Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/7a1eb4-290a-4686-8bba-dc7542138952/1/CteCe3FV_Jwulh9bukxl_70oCFw.roa
File: CteCe3FV_Jwulh9bukxl_70oCFw.roa (raw, json)
Hash identifier: iqxrFrNdOkpZkwQoRhkoSGh7QaOykR8QZ/Qr2M1nEE8=
Subject key identifier: 0A:D7:82:7B:71:55:FC:9C:2E:96:1F:5B:BA:4C:65:FF:BD:28:08:5C
Certificate issuer: /CN=cddd902a1271270027e4577778ea35883b4515f6
Certificate serial: 01954A21201849BAC47F2746391260273FC2
Authority key identifier: CD:DD:90:2A:12:71:27:00:27:E4:57:77:78:EA:35:88:3B:45:15:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zd2QKhJxJwAn5Fd3eOo1iDtFFfY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/7a1eb4-290a-4686-8bba-dc7542138952/1/CteCe3FV_Jwulh9bukxl_70oCFw.roa
Signing time: Fri 28 Feb 2025 01:17:19 +0000
ROA not before: Fri 28 Feb 2025 01:17:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48577
IP address blocks: 2.59.4.0/24 maxlen: 24
2.59.5.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 02 Mar 2025 12:48:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:4a:21:20:18:49:ba:c4:7f:27:46:39:12:60:27:3f:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cddd902a1271270027e4577778ea35883b4515f6
Validity
Not Before: Feb 28 01:17:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0ad7827b7155fc9c2e961f5bba4c65ffbd28085c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:db:4e:08:d1:86:2d:8a:af:c6:35:58:e2:b9:
fa:56:f8:dc:0d:1b:7e:1e:57:f7:ec:f7:04:1e:2a:
93:f0:42:ba:de:a8:f0:4e:7a:e4:ac:f5:3e:07:d5:
6a:30:ca:d1:67:f5:a0:c3:a9:4c:99:a5:35:6f:d0:
2d:82:94:b5:f1:57:ad:5c:e9:9e:73:c7:4a:f3:36:
2b:8f:58:c8:b0:07:b2:d9:46:7c:d5:e8:13:57:66:
82:ba:b5:6d:13:f4:66:c9:09:d2:63:f0:29:b8:58:
dd:dc:5d:07:74:d4:6f:4d:52:00:eb:87:cd:d4:a4:
23:21:4d:b0:aa:15:a9:b6:1d:84:dd:56:ff:14:ab:
be:20:4c:77:a4:fb:f6:7e:8e:72:e9:c7:c6:26:10:
b2:b3:ca:dc:30:e3:22:7f:a3:e5:d5:88:0c:af:48:
6f:70:15:5d:9d:c2:c2:af:f2:81:de:f5:28:3d:d5:
6f:33:99:10:97:e5:21:29:81:0b:f2:c6:da:71:d2:
40:4a:92:9a:e6:5e:84:b7:a2:b9:05:01:2f:3e:88:
11:87:f7:58:59:2c:b7:b9:c2:08:45:ea:33:f1:e1:
b5:af:e2:db:aa:2e:a4:f6:0e:1e:e3:ea:8d:9b:3a:
24:69:7b:52:82:72:9f:6b:2f:48:8c:df:9a:6f:4a:
38:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:D7:82:7B:71:55:FC:9C:2E:96:1F:5B:BA:4C:65:FF:BD:28:08:5C
X509v3 Authority Key Identifier:
keyid:CD:DD:90:2A:12:71:27:00:27:E4:57:77:78:EA:35:88:3B:45:15:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zd2QKhJxJwAn5Fd3eOo1iDtFFfY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/7a1eb4-290a-4686-8bba-dc7542138952/1/CteCe3FV_Jwulh9bukxl_70oCFw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/7a1eb4-290a-4686-8bba-dc7542138952/1/zd2QKhJxJwAn5Fd3eOo1iDtFFfY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.4.0/23
Signature Algorithm: sha256WithRSAEncryption
ad:55:9b:df:63:0b:23:0c:f0:5b:82:ff:98:3d:ed:97:82:79:
62:06:c3:2d:cb:90:de:f9:92:52:a3:a2:6d:cf:6c:c4:16:66:
e3:74:ac:c9:ed:72:28:b1:60:42:25:70:ba:10:69:d3:19:7d:
f9:8e:98:ea:48:f2:09:de:72:7d:ea:fa:79:8c:78:c2:cd:d1:
f6:33:54:f5:35:d0:4b:9e:ee:a9:68:92:83:6d:48:a9:25:ae:
7f:3e:81:b7:4f:50:ca:dc:4c:51:75:7d:b1:6d:f7:6c:ef:cd:
04:de:40:4c:17:e0:b1:d2:23:f7:e2:eb:e6:52:56:88:08:9e:
d3:b8:8e:0e:51:3b:83:16:07:6c:ae:e5:69:07:c9:fa:42:a1:
76:8a:63:86:92:04:7a:5f:86:98:84:90:cd:9f:77:2b:18:3c:
18:b9:82:fa:7e:ad:18:ce:c3:67:11:fe:a3:9b:9c:ac:c2:b0:
8b:ff:fb:bd:1a:5a:5d:a3:5f:12:2b:b3:0c:83:57:b7:18:82:
34:b2:ef:55:84:8e:45:51:e4:28:34:ec:fe:9f:97:92:ea:3d:
10:a8:1d:bf:04:8c:2a:46:f2:95:e3:94:2f:f4:88:e7:23:59:
df:8a:dc:2f:da:fa:f7:61:05:34:98:0f:2d:30:04:15:23:22:
0e:15:3a:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZVKISAYSbrEfydGORJgJz/CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkZGQ5MDJhMTI3MTI3MDAyN2U0NTc3Nzc4ZWEzNTg4M2I0
NTE1ZjYwHhcNMjUwMjI4MDExNzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWQ3ODI3YjcxNTVmYzljMmU5NjFmNWJiYTRjNjVmZmJkMjgwODVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn9tOCNGGLYqvxjVY4rn6VvjcDRt+
Hlf37PcEHiqT8EK63qjwTnrkrPU+B9VqMMrRZ/Wgw6lMmaU1b9AtgpS18VetXOme
c8dK8zYrj1jIsAey2UZ81egTV2aCurVtE/RmyQnSY/ApuFjd3F0HdNRvTVIA64fN
1KQjIU2wqhWpth2E3Vb/FKu+IEx3pPv2fo5y6cfGJhCys8rcMOMif6Pl1YgMr0hv
cBVdncLCr/KB3vUoPdVvM5kQl+UhKYEL8sbacdJASpKa5l6Et6K5BQEvPogRh/dY
WSy3ucIIReoz8eG1r+Lbqi6k9g4e4+qNmzokaXtSgnKfay9IjN+ab0o4nQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFArXgntxVfycLpYfW7pMZf+9KAhcMB8GA1UdIwQY
MBaAFM3dkCoScScAJ+RXd3jqNYg7RRX2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemQyUUtoSnhKd0FuNUZkM2VPbzFpRHRGRmZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS83YTFlYjQtMjkwYS00Njg2LThiYmEt
ZGM3NTQyMTM4OTUyLzEvQ3RlQ2UzRlZfSnd1bGg5YnVreGxfNzBvQ0Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS83YTFlYjQtMjkwYS00Njg2LThiYmEtZGM3NTQyMTM4OTUy
LzEvemQyUUtoSnhKd0FuNUZkM2VPbzFpRHRGRmZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBAjsEMA0G
CSqGSIb3DQEBCwUAA4IBAQCtVZvfYwsjDPBbgv+YPe2XgnliBsMty5De+ZJSo6Jt
z2zEFmbjdKzJ7XIosWBCJXC6EGnTGX35jpjqSPIJ3nJ96vp5jHjCzdH2M1T1NdBL
nu6paJKDbUipJa5/PoG3T1DK3ExRdX2xbfds780E3kBMF+Cx0iP34uvmUlaICJ7T
uI4OUTuDFgdsruVpB8n6QqF2imOGkgR6X4aYhJDNn3crGDwYuYL6fq0YzsNnEf6j
m5yswrCL//u9Glpdo18SK7MMg1e3GII0su9VhI5FUeQoNOz+n5eS6j0QqB2/BIwq
RvKV45Qv9IjnI1nfitwv2vr3YQU0mA8tMAQVIyIOFTpr
-----END CERTIFICATE-----
Generated at Wed Apr 23 08:14:56 2025 by rpki-client