Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/U7_EYIwZ9ydMsZRwASPWRMFG2TU.roa
File: U7_EYIwZ9ydMsZRwASPWRMFG2TU.roa (raw, json)
Hash identifier: P2UwF6VtfWQBbk+96H1tNdw+pYKl+COai2AnIu4BwMQ=
Subject key identifier: 53:BF:C4:60:8C:19:F7:27:4C:B1:94:70:01:23:D6:44:C1:46:D9:35
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019428246A5736415368699D1A7765BAACB4
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/U7_EYIwZ9ydMsZRwASPWRMFG2TU.roa
Signing time: Thu 02 Jan 2025 17:51:02 +0000
ROA not before: Thu 02 Jan 2025 17:51:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 26383
IP address blocks: 2.58.95.0/24 maxlen: 24
31.13.248.0/24 maxlen: 24
94.156.116.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 06 Feb 2025 16:41:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:24:6a:57:36:41:53:68:69:9d:1a:77:65:ba:ac:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 17:51:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=53bfc4608c19f7274cb194700123d644c146d935
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:49:6c:b0:a8:8b:1e:6c:97:69:d4:e3:d2:9d:
01:ec:d6:2f:fd:e8:52:33:6d:aa:73:b1:fc:a4:55:
a8:57:f4:8b:45:d5:49:ce:77:c8:56:df:3f:11:11:
5f:62:94:e7:aa:3c:60:c7:36:a7:19:e6:a3:30:a0:
05:ab:49:e2:cd:1f:d5:84:ce:13:5d:cf:e1:33:b0:
4f:9b:96:c3:57:f6:18:e9:35:b0:bb:47:f6:2d:0d:
a5:3b:06:81:e3:bd:9e:f5:31:a9:03:84:3c:f3:41:
ad:de:b7:69:93:ed:e9:73:de:e5:67:5a:ec:41:d0:
22:49:d3:d8:36:82:1e:d1:fc:d3:ca:65:91:1d:33:
9d:ec:6b:d1:fe:0d:db:2c:46:0f:c4:3a:48:d3:0b:
2f:82:d3:c6:e7:4c:e5:a0:66:13:0e:9a:36:cb:0b:
89:20:0e:77:ed:e5:45:70:45:72:c6:8d:6d:f8:3e:
7d:01:97:72:16:39:81:9c:15:05:5f:d7:89:ee:7a:
bb:f2:6b:6a:65:da:2f:72:3e:19:e0:fd:8f:11:e8:
94:a1:a0:54:6a:5b:57:b3:04:6c:fe:6e:37:03:08:
ab:aa:11:7c:26:f0:e5:5f:81:7a:a4:86:8c:17:c4:
3b:3b:fb:c6:98:ca:b9:27:52:b7:42:19:ff:9d:71:
13:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:BF:C4:60:8C:19:F7:27:4C:B1:94:70:01:23:D6:44:C1:46:D9:35
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/U7_EYIwZ9ydMsZRwASPWRMFG2TU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.95.0/24
31.13.248.0/24
94.156.116.0/24
Signature Algorithm: sha256WithRSAEncryption
53:0a:10:c2:dd:a6:d1:e9:39:ed:c8:ee:0c:1a:b5:e5:3e:56:
a5:48:31:a7:3d:d5:21:1c:3b:7b:84:08:bb:98:73:02:94:bc:
5f:d1:d4:97:34:e5:42:25:34:17:8e:3f:9d:8b:77:ac:9d:21:
db:2c:27:b4:47:c9:b6:c2:51:cc:d9:13:72:50:64:55:e4:6e:
dc:46:bb:96:a8:97:79:a5:48:6e:ee:f4:35:d0:84:b4:09:d0:
66:97:86:ff:f0:a2:9a:a3:8e:91:b9:08:4a:bf:87:9b:89:57:
2d:e1:ae:16:60:dd:1b:e7:64:6c:60:d3:26:1a:3a:d3:46:73:
4b:cd:3e:77:0e:25:60:4d:12:0b:f9:f3:b3:d6:5e:68:78:6d:
31:ee:62:33:d2:2e:1e:34:e2:23:91:25:98:85:5c:d7:c4:ae:
43:d3:a5:9e:da:f6:90:71:9c:94:7c:2e:3b:35:d1:07:c5:34:
c7:1b:b0:62:87:01:aa:9d:b4:e1:df:9e:28:57:dd:a1:07:c4:
1e:bc:05:81:34:45:5e:9b:df:c9:22:9c:31:64:1f:bb:5a:9e:
3e:4d:0d:b8:68:37:d1:a0:85:66:66:85:86:73:dc:fe:4d:67:
e7:28:1a:2e:89:76:6b:d2:a1:25:b6:90:a5:bf:ce:ab:ab:88:
4f:a2:55:78
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQoJGpXNkFTaGmdGndluqy0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMTAyMTc1MTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2JmYzQ2MDhjMTlmNzI3NGNiMTk0NzAwMTIzZDY0NGMxNDZkOTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwUlssKiLHmyXadTj0p0B7NYv/ehS
M22qc7H8pFWoV/SLRdVJznfIVt8/ERFfYpTnqjxgxzanGeajMKAFq0nizR/VhM4T
Xc/hM7BPm5bDV/YY6TWwu0f2LQ2lOwaB472e9TGpA4Q880Gt3rdpk+3pc97lZ1rs
QdAiSdPYNoIe0fzTymWRHTOd7GvR/g3bLEYPxDpI0wsvgtPG50zloGYTDpo2ywuJ
IA537eVFcEVyxo1t+D59AZdyFjmBnBUFX9eJ7nq78mtqZdovcj4Z4P2PEeiUoaBU
altXswRs/m43AwirqhF8JvDlX4F6pIaMF8Q7O/vGmMq5J1K3Qhn/nXETmwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFO/xGCMGfcnTLGUcAEj1kTBRtk1MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvVTdfRVlJd1o5eWRNc1pSd0FTUFdSTUZHMlRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAAjpfAwQA
Hw34AwQAXpx0MA0GCSqGSIb3DQEBCwUAA4IBAQBTChDC3abR6TntyO4MGrXlPlal
SDGnPdUhHDt7hAi7mHMClLxf0dSXNOVCJTQXjj+di3esnSHbLCe0R8m2wlHM2RNy
UGRV5G7cRruWqJd5pUhu7vQ10IS0CdBml4b/8KKao46RuQhKv4ebiVct4a4WYN0b
52RsYNMmGjrTRnNLzT53DiVgTRIL+fOz1l5oeG0x7mIz0i4eNOIjkSWYhVzXxK5D
06We2vaQcZyUfC47NdEHxTTHG7BihwGqnbTh354oV92hB8QevAWBNEVem9/JIpwx
ZB+7Wp4+TQ24aDfRoIVmZoWGc9z+TWfnKBouiXZr0qEltpClv86rq4hPolV4
-----END CERTIFICATE-----
Generated at Wed Apr 16 19:22:01 2025 by rpki-client