Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/oxO4czqI1ka7s9tQxn3TyWuroJc.roa
File: oxO4czqI1ka7s9tQxn3TyWuroJc.roa (raw, json)
Hash identifier: 6mRGKLqlN+TDRg/QobXfHBZWGe6z9ejdQPcrhBVUhZo=
Subject key identifier: A3:13:B8:73:3A:88:D6:46:BB:B3:DB:50:C6:7D:D3:C9:6B:AB:A0:97
Certificate issuer: /CN=58ad60da52671e9083cf39864eca2aa23241be9e
Certificate serial: 0197510EDC70C2EC72CC7A809B24F911C016
Authority key identifier: 58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/oxO4czqI1ka7s9tQxn3TyWuroJc.roa
Signing time: Sun 08 Jun 2025 19:40:17 +0000
ROA not before: Sun 08 Jun 2025 19:40:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215127
IP address blocks: 2a13:cdc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 16 Jun 2025 10:06:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:51:0e:dc:70:c2:ec:72:cc:7a:80:9b:24:f9:11:c0:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ad60da52671e9083cf39864eca2aa23241be9e
Validity
Not Before: Jun 8 19:40:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a313b8733a88d646bbb3db50c67dd3c96baba097
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:69:4e:f0:2a:ee:25:ff:7b:57:f3:46:25:53:
33:ec:78:7a:10:da:49:7c:5f:bf:9c:ce:36:f2:4f:
0e:43:ef:63:7d:a9:ba:8c:04:a2:8b:48:88:b3:cc:
46:7e:8c:b4:8b:55:a5:1d:0a:c0:30:38:d0:c4:10:
3d:bf:f5:6f:d1:ce:dc:9d:63:5a:34:c7:45:9b:2a:
33:74:10:23:9a:6e:9d:1f:67:fc:0f:c9:d3:b8:b6:
8c:95:64:15:ba:b3:2c:e1:47:94:c2:f0:5f:4d:24:
69:33:18:89:37:c8:03:ca:a3:b6:78:25:ca:49:44:
8a:07:cd:9e:b2:c9:d0:f6:1a:1c:23:c6:b9:e7:c3:
e7:22:f5:e4:8f:a2:fe:69:32:af:0d:5c:0b:e1:10:
67:2e:b2:26:35:7a:04:eb:7c:60:13:b4:fe:52:bb:
25:ea:26:6e:b8:ab:14:59:bf:c8:c3:8c:11:d5:1b:
7c:5b:7a:96:79:e1:8d:10:17:94:8f:e1:5d:a3:09:
98:e1:23:b0:71:f0:f3:4c:d2:46:17:32:fe:d0:9e:
b7:90:46:6b:b9:02:73:64:4c:94:c9:b9:0f:71:bb:
89:5a:ed:df:a3:53:0f:e0:f7:36:85:4d:6b:43:cc:
33:1d:34:cc:d3:a5:ad:cd:4c:87:4c:df:22:33:e5:
c8:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:13:B8:73:3A:88:D6:46:BB:B3:DB:50:C6:7D:D3:C9:6B:AB:A0:97
X509v3 Authority Key Identifier:
keyid:58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/oxO4czqI1ka7s9tQxn3TyWuroJc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:cdc0::/29
Signature Algorithm: sha256WithRSAEncryption
b0:c1:ce:2a:d9:88:46:9d:d7:5b:d8:b3:9f:e9:e8:78:4e:18:
0f:97:df:f2:69:59:66:e6:5e:88:e4:05:4f:41:ea:c0:09:03:
cb:0a:18:20:4e:fb:df:04:ea:0b:40:50:b7:5e:8a:f1:d5:ee:
4f:8c:fd:f8:d0:64:48:3b:f7:a0:35:7b:05:50:b4:ed:9c:3f:
3c:38:4b:53:f1:fc:8c:82:28:e9:88:05:ac:65:2f:7d:31:2f:
fe:c7:ee:01:4f:c2:4d:87:d0:04:ec:42:8f:81:bf:a7:45:2d:
32:6c:4a:00:04:ae:ec:0f:04:c2:16:4c:f1:ae:67:a0:d8:7c:
3b:ee:43:a2:ae:ac:90:96:8d:6c:2b:89:29:67:10:b6:4e:e3:
61:d2:48:22:62:ec:0c:c9:0e:6e:83:9e:21:7f:b5:c8:0f:3c:
ef:ca:5f:9a:0b:4d:66:08:fb:a0:d4:e9:69:69:03:4b:6e:4c:
dc:f9:83:14:0c:b0:8d:2f:96:80:22:5c:6f:56:dd:67:ca:06:
ae:2b:93:f3:94:a1:b2:81:78:d8:da:3a:e6:d2:49:06:c9:ec:
7b:60:6d:f1:dc:85:0b:7f:e6:7d:60:cd:08:61:dc:52:73:0f:
65:90:d9:e2:1a:1e:8b:20:43:b9:1b:57:b3:d1:ac:21:67:64:
ed:41:53:f7
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZdRDtxwwuxyzHqAmyT5EcAWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YWQ2MGRhNTI2NzFlOTA4M2NmMzk4NjRlY2EyYWEyMzI0
MWJlOWUwHhcNMjUwNjA4MTk0MDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzEzYjg3MzNhODhkNjQ2YmJiM2RiNTBjNjdkZDNjOTZiYWJhMDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5mlO8CruJf97V/NGJVMz7Hh6ENpJ
fF+/nM428k8OQ+9jfam6jASii0iIs8xGfoy0i1WlHQrAMDjQxBA9v/Vv0c7cnWNa
NMdFmyozdBAjmm6dH2f8D8nTuLaMlWQVurMs4UeUwvBfTSRpMxiJN8gDyqO2eCXK
SUSKB82essnQ9hocI8a558PnIvXkj6L+aTKvDVwL4RBnLrImNXoE63xgE7T+Ursl
6iZuuKsUWb/Iw4wR1Rt8W3qWeeGNEBeUj+FdowmY4SOwcfDzTNJGFzL+0J63kEZr
uQJzZEyUybkPcbuJWu3fo1MP4Pc2hU1rQ8wzHTTM06WtzUyHTN8iM+XITwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKMTuHM6iNZGu7PbUMZ908lrq6CXMB8GA1UdIwQY
MBaAFFitYNpSZx6Qg885hk7KKqIyQb6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDct
MTFiM2NmM2ZkNGUxLzEvb3hPNGN6cUkxa2E3czl0UXhuM1R5V3Vyb0pjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDctMTFiM2NmM2ZkNGUx
LzEvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhPNwDAN
BgkqhkiG9w0BAQsFAAOCAQEAsMHOKtmIRp3XW9izn+noeE4YD5ff8mlZZuZeiOQF
T0HqwAkDywoYIE773wTqC0BQt16K8dXuT4z9+NBkSDv3oDV7BVC07Zw/PDhLU/H8
jIIo6YgFrGUvfTEv/sfuAU/CTYfQBOxCj4G/p0UtMmxKAASu7A8EwhZM8a5noNh8
O+5Doq6skJaNbCuJKWcQtk7jYdJIImLsDMkOboOeIX+1yA8878pfmgtNZgj7oNTp
aWkDS25M3PmDFAywjS+WgCJcb1bdZ8oGriuT85ShsoF42No65tJJBsnse2Bt8dyF
C3/mfWDNCGHcUnMPZZDZ4hoeiyBDuRtXs9GsIWdk7UFT9w==
-----END CERTIFICATE-----
Generated at Thu Jun 19 06:34:41 2025 by rpki-client