Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/y5etD3gjWOpTMlFDBLdmdSqks7s.roa
File: y5etD3gjWOpTMlFDBLdmdSqks7s.roa (raw, json)
Hash identifier: vjOymNN6hBBTbW29OrJMZECSPQ3YMtuR/BqDn+DyDFw=
Subject key identifier: CB:97:AD:0F:78:23:58:EA:53:32:51:43:04:B7:66:75:2A:A4:B3:BB
Certificate issuer: /CN=58ad60da52671e9083cf39864eca2aa23241be9e
Certificate serial: 0197418EF747A6EB91F7FFDC3F7FCD3B83E9
Authority key identifier: 58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/y5etD3gjWOpTMlFDBLdmdSqks7s.roa
Signing time: Thu 05 Jun 2025 19:26:17 +0000
ROA not before: Thu 05 Jun 2025 19:26:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42881
IP address blocks: 2a0f:63c6::/32 maxlen: 32
2a13:dfc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 17 Jun 2025 18:59:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:41:8e:f7:47:a6:eb:91:f7:ff:dc:3f:7f:cd:3b:83:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ad60da52671e9083cf39864eca2aa23241be9e
Validity
Not Before: Jun 5 19:26:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cb97ad0f782358ea5332514304b766752aa4b3bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:a2:ff:70:ba:1f:73:9b:69:a0:fa:be:0f:74:
41:d1:e0:d7:5f:3b:ef:8f:8d:a9:58:96:20:1f:38:
a4:b2:46:8c:b0:35:11:7c:f5:ae:70:12:3c:b7:b2:
af:4c:47:19:d9:1d:ce:09:8a:10:e4:02:d0:48:1f:
a6:c4:81:3b:ea:37:a3:be:23:41:31:8d:3e:56:8f:
68:4c:7f:ca:42:49:f3:58:37:67:51:05:e5:0d:00:
f6:27:a3:ed:8d:e4:0e:95:35:9b:82:4d:f9:25:55:
34:37:da:34:2a:72:61:b1:6c:8c:09:e5:36:54:d0:
24:7b:71:dd:d5:fb:a7:49:75:a6:4d:dc:17:c9:ab:
9f:6a:19:f6:15:13:22:4c:11:21:f3:6f:d7:be:00:
02:ce:54:56:5f:27:ba:7a:aa:23:42:a9:58:f2:2f:
df:b7:03:77:7b:03:22:73:b4:7c:3d:b6:6e:6a:d6:
a4:6c:e3:6f:25:b8:34:e4:91:a3:cb:3e:6c:c4:47:
fa:cd:94:53:4b:f4:9f:e3:09:5b:fe:3c:3d:9d:62:
d7:b3:e6:1b:eb:f0:a0:cb:b3:6a:7d:eb:52:03:e0:
6c:54:17:16:f4:82:69:5e:91:9f:0c:bd:8d:dd:b7:
a0:28:eb:d9:d9:23:15:3d:d9:2a:57:ad:89:70:70:
48:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:97:AD:0F:78:23:58:EA:53:32:51:43:04:B7:66:75:2A:A4:B3:BB
X509v3 Authority Key Identifier:
keyid:58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/y5etD3gjWOpTMlFDBLdmdSqks7s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:63c6::/32
2a13:dfc0::/29
Signature Algorithm: sha256WithRSAEncryption
30:11:9e:70:f8:6e:a9:fe:e4:3d:e9:5b:12:9e:e1:06:08:b2:
69:87:d5:e6:23:d0:79:9d:51:15:f1:3a:bd:2a:f8:41:9d:ed:
b8:c0:fb:97:c2:ce:02:52:23:79:3a:59:98:33:5d:f0:1e:3e:
f2:e0:98:a6:03:98:51:1f:22:0d:82:ad:6c:a4:5d:e5:b4:c5:
c0:a0:e1:4f:f6:2a:06:c6:b2:9e:8c:42:e5:1a:22:a2:21:7d:
e8:18:ac:d1:49:18:2c:4c:e9:ab:2d:a5:ef:37:1e:3d:31:4d:
7d:81:01:cc:09:f3:8c:05:54:23:6e:78:72:d1:ea:13:64:49:
40:f4:86:6f:9b:84:78:46:0d:ba:57:39:04:fb:5e:36:4c:75:
70:0e:1c:d6:e5:d1:c0:5f:cc:d9:b1:2a:4a:5c:26:64:9e:df:
ec:b5:9a:7b:53:31:fa:41:50:42:51:65:38:8f:c8:ab:75:fb:
f9:b6:c7:72:f7:8c:2b:2d:7d:a4:d8:2a:5e:08:83:c3:62:0f:
a9:81:89:5f:76:8c:8e:65:0d:9c:58:a8:d6:c8:88:c3:a3:de:
87:9e:77:f5:d3:b2:30:37:4c:96:bb:f0:7a:66:22:73:f9:a5:
6c:31:1e:93:d7:77:b2:ed:a4:ff:1d:52:02:4d:d6:0c:7a:00:
59:c6:21:0b
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZdBjvdHpuuR9//cP3/NO4PpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YWQ2MGRhNTI2NzFlOTA4M2NmMzk4NjRlY2EyYWEyMzI0
MWJlOWUwHhcNMjUwNjA1MTkyNjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjk3YWQwZjc4MjM1OGVhNTMzMjUxNDMwNGI3NjY3NTJhYTRiM2JiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKL/cLofc5tpoPq+D3RB0eDXXzvv
j42pWJYgHzikskaMsDURfPWucBI8t7KvTEcZ2R3OCYoQ5ALQSB+mxIE76jejviNB
MY0+Vo9oTH/KQknzWDdnUQXlDQD2J6PtjeQOlTWbgk35JVU0N9o0KnJhsWyMCeU2
VNAke3Hd1funSXWmTdwXyaufahn2FRMiTBEh82/XvgACzlRWXye6eqojQqlY8i/f
twN3ewMic7R8PbZuatakbONvJbg05JGjyz5sxEf6zZRTS/Sf4wlb/jw9nWLXs+Yb
6/Cgy7NqfetSA+BsVBcW9IJpXpGfDL2N3begKOvZ2SMVPdkqV62JcHBIJwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFMuXrQ94I1jqUzJRQwS3ZnUqpLO7MB8GA1UdIwQY
MBaAFFitYNpSZx6Qg885hk7KKqIyQb6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDct
MTFiM2NmM2ZkNGUxLzEveTVldEQzZ2pXT3BUTWxGREJMZG1kU3FrczdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDctMTFiM2NmM2ZkNGUx
LzEvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKg9jxgMF
AyoT38AwDQYJKoZIhvcNAQELBQADggEBADARnnD4bqn+5D3pWxKe4QYIsmmH1eYj
0HmdURXxOr0q+EGd7bjA+5fCzgJSI3k6WZgzXfAePvLgmKYDmFEfIg2CrWykXeW0
xcCg4U/2KgbGsp6MQuUaIqIhfegYrNFJGCxM6astpe83Hj0xTX2BAcwJ84wFVCNu
eHLR6hNkSUD0hm+bhHhGDbpXOQT7XjZMdXAOHNbl0cBfzNmxKkpcJmSe3+y1mntT
MfpBUEJRZTiPyKt1+/m2x3L3jCstfaTYKl4Ig8NiD6mBiV92jI5lDZxYqNbIiMOj
3oeed/XTsjA3TJa78HpmInP5pWwxHpPXd7LtpP8dUgJN1gx6AFnGIQs=
-----END CERTIFICATE-----
Generated at Wed Jun 18 16:37:36 2025 by rpki-client