Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/v3t7TfvNITorxsPezVuF9BXviHM.roa
File: v3t7TfvNITorxsPezVuF9BXviHM.roa (raw, json)
Hash identifier: Y+iNipNow4Efw6UuAhQ8LZAEqLqEP3CE7xJCZO9I/OQ=
Subject key identifier: BF:7B:7B:4D:FB:CD:21:3A:2B:C6:C3:DE:CD:5B:85:F4:15:EF:88:73
Certificate issuer: /CN=58ad60da52671e9083cf39864eca2aa23241be9e
Certificate serial: 01968B22B7C330A0ADEC443E2E81E115A959
Authority key identifier: 58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/v3t7TfvNITorxsPezVuF9BXviHM.roa
Signing time: Thu 01 May 2025 09:17:10 +0000
ROA not before: Thu 01 May 2025 09:17:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2a07:f240::/29 maxlen: 29
2a0b:8440::/29 maxlen: 29
2a0b:b480::/29 maxlen: 29
2a10:a9c0::/29 maxlen: 29
2a13:5040::/29 maxlen: 29
2a13:cdc0::/29 maxlen: 29
2a13:d140::/29 maxlen: 29
Validation: Failed, certificate revoked on Sun 11 May 2025 11:41:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:8b:22:b7:c3:30:a0:ad:ec:44:3e:2e:81:e1:15:a9:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ad60da52671e9083cf39864eca2aa23241be9e
Validity
Not Before: May 1 09:17:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bf7b7b4dfbcd213a2bc6c3decd5b85f415ef8873
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:4e:dc:52:bc:b6:44:ae:40:53:de:c4:00:6a:
38:3a:ca:61:56:8e:bb:de:99:39:e0:10:10:95:bc:
4e:91:bc:13:90:e4:47:70:2a:9f:9b:59:c5:bc:94:
0f:7a:e9:d1:9c:5b:4b:e8:bd:c9:ee:26:06:40:e3:
84:64:4d:0f:b8:50:77:07:0a:52:0d:7f:06:4a:47:
de:54:44:bb:15:ba:77:40:b4:fa:fb:ab:3a:4c:f8:
87:38:ab:97:9c:4f:ca:58:84:73:cd:cf:1c:21:de:
b9:d3:1e:28:89:1d:4e:df:85:20:a3:21:30:42:ed:
38:09:9f:e6:b7:41:c6:7c:c9:89:f0:04:22:d0:f8:
7b:9a:f2:d2:c8:02:48:7c:19:92:39:a4:31:72:11:
e2:54:ff:ae:e3:ad:3f:09:83:74:ce:f6:12:32:97:
0e:57:e1:e4:e7:b3:09:b2:ef:7e:17:fe:b6:a3:68:
78:ec:ac:dc:cf:2a:e1:d8:69:ad:7e:d8:85:34:62:
69:c4:29:d4:e7:d6:68:57:55:bf:4b:1f:89:1b:61:
27:d7:4f:51:85:c6:03:05:cf:da:3f:5a:18:36:6f:
fc:53:8a:d9:c6:6d:6a:c8:b4:01:b4:79:8a:28:ee:
dd:75:2d:ff:f0:bd:23:16:df:89:2a:09:f2:50:d3:
28:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:7B:7B:4D:FB:CD:21:3A:2B:C6:C3:DE:CD:5B:85:F4:15:EF:88:73
X509v3 Authority Key Identifier:
keyid:58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/v3t7TfvNITorxsPezVuF9BXviHM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:f240::/29
2a0b:8440::/29
2a0b:b480::/29
2a10:a9c0::/29
2a13:5040::/29
2a13:cdc0::/29
2a13:d140::/29
Signature Algorithm: sha256WithRSAEncryption
a5:d0:4f:52:f8:d3:41:a4:fa:25:df:9d:39:9f:b3:8e:20:30:
45:ec:89:f9:95:c8:10:25:36:b8:f7:d0:1e:71:4e:61:7f:5f:
ab:0e:e2:c6:73:e2:97:a7:a1:f6:f4:c4:71:54:5b:76:57:f4:
e4:e4:56:cc:c6:92:1d:3b:2a:b9:ae:5b:e7:e2:5d:54:9b:59:
d5:5d:0a:cc:10:c4:c4:1b:04:18:57:c7:9b:75:10:ee:20:00:
dd:46:5d:c2:67:54:8b:05:29:14:37:75:c5:fc:ba:ce:76:4f:
99:ef:24:8b:14:65:c7:3b:f0:02:76:aa:88:3d:dd:f7:2f:9f:
45:49:49:cd:7b:ef:41:1a:f8:4c:76:02:21:d7:84:9d:4f:b9:
d7:51:e0:1b:8e:c5:d2:17:bb:5a:bb:11:51:7e:f9:93:40:f9:
23:5e:2c:7f:d9:be:24:b6:9e:2f:2a:2c:d5:12:98:56:f0:7f:
23:91:72:de:d1:a6:cb:bc:f8:a2:5f:46:d9:97:e5:4d:74:ef:
99:cc:1b:52:88:8a:fa:cf:b9:08:38:66:82:3d:8b:39:98:17:
e0:20:3c:01:65:73:6b:b7:a6:2b:da:a6:12:6c:4c:4e:fc:c7:
71:ea:3b:eb:74:fe:2d:59:ce:74:a0:fc:e0:df:0e:f0:ef:75:
e4:5c:21:53
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZaLIrfDMKCt7EQ+LoHhFalZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YWQ2MGRhNTI2NzFlOTA4M2NmMzk4NjRlY2EyYWEyMzI0
MWJlOWUwHhcNMjUwNTAxMDkxNzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjdiN2I0ZGZiY2QyMTNhMmJjNmMzZGVjZDViODVmNDE1ZWY4ODczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzU7cUry2RK5AU97EAGo4OsphVo67
3pk54BAQlbxOkbwTkORHcCqfm1nFvJQPeunRnFtL6L3J7iYGQOOEZE0PuFB3BwpS
DX8GSkfeVES7Fbp3QLT6+6s6TPiHOKuXnE/KWIRzzc8cId650x4oiR1O34UgoyEw
Qu04CZ/mt0HGfMmJ8AQi0Ph7mvLSyAJIfBmSOaQxchHiVP+u460/CYN0zvYSMpcO
V+Hk57MJsu9+F/62o2h47Kzczyrh2GmtftiFNGJpxCnU59ZoV1W/Sx+JG2En109R
hcYDBc/aP1oYNm/8U4rZxm1qyLQBtHmKKO7ddS3/8L0jFt+JKgnyUNMoEQIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFL97e037zSE6K8bD3s1bhfQV74hzMB8GA1UdIwQY
MBaAFFitYNpSZx6Qg885hk7KKqIyQb6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDct
MTFiM2NmM2ZkNGUxLzEvdjN0N1Rmdk5JVG9yeHNQZXpWdUY5Qlh2aUhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDctMTFiM2NmM2ZkNGUx
LzEvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAAjAxAwUDKgfyQAMF
AyoLhEADBQMqC7SAAwUDKhCpwAMFAyoTUEADBQMqE83AAwUDKhPRQDANBgkqhkiG
9w0BAQsFAAOCAQEApdBPUvjTQaT6Jd+dOZ+zjiAwReyJ+ZXIECU2uPfQHnFOYX9f
qw7ixnPil6eh9vTEcVRbdlf05ORWzMaSHTsqua5b5+JdVJtZ1V0KzBDExBsEGFfH
m3UQ7iAA3UZdwmdUiwUpFDd1xfy6znZPme8kixRlxzvwAnaqiD3d9y+fRUlJzXvv
QRr4THYCIdeEnU+511HgG47F0he7WrsRUX75k0D5I14sf9m+JLaeLyos1RKYVvB/
I5Fy3tGmy7z4ol9G2ZflTXTvmcwbUoiK+s+5CDhmgj2LOZgX4CA8AWVza7emK9qm
EmxMTvzHceo763T+LVnOdKD84N8O8O915FwhUw==
-----END CERTIFICATE-----
Generated at Tue May 13 15:18:23 2025 by rpki-client