Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/i1TqmkooEn99PhnPk5l0JoAcoR4.roa
File: i1TqmkooEn99PhnPk5l0JoAcoR4.roa (raw, json)
Hash identifier: Vp0SS48w2gFUnP6UqaL2Mdjsv0DUejXmmazRVOKDWBs=
Subject key identifier: 8B:54:EA:9A:4A:28:12:7F:7D:3E:19:CF:93:99:74:26:80:1C:A1:1E
Certificate issuer: /CN=58ad60da52671e9083cf39864eca2aa23241be9e
Certificate serial: 0196F27B60B61BFDD0A5E9FDC5AFFD1E68C7
Authority key identifier: 58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/i1TqmkooEn99PhnPk5l0JoAcoR4.roa
Signing time: Wed 21 May 2025 10:54:53 +0000
ROA not before: Wed 21 May 2025 10:54:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2a07:f240::/29 maxlen: 29
2a0b:b480::/29 maxlen: 29
2a10:a9c0::/29 maxlen: 29
2a13:5040::/29 maxlen: 29
2a13:bec0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 21 May 2025 19:46:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f2:7b:60:b6:1b:fd:d0:a5:e9:fd:c5:af:fd:1e:68:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ad60da52671e9083cf39864eca2aa23241be9e
Validity
Not Before: May 21 10:54:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8b54ea9a4a28127f7d3e19cf93997426801ca11e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:14:74:14:b5:49:80:37:94:ba:68:1d:b9:21:
69:9e:5c:5d:0e:3e:05:f7:9f:50:f3:f5:00:5e:8b:
80:d5:f1:56:d0:2d:75:ce:f6:36:f0:b4:7f:c3:58:
33:11:42:ec:d8:96:6c:51:67:da:57:f2:60:16:5b:
01:cc:81:91:27:93:21:90:5c:e1:77:ed:98:ae:c5:
5c:6a:ed:8d:56:6b:0b:f9:37:fc:66:79:23:80:10:
4e:dd:fa:38:9c:6b:64:7b:9f:59:65:55:1f:42:86:
9f:60:1e:ea:f8:8f:05:a9:69:b3:01:76:cb:8a:4b:
1f:75:2c:33:7d:5f:56:7f:36:c1:b9:8a:df:96:d1:
5d:ae:0b:97:58:e8:1b:10:43:07:aa:f1:c1:8f:08:
ce:17:a6:ea:26:49:b9:b8:26:79:48:99:38:2a:81:
ac:b7:d5:56:8c:21:d5:a6:0b:e9:b9:81:7a:96:2a:
81:54:20:3a:21:69:7b:ca:0f:30:64:6f:71:9d:d6:
29:f6:38:2f:6f:38:73:45:f8:15:0c:1b:5a:f2:da:
cb:26:a1:7e:26:e4:b9:a8:be:bb:57:bb:41:d8:98:
eb:ae:61:bf:74:bf:d1:de:cc:d5:fb:28:1a:4e:1e:
d1:22:79:c7:05:ea:5a:3b:29:28:29:05:10:91:e5:
b3:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:54:EA:9A:4A:28:12:7F:7D:3E:19:CF:93:99:74:26:80:1C:A1:1E
X509v3 Authority Key Identifier:
keyid:58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/i1TqmkooEn99PhnPk5l0JoAcoR4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:f240::/29
2a0b:b480::/29
2a10:a9c0::/29
2a13:5040::/29
2a13:bec0::/29
Signature Algorithm: sha256WithRSAEncryption
18:bc:27:4f:ae:44:ac:c8:d7:6c:fa:21:ff:a2:ed:c8:83:bd:
c5:62:a3:8f:32:8c:e1:57:eb:8b:fb:eb:b0:da:c1:ee:1a:15:
d2:d9:e5:35:38:fd:2c:48:9b:67:ab:e9:07:96:14:e0:0d:0e:
8a:39:c4:10:37:08:05:05:57:bc:e4:f5:3d:ac:35:c6:43:c6:
33:ed:8a:ea:2b:b3:af:07:61:b7:38:d8:74:f3:02:43:04:f4:
16:23:ab:b2:ad:c6:ea:14:85:9a:0b:ba:35:e1:d9:d9:c3:aa:
39:7b:f7:72:40:f3:45:af:0d:24:ca:b5:a0:fc:86:4b:9f:38:
9f:4f:bc:14:2e:dd:20:0f:63:9f:ef:bf:ca:3a:97:7c:bb:1c:
d3:2d:f4:13:88:6a:2c:b6:0a:ef:7a:23:30:8d:fc:19:ee:a3:
e1:de:10:ca:8e:18:b8:98:1c:20:f2:5f:22:2f:3d:37:77:91:
07:9a:2c:d8:0a:d8:19:f6:c7:bf:75:0b:16:19:b4:53:18:39:
cf:c9:ab:f3:d2:77:aa:99:db:ff:5f:23:ec:cb:80:77:d8:19:
ac:0e:03:cb:00:e4:39:1e:7f:2c:09:51:5c:fa:14:35:c2:5b:
1d:db:a5:07:64:a7:bf:bb:72:8c:02:27:70:e1:0d:0e:6c:38:
42:11:cd:90
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZbye2C2G/3Qpen9xa/9HmjHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YWQ2MGRhNTI2NzFlOTA4M2NmMzk4NjRlY2EyYWEyMzI0
MWJlOWUwHhcNMjUwNTIxMTA1NDUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjU0ZWE5YTRhMjgxMjdmN2QzZTE5Y2Y5Mzk5NzQyNjgwMWNhMTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmxR0FLVJgDeUumgduSFpnlxdDj4F
959Q8/UAXouA1fFW0C11zvY28LR/w1gzEULs2JZsUWfaV/JgFlsBzIGRJ5MhkFzh
d+2YrsVcau2NVmsL+Tf8ZnkjgBBO3fo4nGtke59ZZVUfQoafYB7q+I8FqWmzAXbL
iksfdSwzfV9WfzbBuYrfltFdrguXWOgbEEMHqvHBjwjOF6bqJkm5uCZ5SJk4KoGs
t9VWjCHVpgvpuYF6liqBVCA6IWl7yg8wZG9xndYp9jgvbzhzRfgVDBta8trLJqF+
JuS5qL67V7tB2JjrrmG/dL/R3szV+ygaTh7RInnHBepaOykoKQUQkeWzdwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFItU6ppKKBJ/fT4Zz5OZdCaAHKEeMB8GA1UdIwQY
MBaAFFitYNpSZx6Qg885hk7KKqIyQb6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDct
MTFiM2NmM2ZkNGUxLzEvaTFUcW1rb29Fbjk5UGhuUGs1bDBKb0Fjb1I0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDctMTFiM2NmM2ZkNGUx
LzEvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUDKgfyQAMF
AyoLtIADBQMqEKnAAwUDKhNQQAMFAyoTvsAwDQYJKoZIhvcNAQELBQADggEBABi8
J0+uRKzI12z6If+i7ciDvcVio48yjOFX64v767Dawe4aFdLZ5TU4/SxIm2er6QeW
FOANDoo5xBA3CAUFV7zk9T2sNcZDxjPtiuors68HYbc42HTzAkME9BYjq7KtxuoU
hZoLujXh2dnDqjl793JA80WvDSTKtaD8hkufOJ9PvBQu3SAPY5/vv8o6l3y7HNMt
9BOIaiy2Cu96IzCN/Bnuo+HeEMqOGLiYHCDyXyIvPTd3kQeaLNgK2Bn2x791CxYZ
tFMYOc/Jq/PSd6qZ2/9fI+zLgHfYGawOA8sA5DkefywJUVz6FDXCWx3bpQdkp7+7
cowCJ3DhDQ5sOEIRzZA=
-----END CERTIFICATE-----
Generated at Sun Jun 8 23:46:29 2025 by rpki-client