Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/IOZQ4oDXnncl2wnBf4A5zZ2llxU.roa
File: IOZQ4oDXnncl2wnBf4A5zZ2llxU.roa (raw, json)
Hash identifier: HhcSPRja0abzFjiSf4MwBx2OTFdzBlPBouodyUfTMcg=
Subject key identifier: 20:E6:50:E2:80:D7:9E:77:25:DB:09:C1:7F:80:39:CD:9D:A5:97:15
Certificate issuer: /CN=58ad60da52671e9083cf39864eca2aa23241be9e
Certificate serial: 01951FBC34DB163A3D8490A556FFA946DEEA
Authority key identifier: 58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/IOZQ4oDXnncl2wnBf4A5zZ2llxU.roa
Signing time: Wed 19 Feb 2025 19:43:02 +0000
ROA not before: Wed 19 Feb 2025 19:43:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 134351
IP address blocks: 2a0f:89c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Sun 30 Mar 2025 19:16:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:1f:bc:34:db:16:3a:3d:84:90:a5:56:ff:a9:46:de:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ad60da52671e9083cf39864eca2aa23241be9e
Validity
Not Before: Feb 19 19:43:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=20e650e280d79e7725db09c17f8039cd9da59715
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:d7:b0:a1:e7:17:81:4b:89:3c:8e:83:da:2a:
09:8b:b1:de:3c:90:ab:80:0c:1b:a5:97:63:91:cd:
95:47:94:16:7b:6b:d9:82:6f:02:f7:48:1b:eb:87:
ce:7f:37:f7:73:5d:fe:94:01:2b:9c:48:0c:4d:90:
f5:c2:7a:5f:39:7f:1b:5f:5a:ce:26:5c:5a:60:9f:
f2:72:d6:68:1f:a4:61:42:db:b3:ea:1b:e7:b7:ea:
47:60:69:99:cd:06:63:67:ca:1e:bd:d2:23:11:4c:
9f:8d:12:62:b8:96:df:31:e9:60:ae:d8:ba:bd:ac:
50:6b:16:0b:2d:03:a6:4b:ed:71:c4:98:4e:47:5f:
fe:80:53:c5:56:57:45:a4:68:73:ec:63:36:af:f8:
be:d0:f8:b4:01:e6:c0:1f:12:a5:46:af:60:1d:f5:
de:f2:b0:89:84:cc:be:33:87:3b:de:0c:35:9d:19:
f5:80:e0:b4:c1:82:88:0a:a4:e1:d2:9a:ec:ca:1e:
ac:10:55:cb:d2:23:08:e3:f3:7b:e1:4c:49:26:2a:
be:1f:33:2d:74:19:fd:2b:76:b1:19:74:e1:9c:3f:
2e:ed:0e:c3:b4:48:ba:e8:cb:cb:6c:86:d3:07:c2:
5e:59:8b:69:eb:d2:26:5a:12:92:a6:95:0b:6f:7f:
22:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:E6:50:E2:80:D7:9E:77:25:DB:09:C1:7F:80:39:CD:9D:A5:97:15
X509v3 Authority Key Identifier:
keyid:58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/IOZQ4oDXnncl2wnBf4A5zZ2llxU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:89c0::/29
Signature Algorithm: sha256WithRSAEncryption
29:8d:d9:42:d2:af:c0:a1:4a:d3:73:0b:e4:8a:e1:c4:a5:b7:
28:43:3d:8b:59:3c:c0:ce:d6:c5:b3:20:4b:c7:79:ed:1b:88:
3c:ec:8b:f8:96:24:7e:3a:48:ff:8a:76:89:39:60:40:ee:1b:
ef:7f:a0:74:9e:10:90:d7:39:6e:b4:57:c9:cc:48:07:b4:d6:
30:46:69:90:d2:39:12:de:95:78:53:af:ac:d6:82:0d:19:db:
bd:70:ea:17:b9:d7:75:a1:cb:a4:10:e1:1c:ce:6b:a3:eb:b8:
62:40:fd:1d:16:12:57:50:71:2c:aa:11:9c:25:e6:96:2b:87:
20:76:86:df:d6:b3:a5:9f:f7:5d:42:8c:38:c9:32:71:d6:42:
9f:8f:bd:15:f8:ae:b8:f7:95:aa:c4:96:11:8f:da:84:c9:c3:
78:dd:ac:15:39:85:76:03:d4:be:e2:fe:17:f2:cc:1f:dc:90:
45:66:18:b0:86:fc:14:5e:0e:a0:30:2b:a4:16:55:0f:d2:ba:
ff:29:c4:e6:dc:70:a6:ec:c5:75:07:0a:dd:71:2d:1f:b6:e8:
08:a6:71:33:0f:17:01:9a:df:5e:88:b8:ab:7d:1e:6b:cf:c5:
5e:b7:17:83:07:0c:04:89:73:9c:70:28:93:22:51:3a:b4:7e:
69:e0:dd:1e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZUfvDTbFjo9hJClVv+pRt7qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YWQ2MGRhNTI2NzFlOTA4M2NmMzk4NjRlY2EyYWEyMzI0
MWJlOWUwHhcNMjUwMjE5MTk0MzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGU2NTBlMjgwZDc5ZTc3MjVkYjA5YzE3ZjgwMzljZDlkYTU5NzE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvtewoecXgUuJPI6D2ioJi7HePJCr
gAwbpZdjkc2VR5QWe2vZgm8C90gb64fOfzf3c13+lAErnEgMTZD1wnpfOX8bX1rO
JlxaYJ/yctZoH6RhQtuz6hvnt+pHYGmZzQZjZ8oevdIjEUyfjRJiuJbfMelgrti6
vaxQaxYLLQOmS+1xxJhOR1/+gFPFVldFpGhz7GM2r/i+0Pi0AebAHxKlRq9gHfXe
8rCJhMy+M4c73gw1nRn1gOC0wYKICqTh0prsyh6sEFXL0iMI4/N74UxJJiq+HzMt
dBn9K3axGXThnD8u7Q7DtEi66MvLbIbTB8JeWYtp69ImWhKSppULb38iRwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFCDmUOKA1553JdsJwX+AOc2dpZcVMB8GA1UdIwQY
MBaAFFitYNpSZx6Qg885hk7KKqIyQb6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDct
MTFiM2NmM2ZkNGUxLzEvSU9aUTRvRFhubmNsMnduQmY0QTV6WjJsbHhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDctMTFiM2NmM2ZkNGUx
LzEvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg+JwDAN
BgkqhkiG9w0BAQsFAAOCAQEAKY3ZQtKvwKFK03ML5IrhxKW3KEM9i1k8wM7WxbMg
S8d57RuIPOyL+JYkfjpI/4p2iTlgQO4b73+gdJ4QkNc5brRXycxIB7TWMEZpkNI5
Et6VeFOvrNaCDRnbvXDqF7nXdaHLpBDhHM5ro+u4YkD9HRYSV1BxLKoRnCXmliuH
IHaG39azpZ/3XUKMOMkycdZCn4+9FfiuuPeVqsSWEY/ahMnDeN2sFTmFdgPUvuL+
F/LMH9yQRWYYsIb8FF4OoDArpBZVD9K6/ynE5txwpuzFdQcK3XEtH7boCKZxMw8X
AZrfXoi4q30ea8/FXrcXgwcMBIlznHAokyJROrR+aeDdHg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 20:50:27 2025 by rpki-client