Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/322e35382e38362e302f32332d3234203d3e20383334.roa
File: 322e35382e38362e302f32332d3234203d3e20383334.roa (raw, json)
Hash identifier: Zu8rw6lHdoaIoWVCzvw+N0PNZLLcWHtROyaZ6AqS0cc=
Subject key identifier: 53:47:0C:CF:D2:3E:75:CE:15:B8:4C:FD:6A:D8:EF:74:BB:C8:05:78
Certificate issuer: /CN=cefce449bea8deaedb1804dba25c584df5873dc4
Certificate serial: 3CF23818C45141A0A1CA5F8019237D6921098C44
Authority key identifier: CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/322e35382e38362e302f32332d3234203d3e20383334.roa
Signing time: Sun 29 Jun 2025 10:20:28 +0000
ROA not before: Sun 29 Jun 2025 10:15:28 +0000
ROA not after: Sun 28 Jun 2026 10:20:28 +0000
asID: 834
IP address blocks: 2.58.86.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 30 Jun 2025 06:02:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:f2:38:18:c4:51:41:a0:a1:ca:5f:80:19:23:7d:69:21:09:8c:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cefce449bea8deaedb1804dba25c584df5873dc4
Validity
Not Before: Jun 29 10:15:28 2025 GMT
Not After : Jun 28 10:20:28 2026 GMT
Subject: CN=53470CCFD23E75CE15B84CFD6AD8EF74BBC80578
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:ef:79:9f:24:cc:4b:79:7b:02:6b:f6:c2:0f:
c1:43:69:20:e2:2c:25:29:9f:3c:31:e4:2d:cf:6c:
9c:c1:78:f3:0e:f0:c3:e1:d3:6d:44:c3:69:c2:62:
3e:11:a9:b0:d3:3f:d1:fa:fe:a9:ab:bc:c0:a0:da:
35:ee:40:bb:96:42:5b:6f:cd:f2:de:61:09:a2:5c:
b4:6b:83:5c:4b:f7:91:5a:ce:e7:64:3f:29:6d:4b:
65:bc:2e:d0:06:44:78:ec:d5:8b:38:af:76:b7:8a:
7b:b4:69:3b:21:50:44:66:a5:09:83:7e:57:80:66:
bd:72:ef:35:52:ff:2d:ed:ba:ad:0e:d3:fd:f4:05:
ef:64:16:3a:15:03:f4:41:fe:57:f2:88:8c:f6:66:
48:80:8a:f2:9f:97:b3:8a:ef:e1:37:f8:6a:66:d1:
a8:e2:63:3e:32:ca:5b:d3:a9:2f:92:fe:7f:5b:60:
86:8a:99:a2:11:06:db:e1:c9:3c:d2:d9:61:2a:62:
12:2c:f3:ac:cb:48:6b:7e:97:c1:af:0f:3d:7b:e9:
f4:2f:16:3e:78:14:4f:46:b6:3e:0b:a8:98:49:20:
dc:10:2b:d3:fe:18:b3:ea:37:03:8a:3f:d3:41:bd:
30:d0:f5:de:9f:e8:26:2c:a5:c4:50:33:03:87:70:
d2:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:47:0C:CF:D2:3E:75:CE:15:B8:4C:FD:6A:D8:EF:74:BB:C8:05:78
X509v3 Authority Key Identifier:
keyid:CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/322e35382e38362e302f32332d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.86.0/23
Signature Algorithm: sha256WithRSAEncryption
83:f7:38:0e:33:21:a5:9b:d6:a7:fc:1a:7a:a1:e1:2d:18:83:
95:61:3e:d3:43:7e:bb:e0:56:90:4a:96:d4:32:72:a6:f6:79:
34:a0:b0:7d:01:72:00:42:a0:94:4c:6f:15:8f:9e:ee:fe:bd:
12:53:ad:6f:67:75:e0:e3:06:55:32:01:59:21:f0:45:52:0a:
e0:e3:d9:63:95:e7:b4:37:ae:4c:c1:3d:0c:ad:f5:07:92:60:
02:08:a9:3c:a2:40:db:7c:a2:bb:41:c5:15:a8:a5:59:94:2c:
c3:5d:40:77:f4:74:c4:46:8f:43:67:64:2a:46:33:08:9e:25:
e9:42:12:e9:8f:ed:6e:94:32:96:5f:42:d1:f5:9f:31:6d:89:
92:8b:85:42:40:41:e5:ee:32:bc:5f:e4:ed:f2:65:3a:97:75:
ab:a2:05:ea:01:d7:b2:c3:04:66:32:c5:e7:fc:22:ce:bc:a9:
7f:22:c2:06:f8:33:ac:30:06:19:1a:0e:ab:68:42:c5:6b:10:
f9:05:d1:94:81:89:ae:df:34:88:59:1e:63:ac:9d:b0:83:d8:
31:21:b2:b7:4a:45:67:90:2a:99:80:2d:c4:aa:27:5d:a3:08:
4a:50:e0:c0:e8:83:63:f4:ff:de:8e:a7:8a:2a:c0:fd:60:4d:
ba:ca:e0:60
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIUPPI4GMRRQaChyl+AGSN9aSEJjEQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoY2VmY2U0NDliZWE4ZGVhZWRiMTgwNGRiYTI1YzU4NGRm
NTg3M2RjNDAeFw0yNTA2MjkxMDE1MjhaFw0yNjA2MjgxMDIwMjhaMDMxMTAvBgNV
BAMTKDUzNDcwQ0NGRDIzRTc1Q0UxNUI4NENGRDZBRDhFRjc0QkJDODA1NzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDm73mfJMxLeXsCa/bCD8FDaSDi
LCUpnzwx5C3PbJzBePMO8MPh021Ew2nCYj4RqbDTP9H6/qmrvMCg2jXuQLuWQltv
zfLeYQmiXLRrg1xL95FazudkPyltS2W8LtAGRHjs1Ys4r3a3inu0aTshUERmpQmD
fleAZr1y7zVS/y3tuq0O0/30Be9kFjoVA/RB/lfyiIz2ZkiAivKfl7OK7+E3+Gpm
0ajiYz4yylvTqS+S/n9bYIaKmaIRBtvhyTzS2WEqYhIs86zLSGt+l8GvDz176fQv
Fj54FE9Gtj4LqJhJINwQK9P+GLPqNwOKP9NBvTDQ9d6f6CYspcRQMwOHcNILAgMB
AAGjggIzMIICLzAdBgNVHQ4EFgQUU0cMz9I+dc4VuEz9atjvdLvIBXgwHwYDVR0j
BBgwFoAUzvzkSb6o3q7bGATbolxYTfWHPcQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDFiMzVmOGItNmY0OC00YmFkLWIxODUtNWMxZGFhOGFj
ZGE5LzAvQ0VGQ0U0NDlCRUE4REVBRURCMTgwNERCQTI1QzU4NERGNTg3M0RDNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3p2emtTYjZvM3E3YkdBVGJvbHhZVGZX
SFBjUS5jZXIwgaMGCCsGAQUFBwELBIGWMIGTMIGQBggrBgEFBQcwC4aBg3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZDFiMzVmOGIt
NmY0OC00YmFkLWIxODUtNWMxZGFhOGFjZGE5LzAvMzIyZTM1MzgyZTM4MzYyZTMw
MmYzMjMzMmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQOMAwwCgYI
KwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAECOlYwDQYJKoZI
hvcNAQELBQADggEBAIP3OA4zIaWb1qf8Gnqh4S0Yg5VhPtNDfrvgVpBKltQycqb2
eTSgsH0BcgBCoJRMbxWPnu7+vRJTrW9ndeDjBlUyAVkh8EVSCuDj2WOV57Q3rkzB
PQyt9QeSYAIIqTyiQNt8ortBxRWopVmULMNdQHf0dMRGj0NnZCpGMwieJelCEumP
7W6UMpZfQtH1nzFtiZKLhUJAQeXuMrxf5O3yZTqXdauiBeoB17LDBGYyxef8Is68
qX8iwgb4M6wwBhkaDqtoQsVrEPkF0ZSBia7fNIhZHmOsnbCD2DEhsrdKRWeQKpmA
LcSqJ12jCEpQ4MDog2P0/96Op4oqwP1gTbrK4GA=
-----END CERTIFICATE-----
Generated at Mon Jul 21 23:58:32 2025 by rpki-client