Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/MGoRe8pik1vNYGrJ6qamiG5OPwk.roa
File: MGoRe8pik1vNYGrJ6qamiG5OPwk.roa (raw, json)
Hash identifier: gprjyX49KltlqXrGXZSdpaSJHysG/t3PfWnC8QKYF9E=
Subject key identifier: 30:6A:11:7B:CA:62:93:5B:CD:60:6A:C9:EA:A6:A6:88:6E:4E:3F:09
Certificate issuer: /CN=58ad60da52671e9083cf39864eca2aa23241be9e
Certificate serial: 0195686ABB1EFA92BC3CF50BF2E7B0D3030D
Authority key identifier: 58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/MGoRe8pik1vNYGrJ6qamiG5OPwk.roa
Signing time: Wed 05 Mar 2025 22:26:19 +0000
ROA not before: Wed 05 Mar 2025 22:26:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213448
IP address blocks: 2a13:5040::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 06 Mar 2025 22:52:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:68:6a:bb:1e:fa:92:bc:3c:f5:0b:f2:e7:b0:d3:03:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ad60da52671e9083cf39864eca2aa23241be9e
Validity
Not Before: Mar 5 22:26:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=306a117bca62935bcd606ac9eaa6a6886e4e3f09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:74:6e:c2:93:1e:91:3a:2b:5b:0e:6a:6c:e9:
23:48:01:3b:69:d2:bd:1a:43:79:8f:94:3a:96:71:
4d:14:10:52:7c:36:36:db:44:55:5d:27:41:cc:00:
9c:d5:b6:b7:81:5f:28:2d:32:ca:e3:3a:37:56:45:
b0:30:73:20:23:96:a9:cf:ea:87:dd:38:01:f0:f7:
59:0c:01:9f:f3:01:be:62:43:c5:df:27:08:a8:3e:
79:12:47:19:81:27:5f:8e:bf:b4:4e:5f:73:5f:b2:
27:c0:b8:3a:f1:27:78:09:ca:3e:db:3e:3e:9c:75:
d4:64:b8:11:1b:05:6e:46:14:cf:da:42:fc:76:93:
5f:20:92:b4:89:7d:3e:52:ee:6c:03:09:29:3f:84:
36:10:09:c2:d5:a6:fc:0e:56:a1:aa:27:a8:5c:fe:
e0:ea:35:4e:87:67:b4:9f:5d:3f:c3:e1:e2:1f:24:
ab:e8:11:cc:f3:0f:ea:e9:8f:6a:bb:f0:f8:81:80:
f6:80:e1:bb:53:86:ab:ef:8f:5e:ea:0b:9d:ff:87:
03:b0:ed:e3:59:3d:de:bf:fa:53:b6:88:93:40:32:
e9:4a:1a:16:c3:53:bf:9e:80:ca:6f:77:cb:f5:6d:
ed:93:7d:4c:6f:42:b6:ca:b8:e9:57:40:75:80:b2:
a1:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:6A:11:7B:CA:62:93:5B:CD:60:6A:C9:EA:A6:A6:88:6E:4E:3F:09
X509v3 Authority Key Identifier:
keyid:58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/MGoRe8pik1vNYGrJ6qamiG5OPwk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:5040::/29
Signature Algorithm: sha256WithRSAEncryption
b0:ac:ee:32:f1:9d:19:a5:cc:ca:d3:b6:b9:18:ac:4a:b0:83:
ed:79:6a:c0:73:26:15:37:4c:a5:b0:c7:ec:2a:ef:40:18:30:
54:7a:6e:0a:8a:6c:76:3b:45:05:f9:87:c7:90:c4:17:25:50:
f4:1d:95:8e:e3:43:47:78:34:c6:95:63:8f:f8:f8:93:7c:25:
b1:4f:02:54:9b:c0:16:5f:da:c3:b2:32:37:50:c7:b1:eb:92:
bc:30:32:49:7a:5d:d9:ab:b7:c3:b3:78:fc:2e:38:a4:72:53:
2d:8b:e5:97:bc:48:dd:5a:a0:f2:a8:54:09:30:de:f8:10:5d:
48:2f:e1:aa:fd:53:3c:62:11:7c:e7:91:cd:8b:33:f8:09:0e:
8c:27:ad:09:c4:8f:24:2b:44:79:f4:84:22:a2:88:01:dc:4f:
72:27:6d:1a:6d:e0:a6:80:48:33:a2:a3:79:ca:1b:78:0b:0e:
64:ce:ab:89:1e:c8:d1:7c:8e:3e:f5:d8:ba:88:fc:ba:ee:cf:
14:be:d2:00:3a:9e:c6:da:7e:f9:1b:db:63:8c:e6:ef:b4:99:
18:f2:1a:27:39:0d:49:f8:7e:eb:01:1e:0a:77:0c:d1:bb:2f:
2e:1b:3e:77:46:c3:86:59:49:f4:54:fe:70:38:86:16:f3:39:
98:fb:69:f3
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZVoarse+pK8PPUL8uew0wMNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YWQ2MGRhNTI2NzFlOTA4M2NmMzk4NjRlY2EyYWEyMzI0
MWJlOWUwHhcNMjUwMzA1MjIyNjE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDZhMTE3YmNhNjI5MzViY2Q2MDZhYzllYWE2YTY4ODZlNGUzZjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnnRuwpMekTorWw5qbOkjSAE7adK9
GkN5j5Q6lnFNFBBSfDY220RVXSdBzACc1ba3gV8oLTLK4zo3VkWwMHMgI5apz+qH
3TgB8PdZDAGf8wG+YkPF3ycIqD55EkcZgSdfjr+0Tl9zX7InwLg68Sd4Cco+2z4+
nHXUZLgRGwVuRhTP2kL8dpNfIJK0iX0+Uu5sAwkpP4Q2EAnC1ab8DlahqieoXP7g
6jVOh2e0n10/w+HiHySr6BHM8w/q6Y9qu/D4gYD2gOG7U4ar749e6gud/4cDsO3j
WT3ev/pTtoiTQDLpShoWw1O/noDKb3fL9W3tk31Mb0K2yrjpV0B1gLKhfQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDBqEXvKYpNbzWBqyeqmpohuTj8JMB8GA1UdIwQY
MBaAFFitYNpSZx6Qg885hk7KKqIyQb6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDct
MTFiM2NmM2ZkNGUxLzEvTUdvUmU4cGlrMXZOWUdySjZxYW1pRzVPUHdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDctMTFiM2NmM2ZkNGUx
LzEvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhNQQDAN
BgkqhkiG9w0BAQsFAAOCAQEAsKzuMvGdGaXMytO2uRisSrCD7XlqwHMmFTdMpbDH
7CrvQBgwVHpuCopsdjtFBfmHx5DEFyVQ9B2VjuNDR3g0xpVjj/j4k3wlsU8CVJvA
Fl/aw7IyN1DHseuSvDAySXpd2au3w7N4/C44pHJTLYvll7xI3Vqg8qhUCTDe+BBd
SC/hqv1TPGIRfOeRzYsz+AkOjCetCcSPJCtEefSEIqKIAdxPcidtGm3gpoBIM6Kj
ecobeAsOZM6riR7I0XyOPvXYuoj8uu7PFL7SADqextp++RvbY4zm77SZGPIaJzkN
Sfh+6wEeCncM0bsvLhs+d0bDhllJ9FT+cDiGFvM5mPtp8w==
-----END CERTIFICATE-----
Generated at Fri Apr 18 09:49:38 2025 by rpki-client