Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/1-WIfcvx1P0a1l693QZln_xKz2do.roa
File: 1-WIfcvx1P0a1l693QZln_xKz2do.roa (raw, json)
Hash identifier: gZ8rbZi2ktvgE7zKcn2f9RMIwg9FFy49AKJzOiFJzns=
Subject key identifier: F9:62:1F:72:FC:75:3F:46:B5:97:AF:77:41:99:67:FF:12:B3:D9:DA
Certificate issuer: /CN=58ad60da52671e9083cf39864eca2aa23241be9e
Certificate serial: 01973C62330A845AA9F7481B7651C301C0A0
Authority key identifier: 58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/1-WIfcvx1P0a1l693QZln_xKz2do.roa
Signing time: Wed 04 Jun 2025 19:19:17 +0000
ROA not before: Wed 04 Jun 2025 19:19:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212477
IP address blocks: 2a10:a9c0::/29 maxlen: 29
2a13:5040::/29 maxlen: 29
2a13:bec0::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 05 Jun 2025 10:10:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3c:62:33:0a:84:5a:a9:f7:48:1b:76:51:c3:01:c0:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ad60da52671e9083cf39864eca2aa23241be9e
Validity
Not Before: Jun 4 19:19:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f9621f72fc753f46b597af77419967ff12b3d9da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:83:32:60:75:a6:84:b5:b8:40:d7:2d:03:c2:
2d:72:80:39:1e:e9:8b:d7:6b:42:ca:d6:fa:4a:37:
05:98:1e:c0:9d:c1:2a:85:fa:e5:5d:4e:8d:29:52:
71:a4:c7:c4:c2:69:a1:7c:1d:38:d2:0d:47:37:79:
04:a4:50:ef:45:a7:09:ce:fd:08:25:a9:9b:c0:09:
9e:b2:d3:35:de:03:f7:bd:f3:4b:39:b7:c3:cd:b8:
c1:e3:f9:3c:30:17:17:02:b6:89:89:03:2f:9d:65:
aa:dd:67:61:8b:ee:1c:84:6d:ad:d2:7c:30:43:cf:
ff:58:7f:ed:02:59:64:70:04:a7:54:03:ac:95:b7:
26:39:9d:e2:e1:43:22:a0:75:d9:8f:cf:44:37:c7:
2e:b2:a8:23:91:ec:2b:d7:ab:d0:6d:38:60:76:67:
e7:5a:e9:a8:ce:99:cd:7f:d3:b8:9a:c4:8e:a3:54:
8d:50:fb:8f:58:bc:33:2a:a0:58:10:9e:80:1c:74:
bf:a4:57:ed:44:ce:8a:d7:94:f0:62:98:1a:37:f0:
04:f1:df:3a:46:a8:a0:a0:01:70:d0:44:01:e7:25:
95:e6:e9:39:d3:de:2c:50:b9:4b:7d:10:45:57:72:
6a:95:ca:95:4f:cd:19:d8:66:56:a0:90:f3:f2:cd:
88:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:62:1F:72:FC:75:3F:46:B5:97:AF:77:41:99:67:FF:12:B3:D9:DA
X509v3 Authority Key Identifier:
keyid:58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/1-WIfcvx1P0a1l693QZln_xKz2do.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:a9c0::/29
2a13:5040::/29
2a13:bec0::/29
Signature Algorithm: sha256WithRSAEncryption
b9:27:57:3f:08:7b:1f:28:32:59:11:a4:bb:0e:13:c4:d8:a2:
c9:82:74:3a:2a:ce:4c:d2:8e:29:3a:4c:ed:9d:6f:9f:a9:61:
c7:ae:17:e0:33:67:0a:09:53:b2:e2:b5:b6:24:74:f1:23:44:
f3:ca:a9:bb:4b:4e:79:7d:bb:98:b3:d5:d9:f6:f4:b4:f3:55:
78:ee:3e:2a:d7:10:03:c5:66:b5:78:d4:4a:85:97:80:26:de:
26:b0:97:fb:47:1f:f8:5c:ed:81:6d:5a:b1:ab:11:f9:2b:c8:
a5:da:d4:c1:73:f3:d4:de:3b:23:3d:97:d9:1a:c7:72:e8:02:
eb:2c:32:c8:a4:32:20:1a:ca:a5:c3:40:01:ad:51:10:6a:b8:
c1:17:c6:e5:00:dc:6b:11:28:5d:cc:c5:d5:88:e4:97:5b:08:
8f:68:a7:05:3a:ea:3b:36:74:17:ca:e1:24:de:56:6b:54:98:
88:44:77:a9:f7:0f:10:78:3e:ef:a7:e2:a4:2b:37:66:b0:f6:
75:2b:95:97:23:ea:65:c7:a5:01:37:eb:34:32:70:c8:7a:b1:
26:1b:45:c3:ff:06:ff:75:2c:8f:69:ba:08:cf:81:49:53:57:
78:0d:49:20:ac:f3:b0:61:80:8a:4b:62:41:d6:4b:9f:fd:4c:
a4:0a:8e:93
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZc8YjMKhFqp90gbdlHDAcCgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YWQ2MGRhNTI2NzFlOTA4M2NmMzk4NjRlY2EyYWEyMzI0
MWJlOWUwHhcNMjUwNjA0MTkxOTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTYyMWY3MmZjNzUzZjQ2YjU5N2FmNzc0MTk5NjdmZjEyYjNkOWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvoMyYHWmhLW4QNctA8ItcoA5HumL
12tCytb6SjcFmB7AncEqhfrlXU6NKVJxpMfEwmmhfB040g1HN3kEpFDvRacJzv0I
JambwAmestM13gP3vfNLObfDzbjB4/k8MBcXAraJiQMvnWWq3Wdhi+4chG2t0nww
Q8//WH/tAllkcASnVAOslbcmOZ3i4UMioHXZj89EN8cusqgjkewr16vQbThgdmfn
WumozpnNf9O4msSOo1SNUPuPWLwzKqBYEJ6AHHS/pFftRM6K15TwYpgaN/AE8d86
RqigoAFw0EQB5yWV5uk5094sULlLfRBFV3JqlcqVT80Z2GZWoJDz8s2IdwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFPliH3L8dT9GtZevd0GZZ/8Ss9naMB8GA1UdIwQY
MBaAFFitYNpSZx6Qg885hk7KKqIyQb6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDct
MTFiM2NmM2ZkNGUxLzEvMS1XSWZjdngxUDBhMWw2OTNRWmxuX3hLejJkby5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYmMvN2ExOTg4LTI3MzYtNDlkYy1hOTA3LTExYjNjZjNmZDRl
MS8xL1dLMWcybEpuSHBDRHp6bUdUc29xb2pKQnZwNC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0wGwQCAAIwFQMFAyoQqcAD
BQMqE1BAAwUDKhO+wDANBgkqhkiG9w0BAQsFAAOCAQEAuSdXPwh7HygyWRGkuw4T
xNiiyYJ0OirOTNKOKTpM7Z1vn6lhx64X4DNnCglTsuK1tiR08SNE88qpu0tOeX27
mLPV2fb0tPNVeO4+KtcQA8VmtXjUSoWXgCbeJrCX+0cf+FztgW1asasR+SvIpdrU
wXPz1N47Iz2X2RrHcugC6ywyyKQyIBrKpcNAAa1REGq4wRfG5QDcaxEoXczF1Yjk
l1sIj2inBTrqOzZ0F8rhJN5Wa1SYiER3qfcPEHg+76fipCs3ZrD2dSuVlyPqZcel
ATfrNDJwyHqxJhtFw/8G/3Usj2m6CM+BSVNXeA1JIKzzsGGAiktiQdZLn/1MpAqO
kw==
-----END CERTIFICATE-----
Generated at Fri Jun 6 12:25:53 2025 by rpki-client