Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/9vesZ2t8Ul2nCen-Qj9ioVlEbKs.roa
File: 9vesZ2t8Ul2nCen-Qj9ioVlEbKs.roa (raw, json)
Hash identifier: SMwzFWbwf4IrI2rccVTE/ge2fLK/WU1BcJm9MoVtt3w=
Subject key identifier: F6:F7:AC:67:6B:7C:52:5D:A7:09:E9:FE:42:3F:62:A1:59:44:6C:AB
Certificate issuer: /CN=58ad60da52671e9083cf39864eca2aa23241be9e
Certificate serial: 0196F462746E4F1E53C5FCC66DD020E5DECE
Authority key identifier: 58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/9vesZ2t8Ul2nCen-Qj9ioVlEbKs.roa
Signing time: Wed 21 May 2025 19:46:55 +0000
ROA not before: Wed 21 May 2025 19:46:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2a0b:b480::/29 maxlen: 29
2a10:a9c0::/29 maxlen: 29
2a13:5040::/29 maxlen: 29
2a13:bec0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 28 May 2025 20:06:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f4:62:74:6e:4f:1e:53:c5:fc:c6:6d:d0:20:e5:de:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ad60da52671e9083cf39864eca2aa23241be9e
Validity
Not Before: May 21 19:46:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f6f7ac676b7c525da709e9fe423f62a159446cab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:4b:f4:19:d5:a6:59:bf:5f:86:77:03:93:8a:
29:96:a9:1f:d3:fd:c2:f0:80:b2:be:e3:e4:e0:97:
c8:e6:9a:91:63:f0:40:59:a7:0a:5a:63:8c:83:fd:
6c:07:61:65:67:a4:ad:bf:34:81:fa:7f:d0:07:a1:
81:6b:ec:3a:1b:2e:ed:f9:b0:df:92:ac:28:b9:e9:
20:34:70:8a:15:c7:5a:14:25:c0:c3:42:55:18:fc:
5b:1a:30:26:dc:bf:f5:ed:7a:e3:3a:2d:70:f4:2e:
97:54:c1:d1:d8:d5:1e:5b:8c:20:2d:a5:9b:55:16:
65:70:4b:c4:d8:42:15:e4:5c:c3:5b:a3:a0:76:08:
df:37:dc:26:94:64:70:cd:90:74:ad:ec:6b:17:5b:
c6:e4:23:fe:78:4d:65:74:5a:bd:45:5b:f4:fc:ee:
34:f9:1c:93:05:cc:b9:72:1e:c9:90:b6:10:48:42:
a9:94:0b:07:61:f6:44:31:94:42:5e:fd:84:07:f0:
a6:fd:22:71:1a:cd:f0:9d:b1:5e:39:10:bf:2f:42:
b5:60:56:23:13:42:6b:3d:1c:a3:b8:a5:eb:99:75:
7b:73:0d:59:7d:69:36:b7:94:27:e3:69:f2:02:d1:
22:23:04:9a:a3:83:6b:e3:1f:c5:24:77:d3:f7:a6:
45:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:F7:AC:67:6B:7C:52:5D:A7:09:E9:FE:42:3F:62:A1:59:44:6C:AB
X509v3 Authority Key Identifier:
keyid:58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/9vesZ2t8Ul2nCen-Qj9ioVlEbKs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:b480::/29
2a10:a9c0::/29
2a13:5040::/29
2a13:bec0::/29
Signature Algorithm: sha256WithRSAEncryption
51:14:b2:32:a6:72:cb:ab:13:08:83:0e:41:a2:0a:f5:94:30:
93:da:55:b1:f5:e2:02:88:26:ef:74:1f:d6:b0:62:4d:55:f1:
f6:61:1e:83:5d:2f:c4:20:67:6a:35:60:07:3d:16:54:49:c7:
45:1b:c5:c0:2b:9d:69:8c:fd:e7:d4:48:17:81:7e:4f:c7:73:
22:9a:50:5d:3a:61:f2:0b:29:8f:95:37:1d:40:21:a1:4f:0b:
e3:af:b6:75:7a:09:90:50:8e:cf:c3:0c:1f:b3:5f:ba:96:2c:
ac:ca:bc:16:ff:17:f4:e3:9d:55:b0:f7:a2:fc:7f:ae:58:53:
c4:fa:fd:f9:a6:ef:86:b5:c4:b5:98:4f:b3:49:fa:b4:a3:2d:
6c:99:92:24:9f:24:f3:64:34:07:c1:fd:16:d1:8f:33:a8:83:
1c:9b:4e:50:bd:74:dd:50:a5:01:b1:29:c4:a0:0a:7f:81:b1:
c4:70:c8:e2:75:40:63:67:07:bb:b5:58:65:30:cd:34:55:33:
8f:96:67:fb:05:24:57:ec:a4:69:68:ea:41:b2:e1:bf:41:7a:
84:db:54:d5:ad:4e:22:85:e0:f9:0f:64:72:91:43:1c:73:16:
9a:35:e9:56:d5:08:d7:8d:7c:5c:04:18:b0:81:d4:7a:e9:95:
42:4d:ea:39
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZb0YnRuTx5TxfzGbdAg5d7OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YWQ2MGRhNTI2NzFlOTA4M2NmMzk4NjRlY2EyYWEyMzI0
MWJlOWUwHhcNMjUwNTIxMTk0NjU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmY3YWM2NzZiN2M1MjVkYTcwOWU5ZmU0MjNmNjJhMTU5NDQ2Y2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Uv0GdWmWb9fhncDk4oplqkf0/3C
8ICyvuPk4JfI5pqRY/BAWacKWmOMg/1sB2FlZ6StvzSB+n/QB6GBa+w6Gy7t+bDf
kqwouekgNHCKFcdaFCXAw0JVGPxbGjAm3L/17XrjOi1w9C6XVMHR2NUeW4wgLaWb
VRZlcEvE2EIV5FzDW6OgdgjfN9wmlGRwzZB0rexrF1vG5CP+eE1ldFq9RVv0/O40
+RyTBcy5ch7JkLYQSEKplAsHYfZEMZRCXv2EB/Cm/SJxGs3wnbFeORC/L0K1YFYj
E0JrPRyjuKXrmXV7cw1ZfWk2t5Qn42nyAtEiIwSao4Nr4x/FJHfT96ZFmwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFPb3rGdrfFJdpwnp/kI/YqFZRGyrMB8GA1UdIwQY
MBaAFFitYNpSZx6Qg885hk7KKqIyQb6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDct
MTFiM2NmM2ZkNGUxLzEvOXZlc1oydDhVbDJuQ2VuLVFqOWlvVmxFYktzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDctMTFiM2NmM2ZkNGUx
LzEvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKgu0gAMF
AyoQqcADBQMqE1BAAwUDKhO+wDANBgkqhkiG9w0BAQsFAAOCAQEAURSyMqZyy6sT
CIMOQaIK9ZQwk9pVsfXiAogm73Qf1rBiTVXx9mEeg10vxCBnajVgBz0WVEnHRRvF
wCudaYz959RIF4F+T8dzIppQXTph8gspj5U3HUAhoU8L46+2dXoJkFCOz8MMH7Nf
upYsrMq8Fv8X9OOdVbD3ovx/rlhTxPr9+abvhrXEtZhPs0n6tKMtbJmSJJ8k82Q0
B8H9FtGPM6iDHJtOUL103VClAbEpxKAKf4GxxHDI4nVAY2cHu7VYZTDNNFUzj5Zn
+wUkV+ykaWjqQbLhv0F6hNtU1a1OIoXg+Q9kcpFDHHMWmjXpVtUI1418XAQYsIHU
eumVQk3qOQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 15:03:37 2025 by rpki-client