Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/1-uR1qpEhKaMDTN5MkUDIs4XpLdA.roa
File: 1-uR1qpEhKaMDTN5MkUDIs4XpLdA.roa (raw, json)
Hash identifier: Neo5pakJbZkdVluPmB7w6YITYvlLpJbuXfWbSGXtcsw=
Subject key identifier: FA:E4:75:AA:91:21:29:A3:03:4C:DE:4C:91:40:C8:B3:85:E9:2D:D0
Certificate issuer: /CN=58ad60da52671e9083cf39864eca2aa23241be9e
Certificate serial: 0194117CCC35E82927891C2C1920B6806B0F
Authority key identifier: 58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/1-uR1qpEhKaMDTN5MkUDIs4XpLdA.roa
Signing time: Sun 29 Dec 2024 08:16:18 +0000
ROA not before: Sun 29 Dec 2024 08:16:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207108
IP address blocks: 2a0b:8440::/29 maxlen: 29
2a0b:a4c0::/29 maxlen: 29
2a0f:9bc0::/29 maxlen: 29
2a13:d140::/29 maxlen: 29
Validation: Failed, certificate revoked on Sun 29 Dec 2024 16:50:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:11:7c:cc:35:e8:29:27:89:1c:2c:19:20:b6:80:6b:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ad60da52671e9083cf39864eca2aa23241be9e
Validity
Not Before: Dec 29 08:16:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fae475aa912129a3034cde4c9140c8b385e92dd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:2d:f6:75:75:85:5a:20:0e:e0:51:87:e9:7b:
bf:84:c5:4d:21:50:c7:7f:72:cc:db:49:ea:1a:54:
92:73:f3:04:ab:1f:1f:1b:d1:65:59:5b:8e:f5:10:
da:6d:1b:f9:e9:87:86:2b:e8:ac:ba:90:53:8c:b2:
29:a5:a7:3b:55:e9:f3:30:b2:68:bf:5d:20:70:f5:
04:cd:a3:cc:fd:9a:fc:62:90:ce:cd:0e:93:ec:26:
2d:88:f3:57:5d:7f:83:c5:d0:cd:5c:30:a3:ce:6d:
57:e8:0e:42:a5:16:fa:ce:0f:9b:d4:b6:a2:87:37:
b1:61:a4:7f:2d:48:18:aa:ac:13:8c:5d:9a:2d:f1:
c2:4d:09:b8:82:10:99:d1:b9:dd:48:31:2e:59:e4:
ce:c9:db:38:d1:1d:e0:c0:8e:9f:77:b4:51:fa:c0:
5f:08:ba:0e:3e:60:7c:20:a4:bf:2b:57:89:af:1e:
8a:4e:c4:70:47:b2:5c:7a:55:0e:8c:ab:dd:93:44:
b5:49:63:82:2e:c0:f9:6c:6d:4d:b0:5a:bc:84:41:
e8:78:88:5b:58:45:4e:0d:7d:02:50:99:82:2c:61:
3e:67:c5:59:4a:ee:f4:e7:e3:0c:65:ce:9f:94:39:
0a:bb:0f:0d:32:5c:2a:d4:56:72:5b:94:9e:1b:a3:
eb:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:E4:75:AA:91:21:29:A3:03:4C:DE:4C:91:40:C8:B3:85:E9:2D:D0
X509v3 Authority Key Identifier:
keyid:58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/1-uR1qpEhKaMDTN5MkUDIs4XpLdA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:8440::/29
2a0b:a4c0::/29
2a0f:9bc0::/29
2a13:d140::/29
Signature Algorithm: sha256WithRSAEncryption
29:bc:27:12:d4:fc:72:ec:71:e7:f9:bf:d9:dd:6f:3c:e9:2f:
5c:2f:0f:df:58:21:ad:49:5d:67:c8:8d:6c:da:c2:52:44:9b:
18:56:55:31:78:14:e3:20:8f:83:63:4d:85:cd:64:fb:68:c5:
ba:83:14:28:1c:5c:d1:2d:fc:05:fc:68:c9:9a:d5:e9:f2:10:
b5:4d:bf:7b:3f:be:6b:bf:98:9c:e7:d9:cf:8a:2f:66:82:ed:
f6:5f:07:71:73:e8:e9:85:dd:dd:da:71:45:9e:e9:5f:e0:bb:
fd:b6:4e:91:6f:39:b2:3f:4a:18:da:fb:c4:5a:3b:d9:74:f9:
1f:ed:23:fa:e5:12:e7:5c:22:cf:44:d2:b7:f6:b6:3c:40:51:
2c:a0:c9:3a:b0:1b:c7:4c:1e:db:82:fd:de:78:3a:cc:52:b1:
25:c8:0b:f0:1d:62:56:b4:09:f2:27:60:09:77:bb:ac:dc:6e:
ca:2b:f2:c6:64:7e:06:1e:4d:a6:01:44:ca:5d:d7:72:39:f7:
47:cb:24:bb:10:19:64:52:ce:d8:f7:bc:dd:0f:87:83:43:a4:
8a:4e:41:82:22:d2:f1:68:ad:22:65:fb:4f:55:a6:ce:f1:5b:
b2:7d:5f:c7:63:5c:bd:de:e9:68:ba:af:5a:07:3e:93:65:74:
9f:c1:58:ba
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQRfMw16CkniRwsGSC2gGsPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YWQ2MGRhNTI2NzFlOTA4M2NmMzk4NjRlY2EyYWEyMzI0
MWJlOWUwHhcNMjQxMjI5MDgxNjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWU0NzVhYTkxMjEyOWEzMDM0Y2RlNGM5MTQwYzhiMzg1ZTkyZGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxC32dXWFWiAO4FGH6Xu/hMVNIVDH
f3LM20nqGlSSc/MEqx8fG9FlWVuO9RDabRv56YeGK+isupBTjLIppac7VenzMLJo
v10gcPUEzaPM/Zr8YpDOzQ6T7CYtiPNXXX+DxdDNXDCjzm1X6A5CpRb6zg+b1Lai
hzexYaR/LUgYqqwTjF2aLfHCTQm4ghCZ0bndSDEuWeTOyds40R3gwI6fd7RR+sBf
CLoOPmB8IKS/K1eJrx6KTsRwR7JcelUOjKvdk0S1SWOCLsD5bG1NsFq8hEHoeIhb
WEVODX0CUJmCLGE+Z8VZSu705+MMZc6flDkKuw8NMlwq1FZyW5SeG6PrFwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFPrkdaqRISmjA0zeTJFAyLOF6S3QMB8GA1UdIwQY
MBaAFFitYNpSZx6Qg885hk7KKqIyQb6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDct
MTFiM2NmM2ZkNGUxLzEvMS11UjFxcEVoS2FNRFRONU1rVURJczRYcExkQS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYmMvN2ExOTg4LTI3MzYtNDlkYy1hOTA3LTExYjNjZjNmZDRl
MS8xL1dLMWcybEpuSHBDRHp6bUdUc29xb2pKQnZwNC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA1BggrBgEFBQcBBwEB/wQmMCQwIgQCAAIwHAMFAyoLhEAD
BQMqC6TAAwUDKg+bwAMFAyoT0UAwDQYJKoZIhvcNAQELBQADggEBACm8JxLU/HLs
cef5v9ndbzzpL1wvD99YIa1JXWfIjWzawlJEmxhWVTF4FOMgj4NjTYXNZPtoxbqD
FCgcXNEt/AX8aMma1enyELVNv3s/vmu/mJzn2c+KL2aC7fZfB3Fz6OmF3d3acUWe
6V/gu/22TpFvObI/Shja+8RaO9l0+R/tI/rlEudcIs9E0rf2tjxAUSygyTqwG8dM
HtuC/d54OsxSsSXIC/AdYla0CfInYAl3u6zcbsor8sZkfgYeTaYBRMpd13I590fL
JLsQGWRSztj3vN0Ph4NDpIpOQYIi0vForSJl+09Vps7xW7J9X8djXL3e6Wi6r1oH
PpNldJ/BWLo=
-----END CERTIFICATE-----
Generated at Sun Apr 27 16:05:31 2025 by rpki-client