Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/O3Ns73tip47M469LMBW-AEVpnE0.roa
File: O3Ns73tip47M469LMBW-AEVpnE0.roa (raw, json)
Hash identifier: wloWz9F7fRgXGR/ZNzUwJqaF4f+qkjztnmCERycZwgA=
Subject key identifier: 3B:73:6C:EF:7B:62:A7:8E:CC:E3:AF:4B:30:15:BE:00:45:69:9C:4D
Certificate issuer: /CN=58ad60da52671e9083cf39864eca2aa23241be9e
Certificate serial: 0194B889CF7EE7BCC2994ED5BDC6E01AE7BF
Authority key identifier: 58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/O3Ns73tip47M469LMBW-AEVpnE0.roa
Signing time: Thu 30 Jan 2025 18:47:06 +0000
ROA not before: Thu 30 Jan 2025 18:47:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212477
IP address blocks: 2a0b:b480::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 15 Mar 2025 17:24:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:b8:89:cf:7e:e7:bc:c2:99:4e:d5:bd:c6:e0:1a:e7:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ad60da52671e9083cf39864eca2aa23241be9e
Validity
Not Before: Jan 30 18:47:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3b736cef7b62a78ecce3af4b3015be0045699c4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:8b:75:8c:f7:7f:14:e7:46:94:a0:3f:87:0a:
e3:05:93:f2:c3:7f:aa:d3:d8:d4:f4:7c:a6:f4:24:
ca:6f:a9:f4:94:6e:62:66:cd:c3:fd:54:07:a4:b8:
89:9e:cf:da:54:73:49:db:c0:6a:c2:ca:a4:0e:bf:
7f:f4:51:31:12:db:a0:c5:1f:b3:02:ef:b0:d8:01:
b9:d3:8b:10:33:45:d0:97:3c:d4:4e:77:ef:35:f3:
ac:21:2d:94:69:dc:e8:14:aa:91:2d:b7:3b:47:2e:
66:d4:1a:9f:74:e8:d0:d7:37:e5:08:a1:5e:7a:1a:
e9:45:2b:b6:79:e7:5e:a2:8f:b4:c2:e5:f6:f5:2d:
28:e6:db:a3:bf:02:a7:b9:f5:96:15:af:a4:75:7a:
c7:9a:30:69:2d:df:4f:3e:39:0a:ea:69:5d:5e:be:
a8:8d:95:a7:07:8d:65:c4:f5:1e:22:78:c0:52:cb:
eb:48:a5:9c:ed:6c:b4:28:9a:35:17:2b:db:1b:4c:
4f:36:7d:be:ff:8a:24:91:3b:c8:d5:25:91:ad:b1:
5e:3e:76:20:f6:81:9e:18:7a:8a:6e:e3:79:1f:86:
f1:f1:6f:b1:05:65:06:92:46:42:13:be:60:41:7c:
37:81:be:be:0b:a6:3f:7d:2b:20:45:1d:de:0c:fc:
60:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:73:6C:EF:7B:62:A7:8E:CC:E3:AF:4B:30:15:BE:00:45:69:9C:4D
X509v3 Authority Key Identifier:
keyid:58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/O3Ns73tip47M469LMBW-AEVpnE0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:b480::/29
Signature Algorithm: sha256WithRSAEncryption
0f:1c:87:0a:6e:29:39:48:e5:6b:79:46:8a:e8:1f:5f:8c:04:
94:3c:18:dc:06:88:f9:ab:43:94:e3:86:d7:6b:0e:2a:17:c1:
3e:30:3f:f8:ec:8d:33:af:46:58:55:50:ba:0a:8f:f3:8d:a0:
51:3b:3d:99:32:05:2d:b8:c0:70:21:62:c8:01:af:d5:28:d4:
d3:7b:7c:a1:e7:9d:97:fe:ac:bf:23:bb:c7:41:8c:e8:e7:c3:
58:03:ef:77:da:c8:b4:55:4a:d1:1f:0f:a6:6c:74:f1:eb:4c:
86:dc:eb:e8:39:0e:d8:d5:1d:7c:8b:61:05:df:e3:62:e9:56:
e6:3f:82:b3:82:2e:10:f5:63:64:cd:0e:1b:4d:03:e0:c3:67:
59:d1:84:b9:b8:d6:a0:c7:fd:d5:c7:ba:a4:be:10:5e:39:17:
ac:15:ab:cd:53:c9:e5:9c:72:fd:b8:24:ab:f6:7f:9a:95:11:
f9:ac:8b:5f:2c:0e:eb:e2:43:fb:05:61:65:6f:7e:49:40:fd:
e5:09:2d:4b:12:ec:d4:44:2c:27:6e:8d:38:c3:fc:31:16:ba:
09:25:e3:5f:2f:51:d3:4b:74:43:7d:3b:4b:fc:e7:45:2d:10:
ef:0d:3c:17:82:a3:b3:a9:8e:9a:c6:06:cb:9e:30:13:59:e9:
49:aa:6b:61
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZS4ic9+57zCmU7VvcbgGue/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YWQ2MGRhNTI2NzFlOTA4M2NmMzk4NjRlY2EyYWEyMzI0
MWJlOWUwHhcNMjUwMTMwMTg0NzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjczNmNlZjdiNjJhNzhlY2NlM2FmNGIzMDE1YmUwMDQ1Njk5YzRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy4t1jPd/FOdGlKA/hwrjBZPyw3+q
09jU9Hym9CTKb6n0lG5iZs3D/VQHpLiJns/aVHNJ28BqwsqkDr9/9FExEtugxR+z
Au+w2AG504sQM0XQlzzUTnfvNfOsIS2UadzoFKqRLbc7Ry5m1BqfdOjQ1zflCKFe
ehrpRSu2eedeoo+0wuX29S0o5tujvwKnufWWFa+kdXrHmjBpLd9PPjkK6mldXr6o
jZWnB41lxPUeInjAUsvrSKWc7Wy0KJo1FyvbG0xPNn2+/4okkTvI1SWRrbFePnYg
9oGeGHqKbuN5H4bx8W+xBWUGkkZCE75gQXw3gb6+C6Y/fSsgRR3eDPxgPQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDtzbO97YqeOzOOvSzAVvgBFaZxNMB8GA1UdIwQY
MBaAFFitYNpSZx6Qg885hk7KKqIyQb6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDct
MTFiM2NmM2ZkNGUxLzEvTzNOczczdGlwNDdNNDY5TE1CVy1BRVZwbkUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDctMTFiM2NmM2ZkNGUx
LzEvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgu0gDAN
BgkqhkiG9w0BAQsFAAOCAQEADxyHCm4pOUjla3lGiugfX4wElDwY3AaI+atDlOOG
12sOKhfBPjA/+OyNM69GWFVQugqP842gUTs9mTIFLbjAcCFiyAGv1SjU03t8oeed
l/6svyO7x0GM6OfDWAPvd9rItFVK0R8Ppmx08etMhtzr6DkO2NUdfIthBd/jYulW
5j+Cs4IuEPVjZM0OG00D4MNnWdGEubjWoMf91ce6pL4QXjkXrBWrzVPJ5Zxy/bgk
q/Z/mpUR+ayLXywO6+JD+wVhZW9+SUD95QktSxLs1EQsJ26NOMP8MRa6CSXjXy9R
00t0Q307S/znRS0Q7w08F4Kjs6mOmsYGy54wE1npSaprYQ==
-----END CERTIFICATE-----
Generated at Fri Apr 18 10:03:41 2025 by rpki-client