Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/gsxu3l2qdBzAIhu5xW120yYzPpY.roa
File: gsxu3l2qdBzAIhu5xW120yYzPpY.roa (raw, json)
Hash identifier: MGukaGNcQpC+dz/asGQwK9W+/NFLa9+dv788b7iWHrA=
Subject key identifier: 82:CC:6E:DE:5D:AA:74:1C:C0:22:1B:B9:C5:6D:76:D3:26:33:3E:96
Certificate issuer: /CN=58ad60da52671e9083cf39864eca2aa23241be9e
Certificate serial: 019720B49638A4CE4E310EF63BAA1EF24766
Authority key identifier: 58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/gsxu3l2qdBzAIhu5xW120yYzPpY.roa
Signing time: Fri 30 May 2025 10:19:55 +0000
ROA not before: Fri 30 May 2025 10:19:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215420
IP address blocks: 2a13:d140::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 06 Jun 2025 13:04:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:20:b4:96:38:a4:ce:4e:31:0e:f6:3b:aa:1e:f2:47:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ad60da52671e9083cf39864eca2aa23241be9e
Validity
Not Before: May 30 10:19:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=82cc6ede5daa741cc0221bb9c56d76d326333e96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:95:8f:15:78:cd:48:67:b3:24:1b:ff:4e:55:
f9:90:89:59:4c:97:68:8c:93:63:15:9e:c0:33:55:
db:af:17:db:42:a6:94:98:46:46:f6:70:27:0d:e0:
ad:37:ec:7a:66:77:0d:ae:74:9f:e0:d1:c5:ac:00:
ed:3f:f9:05:da:76:c9:aa:ee:e2:c7:67:da:fe:be:
0e:1d:f1:a5:65:5d:55:a7:5e:cd:0d:9e:46:a7:0b:
30:3f:74:09:bb:95:94:b5:40:16:6e:f7:65:78:3c:
8c:af:7a:5d:80:cd:c5:41:ed:e2:ee:73:88:90:03:
c3:63:da:2c:2e:24:d2:dd:ae:bb:41:64:63:43:14:
a5:10:3d:53:74:65:35:ca:ec:c6:3d:1e:29:56:f3:
54:89:f1:bc:fd:fa:78:41:f5:23:6f:ad:dd:53:b0:
6d:57:af:46:fe:77:27:f7:1c:b3:91:70:a7:11:de:
30:4e:21:9f:7a:b7:15:f2:ea:47:b4:a1:73:6d:d0:
3c:4b:a4:88:63:ae:3d:92:e8:25:ef:08:47:36:74:
5f:4d:b7:ab:6d:05:63:77:2a:0b:25:e5:c9:ca:1c:
aa:28:95:41:71:85:fa:96:74:53:eb:d9:35:2c:14:
f6:d4:32:10:06:e0:07:1c:66:56:e8:ae:5f:7b:fa:
85:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:CC:6E:DE:5D:AA:74:1C:C0:22:1B:B9:C5:6D:76:D3:26:33:3E:96
X509v3 Authority Key Identifier:
keyid:58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/gsxu3l2qdBzAIhu5xW120yYzPpY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:d140::/29
Signature Algorithm: sha256WithRSAEncryption
9a:bc:99:b4:d6:54:8c:03:bc:8d:34:7d:af:7b:6c:c4:57:9c:
1a:71:3d:6b:27:75:ac:d8:4e:a3:ab:54:76:e6:ac:8a:16:8a:
f9:5c:25:a9:40:81:4e:12:86:49:a7:c1:ab:dd:b3:ed:15:08:
2b:b5:9c:9f:fe:c5:0d:25:0e:26:06:9c:27:27:7d:53:a5:b9:
a3:2e:f0:fe:74:66:84:6f:4e:28:cf:0e:b1:24:41:d5:0a:3f:
d0:34:24:1a:36:24:17:0f:be:39:f8:82:5f:c1:cf:a3:ce:3f:
da:22:eb:93:7b:dd:1b:cc:9b:d0:8b:df:11:34:3a:65:dd:59:
95:37:04:15:ff:f2:6e:cb:06:8d:a9:00:10:50:35:e9:f8:80:
33:55:ac:f6:1c:6b:13:ac:e9:fa:e9:4b:d5:24:b3:a9:1d:1e:
f0:60:a3:ae:41:86:50:51:5a:ec:56:5d:7e:e4:94:93:15:7b:
89:b9:33:ea:6b:b1:9a:72:09:64:1f:66:9e:f0:82:cc:6a:c7:
42:bb:3d:d5:8f:95:af:e3:aa:88:34:54:32:71:64:f8:67:4d:
18:95:b9:e3:60:28:c3:70:be:9a:86:c7:8e:80:ae:15:60:96:
25:50:df:fb:45:be:fc:05:03:ed:be:b0:16:b2:28:1c:28:b9:
74:a4:42:fc
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZcgtJY4pM5OMQ72O6oe8kdmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YWQ2MGRhNTI2NzFlOTA4M2NmMzk4NjRlY2EyYWEyMzI0
MWJlOWUwHhcNMjUwNTMwMTAxOTU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmNjNmVkZTVkYWE3NDFjYzAyMjFiYjljNTZkNzZkMzI2MzMzZTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsZWPFXjNSGezJBv/TlX5kIlZTJdo
jJNjFZ7AM1XbrxfbQqaUmEZG9nAnDeCtN+x6ZncNrnSf4NHFrADtP/kF2nbJqu7i
x2fa/r4OHfGlZV1Vp17NDZ5GpwswP3QJu5WUtUAWbvdleDyMr3pdgM3FQe3i7nOI
kAPDY9osLiTS3a67QWRjQxSlED1TdGU1yuzGPR4pVvNUifG8/fp4QfUjb63dU7Bt
V69G/ncn9xyzkXCnEd4wTiGfercV8upHtKFzbdA8S6SIY649kugl7whHNnRfTber
bQVjdyoLJeXJyhyqKJVBcYX6lnRT69k1LBT21DIQBuAHHGZW6K5fe/qFKwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFILMbt5dqnQcwCIbucVtdtMmMz6WMB8GA1UdIwQY
MBaAFFitYNpSZx6Qg885hk7KKqIyQb6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDct
MTFiM2NmM2ZkNGUxLzEvZ3N4dTNsMnFkQnpBSWh1NXhXMTIweVl6UHBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDctMTFiM2NmM2ZkNGUx
LzEvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhPRQDAN
BgkqhkiG9w0BAQsFAAOCAQEAmryZtNZUjAO8jTR9r3tsxFecGnE9ayd1rNhOo6tU
duasihaK+VwlqUCBThKGSafBq92z7RUIK7Wcn/7FDSUOJgacJyd9U6W5oy7w/nRm
hG9OKM8OsSRB1Qo/0DQkGjYkFw++OfiCX8HPo84/2iLrk3vdG8yb0IvfETQ6Zd1Z
lTcEFf/ybssGjakAEFA16fiAM1Ws9hxrE6zp+ulL1SSzqR0e8GCjrkGGUFFa7FZd
fuSUkxV7ibkz6muxmnIJZB9mnvCCzGrHQrs91Y+Vr+OqiDRUMnFk+GdNGJW542Ao
w3C+mobHjoCuFWCWJVDf+0W+/AUD7b6wFrIoHCi5dKRC/A==
-----END CERTIFICATE-----
Generated at Sun Jun 8 23:29:04 2025 by rpki-client