Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/901170-e606-4fd1-8504-7f0d07ba4af3/1/58yQw_Tt98LL-3S35G04RNT74BI.roa
File: 58yQw_Tt98LL-3S35G04RNT74BI.roa (raw, json)
Hash identifier: xaCupdi0nZ6qVsPnLw6T7r01zeHPmhI/ImLzlake9vw=
Subject key identifier: E7:CC:90:C3:F4:ED:F7:C2:CB:FB:74:B7:E4:6D:38:44:D4:FB:E0:12
Certificate issuer: /CN=cd1f73345794ce4817ea99e8d8cfcea71bd78367
Certificate serial: 0195D963C723E307130C779BF8027BEE842B
Authority key identifier: CD:1F:73:34:57:94:CE:48:17:EA:99:E8:D8:CF:CE:A7:1B:D7:83:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zR9zNFeUzkgX6pno2M_OpxvXg2c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/901170-e606-4fd1-8504-7f0d07ba4af3/1/58yQw_Tt98LL-3S35G04RNT74BI.roa
Signing time: Thu 27 Mar 2025 20:55:49 +0000
ROA not before: Thu 27 Mar 2025 20:55:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214555
IP address blocks: 212.56.56.0/24 maxlen: 24
2a14:7640::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 31 Mar 2025 18:18:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:d9:63:c7:23:e3:07:13:0c:77:9b:f8:02:7b:ee:84:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd1f73345794ce4817ea99e8d8cfcea71bd78367
Validity
Not Before: Mar 27 20:55:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e7cc90c3f4edf7c2cbfb74b7e46d3844d4fbe012
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:92:2c:e6:6f:f7:54:63:61:73:48:7d:60:78:
4b:23:e6:b2:8a:de:3e:c6:a4:ec:3a:de:d8:bb:58:
f7:ff:30:83:e2:59:b8:28:bb:16:2c:41:0d:7b:9b:
b0:d9:82:3b:1d:1f:dd:ec:df:3b:32:b5:b8:70:3d:
eb:d2:2c:61:d9:62:cf:9b:cb:df:cc:e5:b2:f5:33:
54:b1:6a:87:1c:53:65:d9:38:db:62:84:05:22:8c:
75:a4:4a:97:41:da:ab:49:eb:d2:d1:80:dc:24:cf:
31:2e:49:e0:ff:20:72:70:33:ef:f7:65:73:38:8c:
e6:24:34:8c:38:f1:f8:5e:1a:93:12:76:08:85:fe:
cf:fa:55:eb:10:5c:c9:ee:e9:39:96:8d:d2:19:3f:
0d:bf:3f:8f:36:67:24:c5:17:02:68:7c:91:e5:cd:
d0:3b:b5:bc:00:84:e9:e5:16:08:8f:69:51:0a:75:
19:7e:22:8b:5b:41:43:52:08:e0:27:3c:0f:2e:b6:
e7:72:18:91:c5:a3:3f:dd:cf:77:23:b9:8a:b8:7f:
3a:4c:df:e7:31:6c:5c:96:a5:86:54:6d:18:19:37:
9d:6c:bb:31:b3:82:ec:7c:bb:23:6a:99:a2:68:df:
ff:f7:57:05:f3:0a:58:9d:2d:f3:44:95:f4:66:1d:
59:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:CC:90:C3:F4:ED:F7:C2:CB:FB:74:B7:E4:6D:38:44:D4:FB:E0:12
X509v3 Authority Key Identifier:
keyid:CD:1F:73:34:57:94:CE:48:17:EA:99:E8:D8:CF:CE:A7:1B:D7:83:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zR9zNFeUzkgX6pno2M_OpxvXg2c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/901170-e606-4fd1-8504-7f0d07ba4af3/1/58yQw_Tt98LL-3S35G04RNT74BI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/901170-e606-4fd1-8504-7f0d07ba4af3/1/zR9zNFeUzkgX6pno2M_OpxvXg2c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.56.56.0/24
IPv6:
2a14:7640::/29
Signature Algorithm: sha256WithRSAEncryption
0f:3d:30:04:a5:bd:26:9a:68:37:19:77:02:cb:83:6f:3b:c3:
27:c6:94:50:4d:4d:95:d4:a5:c4:d4:51:d0:52:e8:f8:5e:b2:
ce:69:00:ff:22:1d:de:e5:e0:fe:36:b8:b9:9b:40:90:39:e0:
12:c8:41:df:f9:ed:ae:36:64:36:7c:a0:15:0a:c8:cf:ff:14:
06:96:ba:41:bb:ce:12:26:b3:b4:cb:0f:6e:87:0a:f4:d3:06:
8d:d0:70:de:73:d5:fc:22:96:25:ac:89:56:a0:5b:a8:7d:bf:
91:75:ed:b3:25:19:0e:57:a2:c1:b8:74:71:55:8a:56:14:77:
a1:e3:ce:4d:6d:c1:f6:c3:f6:02:37:50:7e:b6:24:6e:c6:02:
26:c7:e8:da:bf:b8:13:8a:b6:f9:be:23:d3:99:22:49:fb:54:
52:5b:56:e0:7e:bc:fd:9a:e3:2e:e1:ef:b2:29:66:52:50:c5:
35:ad:16:ab:8b:9d:5b:db:d9:f1:02:55:c5:98:38:d5:56:48:
a5:ea:6e:eb:ea:ab:d4:b6:81:a4:b7:10:11:96:06:ae:83:41:
26:ec:0f:d8:f4:50:db:9d:2a:3d:16:bb:9d:16:b2:c5:48:08:
db:fd:4b:ce:e1:2f:65:80:da:3e:99:ec:ab:f8:2c:7a:ec:94:
3a:50:52:b9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZXZY8cj4wcTDHeb+AJ77oQrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMWY3MzM0NTc5NGNlNDgxN2VhOTllOGQ4Y2ZjZWE3MWJk
NzgzNjcwHhcNMjUwMzI3MjA1NTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2NjOTBjM2Y0ZWRmN2MyY2JmYjc0YjdlNDZkMzg0NGQ0ZmJlMDEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+ZIs5m/3VGNhc0h9YHhLI+ayit4+
xqTsOt7Yu1j3/zCD4lm4KLsWLEENe5uw2YI7HR/d7N87MrW4cD3r0ixh2WLPm8vf
zOWy9TNUsWqHHFNl2TjbYoQFIox1pEqXQdqrSevS0YDcJM8xLkng/yBycDPv92Vz
OIzmJDSMOPH4XhqTEnYIhf7P+lXrEFzJ7uk5lo3SGT8Nvz+PNmckxRcCaHyR5c3Q
O7W8AITp5RYIj2lRCnUZfiKLW0FDUgjgJzwPLrbnchiRxaM/3c93I7mKuH86TN/n
MWxclqWGVG0YGTedbLsxs4LsfLsjapmiaN//91cF8wpYnS3zRJX0Zh1ZmwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOfMkMP07ffCy/t0t+RtOETU++ASMB8GA1UdIwQY
MBaAFM0fczRXlM5IF+qZ6NjPzqcb14NnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelI5ek5GZVV6a2dYNnBubzJNX09weHZYZzJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MDExNzAtZTYwNi00ZmQxLTg1MDQt
N2YwZDA3YmE0YWYzLzEvNTh5UXdfVHQ5OExMLTNTMzVHMDRSTlQ3NEJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MDExNzAtZTYwNi00ZmQxLTg1MDQtN2YwZDA3YmE0YWYz
LzEvelI5ek5GZVV6a2dYNnBubzJNX09weHZYZzJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQA1Dg4MA0E
AgACMAcDBQMqFHZAMA0GCSqGSIb3DQEBCwUAA4IBAQAPPTAEpb0mmmg3GXcCy4Nv
O8MnxpRQTU2V1KXE1FHQUuj4XrLOaQD/Ih3e5eD+Nri5m0CQOeASyEHf+e2uNmQ2
fKAVCsjP/xQGlrpBu84SJrO0yw9uhwr00waN0HDec9X8IpYlrIlWoFuofb+Rde2z
JRkOV6LBuHRxVYpWFHeh485NbcH2w/YCN1B+tiRuxgImx+jav7gTirb5viPTmSJJ
+1RSW1bgfrz9muMu4e+yKWZSUMU1rRari51b29nxAlXFmDjVVkil6m7r6qvUtoGk
txARlgaug0Em7A/Y9FDbnSo9FrudFrLFSAjb/UvO4S9lgNo+meyr+Cx67JQ6UFK5
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:45:48 2025 by rpki-client