Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/eDRVQRoqyHr_cECK-gONpoOeTy4.roa
File: eDRVQRoqyHr_cECK-gONpoOeTy4.roa (raw, json)
Hash identifier: Iw2JqinYhmaLHCTgoJetmX+Sft+1AewRHYjeT5ALMJI=
Subject key identifier: 78:34:55:41:1A:2A:C8:7A:FF:70:40:8A:FA:03:8D:A6:83:9E:4F:2E
Certificate issuer: /CN=58ad60da52671e9083cf39864eca2aa23241be9e
Certificate serial: 01959BE9DE4426FE60DB792400F22559FC3C
Authority key identifier: 58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/eDRVQRoqyHr_cECK-gONpoOeTy4.roa
Signing time: Sat 15 Mar 2025 22:25:49 +0000
ROA not before: Sat 15 Mar 2025 22:25:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212477
IP address blocks: 2a0b:b480::/29 maxlen: 29
2a0f:e3c0::/29 maxlen: 29
2a13:bd40::/29 maxlen: 29
2a13:d1c0::/29 maxlen: 29
2a13:dcc0::/29 maxlen: 29
2a13:dd40::/29 maxlen: 29
Validation: Failed, certificate revoked on Sun 16 Mar 2025 20:09:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:9b:e9:de:44:26:fe:60:db:79:24:00:f2:25:59:fc:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ad60da52671e9083cf39864eca2aa23241be9e
Validity
Not Before: Mar 15 22:25:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=783455411a2ac87aff70408afa038da6839e4f2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:7a:5f:ae:9d:58:4e:14:a6:fd:05:0c:95:56:
b3:3b:05:32:4c:97:93:7f:66:10:6d:20:2c:03:48:
7c:8e:94:10:fb:b8:04:0f:7a:2b:7a:69:22:57:ba:
5c:11:c0:00:16:25:eb:f0:ca:08:af:fd:88:b1:89:
8e:08:c2:31:be:7c:7e:bf:0e:2f:2f:6d:68:9e:99:
bc:2c:65:4d:99:30:5d:13:28:c2:70:1b:77:43:8e:
d5:2d:c6:a8:35:77:b5:8f:83:d8:93:e6:7a:f3:b1:
23:20:8a:62:c7:7e:26:1b:af:2f:84:02:1d:50:88:
e3:7a:f5:32:96:f5:49:43:c7:5d:f7:b6:57:7e:43:
2c:39:f5:93:b3:89:01:62:bc:82:98:63:6a:8a:df:
79:bb:18:8e:97:63:d7:f8:26:cc:ed:e0:65:b8:e2:
d0:8d:5c:09:80:0f:fe:86:8b:ba:44:ad:b6:31:e9:
cc:65:2e:0d:0c:8b:8c:b7:1e:8f:df:fa:9c:b7:9e:
d8:51:58:da:6a:04:5a:a5:b8:0d:86:cf:82:35:6f:
e8:63:68:36:7a:f1:6b:42:69:8b:34:94:ed:e2:a8:
6c:2d:0f:f5:48:a1:6b:af:bd:b7:33:94:5f:37:c9:
43:c0:ba:09:2a:2f:c2:d1:58:77:bf:a6:97:3a:e9:
28:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:34:55:41:1A:2A:C8:7A:FF:70:40:8A:FA:03:8D:A6:83:9E:4F:2E
X509v3 Authority Key Identifier:
keyid:58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/eDRVQRoqyHr_cECK-gONpoOeTy4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:b480::/29
2a0f:e3c0::/29
2a13:bd40::/29
2a13:d1c0::/29
2a13:dcc0::/29
2a13:dd40::/29
Signature Algorithm: sha256WithRSAEncryption
64:1b:d9:92:78:50:a0:63:76:26:ec:8f:a6:25:32:1e:3e:d0:
f2:5e:db:a4:ea:84:6d:ba:38:23:da:72:e2:ca:f8:84:7e:fe:
8d:38:ce:b5:0c:5d:0f:68:a9:a0:fa:89:0a:30:36:ed:59:24:
dd:03:71:31:74:7a:9a:7f:31:b4:e8:79:82:c4:fa:84:03:a3:
fc:cf:59:4c:4f:c8:5c:e2:c7:12:d1:5b:16:41:94:3d:41:16:
3e:2d:2b:41:20:1d:8c:f0:ab:0e:46:3c:22:fe:51:35:50:bf:
36:8f:7c:75:33:3f:74:b1:bc:00:d7:75:1a:a8:73:60:b7:46:
1d:17:cd:4e:2f:b8:89:fa:39:eb:76:02:9a:6e:f2:cf:11:15:
ae:69:4a:8f:76:fa:2d:7c:69:c8:5d:ff:13:ff:77:91:ac:2e:
ba:e4:68:ac:06:90:7d:3a:aa:94:04:6d:eb:eb:8c:3e:2d:7d:
b7:9b:1a:5b:7e:6c:a2:c2:91:51:83:24:93:f3:b4:f9:9a:3c:
8e:3c:99:ce:32:03:f6:6c:dd:1f:e2:fc:b9:b9:eb:fc:69:17:
5e:13:61:c7:c6:6e:d9:1d:80:49:99:a6:f5:e0:bc:1c:f9:53:
72:14:20:ad:50:2a:65:eb:2b:6e:84:4c:67:b6:77:2a:2b:ec:
aa:85:85:82
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZWb6d5EJv5g23kkAPIlWfw8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YWQ2MGRhNTI2NzFlOTA4M2NmMzk4NjRlY2EyYWEyMzI0
MWJlOWUwHhcNMjUwMzE1MjIyNTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODM0NTU0MTFhMmFjODdhZmY3MDQwOGFmYTAzOGRhNjgzOWU0ZjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3pfrp1YThSm/QUMlVazOwUyTJeT
f2YQbSAsA0h8jpQQ+7gED3oremkiV7pcEcAAFiXr8MoIr/2IsYmOCMIxvnx+vw4v
L21onpm8LGVNmTBdEyjCcBt3Q47VLcaoNXe1j4PYk+Z687EjIIpix34mG68vhAId
UIjjevUylvVJQ8dd97ZXfkMsOfWTs4kBYryCmGNqit95uxiOl2PX+CbM7eBluOLQ
jVwJgA/+hou6RK22MenMZS4NDIuMtx6P3/qct57YUVjaagRapbgNhs+CNW/oY2g2
evFrQmmLNJTt4qhsLQ/1SKFrr723M5RfN8lDwLoJKi/C0Vh3v6aXOukocQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFHg0VUEaKsh6/3BAivoDjaaDnk8uMB8GA1UdIwQY
MBaAFFitYNpSZx6Qg885hk7KKqIyQb6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDct
MTFiM2NmM2ZkNGUxLzEvZURSVlFSb3F5SHJfY0VDSy1nT05wb09lVHk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDctMTFiM2NmM2ZkNGUx
LzEvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUDKgu0gAMF
AyoP48ADBQMqE71AAwUDKhPRwAMFAyoT3MADBQMqE91AMA0GCSqGSIb3DQEBCwUA
A4IBAQBkG9mSeFCgY3Ym7I+mJTIePtDyXtuk6oRtujgj2nLiyviEfv6NOM61DF0P
aKmg+okKMDbtWSTdA3ExdHqafzG06HmCxPqEA6P8z1lMT8hc4scS0VsWQZQ9QRY+
LStBIB2M8KsORjwi/lE1UL82j3x1Mz90sbwA13UaqHNgt0YdF81OL7iJ+jnrdgKa
bvLPERWuaUqPdvotfGnIXf8T/3eRrC665GisBpB9OqqUBG3r64w+LX23mxpbfmyi
wpFRgyST87T5mjyOPJnOMgP2bN0f4vy5uev8aRdeE2HHxm7ZHYBJmab14Lwc+VNy
FCCtUCpl6ytuhExntncqK+yqhYWC
-----END CERTIFICATE-----
Generated at Fri Apr 18 09:58:17 2025 by rpki-client