Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/PbKg2c03uln_AzvW4Bq8E72f-nA.roa
File: PbKg2c03uln_AzvW4Bq8E72f-nA.roa (raw, json)
Hash identifier: QSU+GWV+iEK/Vo83vBzoMZNMEoy8iSRF9lbhPak2vko=
Subject key identifier: 3D:B2:A0:D9:CD:37:BA:59:FF:03:3B:D6:E0:1A:BC:13:BD:9F:FA:70
Certificate issuer: /CN=58ad60da52671e9083cf39864eca2aa23241be9e
Certificate serial: 0194282645827EF437E11E2E30B3DE4D8686
Authority key identifier: 58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/PbKg2c03uln_AzvW4Bq8E72f-nA.roa
Signing time: Thu 02 Jan 2025 17:53:04 +0000
ROA not before: Thu 02 Jan 2025 17:53:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200216
IP address blocks: 2a13:bcc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 05 Mar 2025 21:35:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:45:82:7e:f4:37:e1:1e:2e:30:b3:de:4d:86:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ad60da52671e9083cf39864eca2aa23241be9e
Validity
Not Before: Jan 2 17:53:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3db2a0d9cd37ba59ff033bd6e01abc13bd9ffa70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:69:b5:c3:6d:51:3b:54:cb:96:e8:d1:88:e7:
4f:5c:b3:31:08:6e:21:93:e8:aa:fb:26:69:41:6b:
30:bf:6b:50:0e:62:c3:c2:40:5c:9b:74:8b:6d:98:
db:8e:85:63:4f:6d:3e:10:17:00:1a:5b:52:17:d9:
0c:62:af:fc:90:fb:be:d8:2b:3b:f7:bd:06:2f:12:
31:43:2b:16:4b:a1:b8:09:7e:ce:fe:9d:8c:83:6c:
be:f1:2d:63:49:eb:58:9e:01:7a:5e:d5:c1:d6:ba:
1a:f3:80:30:3e:f1:a6:b2:0e:57:5f:01:cd:70:93:
8b:2b:53:e4:eb:90:b4:c7:45:aa:0f:78:4e:8e:62:
48:96:75:01:dc:fb:31:f9:bc:ea:38:3a:2a:a4:ad:
7e:a0:b4:5a:2a:81:46:42:3f:57:d3:b4:fd:26:e8:
a4:9c:07:ec:da:b4:ef:32:cb:52:97:65:ab:8c:34:
fb:a5:bf:1c:ef:3d:4e:4e:16:d4:a8:a7:0a:b9:73:
23:81:ec:08:09:79:ff:ae:39:ed:57:fd:dc:9f:cb:
d9:92:e1:5c:f7:43:f7:2d:b6:df:35:d8:2c:a3:24:
bd:63:69:9f:34:94:b1:07:70:9f:81:3d:5b:de:06:
c6:9a:2b:72:9c:d9:d3:75:67:ca:02:3b:78:5d:17:
fc:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:B2:A0:D9:CD:37:BA:59:FF:03:3B:D6:E0:1A:BC:13:BD:9F:FA:70
X509v3 Authority Key Identifier:
keyid:58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/PbKg2c03uln_AzvW4Bq8E72f-nA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:bcc0::/29
Signature Algorithm: sha256WithRSAEncryption
96:4b:64:4d:5e:a4:6d:01:ae:94:2b:50:41:9c:77:5e:42:f2:
6b:52:39:7b:0f:0a:19:c5:0a:ae:b6:34:4c:00:f5:04:66:95:
c0:bc:e8:27:6c:23:b6:ab:b7:43:83:4a:a4:23:44:ff:08:31:
e4:be:eb:fd:a9:ca:26:bf:d0:3a:15:47:65:51:71:54:53:ff:
90:4c:6f:79:35:61:b1:51:56:9e:a2:a8:1e:ae:2c:b1:25:c6:
a8:89:78:14:23:ed:85:eb:59:29:df:a0:7d:62:34:aa:9f:d7:
5e:15:6a:29:c3:9f:47:eb:42:88:20:47:fd:d3:77:31:ed:88:
fc:14:3f:0a:3b:81:8a:da:c2:2d:68:e5:11:ae:9d:80:06:81:
ec:41:4e:71:c9:59:c8:16:09:e7:50:3d:95:8b:89:fa:56:b2:
09:bf:c2:09:da:15:04:09:68:c8:4d:f7:36:74:37:df:4c:ca:
97:76:62:3c:ec:6a:af:5c:93:ad:6a:2a:5b:7e:df:ef:bc:32:
a3:a0:7e:12:a0:ff:16:e6:0e:c7:f2:cc:c2:f3:8e:13:8e:e7:
c1:0f:a1:06:de:a5:84:d3:27:d3:53:99:d4:a1:53:e6:3f:d7:
8e:01:3c:f0:44:06:45:e6:8c:eb:cd:36:c7:88:26:14:73:e7:
c8:2c:ea:c8
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQoJkWCfvQ34R4uMLPeTYaGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YWQ2MGRhNTI2NzFlOTA4M2NmMzk4NjRlY2EyYWEyMzI0
MWJlOWUwHhcNMjUwMTAyMTc1MzA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGIyYTBkOWNkMzdiYTU5ZmYwMzNiZDZlMDFhYmMxM2JkOWZmYTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmm1w21RO1TLlujRiOdPXLMxCG4h
k+iq+yZpQWswv2tQDmLDwkBcm3SLbZjbjoVjT20+EBcAGltSF9kMYq/8kPu+2Cs7
970GLxIxQysWS6G4CX7O/p2Mg2y+8S1jSetYngF6XtXB1roa84AwPvGmsg5XXwHN
cJOLK1Pk65C0x0WqD3hOjmJIlnUB3Psx+bzqODoqpK1+oLRaKoFGQj9X07T9Juik
nAfs2rTvMstSl2WrjDT7pb8c7z1OThbUqKcKuXMjgewICXn/rjntV/3cn8vZkuFc
90P3LbbfNdgsoyS9Y2mfNJSxB3CfgT1b3gbGmitynNnTdWfKAjt4XRf89wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFD2yoNnNN7pZ/wM71uAavBO9n/pwMB8GA1UdIwQY
MBaAFFitYNpSZx6Qg885hk7KKqIyQb6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDct
MTFiM2NmM2ZkNGUxLzEvUGJLZzJjMDN1bG5fQXp2VzRCcThFNzJmLW5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDctMTFiM2NmM2ZkNGUx
LzEvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhO8wDAN
BgkqhkiG9w0BAQsFAAOCAQEAlktkTV6kbQGulCtQQZx3XkLya1I5ew8KGcUKrrY0
TAD1BGaVwLzoJ2wjtqu3Q4NKpCNE/wgx5L7r/anKJr/QOhVHZVFxVFP/kExveTVh
sVFWnqKoHq4ssSXGqIl4FCPthetZKd+gfWI0qp/XXhVqKcOfR+tCiCBH/dN3Me2I
/BQ/CjuBitrCLWjlEa6dgAaB7EFOcclZyBYJ51A9lYuJ+layCb/CCdoVBAloyE33
NnQ330zKl3ZiPOxqr1yTrWoqW37f77wyo6B+EqD/FuYOx/LMwvOOE47nwQ+hBt6l
hNMn01OZ1KFT5j/XjgE88EQGReaM6802x4gmFHPnyCzqyA==
-----END CERTIFICATE-----
Generated at Fri Apr 18 09:50:49 2025 by rpki-client