Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/0Wo73aaM9WdGYwPlo9u6gjYr4nc.roa
File: 0Wo73aaM9WdGYwPlo9u6gjYr4nc.roa (raw, json)
Hash identifier: xFPx2G9o7Z/dos+/eyePZaAyIVOxbWv4BFU2HYfmzX0=
Subject key identifier: D1:6A:3B:DD:A6:8C:F5:67:46:63:03:E5:A3:DB:BA:82:36:2B:E2:77
Certificate issuer: /CN=58ad60da52671e9083cf39864eca2aa23241be9e
Certificate serial: 01963599E30B75DFF88B6B3325A8370DE81B
Authority key identifier: 58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/0Wo73aaM9WdGYwPlo9u6gjYr4nc.roa
Signing time: Mon 14 Apr 2025 18:39:59 +0000
ROA not before: Mon 14 Apr 2025 18:39:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215420
IP address blocks: 2a0f:89c0::/29 maxlen: 29
2a10:a9c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Sun 20 Apr 2025 19:28:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:35:99:e3:0b:75:df:f8:8b:6b:33:25:a8:37:0d:e8:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ad60da52671e9083cf39864eca2aa23241be9e
Validity
Not Before: Apr 14 18:39:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d16a3bdda68cf567466303e5a3dbba82362be277
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:52:8a:ca:3e:8e:51:db:2e:ca:f8:b8:03:a5:
3c:0e:79:18:eb:ca:24:ef:ea:47:9a:55:dc:7a:76:
0b:93:c5:61:29:28:0a:60:f6:5c:c2:7a:a3:6d:f9:
8a:44:63:b0:83:ed:48:de:e1:21:cf:94:dd:3b:b7:
1e:e9:52:b5:65:3d:f3:6e:c9:bd:94:da:66:6c:e4:
0a:94:34:5c:c0:10:f8:f1:b5:4c:d2:dd:58:68:78:
e4:99:72:f8:51:32:84:8a:f7:2d:49:f7:34:c8:2c:
f6:6e:97:eb:10:e3:2f:e6:3b:a6:74:1b:b7:9e:a6:
73:9f:e6:c2:8c:8f:a4:b8:34:ee:a8:08:15:78:74:
be:66:4c:3c:42:f7:7c:42:82:c0:95:38:4d:55:7f:
cb:07:85:73:d4:d0:13:c7:ab:4d:d0:c2:9b:96:0d:
db:dc:6b:84:67:34:a1:93:89:b4:5e:26:da:6e:c6:
e8:0e:f6:20:1b:0c:48:86:60:e3:4e:6d:32:74:77:
a8:74:2d:1e:bb:0a:91:79:f1:e4:de:f3:df:a2:d2:
69:85:f3:bb:98:7c:86:59:36:05:65:ec:b8:7d:15:
16:33:26:c4:4c:d8:0b:c2:10:f5:67:30:49:b2:74:
f7:7a:3b:9e:ed:c0:5f:e7:1c:7b:0f:58:47:8b:4e:
07:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:6A:3B:DD:A6:8C:F5:67:46:63:03:E5:A3:DB:BA:82:36:2B:E2:77
X509v3 Authority Key Identifier:
keyid:58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/0Wo73aaM9WdGYwPlo9u6gjYr4nc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:89c0::/29
2a10:a9c0::/29
Signature Algorithm: sha256WithRSAEncryption
a1:d1:8e:f2:19:4f:41:66:90:da:ff:94:45:cb:96:10:11:e9:
a0:88:72:db:98:bd:7b:8c:5e:bb:22:96:23:bd:38:38:3b:79:
ef:2e:92:38:7b:fa:a0:2a:51:46:90:0b:7f:58:aa:ed:d3:24:
16:fe:e3:74:77:1a:ad:4c:70:0d:a3:05:fd:1a:28:dd:bb:87:
ad:c4:ea:4e:9a:fd:07:dd:6b:57:2d:a5:d8:8a:83:aa:a8:ad:
d5:91:c6:b1:6e:40:eb:13:a9:3a:c1:6c:fc:81:41:f7:7e:e1:
49:e3:8d:c0:92:95:cf:4c:95:52:ca:f0:1e:c0:81:5e:5f:bf:
20:a6:65:db:6c:71:5e:7e:cd:5e:6b:22:61:80:87:10:09:89:
85:47:ff:53:f9:f0:ed:86:48:ca:48:00:78:de:df:40:63:d5:
af:02:e5:5a:d6:04:f0:6d:b4:0f:9d:67:3c:23:27:19:8d:d1:
13:3b:e0:fd:63:54:8a:6a:7f:81:d1:cb:37:18:67:04:e8:7a:
95:6e:00:f2:cb:43:08:13:0d:4e:b0:03:9e:c7:b6:86:15:91:
ad:19:e0:e7:cb:bc:77:90:27:75:df:9e:7f:ae:18:a2:f5:d2:
1f:db:8f:fa:0a:f9:71:47:b2:03:dc:4d:c2:5f:de:19:e6:ed:
3f:1b:96:49
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZY1meMLdd/4i2szJag3DegbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YWQ2MGRhNTI2NzFlOTA4M2NmMzk4NjRlY2EyYWEyMzI0
MWJlOWUwHhcNMjUwNDE0MTgzOTU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTZhM2JkZGE2OGNmNTY3NDY2MzAzZTVhM2RiYmE4MjM2MmJlMjc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1KKyj6OUdsuyvi4A6U8DnkY68ok
7+pHmlXcenYLk8VhKSgKYPZcwnqjbfmKRGOwg+1I3uEhz5TdO7ce6VK1ZT3zbsm9
lNpmbOQKlDRcwBD48bVM0t1YaHjkmXL4UTKEivctSfc0yCz2bpfrEOMv5jumdBu3
nqZzn+bCjI+kuDTuqAgVeHS+Zkw8Qvd8QoLAlThNVX/LB4Vz1NATx6tN0MKblg3b
3GuEZzShk4m0XibabsboDvYgGwxIhmDjTm0ydHeodC0euwqRefHk3vPfotJphfO7
mHyGWTYFZey4fRUWMybETNgLwhD1ZzBJsnT3ejue7cBf5xx7D1hHi04HuwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFNFqO92mjPVnRmMD5aPbuoI2K+J3MB8GA1UdIwQY
MBaAFFitYNpSZx6Qg885hk7KKqIyQb6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDct
MTFiM2NmM2ZkNGUxLzEvMFdvNzNhYU05V2RHWXdQbG85dTZnallyNG5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDctMTFiM2NmM2ZkNGUx
LzEvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKg+JwAMF
AyoQqcAwDQYJKoZIhvcNAQELBQADggEBAKHRjvIZT0FmkNr/lEXLlhAR6aCIctuY
vXuMXrsiliO9ODg7ee8ukjh7+qAqUUaQC39Yqu3TJBb+43R3Gq1McA2jBf0aKN27
h63E6k6a/Qfda1ctpdiKg6qordWRxrFuQOsTqTrBbPyBQfd+4UnjjcCSlc9MlVLK
8B7AgV5fvyCmZdtscV5+zV5rImGAhxAJiYVH/1P58O2GSMpIAHje30Bj1a8C5VrW
BPBttA+dZzwjJxmN0RM74P1jVIpqf4HRyzcYZwToepVuAPLLQwgTDU6wA57HtoYV
ka0Z4OfLvHeQJ3Xfnn+uGKL10h/bj/oK+XFHsgPcTcJf3hnm7T8blkk=
-----END CERTIFICATE-----
Generated at Thu May 1 21:18:35 2025 by rpki-client