Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/3Z80l8cMvZ_6Fevt0ubWghIuzP4.roa
File: 3Z80l8cMvZ_6Fevt0ubWghIuzP4.roa (raw, json)
Hash identifier: QYS0G6R+ATC4JAlB6K3Zfg8gGgcAVoQflqk6LjemVUw=
Subject key identifier: DD:9F:34:97:C7:0C:BD:9F:FA:15:EB:ED:D2:E6:D6:82:12:2E:CC:FE
Certificate issuer: /CN=58ad60da52671e9083cf39864eca2aa23241be9e
Certificate serial: 0195684705F80D83775B0B8DD6E3A9A50B93
Authority key identifier: 58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/3Z80l8cMvZ_6Fevt0ubWghIuzP4.roa
Signing time: Wed 05 Mar 2025 21:47:19 +0000
ROA not before: Wed 05 Mar 2025 21:47:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2a07:f240::/29 maxlen: 29
2a0f:e3c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 15 Mar 2025 17:25:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:68:47:05:f8:0d:83:77:5b:0b:8d:d6:e3:a9:a5:0b:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ad60da52671e9083cf39864eca2aa23241be9e
Validity
Not Before: Mar 5 21:47:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dd9f3497c70cbd9ffa15ebedd2e6d682122eccfe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:3a:ca:fe:d3:20:4b:0e:19:c9:e9:8a:00:b5:
8c:0a:9b:e0:04:2c:60:cc:83:e0:c4:b2:f6:43:1d:
84:1c:e5:ed:23:e3:20:d0:10:c8:81:5d:a8:00:2e:
f4:6a:ce:e0:be:29:fa:31:5c:78:dc:c9:b3:d5:22:
05:9b:5e:f6:e9:fa:fb:b5:e5:7a:b3:cd:54:57:46:
c5:fd:4d:0a:af:ac:fd:83:e6:8b:d1:b5:84:fa:6f:
4d:92:5d:fc:eb:bc:3d:1a:eb:73:66:24:a1:e8:9a:
f1:bd:36:62:62:29:35:49:69:fd:14:4f:9a:da:36:
69:2f:49:23:44:aa:aa:91:61:df:5d:85:f1:fb:56:
25:83:56:5b:22:fb:d8:50:e6:2c:c2:74:6b:20:a5:
4d:44:12:80:bb:5f:00:33:fb:c0:0b:68:08:51:bd:
5c:fd:0f:14:52:50:91:3c:8e:1a:b6:ad:6d:4a:cf:
08:da:4a:d3:f1:6a:80:f2:5b:e3:2b:98:ea:8c:5d:
01:87:4f:be:db:8c:48:80:12:ae:c2:4f:14:22:02:
e9:74:f1:28:c9:8e:62:21:a1:35:ca:a8:14:8f:ce:
c3:4b:a3:fa:3d:8f:0a:02:ce:74:4b:c1:41:4f:b9:
b0:e8:1f:c1:01:cb:b0:90:39:8c:3f:7f:92:96:9f:
df:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:9F:34:97:C7:0C:BD:9F:FA:15:EB:ED:D2:E6:D6:82:12:2E:CC:FE
X509v3 Authority Key Identifier:
keyid:58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/3Z80l8cMvZ_6Fevt0ubWghIuzP4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:f240::/29
2a0f:e3c0::/29
Signature Algorithm: sha256WithRSAEncryption
81:21:7d:e7:d1:0a:1d:f8:b5:1a:46:e4:2c:9a:d6:ff:4c:6a:
ae:8c:ae:e1:93:18:85:67:f8:81:d5:3c:b0:6f:29:c4:ae:e1:
50:d1:b7:bc:9b:7f:2d:f0:85:00:48:56:89:ed:97:86:ee:6a:
2b:c6:bb:fb:68:a6:9e:64:d1:f9:d1:78:e3:f4:e4:d8:22:1e:
85:92:1e:df:5c:91:a4:5b:48:34:d1:4c:73:3d:27:97:ae:ba:
e8:3a:46:b9:57:99:e3:32:bb:8e:b0:f8:a8:29:f1:96:1d:d8:
26:ac:4d:40:f9:ca:f4:3a:38:d0:87:11:8b:88:fb:96:00:8f:
67:ea:e9:04:85:33:e9:ce:55:12:ee:f9:2c:1b:e0:11:2f:e7:
00:d8:5c:00:95:f0:e7:d5:20:f7:a5:9e:dc:7e:f3:57:70:1d:
25:ea:7a:4d:a6:53:03:c3:c7:e1:c5:a1:06:ce:ee:68:2d:51:
e9:fe:84:8c:ee:d5:19:1c:fd:f4:e7:bd:d8:e0:33:18:e8:7d:
18:72:00:80:55:b5:3b:f7:66:ce:b7:74:35:2d:77:3d:5e:1a:
c8:ca:a7:51:a7:90:1a:ae:cb:6b:75:ff:cf:57:dd:25:d2:e4:
ef:10:d4:8b:49:b3:77:3f:68:51:9a:21:b3:68:d4:14:93:52:
07:a0:76:e0
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZVoRwX4DYN3WwuN1uOppQuTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YWQ2MGRhNTI2NzFlOTA4M2NmMzk4NjRlY2EyYWEyMzI0
MWJlOWUwHhcNMjUwMzA1MjE0NzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDlmMzQ5N2M3MGNiZDlmZmExNWViZWRkMmU2ZDY4MjEyMmVjY2ZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojrK/tMgSw4ZyemKALWMCpvgBCxg
zIPgxLL2Qx2EHOXtI+Mg0BDIgV2oAC70as7gvin6MVx43Mmz1SIFm1726fr7teV6
s81UV0bF/U0Kr6z9g+aL0bWE+m9Nkl3867w9GutzZiSh6JrxvTZiYik1SWn9FE+a
2jZpL0kjRKqqkWHfXYXx+1Ylg1ZbIvvYUOYswnRrIKVNRBKAu18AM/vAC2gIUb1c
/Q8UUlCRPI4atq1tSs8I2krT8WqA8lvjK5jqjF0Bh0++24xIgBKuwk8UIgLpdPEo
yY5iIaE1yqgUj87DS6P6PY8KAs50S8FBT7mw6B/BAcuwkDmMP3+Slp/flwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFN2fNJfHDL2f+hXr7dLm1oISLsz+MB8GA1UdIwQY
MBaAFFitYNpSZx6Qg885hk7KKqIyQb6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDct
MTFiM2NmM2ZkNGUxLzEvM1o4MGw4Y012Wl82RmV2dDB1YldnaEl1elA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDctMTFiM2NmM2ZkNGUx
LzEvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKgfyQAMF
AyoP48AwDQYJKoZIhvcNAQELBQADggEBAIEhfefRCh34tRpG5Cya1v9Maq6MruGT
GIVn+IHVPLBvKcSu4VDRt7ybfy3whQBIVontl4buaivGu/topp5k0fnReOP05Ngi
HoWSHt9ckaRbSDTRTHM9J5euuug6RrlXmeMyu46w+Kgp8ZYd2CasTUD5yvQ6ONCH
EYuI+5YAj2fq6QSFM+nOVRLu+Swb4BEv5wDYXACV8OfVIPelntx+81dwHSXqek2m
UwPDx+HFoQbO7mgtUen+hIzu1Rkc/fTnvdjgMxjofRhyAIBVtTv3Zs63dDUtdz1e
GsjKp1GnkBquy2t1/89X3SXS5O8Q1ItJs3c/aFGaIbNo1BSTUgegduA=
-----END CERTIFICATE-----
Generated at Fri Apr 18 09:59:36 2025 by rpki-client