Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/5OjGNGegl9uHQ_ZB7t_v1RwRHIc.roa
File: 5OjGNGegl9uHQ_ZB7t_v1RwRHIc.roa (raw, json)
Hash identifier: HPfmElA9CMJ4CBap6VrjUxTdnDBR6Y07u2ErcQ9JdQc=
Subject key identifier: E4:E8:C6:34:67:A0:97:DB:87:43:F6:41:EE:DF:EF:D5:1C:11:1C:87
Certificate issuer: /CN=58ad60da52671e9083cf39864eca2aa23241be9e
Certificate serial: 01959AD734F3BF55FCA3807AB7F674DC114E
Authority key identifier: 58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/5OjGNGegl9uHQ_ZB7t_v1RwRHIc.roa
Signing time: Sat 15 Mar 2025 17:25:49 +0000
ROA not before: Sat 15 Mar 2025 17:25:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2a07:f240::/29 maxlen: 29
2a0f:e3c0::/29 maxlen: 29
2a13:dcc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 15 Mar 2025 22:21:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:9a:d7:34:f3:bf:55:fc:a3:80:7a:b7:f6:74:dc:11:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ad60da52671e9083cf39864eca2aa23241be9e
Validity
Not Before: Mar 15 17:25:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e4e8c63467a097db8743f641eedfefd51c111c87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:71:c2:ce:a2:2b:cd:0d:0f:28:96:35:a0:ec:
b0:2e:c8:8a:ab:4e:73:35:0a:8a:b9:d7:e1:44:67:
a9:9e:c0:23:74:b0:61:9f:ae:e3:cb:ee:26:4d:5f:
cb:ca:3c:c1:6c:0a:c3:96:1a:d5:bc:a7:04:b3:b9:
24:1d:46:a5:ae:52:45:1a:df:4d:6b:76:7a:59:33:
f8:f0:1e:df:af:1c:84:1f:c1:2d:a6:1f:d6:71:a2:
60:ff:8d:ec:23:78:4d:c1:fe:a4:1d:2e:ce:b0:91:
0c:b4:b7:9b:f5:03:60:df:fa:83:49:77:87:b3:1c:
38:e7:ca:1f:68:71:32:5e:84:63:ee:04:6b:ff:fb:
d5:30:16:aa:57:e8:19:f0:88:50:d9:e3:15:09:78:
8e:70:ac:e0:bd:cc:58:3a:4a:89:11:68:8d:32:2a:
f7:f2:67:90:96:69:55:c0:a8:b6:33:c3:03:38:01:
6b:20:8d:36:90:ef:0a:d7:54:68:93:f7:85:09:10:
79:ca:45:12:ae:5b:03:84:82:7e:37:b9:89:49:13:
fc:c9:ae:31:a1:c5:6f:ba:6b:c3:4e:a2:e9:4f:6d:
aa:06:26:27:6c:40:b3:a5:f1:41:19:44:3b:77:87:
c7:e1:20:1e:f9:6e:f2:41:c4:99:3c:7e:5c:bc:8b:
44:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:E8:C6:34:67:A0:97:DB:87:43:F6:41:EE:DF:EF:D5:1C:11:1C:87
X509v3 Authority Key Identifier:
keyid:58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/5OjGNGegl9uHQ_ZB7t_v1RwRHIc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:f240::/29
2a0f:e3c0::/29
2a13:dcc0::/29
Signature Algorithm: sha256WithRSAEncryption
0e:c9:37:d3:94:3e:8b:c2:ce:a7:a9:1e:47:9d:d1:f5:cb:1f:
e2:f9:36:f6:be:e8:3c:6d:54:e8:17:24:83:1d:56:16:8d:b4:
8e:21:b1:54:d3:7d:1d:35:6f:38:45:d6:11:c6:27:e4:b6:c9:
5d:31:59:48:f6:85:ba:ce:d3:36:86:75:95:61:88:6a:30:57:
ff:86:5c:bc:dd:ad:8b:90:d8:72:d5:b7:c8:75:82:66:df:ab:
73:3e:0f:7d:20:e3:2b:78:e0:39:4f:2d:19:a7:d4:f1:87:2c:
e3:21:2f:3b:6f:16:84:6b:f5:0a:48:71:aa:c1:e5:12:b9:1a:
2f:25:22:5f:81:b9:eb:f0:55:a7:ea:fe:6d:eb:d4:67:00:b0:
34:e5:e5:2c:ff:81:11:d2:a7:2f:b9:cc:ce:0a:cd:a7:29:13:
c8:6e:04:bf:6f:f8:9c:37:1c:ce:bb:31:c4:f4:cf:1c:9d:79:
a8:54:67:79:57:64:72:f5:3c:60:ea:68:a0:98:57:6e:98:0e:
ff:c1:80:24:86:84:25:62:58:44:c9:c0:3f:dd:6f:c6:b4:4f:
cd:03:82:62:96:dc:ab:f5:5c:a9:47:ee:fd:2e:4a:c0:33:9a:
b1:56:8c:fb:b4:a7:a3:0c:6f:cf:65:3d:32:60:17:7e:03:18:
a6:d7:46:a9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZWa1zTzv1X8o4B6t/Z03BFOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YWQ2MGRhNTI2NzFlOTA4M2NmMzk4NjRlY2EyYWEyMzI0
MWJlOWUwHhcNMjUwMzE1MTcyNTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGU4YzYzNDY3YTA5N2RiODc0M2Y2NDFlZWRmZWZkNTFjMTExYzg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1HHCzqIrzQ0PKJY1oOywLsiKq05z
NQqKudfhRGepnsAjdLBhn67jy+4mTV/LyjzBbArDlhrVvKcEs7kkHUalrlJFGt9N
a3Z6WTP48B7frxyEH8Etph/WcaJg/43sI3hNwf6kHS7OsJEMtLeb9QNg3/qDSXeH
sxw458ofaHEyXoRj7gRr//vVMBaqV+gZ8IhQ2eMVCXiOcKzgvcxYOkqJEWiNMir3
8meQlmlVwKi2M8MDOAFrII02kO8K11Rok/eFCRB5ykUSrlsDhIJ+N7mJSRP8ya4x
ocVvumvDTqLpT22qBiYnbECzpfFBGUQ7d4fH4SAe+W7yQcSZPH5cvItEMQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOToxjRnoJfbh0P2Qe7f79UcERyHMB8GA1UdIwQY
MBaAFFitYNpSZx6Qg885hk7KKqIyQb6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDct
MTFiM2NmM2ZkNGUxLzEvNU9qR05HZWdsOXVIUV9aQjd0X3YxUndSSEljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDctMTFiM2NmM2ZkNGUx
LzEvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKgfyQAMF
AyoP48ADBQMqE9zAMA0GCSqGSIb3DQEBCwUAA4IBAQAOyTfTlD6Lws6nqR5HndH1
yx/i+Tb2vug8bVToFySDHVYWjbSOIbFU030dNW84RdYRxifktsldMVlI9oW6ztM2
hnWVYYhqMFf/hly83a2LkNhy1bfIdYJm36tzPg99IOMreOA5Ty0Zp9TxhyzjIS87
bxaEa/UKSHGqweUSuRovJSJfgbnr8FWn6v5t69RnALA05eUs/4ER0qcvuczOCs2n
KRPIbgS/b/icNxzOuzHE9M8cnXmoVGd5V2Ry9Txg6migmFdumA7/wYAkhoQlYlhE
ycA/3W/GtE/NA4Jiltyr9VypR+79LkrAM5qxVoz7tKejDG/PZT0yYBd+Axim10ap
-----END CERTIFICATE-----
Generated at Sun Apr 27 17:58:21 2025 by rpki-client