Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/3eaeb4-fb99-4993-8122-e45350414ddf/1/FhFUVRHcW28ZNAFw2LFchly6_Aw.roa
File: FhFUVRHcW28ZNAFw2LFchly6_Aw.roa (raw, json)
Hash identifier: CtGGbmP1phfqi2zNSqRvr6jbX70KrsCgBXSTe07WPA8=
Subject key identifier: 16:11:54:55:11:DC:5B:6F:19:34:01:70:D8:B1:5C:86:5C:BA:FC:0C
Certificate issuer: /CN=39704769d087d9fe8f790a6555cb4fbefcd24d38
Certificate serial: 0194650014DDF3363C61869755955225D39B
Authority key identifier: 39:70:47:69:D0:87:D9:FE:8F:79:0A:65:55:CB:4F:BE:FC:D2:4D:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OXBHadCH2f6PeQplVctPvvzSTTg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/3eaeb4-fb99-4993-8122-e45350414ddf/1/FhFUVRHcW28ZNAFw2LFchly6_Aw.roa
Signing time: Tue 14 Jan 2025 13:28:11 +0000
ROA not before: Tue 14 Jan 2025 13:28:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57706
IP address blocks: 2.58.58.0/24 maxlen: 24
2.58.59.0/24 maxlen: 24
2a09:e240::/29 maxlen: 29
2a09:e240::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 06 Feb 2025 14:15:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:65:00:14:dd:f3:36:3c:61:86:97:55:95:52:25:d3:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39704769d087d9fe8f790a6555cb4fbefcd24d38
Validity
Not Before: Jan 14 13:28:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1611545511dc5b6f19340170d8b15c865cbafc0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:d3:6b:25:f6:f3:9c:34:38:3c:31:b0:13:d4:
d8:82:d3:b3:e6:02:9e:b3:a9:c1:08:85:a3:68:e3:
d9:a3:1a:68:54:ae:9c:21:64:07:c0:02:ce:4e:11:
7f:5b:17:00:6a:44:e4:fa:d9:f6:d1:5d:6a:a0:20:
6e:d8:53:30:18:42:84:59:cd:d2:9f:2c:75:a1:f1:
9d:bc:ec:70:4e:a9:be:6c:09:ef:fe:6e:26:b9:ed:
5a:33:76:f5:db:06:cd:44:7a:83:a0:3c:f0:cc:c6:
e1:63:6d:fe:7c:86:99:6b:08:9a:13:80:a5:fa:d5:
f6:56:0f:05:51:8f:c6:4d:a5:1b:d6:3d:31:ee:49:
96:65:76:7e:d6:9c:da:f7:7d:ff:68:af:2f:54:3f:
3c:9e:dc:bd:9b:89:1a:94:a7:c4:87:1f:db:c9:6b:
51:27:43:17:2f:14:cb:17:cb:0e:94:65:2a:d5:fd:
1b:93:d4:2f:6d:82:15:c0:7f:a6:26:08:6f:28:9a:
fa:55:90:60:ec:a1:48:15:a4:b4:f9:01:89:34:87:
8e:fe:5d:c5:46:61:7a:9d:1b:4b:8f:7f:e1:99:26:
ef:e0:5b:c4:7a:f0:1c:9d:6f:da:03:d7:78:3c:1f:
c7:00:64:d0:d0:64:38:d1:91:f8:3b:af:74:68:9a:
3a:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:11:54:55:11:DC:5B:6F:19:34:01:70:D8:B1:5C:86:5C:BA:FC:0C
X509v3 Authority Key Identifier:
keyid:39:70:47:69:D0:87:D9:FE:8F:79:0A:65:55:CB:4F:BE:FC:D2:4D:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OXBHadCH2f6PeQplVctPvvzSTTg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/3eaeb4-fb99-4993-8122-e45350414ddf/1/FhFUVRHcW28ZNAFw2LFchly6_Aw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/3eaeb4-fb99-4993-8122-e45350414ddf/1/OXBHadCH2f6PeQplVctPvvzSTTg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.58.0/23
IPv6:
2a09:e240::/29
Signature Algorithm: sha256WithRSAEncryption
17:da:df:f4:96:30:0a:85:6c:91:e2:d5:62:9f:79:81:38:0a:
6a:59:03:55:6a:d3:46:37:90:19:e1:92:9e:2c:f3:d6:d8:71:
8b:14:0f:2c:53:ba:31:16:81:4d:db:72:c4:b8:f5:3a:bf:f2:
45:e1:79:eb:64:11:32:b7:48:76:f7:f8:db:eb:28:96:db:7e:
47:0d:3b:c4:0c:75:8e:c7:33:04:70:2d:7b:89:49:e0:4b:57:
af:ea:0b:84:13:c5:4c:62:b2:79:2f:49:3d:5d:68:d0:9d:d3:
ef:0b:c7:0e:46:74:23:a0:79:8e:54:70:fa:74:60:44:55:9b:
22:15:49:8d:1a:1c:f5:f8:2c:6b:49:63:90:cb:0c:f9:0d:fb:
c4:b0:ae:aa:63:87:d1:f1:71:fc:f7:74:0b:09:ef:15:82:bf:
cc:4b:58:27:60:b3:9b:f3:ee:fd:5e:db:19:0b:57:50:1b:cc:
1a:cf:a6:77:7a:c1:1c:3f:ee:f8:a8:b9:c2:b7:4d:40:49:fc:
9b:d7:8a:3a:cc:3f:68:52:50:95:f8:dc:13:29:a1:e7:c8:93:
4c:6f:70:9d:70:c0:2a:96:15:53:81:ad:cb:86:be:2e:04:42:
ec:b4:a4:f7:c0:2d:ad:8b:06:64:88:cc:47:c8:23:71:77:12:
53:2a:9a:4e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZRlABTd8zY8YYaXVZVSJdObMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5NzA0NzY5ZDA4N2Q5ZmU4Zjc5MGE2NTU1Y2I0ZmJlZmNk
MjRkMzgwHhcNMjUwMTE0MTMyODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjExNTQ1NTExZGM1YjZmMTkzNDAxNzBkOGIxNWM4NjVjYmFmYzBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA19NrJfbznDQ4PDGwE9TYgtOz5gKe
s6nBCIWjaOPZoxpoVK6cIWQHwALOThF/WxcAakTk+tn20V1qoCBu2FMwGEKEWc3S
nyx1ofGdvOxwTqm+bAnv/m4mue1aM3b12wbNRHqDoDzwzMbhY23+fIaZawiaE4Cl
+tX2Vg8FUY/GTaUb1j0x7kmWZXZ+1pza933/aK8vVD88nty9m4kalKfEhx/byWtR
J0MXLxTLF8sOlGUq1f0bk9QvbYIVwH+mJghvKJr6VZBg7KFIFaS0+QGJNIeO/l3F
RmF6nRtLj3/hmSbv4FvEevAcnW/aA9d4PB/HAGTQ0GQ40ZH4O690aJo68QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBYRVFUR3FtvGTQBcNixXIZcuvwMMB8GA1UdIwQY
MBaAFDlwR2nQh9n+j3kKZVXLT7780k04MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1hCSGFkQ0gyZjZQZVFwbFZjdFB2dnpTVFRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8zZWFlYjQtZmI5OS00OTkzLTgxMjIt
ZTQ1MzUwNDE0ZGRmLzEvRmhGVVZSSGNXMjhaTkFGdzJMRmNobHk2X0F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8zZWFlYjQtZmI5OS00OTkzLTgxMjItZTQ1MzUwNDE0ZGRm
LzEvT1hCSGFkQ0gyZjZQZVFwbFZjdFB2dnpTVFRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBAjo6MA0E
AgACMAcDBQMqCeJAMA0GCSqGSIb3DQEBCwUAA4IBAQAX2t/0ljAKhWyR4tVin3mB
OApqWQNVatNGN5AZ4ZKeLPPW2HGLFA8sU7oxFoFN23LEuPU6v/JF4XnrZBEyt0h2
9/jb6yiW235HDTvEDHWOxzMEcC17iUngS1ev6guEE8VMYrJ5L0k9XWjQndPvC8cO
RnQjoHmOVHD6dGBEVZsiFUmNGhz1+CxrSWOQywz5DfvEsK6qY4fR8XH893QLCe8V
gr/MS1gnYLOb8+79XtsZC1dQG8waz6Z3esEcP+74qLnCt01ASfyb14o6zD9oUlCV
+NwTKaHnyJNMb3CdcMAqlhVTga3Lhr4uBELstKT3wC2tiwZkiMxHyCNxdxJTKppO
-----END CERTIFICATE-----
Generated at Tue Apr 22 20:46:57 2025 by rpki-client