Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/_3uh-eaN-qpUG0-u3sLnfqM1xLk.roa
File: _3uh-eaN-qpUG0-u3sLnfqM1xLk.roa (raw, json)
Hash identifier: q8TOB69C8B3P6Mvchi7OJjoc/5schWrAgxloR+iULwg=
Subject key identifier: FF:7B:A1:F9:E6:8D:FA:AA:54:1B:4F:AE:DE:C2:E7:7E:A3:35:C4:B9
Certificate issuer: /CN=58ad60da52671e9083cf39864eca2aa23241be9e
Certificate serial: 0196DB0D179A81F082630D3C60381A0CDC50
Authority key identifier: 58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/_3uh-eaN-qpUG0-u3sLnfqM1xLk.roa
Signing time: Fri 16 May 2025 21:43:10 +0000
ROA not before: Fri 16 May 2025 21:43:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2a07:f240::/29 maxlen: 29
2a0b:b480::/29 maxlen: 29
2a10:a9c0::/29 maxlen: 29
2a13:5040::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 21 May 2025 10:54:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:db:0d:17:9a:81:f0:82:63:0d:3c:60:38:1a:0c:dc:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ad60da52671e9083cf39864eca2aa23241be9e
Validity
Not Before: May 16 21:43:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ff7ba1f9e68dfaaa541b4faedec2e77ea335c4b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:c1:e4:7e:a0:f8:c4:eb:99:60:3a:e9:af:44:
5b:7b:94:ac:7d:b5:89:b4:66:16:fc:23:7f:d7:01:
42:46:f6:92:76:7a:2a:e6:b4:52:44:e5:dc:3a:84:
07:30:8a:8b:18:46:45:2b:27:80:45:a7:9c:7a:d9:
ac:21:18:d3:19:97:30:83:b2:2b:dd:a2:c2:aa:a4:
b1:b3:30:0a:51:77:62:9d:f2:5d:bf:c6:39:44:bc:
e1:ec:e1:17:01:06:60:36:2e:b2:b7:86:9f:c9:b4:
82:11:c8:c7:fb:67:e9:74:71:e1:79:e7:15:74:91:
b3:85:47:e7:00:93:24:44:50:f6:a5:82:07:05:88:
c6:1a:21:8c:7a:ba:df:9c:33:d3:8e:6c:88:11:5d:
dc:9d:94:a4:6d:ce:51:92:3f:28:8f:44:9d:75:ef:
5d:50:7d:ff:df:36:0a:cb:59:cb:fd:ba:34:90:c8:
de:3d:38:12:bc:96:37:66:d2:7f:5e:a7:bd:41:37:
cd:57:3d:f4:86:b5:a8:24:87:9b:29:32:b6:51:12:
f0:17:42:d6:f8:c4:f4:ac:9c:0e:a4:ad:59:83:e2:
22:75:f0:08:38:c8:a7:a1:5e:64:45:19:50:18:3f:
98:36:80:8c:5f:65:cc:98:92:82:c2:19:46:d1:b3:
d0:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:7B:A1:F9:E6:8D:FA:AA:54:1B:4F:AE:DE:C2:E7:7E:A3:35:C4:B9
X509v3 Authority Key Identifier:
keyid:58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/_3uh-eaN-qpUG0-u3sLnfqM1xLk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:f240::/29
2a0b:b480::/29
2a10:a9c0::/29
2a13:5040::/29
Signature Algorithm: sha256WithRSAEncryption
ab:61:48:6d:34:aa:70:c3:a8:4b:9e:ca:9b:84:74:c7:da:14:
9b:0e:8f:c3:a9:d3:6e:ad:27:3f:b5:4c:44:2f:28:a8:e7:c3:
a8:a3:88:dc:2d:95:28:c6:bb:32:e2:bb:05:20:45:35:fd:0e:
46:a6:8f:55:29:cf:63:d6:d3:75:d1:64:6e:c4:d8:f6:02:1e:
b4:3d:fb:b9:68:26:11:90:f3:e9:c0:fb:e3:21:f0:61:a7:e5:
21:1b:66:4d:cc:89:24:19:45:16:a7:1f:52:8a:bd:2e:e8:4f:
9d:7e:6f:6e:77:84:b1:4c:e3:d1:35:5d:fa:11:a2:30:90:d0:
c0:0f:2c:64:81:1b:72:34:d6:02:8e:3e:09:32:c9:86:c6:cb:
8b:53:c4:ef:56:11:ea:a3:dc:96:d1:94:2c:cb:88:10:3b:03:
f4:da:2f:e6:03:8a:4c:72:13:1b:9e:8a:ec:b4:88:75:20:35:
1d:07:83:d5:89:b0:7d:18:1d:bf:0a:8e:5e:0a:6a:c7:18:74:
0f:97:37:87:b2:00:e4:7d:f1:ba:ac:fe:2a:fc:fd:9a:11:cc:
32:72:e2:8b:51:31:8e:32:b5:91:c8:1f:ad:17:c7:bb:8e:c7:
14:b7:aa:27:62:fd:b6:83:6d:c5:33:4d:0a:b2:3d:07:f6:ed:
f6:93:65:e1
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZbbDReagfCCYw08YDgaDNxQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YWQ2MGRhNTI2NzFlOTA4M2NmMzk4NjRlY2EyYWEyMzI0
MWJlOWUwHhcNMjUwNTE2MjE0MzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjdiYTFmOWU2OGRmYWFhNTQxYjRmYWVkZWMyZTc3ZWEzMzVjNGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnMHkfqD4xOuZYDrpr0Rbe5SsfbWJ
tGYW/CN/1wFCRvaSdnoq5rRSROXcOoQHMIqLGEZFKyeARaecetmsIRjTGZcwg7Ir
3aLCqqSxszAKUXdinfJdv8Y5RLzh7OEXAQZgNi6yt4afybSCEcjH+2fpdHHheecV
dJGzhUfnAJMkRFD2pYIHBYjGGiGMerrfnDPTjmyIEV3cnZSkbc5Rkj8oj0Sdde9d
UH3/3zYKy1nL/bo0kMjePTgSvJY3ZtJ/Xqe9QTfNVz30hrWoJIebKTK2URLwF0LW
+MT0rJwOpK1Zg+IidfAIOMinoV5kRRlQGD+YNoCMX2XMmJKCwhlG0bPQWQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFP97ofnmjfqqVBtPrt7C536jNcS5MB8GA1UdIwQY
MBaAFFitYNpSZx6Qg885hk7KKqIyQb6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDct
MTFiM2NmM2ZkNGUxLzEvXzN1aC1lYU4tcXBVRzAtdTNzTG5mcU0xeExrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDctMTFiM2NmM2ZkNGUx
LzEvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKgfyQAMF
AyoLtIADBQMqEKnAAwUDKhNQQDANBgkqhkiG9w0BAQsFAAOCAQEAq2FIbTSqcMOo
S57Km4R0x9oUmw6Pw6nTbq0nP7VMRC8oqOfDqKOI3C2VKMa7MuK7BSBFNf0ORqaP
VSnPY9bTddFkbsTY9gIetD37uWgmEZDz6cD74yHwYaflIRtmTcyJJBlFFqcfUoq9
LuhPnX5vbneEsUzj0TVd+hGiMJDQwA8sZIEbcjTWAo4+CTLJhsbLi1PE71YR6qPc
ltGULMuIEDsD9Nov5gOKTHITG56K7LSIdSA1HQeD1YmwfRgdvwqOXgpqxxh0D5c3
h7IA5H3xuqz+Kvz9mhHMMnLii1ExjjK1kcgfrRfHu47HFLeqJ2L9toNtxTNNCrI9
B/bt9pNl4Q==
-----END CERTIFICATE-----
Generated at Fri Jun 6 19:29:51 2025 by rpki-client