Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/Qlnjr8O-5MUMx9i2gvVeDuykiBY.roa
File: Qlnjr8O-5MUMx9i2gvVeDuykiBY.roa (raw, json)
Hash identifier: lRs+EEcjqMMen2OlITj/YkDPUpWiVUprbI5y92OTJmE=
Subject key identifier: 42:59:E3:AF:C3:BE:E4:C5:0C:C7:D8:B6:82:F5:5E:0E:EC:A4:88:16
Certificate issuer: /CN=58ad60da52671e9083cf39864eca2aa23241be9e
Certificate serial: 0194282645B92484B0C25119D9E05825CC24
Authority key identifier: 58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/Qlnjr8O-5MUMx9i2gvVeDuykiBY.roa
Signing time: Thu 02 Jan 2025 17:53:04 +0000
ROA not before: Thu 02 Jan 2025 17:53:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201207
IP address blocks: 2a13:bd40::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 15 Mar 2025 22:22:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:45:b9:24:84:b0:c2:51:19:d9:e0:58:25:cc:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ad60da52671e9083cf39864eca2aa23241be9e
Validity
Not Before: Jan 2 17:53:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4259e3afc3bee4c50cc7d8b682f55e0eeca48816
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:48:c6:80:5d:03:04:85:b0:6b:9d:a2:9d:a6:
c1:c9:3a:f3:d6:39:bb:e3:2d:33:07:4c:5e:bd:78:
d5:e6:24:bb:31:6b:e1:d1:a1:68:0d:74:1f:67:77:
e3:4e:c3:85:a1:cb:81:cc:6d:21:22:ea:e0:09:37:
4d:e5:ad:5e:f1:32:29:54:94:bb:46:63:c5:15:8a:
64:df:77:71:dc:f1:1c:e0:95:05:e1:c9:66:5b:e4:
28:1a:f9:74:64:74:93:4c:dd:f0:e0:fa:93:21:f9:
c3:85:79:b9:da:f7:9a:a3:76:4a:59:19:75:04:76:
c0:a2:ea:0c:62:72:ac:34:0d:c1:c2:06:6e:0b:ce:
a7:76:6f:9e:a1:19:bc:1f:20:3e:04:3f:f2:c0:84:
73:53:0d:1b:85:b8:fc:15:0e:c1:57:59:92:9f:a1:
d5:45:be:d5:1a:53:a9:87:4e:60:73:54:86:12:be:
2a:23:f5:e8:fd:fa:6f:bc:ee:16:92:7f:5e:7a:54:
52:16:95:a3:14:80:8f:96:48:3f:20:81:e2:1b:d3:
36:c7:b6:4f:e8:0f:66:12:8d:45:e6:4d:58:be:31:
86:7f:da:70:4d:3d:31:6c:a9:53:f0:f1:15:4c:6d:
7a:42:3d:17:da:f8:5f:91:89:fd:05:c7:9a:b9:9e:
3d:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:59:E3:AF:C3:BE:E4:C5:0C:C7:D8:B6:82:F5:5E:0E:EC:A4:88:16
X509v3 Authority Key Identifier:
keyid:58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/Qlnjr8O-5MUMx9i2gvVeDuykiBY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:bd40::/29
Signature Algorithm: sha256WithRSAEncryption
bb:5e:b8:e2:2f:60:f7:6a:c2:60:b2:24:7d:83:a0:e1:0e:4c:
50:0e:8f:c2:18:4e:b1:2b:fb:a8:34:36:e9:82:58:0e:c0:18:
5a:ef:7c:fe:66:04:dc:f3:3c:f5:5d:44:17:b7:83:0d:90:f7:
4f:ae:b9:93:5d:51:83:05:0a:ec:43:05:a7:54:6f:e0:4c:eb:
ec:cd:9e:65:9a:4e:0d:43:67:e5:f6:db:51:3c:1c:fd:0b:5f:
01:cd:3d:ef:ca:40:7a:a2:d9:ed:46:44:04:6c:7b:ee:9f:2f:
72:08:93:6b:75:7b:0d:a6:c5:c9:2d:bb:c4:f8:21:c4:f3:54:
b4:72:17:4e:d0:ca:42:2b:b8:2a:d3:f8:18:f2:79:93:10:10:
d2:8f:4f:04:91:33:6f:0e:a5:b6:d2:48:95:68:0f:e9:43:f8:
c0:a5:2d:73:81:57:73:2d:92:57:30:f8:91:92:2d:e3:b2:3a:
99:6d:2d:1f:31:70:9a:d1:8d:b1:67:e2:8b:c7:f1:b8:7f:77:
9a:35:b0:93:ba:b9:dd:8a:2b:86:bc:d8:71:86:5e:57:7c:89:
ad:31:33:15:9b:f7:33:d0:2e:d3:4a:ab:e4:fd:9c:59:02:a0:
4d:67:63:ce:0d:90:c0:2b:06:51:41:9b:97:68:cb:56:f2:60:
48:44:7a:53
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQoJkW5JISwwlEZ2eBYJcwkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YWQ2MGRhNTI2NzFlOTA4M2NmMzk4NjRlY2EyYWEyMzI0
MWJlOWUwHhcNMjUwMTAyMTc1MzA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjU5ZTNhZmMzYmVlNGM1MGNjN2Q4YjY4MmY1NWUwZWVjYTQ4ODE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwEjGgF0DBIWwa52inabByTrz1jm7
4y0zB0xevXjV5iS7MWvh0aFoDXQfZ3fjTsOFocuBzG0hIurgCTdN5a1e8TIpVJS7
RmPFFYpk33dx3PEc4JUF4clmW+QoGvl0ZHSTTN3w4PqTIfnDhXm52veao3ZKWRl1
BHbAouoMYnKsNA3BwgZuC86ndm+eoRm8HyA+BD/ywIRzUw0bhbj8FQ7BV1mSn6HV
Rb7VGlOph05gc1SGEr4qI/Xo/fpvvO4Wkn9eelRSFpWjFICPlkg/IIHiG9M2x7ZP
6A9mEo1F5k1YvjGGf9pwTT0xbKlT8PEVTG16Qj0X2vhfkYn9BceauZ49cQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFEJZ46/DvuTFDMfYtoL1Xg7spIgWMB8GA1UdIwQY
MBaAFFitYNpSZx6Qg885hk7KKqIyQb6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDct
MTFiM2NmM2ZkNGUxLzEvUWxuanI4Ty01TVVNeDlpMmd2VmVEdXlraUJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDctMTFiM2NmM2ZkNGUx
LzEvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhO9QDAN
BgkqhkiG9w0BAQsFAAOCAQEAu1644i9g92rCYLIkfYOg4Q5MUA6PwhhOsSv7qDQ2
6YJYDsAYWu98/mYE3PM89V1EF7eDDZD3T665k11RgwUK7EMFp1Rv4Ezr7M2eZZpO
DUNn5fbbUTwc/QtfAc0978pAeqLZ7UZEBGx77p8vcgiTa3V7DabFyS27xPghxPNU
tHIXTtDKQiu4KtP4GPJ5kxAQ0o9PBJEzbw6lttJIlWgP6UP4wKUtc4FXcy2SVzD4
kZIt47I6mW0tHzFwmtGNsWfii8fxuH93mjWwk7q53YorhrzYcYZeV3yJrTEzFZv3
M9Au00qr5P2cWQKgTWdjzg2QwCsGUUGbl2jLVvJgSER6Uw==
-----END CERTIFICATE-----
Generated at Fri Apr 18 10:03:40 2025 by rpki-client