Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/fEZKuNTm36GExvQdquHSyY2zXrg.roa
File: fEZKuNTm36GExvQdquHSyY2zXrg.roa (raw, json)
Hash identifier: qlncCm60tm02QzFgnoRLtRvIzWryGa1agKULZRL9BYk=
Subject key identifier: 7C:46:4A:B8:D4:E6:DF:A1:84:C6:F4:1D:AA:E1:D2:C9:8D:B3:5E:B8
Certificate issuer: /CN=58ad60da52671e9083cf39864eca2aa23241be9e
Certificate serial: 0195D408526746F04C7CE2952E4A7AEE3B13
Authority key identifier: 58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/fEZKuNTm36GExvQdquHSyY2zXrg.roa
Signing time: Wed 26 Mar 2025 19:57:49 +0000
ROA not before: Wed 26 Mar 2025 19:57:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2a0b:8440::/29 maxlen: 29
2a0b:b480::/29 maxlen: 29
2a13:cdc0::/29 maxlen: 29
2a13:d140::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 11 Apr 2025 13:10:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:d4:08:52:67:46:f0:4c:7c:e2:95:2e:4a:7a:ee:3b:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ad60da52671e9083cf39864eca2aa23241be9e
Validity
Not Before: Mar 26 19:57:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7c464ab8d4e6dfa184c6f41daae1d2c98db35eb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:82:16:ea:60:37:77:4f:c5:e0:46:8c:93:4b:
ff:50:15:f9:46:05:cd:47:52:b9:c7:e5:db:6e:2f:
c2:ef:06:65:b3:8b:c9:23:80:8f:47:7a:96:7e:4a:
b6:39:b2:dc:e7:9b:ad:e3:1e:1f:33:20:d8:5e:44:
09:eb:31:48:f7:d0:79:36:fd:a9:1b:40:e8:70:16:
3f:db:de:4f:0f:22:66:2c:50:01:b7:f4:40:68:1c:
69:cf:23:9b:ea:b2:c7:e1:20:ec:42:d5:ac:fa:5d:
0f:b4:d1:28:17:94:04:c3:84:bf:84:25:7b:35:4c:
24:22:e0:d3:1a:c4:26:3b:6a:6f:08:e5:8f:45:52:
8c:bd:9d:10:59:c6:16:97:c7:8c:98:10:f0:bf:f8:
38:17:c0:2b:d4:2f:fc:a0:dd:dd:98:55:6c:a4:48:
64:2e:2c:c5:11:f8:ae:f4:2f:27:da:a3:23:e7:25:
ee:b2:1b:03:0f:f5:85:f2:05:d5:20:c7:ca:54:b5:
a1:0b:e8:9a:c1:27:ea:9e:1d:7c:57:0a:85:6c:8a:
0e:02:9e:56:9e:e4:11:32:c1:97:a8:41:27:f9:47:
47:e1:27:df:f1:eb:28:e3:56:e7:f9:5d:e3:6a:e3:
75:e0:fe:43:74:a7:c5:1c:d4:78:e2:52:4c:f5:e0:
29:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:46:4A:B8:D4:E6:DF:A1:84:C6:F4:1D:AA:E1:D2:C9:8D:B3:5E:B8
X509v3 Authority Key Identifier:
keyid:58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/fEZKuNTm36GExvQdquHSyY2zXrg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:8440::/29
2a0b:b480::/29
2a13:cdc0::/29
2a13:d140::/29
Signature Algorithm: sha256WithRSAEncryption
24:08:a0:5c:e4:7d:e7:65:e2:55:ca:ce:68:ae:92:d3:2f:55:
28:a0:19:2f:51:3d:f3:16:06:60:b1:be:7b:89:d2:89:b2:c3:
5f:46:45:d0:18:4f:84:08:1a:8a:9c:0d:19:74:8f:ab:b4:15:
dd:39:f3:b8:4d:53:2e:b9:b3:89:98:1e:8b:53:40:7e:c2:b4:
3a:04:23:c0:e7:f8:09:b3:8f:25:df:f2:6d:8c:5a:6e:79:6d:
d4:f4:01:8c:3b:3a:14:a5:d6:0f:ef:a9:3b:99:70:d9:b0:7c:
77:a0:95:db:d6:6c:a7:37:e7:84:cc:cd:61:bf:0c:fa:8c:fe:
8f:7f:ed:5b:91:63:35:04:6e:3b:04:78:20:c3:05:0c:e0:7b:
7c:d6:b8:83:55:7b:fb:1f:36:e5:0e:f9:44:04:32:57:68:dd:
5e:eb:25:65:7b:b9:6d:d3:65:ee:1e:1e:d6:60:dc:5a:6a:5f:
5d:70:d5:77:26:2b:ad:67:3c:37:8e:f7:34:06:39:af:a8:ef:
65:96:e1:b0:34:98:63:63:32:1c:38:69:87:c3:f5:d0:de:ba:
0f:1e:67:78:6e:09:9f:13:37:ab:b8:8e:ee:78:a1:1f:24:75:
5b:e5:b7:64:b3:ec:15:7c:6a:25:1c:00:21:3d:57:99:16:bc:
32:e5:0c:a3
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZXUCFJnRvBMfOKVLkp67jsTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YWQ2MGRhNTI2NzFlOTA4M2NmMzk4NjRlY2EyYWEyMzI0
MWJlOWUwHhcNMjUwMzI2MTk1NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzQ2NGFiOGQ0ZTZkZmExODRjNmY0MWRhYWUxZDJjOThkYjM1ZWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzIIW6mA3d0/F4EaMk0v/UBX5RgXN
R1K5x+Xbbi/C7wZls4vJI4CPR3qWfkq2ObLc55ut4x4fMyDYXkQJ6zFI99B5Nv2p
G0DocBY/295PDyJmLFABt/RAaBxpzyOb6rLH4SDsQtWs+l0PtNEoF5QEw4S/hCV7
NUwkIuDTGsQmO2pvCOWPRVKMvZ0QWcYWl8eMmBDwv/g4F8Ar1C/8oN3dmFVspEhk
LizFEfiu9C8n2qMj5yXushsDD/WF8gXVIMfKVLWhC+iawSfqnh18VwqFbIoOAp5W
nuQRMsGXqEEn+UdH4Sff8eso41bn+V3jauN14P5DdKfFHNR44lJM9eApRwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFHxGSrjU5t+hhMb0Harh0smNs164MB8GA1UdIwQY
MBaAFFitYNpSZx6Qg885hk7KKqIyQb6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDct
MTFiM2NmM2ZkNGUxLzEvZkVaS3VOVG0zNkdFeHZRZHF1SFN5WTJ6WHJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDctMTFiM2NmM2ZkNGUx
LzEvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKguEQAMF
AyoLtIADBQMqE83AAwUDKhPRQDANBgkqhkiG9w0BAQsFAAOCAQEAJAigXOR952Xi
VcrOaK6S0y9VKKAZL1E98xYGYLG+e4nSibLDX0ZF0BhPhAgaipwNGXSPq7QV3Tnz
uE1TLrmziZgei1NAfsK0OgQjwOf4CbOPJd/ybYxabnlt1PQBjDs6FKXWD++pO5lw
2bB8d6CV29ZspzfnhMzNYb8M+oz+j3/tW5FjNQRuOwR4IMMFDOB7fNa4g1V7+x82
5Q75RAQyV2jdXuslZXu5bdNl7h4e1mDcWmpfXXDVdyYrrWc8N473NAY5r6jvZZbh
sDSYY2MyHDhph8P10N66Dx5neG4JnxM3q7iO7nihHyR1W+W3ZLPsFXxqJRwAIT1X
mRa8MuUMow==
-----END CERTIFICATE-----
Generated at Sat Apr 12 03:18:12 2025 by rpki-client