Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/pwjDvNnMeJsnpD1J11slIPAGJs8.roa
File: pwjDvNnMeJsnpD1J11slIPAGJs8.roa (raw, json)
Hash identifier: rKcZtUCTfDy3i7XFrBn16BeDcq0SY+naPubfDYfVfmQ=
Subject key identifier: A7:08:C3:BC:D9:CC:78:9B:27:A4:3D:49:D7:5B:25:20:F0:06:26:CF
Certificate issuer: /CN=58ad60da52671e9083cf39864eca2aa23241be9e
Certificate serial: 01940DA1DBD4179353B46CEC71A3F29641EA
Authority key identifier: 58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/pwjDvNnMeJsnpD1J11slIPAGJs8.roa
Signing time: Sat 28 Dec 2024 14:18:18 +0000
ROA not before: Sat 28 Dec 2024 14:18:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207108
IP address blocks: 2a0b:8440::/29 maxlen: 29
2a0b:a4c0::/29 maxlen: 29
2a0f:9bc0::/29 maxlen: 29
2a13:cdc0::/29 maxlen: 29
2a13:d140::/29 maxlen: 29
2a13:dd40::/29 maxlen: 29
Validation: Failed, certificate revoked on Sun 29 Dec 2024 08:16:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:0d:a1:db:d4:17:93:53:b4:6c:ec:71:a3:f2:96:41:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ad60da52671e9083cf39864eca2aa23241be9e
Validity
Not Before: Dec 28 14:18:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a708c3bcd9cc789b27a43d49d75b2520f00626cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:e6:02:56:0c:1e:98:b0:7e:8f:61:d1:c5:83:
d0:e6:71:1f:b1:0f:d7:e2:2d:67:27:37:69:9b:35:
e6:85:88:03:ea:4e:d6:b1:37:3a:38:42:e2:c3:8d:
c9:76:dc:1f:a0:5d:47:af:28:60:1a:ff:a8:e3:49:
b3:11:d1:41:79:d1:dd:e9:40:3c:80:ef:42:c7:f4:
65:9b:b3:8e:1b:6e:26:3a:5a:f2:1a:75:1d:21:85:
dc:70:a0:20:97:23:81:29:f4:0f:5f:b5:83:fe:01:
b1:73:1a:67:c9:a9:55:23:a4:b0:0b:e6:0a:71:61:
cc:7b:2c:ba:d5:b6:19:fb:e8:e2:52:23:0a:bc:0c:
ab:84:bd:30:1d:82:32:90:5b:43:3f:04:45:04:e4:
46:a9:7e:c0:52:a3:ee:0d:ad:91:46:57:ec:89:69:
28:f2:0d:a7:ac:2d:23:7d:f0:bb:d6:75:9d:9a:a9:
72:d3:03:a4:04:68:77:fe:c6:3a:a2:a0:9c:53:5a:
b4:2e:99:ee:2b:08:41:ee:9a:0f:89:bb:07:47:d4:
c2:68:5c:9c:44:59:70:c4:e0:3c:ea:bc:91:48:8b:
aa:2e:b8:58:da:41:be:8f:27:b3:49:bd:bd:b1:85:
3c:ce:88:0f:22:4c:ab:9d:9a:a7:d3:f6:5a:e3:fd:
4f:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:08:C3:BC:D9:CC:78:9B:27:A4:3D:49:D7:5B:25:20:F0:06:26:CF
X509v3 Authority Key Identifier:
keyid:58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/pwjDvNnMeJsnpD1J11slIPAGJs8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:8440::/29
2a0b:a4c0::/29
2a0f:9bc0::/29
2a13:cdc0::/29
2a13:d140::/29
2a13:dd40::/29
Signature Algorithm: sha256WithRSAEncryption
21:34:b8:88:af:f2:7b:6f:d7:6f:b8:83:2b:75:5d:ac:40:0c:
1c:ae:78:61:ff:31:10:45:81:3c:42:cf:9b:b3:77:dc:8c:82:
3b:84:47:b0:47:e8:89:c8:fc:93:85:71:13:78:0a:68:c9:1c:
59:82:aa:68:db:b9:ad:d8:bb:18:cb:62:aa:e8:63:d2:ee:ea:
02:36:a5:04:05:0b:89:28:ff:10:ef:20:a5:a8:bd:eb:bc:d5:
74:65:6a:09:8e:85:ab:18:5e:df:32:c9:36:9b:c9:7a:9f:57:
1e:25:e9:ed:1b:77:01:fc:04:b3:73:f0:fb:29:9c:00:73:c0:
62:91:e3:9b:49:61:e1:ad:4c:eb:db:3c:04:be:ca:65:cd:b7:
f0:07:c9:1d:26:86:96:00:ac:15:f3:cb:b5:41:1d:1a:a9:9a:
01:ff:d2:74:89:f4:80:d4:02:c2:71:c7:0b:49:04:b8:93:c4:
da:c6:c9:81:2b:a5:2f:4c:55:17:3d:89:90:d3:a0:02:9c:c3:
61:38:c3:88:05:c8:16:62:e5:10:6b:01:e4:19:5b:af:44:c2:
f5:d1:3e:04:c9:d0:60:dd:03:0c:ae:58:19:12:c0:aa:77:d1:
8c:34:fe:eb:33:f6:cf:4b:1c:e2:74:08:9d:e0:e6:f9:b9:c1:
1f:47:a0:8f
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQNodvUF5NTtGzscaPylkHqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YWQ2MGRhNTI2NzFlOTA4M2NmMzk4NjRlY2EyYWEyMzI0
MWJlOWUwHhcNMjQxMjI4MTQxODE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzA4YzNiY2Q5Y2M3ODliMjdhNDNkNDlkNzViMjUyMGYwMDYyNmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzOYCVgwemLB+j2HRxYPQ5nEfsQ/X
4i1nJzdpmzXmhYgD6k7WsTc6OELiw43JdtwfoF1HryhgGv+o40mzEdFBedHd6UA8
gO9Cx/Rlm7OOG24mOlryGnUdIYXccKAglyOBKfQPX7WD/gGxcxpnyalVI6SwC+YK
cWHMeyy61bYZ++jiUiMKvAyrhL0wHYIykFtDPwRFBORGqX7AUqPuDa2RRlfsiWko
8g2nrC0jffC71nWdmqly0wOkBGh3/sY6oqCcU1q0LpnuKwhB7poPibsHR9TCaFyc
RFlwxOA86ryRSIuqLrhY2kG+jyezSb29sYU8zogPIkyrnZqn0/Za4/1PNQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFKcIw7zZzHibJ6Q9SddbJSDwBibPMB8GA1UdIwQY
MBaAFFitYNpSZx6Qg885hk7KKqIyQb6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDct
MTFiM2NmM2ZkNGUxLzEvcHdqRHZObk1lSnNucEQxSjExc2xJUEFHSnM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDctMTFiM2NmM2ZkNGUx
LzEvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUDKguEQAMF
AyoLpMADBQMqD5vAAwUDKhPNwAMFAyoT0UADBQMqE91AMA0GCSqGSIb3DQEBCwUA
A4IBAQAhNLiIr/J7b9dvuIMrdV2sQAwcrnhh/zEQRYE8Qs+bs3fcjII7hEewR+iJ
yPyThXETeApoyRxZgqpo27mt2LsYy2Kq6GPS7uoCNqUEBQuJKP8Q7yClqL3rvNV0
ZWoJjoWrGF7fMsk2m8l6n1ceJentG3cB/ASzc/D7KZwAc8BikeObSWHhrUzr2zwE
vsplzbfwB8kdJoaWAKwV88u1QR0aqZoB/9J0ifSA1ALCcccLSQS4k8TaxsmBK6Uv
TFUXPYmQ06ACnMNhOMOIBcgWYuUQawHkGVuvRML10T4EydBg3QMMrlgZEsCqd9GM
NP7rM/bPSxzidAid4Ob5ucEfR6CP
-----END CERTIFICATE-----
Generated at Fri Apr 18 09:50:47 2025 by rpki-client