Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/4YWmZqp9RV2CnHNZYZOgMcYcB9U.roa
File: 4YWmZqp9RV2CnHNZYZOgMcYcB9U.roa (raw, json)
Hash identifier: 6hU2IIdoC/plSvbeoa7etNi6eWElOiaCk3pn4/p3cYU=
Subject key identifier: E1:85:A6:66:AA:7D:45:5D:82:9C:73:59:61:93:A0:31:C6:1C:07:D5
Certificate issuer: /CN=58ad60da52671e9083cf39864eca2aa23241be9e
Certificate serial: 0195106EA9D3DD5B87CF2CDBC3AD9BE99ED7
Authority key identifier: 58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/4YWmZqp9RV2CnHNZYZOgMcYcB9U.roa
Signing time: Sun 16 Feb 2025 20:24:02 +0000
ROA not before: Sun 16 Feb 2025 20:24:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207108
IP address blocks: 2a0b:8440::/29 maxlen: 29
2a13:cdc0::/29 maxlen: 29
2a13:d140::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 26 Mar 2025 19:56:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:10:6e:a9:d3:dd:5b:87:cf:2c:db:c3:ad:9b:e9:9e:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ad60da52671e9083cf39864eca2aa23241be9e
Validity
Not Before: Feb 16 20:24:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e185a666aa7d455d829c73596193a031c61c07d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:fb:54:6a:1f:08:5d:31:29:4b:bc:2f:cc:29:
14:a6:1b:24:10:0b:4e:73:02:ac:4a:c0:41:c9:a9:
12:fb:a6:3a:00:ba:a1:43:60:3b:49:53:ae:dc:4f:
cb:91:73:5b:f5:23:ff:5a:5f:95:bc:52:70:b4:2e:
8b:80:58:76:15:ae:cf:6e:f2:b8:b9:07:06:79:1f:
9e:f2:0a:1a:43:9a:58:b7:fa:87:8f:e6:f6:af:c9:
d1:6c:53:30:35:94:f0:f1:10:d6:6f:8a:b2:d1:ec:
63:8c:a3:c1:b0:83:19:9c:4a:85:b4:b1:b2:25:67:
42:08:d0:b3:73:1c:94:9a:c6:76:1b:82:b4:7c:65:
59:f4:2c:48:c9:0d:65:01:9f:0b:86:86:9b:31:01:
9a:c7:3a:0f:40:d7:ef:f5:ef:17:c7:5f:71:b2:40:
37:df:cd:f2:2c:89:5e:50:aa:7b:47:a7:e3:6f:43:
73:c8:ff:7f:7f:bd:46:db:27:1f:99:45:d2:52:11:
1f:d8:a6:46:1f:c6:d5:a0:e3:d5:3d:e0:13:c0:08:
f8:0c:bc:22:14:fd:6c:25:65:55:5f:c2:14:56:74:
c6:b3:e1:b7:b1:61:67:7e:52:0d:37:14:21:4f:e9:
15:22:9f:10:1a:29:f2:a9:54:c0:e0:be:52:0a:13:
f1:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:85:A6:66:AA:7D:45:5D:82:9C:73:59:61:93:A0:31:C6:1C:07:D5
X509v3 Authority Key Identifier:
keyid:58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/4YWmZqp9RV2CnHNZYZOgMcYcB9U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:8440::/29
2a13:cdc0::/29
2a13:d140::/29
Signature Algorithm: sha256WithRSAEncryption
5b:f6:8b:fe:37:48:ed:bf:e8:75:01:e1:42:c5:f5:a2:67:2e:
7f:c7:7b:ad:09:f9:e9:8b:fc:e9:1e:86:a4:db:ac:9c:ea:2f:
fe:8e:97:e3:d6:f1:94:14:3e:07:a1:c8:9e:cc:70:11:79:73:
20:86:7f:4d:9c:2d:cf:59:fa:14:0b:0e:09:2b:82:10:25:25:
90:ac:79:d3:1f:d4:10:86:68:e9:60:3f:3d:d9:bf:ff:6c:ec:
88:db:3b:98:2c:cc:ca:9a:b9:33:5d:5a:0e:65:f1:12:db:2d:
f2:f8:3e:92:33:ba:c8:e9:fa:42:fa:79:d6:26:d0:2e:fd:a7:
67:b2:91:c8:94:fc:79:74:0d:bf:d2:5e:ce:1f:71:5e:43:59:
ad:50:43:86:17:39:d2:a6:1e:c0:cc:6b:71:32:0b:6f:a7:bd:
b2:9e:e0:a6:fb:3d:1a:d2:5e:c6:ad:67:a2:44:4e:ca:91:c2:
4a:8a:ca:d2:f5:f1:b4:f0:3f:2a:1e:69:08:ba:5e:34:cb:93:
57:f1:51:3d:94:b1:2a:05:28:1e:2b:d9:62:25:a0:02:82:7f:
fb:d5:d5:a0:c3:9e:51:b2:6a:38:d9:e6:4f:12:5b:b6:1a:36:
98:2d:ba:78:4f:5b:1b:70:ad:54:97:d9:b8:d1:2d:59:e2:29:
2a:b8:9c:75
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZUQbqnT3VuHzyzbw62b6Z7XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YWQ2MGRhNTI2NzFlOTA4M2NmMzk4NjRlY2EyYWEyMzI0
MWJlOWUwHhcNMjUwMjE2MjAyNDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTg1YTY2NmFhN2Q0NTVkODI5YzczNTk2MTkzYTAzMWM2MWMwN2Q1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm/tUah8IXTEpS7wvzCkUphskEAtO
cwKsSsBByakS+6Y6ALqhQ2A7SVOu3E/LkXNb9SP/Wl+VvFJwtC6LgFh2Fa7PbvK4
uQcGeR+e8goaQ5pYt/qHj+b2r8nRbFMwNZTw8RDWb4qy0exjjKPBsIMZnEqFtLGy
JWdCCNCzcxyUmsZ2G4K0fGVZ9CxIyQ1lAZ8LhoabMQGaxzoPQNfv9e8Xx19xskA3
383yLIleUKp7R6fjb0NzyP9/f71G2ycfmUXSUhEf2KZGH8bVoOPVPeATwAj4DLwi
FP1sJWVVX8IUVnTGs+G3sWFnflINNxQhT+kVIp8QGinyqVTA4L5SChPxfwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOGFpmaqfUVdgpxzWWGToDHGHAfVMB8GA1UdIwQY
MBaAFFitYNpSZx6Qg885hk7KKqIyQb6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDct
MTFiM2NmM2ZkNGUxLzEvNFlXbVpxcDlSVjJDbkhOWllaT2dNY1ljQjlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDctMTFiM2NmM2ZkNGUx
LzEvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKguEQAMF
AyoTzcADBQMqE9FAMA0GCSqGSIb3DQEBCwUAA4IBAQBb9ov+N0jtv+h1AeFCxfWi
Zy5/x3utCfnpi/zpHoak26yc6i/+jpfj1vGUFD4HociezHAReXMghn9NnC3PWfoU
Cw4JK4IQJSWQrHnTH9QQhmjpYD892b//bOyI2zuYLMzKmrkzXVoOZfES2y3y+D6S
M7rI6fpC+nnWJtAu/adnspHIlPx5dA2/0l7OH3FeQ1mtUEOGFznSph7AzGtxMgtv
p72ynuCm+z0a0l7GrWeiRE7KkcJKisrS9fG08D8qHmkIul40y5NX8VE9lLEqBSge
K9liJaACgn/71dWgw55Rsmo42eZPElu2GjaYLbp4T1sbcK1Ul9m40S1Z4ikquJx1
-----END CERTIFICATE-----
Generated at Sun Apr 20 22:44:36 2025 by rpki-client