4:16:a4:0d:9c:92:be:51:fc:bd:43:
b0:1e:12:65:24:e8:14:8e:cc:9a:67:fa:bb:81:1e:18:f3:1a:
96:63:3d:28:87:0e:7a:b2:ac:d5:39:67:90:b9:34:bc:38:aa:
9d:20:3e:b0:61:c9:b6:ce:a1:1f:5a:e6:48:3f:89:33:f1:3a:
b7:80:76:d1:8f:7e:02:61:8d:f3:11:f4:db:c6:1f:6c:26:fb:
ff:23:0c:e6:13:b1:a9:94:86:77:ee:7b:7b:11:38:b3:66:b3:
64:ce:7b:3d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZbppVvorsHMbi2yxh9W6cPiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzNGY5ZjgzZDJkNzRjMGMwZmQwMGRhNzM1NTc4ZjczN2Rk
N2RhMDMwHhcNMjUwNTE5MTc0NDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWZhN2MxYjkyOTMzYjcyZGZhZTIwYTNiNTgzYmQ1MmU2YzU4OTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk00uP9hLdm4E5Jbio8/L5fUAFc9t
dFahNulmM0qw2gUkKAC9W7OuaIf2xoK1e87M5z554vJZ9hMT6O6waQj4pQB41cUJ
dj2esaYIzHulFdRzCkFWDMGWLi7XBf01Ln5ia9im0gHwrmwaz6RZLtdEXwyXofzG
rFO5fdUFXNQgOTX6kx9bRD7nC4gOTWtn0G2mISq60aGlKmiwTlsibj2q0kynwSDa
auSpBQFsiS7sy9XpQN+4VsMYJ2J4gwOIhA+IHC0QIyJzoPVDQKfwcfO7dIJ/4wRH
vYSH7na8P5xt5eCwNGTyCWH0sFNDj1obfuYAx9xIAt8De3RHsE56SYjTNQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFn6fBuSkzty364go7WDvVLmxYk/MB8GA1UdIwQY
MBaAFDNPn4PS10wMD9ANpzVXj3N919oDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTAtZmc5TFhUQXdQMEEybk5WZVBjMzNYMmdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS85YzVmMDYtNTlhNy00NTg4LWFjMjgt
ZWZkMjBmNmMyZWMzLzEvV2ZwOEc1S1RPM0xmcmlDanRZTzlVdWJGaVQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS85YzVmMDYtNTlhNy00NTg4LWFjMjgtZWZkMjBmNmMyZWMz
LzEvTTAtZmc5TFhUQXdQMEEybk5WZVBjMzNYMmdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhJTQAAI
MA0GCSqGSIb3DQEBCwUAA4IBAQBsES2SzX6JWPB5b+mV5tIgvs62/YlXFLrqtIv6
qRThPh3gZQCsm4jPo94AE1zGMpZYdYCJZR8utHbtWzaAtST5tWfdLcA4KO7W49RC
qjtFpUAnWBZJBCIdGbDhopEvyNuq1J0AOQzfi4uZO5SKpj9WwB8kVSXOrZJkfwcd
Gk1ae9LfDiqLXUmnZYzA6ZpSKcy1pt1xwr+ttBakDZySvlH8vUOwHhJlJOgUjsya
Z/q7gR4Y8xqWYz0ohw56sqzVOWeQuTS8OKqdID6wYcm2zqEfWuZIP4kz8Tq3gHbR
j34CYY3zEfTbxh9sJvv/IwzmE7GplIZ37nt7ETizZrNkzns9
-----END CERTIFICATE-----
Generated at Mon Jun 9 16:39:59 2025 by rpki-client