Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/W58pUeczlV1LWW5cSAxOxepjCZI.roa
File: W58pUeczlV1LWW5cSAxOxepjCZI.roa (raw, json)
Hash identifier: 3mUb2gvGi3/ARnzN/sqbn20jkKw91+1bvDjVW/HdfV8=
Subject key identifier: 5B:9F:29:51:E7:33:95:5D:4B:59:6E:5C:48:0C:4E:C5:EA:63:09:92
Certificate issuer: /CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Certificate serial: 019687D69B046FBBE4CD927F852F5E963AC4
Authority key identifier: 26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/W58pUeczlV1LWW5cSAxOxepjCZI.roa
Signing time: Wed 30 Apr 2025 17:55:10 +0000
ROA not before: Wed 30 Apr 2025 17:55:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209641
IP address blocks: 2a0a:c0c1::/32 maxlen: 32
2a0a:c0c3::/32 maxlen: 32
2a0e:7f00::/32 maxlen: 32
2a0e:7f01::/32 maxlen: 32
2a0e:c4c0::/32 maxlen: 32
2a0e:c4c1::/32 maxlen: 32
2a0e:eec1::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 06 May 2025 17:20:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:87:d6:9b:04:6f:bb:e4:cd:92:7f:85:2f:5e:96:3a:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Validity
Not Before: Apr 30 17:55:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5b9f2951e733955d4b596e5c480c4ec5ea630992
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:19:04:fe:2c:d4:4f:be:7a:21:af:d5:b7:03:
c7:bf:11:7c:92:13:5a:2c:b3:10:78:94:15:33:0f:
3f:a8:9a:a9:06:1a:6d:b9:e3:a8:a3:41:24:c4:66:
b9:49:03:9b:41:1a:e5:d2:9d:f8:ca:57:12:ac:d0:
b1:95:55:56:dc:fc:6f:95:5f:b7:17:47:ba:09:4f:
84:16:ec:a4:01:9a:2e:bf:56:5b:a6:a3:3e:55:7b:
eb:2b:dc:88:3b:f2:fa:af:17:39:24:46:c8:0f:69:
71:45:2c:20:c4:4f:7f:4c:9d:a7:2c:9b:bc:f9:2c:
46:c3:81:ab:7d:18:e1:c7:bc:1f:4a:24:90:25:a2:
92:66:63:e0:7c:1e:f0:c0:c2:50:10:c9:c8:c5:ed:
ef:e1:48:85:ae:60:04:76:30:93:a1:8d:c7:c7:f3:
cf:94:44:99:0c:93:ef:04:5c:72:e0:cf:f9:c4:ac:
81:c3:83:45:da:5c:f0:a0:b5:50:b3:25:98:ed:0d:
d3:7a:9f:42:8d:33:92:36:03:ad:4e:50:e1:56:ec:
27:ba:fd:2a:3b:9c:84:42:31:35:52:49:f0:75:ec:
e5:db:ed:93:48:11:62:46:0b:2d:80:25:3d:2c:f2:
74:0b:a3:ed:5a:c8:87:97:ed:68:4c:3e:4a:e5:04:
25:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:9F:29:51:E7:33:95:5D:4B:59:6E:5C:48:0C:4E:C5:EA:63:09:92
X509v3 Authority Key Identifier:
keyid:26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/W58pUeczlV1LWW5cSAxOxepjCZI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/JgsrxFR3yB13TaoMKKtEt3S6CSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:c0c1::/32
2a0a:c0c3::/32
2a0e:7f00::/31
2a0e:c4c0::/31
2a0e:eec1::/32
Signature Algorithm: sha256WithRSAEncryption
6c:81:62:97:91:8c:18:bf:95:44:b0:76:43:3a:4a:2e:72:aa:
da:80:0a:3e:86:14:b8:bc:8a:14:f8:53:5d:df:93:47:9b:7b:
6e:54:b8:5b:13:45:8d:4e:fa:3c:3b:64:6c:f8:0d:87:27:a3:
6b:ae:96:c8:a6:5e:cc:72:06:57:1d:97:4d:a2:d9:07:0f:9a:
12:df:29:c8:47:e9:99:09:14:1d:b6:5c:52:f0:74:1b:c1:bc:
3a:55:56:bd:02:e7:b2:13:d0:9d:d9:e6:ef:74:69:6d:25:fa:
93:13:d5:32:29:bc:45:92:b0:58:31:02:22:ad:58:d2:38:91:
95:21:9f:2e:cc:27:ac:84:5e:e1:10:65:0e:52:c6:47:4b:66:
5d:3f:d4:50:11:94:4d:30:6f:73:fc:83:22:c7:11:60:bf:7c:
ee:c6:cf:97:d4:d1:d0:58:77:60:d3:4b:61:7b:79:32:84:c1:
c4:74:de:5a:8b:0c:9d:d8:0a:84:4d:33:0c:d9:0a:eb:33:b3:
cc:29:e5:67:38:ba:19:fb:75:d3:93:10:a0:36:ab:77:bc:64:
32:75:4c:1d:6b:a8:6e:f6:36:9a:d5:61:13:30:6c:b6:4e:4c:
36:f1:07:bc:fd:c4:46:51:0c:ae:a3:1f:00:7a:d4:85:19:7a:
be:40:1d:cc
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZaH1psEb7vkzZJ/hS9eljrEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2MGIyYmM0NTQ3N2M4MWQ3NzRkYWEwYzI4YWI0NGI3NzRi
YTA5MjAwHhcNMjUwNDMwMTc1NTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjlmMjk1MWU3MzM5NTVkNGI1OTZlNWM0ODBjNGVjNWVhNjMwOTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkxkE/izUT756Ia/VtwPHvxF8khNa
LLMQeJQVMw8/qJqpBhptueOoo0EkxGa5SQObQRrl0p34ylcSrNCxlVVW3PxvlV+3
F0e6CU+EFuykAZouv1ZbpqM+VXvrK9yIO/L6rxc5JEbID2lxRSwgxE9/TJ2nLJu8
+SxGw4GrfRjhx7wfSiSQJaKSZmPgfB7wwMJQEMnIxe3v4UiFrmAEdjCToY3Hx/PP
lESZDJPvBFxy4M/5xKyBw4NF2lzwoLVQsyWY7Q3Tep9CjTOSNgOtTlDhVuwnuv0q
O5yEQjE1Uknwdezl2+2TSBFiRgstgCU9LPJ0C6PtWsiHl+1oTD5K5QQlbwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFFufKVHnM5VdS1luXEgMTsXqYwmSMB8GA1UdIwQY
MBaAFCYLK8RUd8gdd02qDCirRLd0ugkgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQt
MTdlNjZjMWZkM2QxLzEvVzU4cFVlY3psVjFMV1c1Y1NBeE94ZXBqQ1pJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQtMTdlNjZjMWZkM2Qx
LzEvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUAKgrAwQMF
ACoKwMMDBQEqDn8AAwUBKg7EwAMFACoO7sEwDQYJKoZIhvcNAQELBQADggEBAGyB
YpeRjBi/lUSwdkM6Si5yqtqACj6GFLi8ihT4U13fk0ebe25UuFsTRY1O+jw7ZGz4
DYcno2uulsimXsxyBlcdl02i2QcPmhLfKchH6ZkJFB22XFLwdBvBvDpVVr0C57IT
0J3Z5u90aW0l+pMT1TIpvEWSsFgxAiKtWNI4kZUhny7MJ6yEXuEQZQ5SxkdLZl0/
1FARlE0wb3P8gyLHEWC/fO7Gz5fU0dBYd2DTS2F7eTKEwcR03lqLDJ3YCoRNMwzZ
Cuszs8wp5Wc4uhn7ddOTEKA2q3e8ZDJ1TB1rqG72NprVYRMwbLZOTDbxB7z9xEZR
DK6jHwB61IUZer5AHcw=
-----END CERTIFICATE-----
Generated at Sun May 11 15:08:50 2025 by rpki-client