Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/3eaeb4-fb99-4993-8122-e45350414ddf/1/ejh0V6XPvW9IQjzT0PI7XH_r9J4.roa
File: ejh0V6XPvW9IQjzT0PI7XH_r9J4.roa (raw, json)
Hash identifier: xeDxG11bDoHl/YJPLeo1GcKdeKueeX2oNb/YEKjT1xc=
Subject key identifier: 7A:38:74:57:A5:CF:BD:6F:48:42:3C:D3:D0:F2:3B:5C:7F:EB:F4:9E
Certificate issuer: /CN=39704769d087d9fe8f790a6555cb4fbefcd24d38
Certificate serial: 019324813DD026987A5C2A17869D006EA584
Authority key identifier: 39:70:47:69:D0:87:D9:FE:8F:79:0A:65:55:CB:4F:BE:FC:D2:4D:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OXBHadCH2f6PeQplVctPvvzSTTg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/3eaeb4-fb99-4993-8122-e45350414ddf/1/ejh0V6XPvW9IQjzT0PI7XH_r9J4.roa
Signing time: Wed 13 Nov 2024 07:51:09 +0000
ROA not before: Wed 13 Nov 2024 07:51:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57706
IP address blocks: 2.58.58.0/24 maxlen: 24
2a09:e240::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:49:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:24:81:3d:d0:26:98:7a:5c:2a:17:86:9d:00:6e:a5:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39704769d087d9fe8f790a6555cb4fbefcd24d38
Validity
Not Before: Nov 13 07:51:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7a387457a5cfbd6f48423cd3d0f23b5c7febf49e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:5d:b7:5a:e7:93:4e:db:5e:33:52:0e:95:9e:
a7:70:3a:9f:67:b9:7c:4a:0f:f9:13:91:de:24:1f:
20:c6:dd:cf:83:b2:8f:cc:d2:df:55:b8:eb:0c:52:
98:c4:fb:6b:1e:18:7e:cc:31:6e:9d:cc:94:ff:3e:
6d:df:9a:9a:83:eb:ee:ac:df:17:87:1e:30:93:4f:
63:9b:1a:41:51:e1:93:0c:f6:f6:76:20:cb:b6:8f:
21:e1:f0:d7:fc:95:47:12:d8:75:cc:af:50:a8:29:
f9:ea:d8:92:39:8e:0d:81:47:80:4b:81:2f:c4:bc:
67:4d:d5:16:67:66:91:61:5f:b6:6a:f6:d9:51:1e:
ab:e3:1e:b2:d4:50:85:99:84:08:3d:d0:21:09:3f:
30:10:c7:e8:b4:bc:20:03:47:98:a4:93:0c:d2:f1:
aa:98:ca:5f:f2:bb:d5:b9:f2:a3:76:c8:5c:76:0b:
c9:a1:4f:65:74:f6:75:2b:24:49:dd:6d:12:ad:c4:
15:c7:67:a2:bb:f1:eb:42:17:ed:21:eb:da:c5:23:
20:93:79:56:d6:66:94:b0:5d:d0:89:9c:6b:89:36:
f4:ff:ac:ff:8c:05:15:d1:88:14:29:f1:2c:fb:8d:
f6:aa:50:34:e1:e4:21:4e:49:49:98:6e:df:ca:08:
1a:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:38:74:57:A5:CF:BD:6F:48:42:3C:D3:D0:F2:3B:5C:7F:EB:F4:9E
X509v3 Authority Key Identifier:
keyid:39:70:47:69:D0:87:D9:FE:8F:79:0A:65:55:CB:4F:BE:FC:D2:4D:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OXBHadCH2f6PeQplVctPvvzSTTg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/3eaeb4-fb99-4993-8122-e45350414ddf/1/ejh0V6XPvW9IQjzT0PI7XH_r9J4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/3eaeb4-fb99-4993-8122-e45350414ddf/1/OXBHadCH2f6PeQplVctPvvzSTTg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.58.0/24
IPv6:
2a09:e240::/48
Signature Algorithm: sha256WithRSAEncryption
52:ea:aa:1c:d0:07:f2:07:d2:67:d1:8b:2a:a3:c9:2e:cb:93:
f5:ad:89:eb:ed:43:ae:80:20:a3:d7:a0:58:e4:8a:52:ed:d6:
4a:14:5e:20:a3:1e:64:3e:2a:83:86:26:c5:50:86:2e:0a:89:
24:ab:0f:35:c0:c3:a4:9e:87:4d:54:e9:4f:52:36:20:e8:fc:
53:24:fd:5a:b9:48:7a:30:19:2d:13:79:42:e1:ed:ad:b7:6b:
21:03:1b:a1:47:48:e4:e9:1b:9d:d7:6c:33:43:5f:6b:25:c4:
74:c0:17:63:29:20:f8:af:6a:29:5b:e8:da:e9:89:a2:ed:61:
8e:1e:58:6c:69:7d:87:69:62:62:a1:8f:f7:37:05:02:05:fc:
0f:6b:8e:07:ed:04:85:37:fe:06:84:d8:c7:d5:4c:1f:58:23:
d1:fa:8e:54:a9:f8:2a:0e:f4:ec:a8:d1:77:22:1e:e8:d1:b4:
2f:c5:2f:a1:60:54:03:f5:c6:f5:05:bb:d2:a3:f4:8b:7e:f1:
a6:af:b7:44:0d:5e:9d:4b:09:0f:ac:b1:a0:18:a6:2b:66:1d:
6b:fa:ae:a8:91:c2:d1:cc:93:12:ad:af:2a:cb:39:0e:dd:a0:
14:cd:b0:56:10:3d:78:97:6a:9d:39:f6:bc:5f:1a:d9:37:6a:
34:a7:f6:7d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZMkgT3QJph6XCoXhp0AbqWEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5NzA0NzY5ZDA4N2Q5ZmU4Zjc5MGE2NTU1Y2I0ZmJlZmNk
MjRkMzgwHhcNMjQxMTEzMDc1MTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTM4NzQ1N2E1Y2ZiZDZmNDg0MjNjZDNkMGYyM2I1YzdmZWJmNDllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwF23WueTTtteM1IOlZ6ncDqfZ7l8
Sg/5E5HeJB8gxt3Pg7KPzNLfVbjrDFKYxPtrHhh+zDFuncyU/z5t35qag+vurN8X
hx4wk09jmxpBUeGTDPb2diDLto8h4fDX/JVHEth1zK9QqCn56tiSOY4NgUeAS4Ev
xLxnTdUWZ2aRYV+2avbZUR6r4x6y1FCFmYQIPdAhCT8wEMfotLwgA0eYpJMM0vGq
mMpf8rvVufKjdshcdgvJoU9ldPZ1KyRJ3W0SrcQVx2eiu/HrQhftIevaxSMgk3lW
1maUsF3QiZxriTb0/6z/jAUV0YgUKfEs+432qlA04eQhTklJmG7fyggaQwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHo4dFelz71vSEI809DyO1x/6/SeMB8GA1UdIwQY
MBaAFDlwR2nQh9n+j3kKZVXLT7780k04MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1hCSGFkQ0gyZjZQZVFwbFZjdFB2dnpTVFRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8zZWFlYjQtZmI5OS00OTkzLTgxMjIt
ZTQ1MzUwNDE0ZGRmLzEvZWpoMFY2WFB2VzlJUWp6VDBQSTdYSF9yOUo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8zZWFlYjQtZmI5OS00OTkzLTgxMjItZTQ1MzUwNDE0ZGRm
LzEvT1hCSGFkQ0gyZjZQZVFwbFZjdFB2dnpTVFRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAAjo6MA8E
AgACMAkDBwAqCeJAAAAwDQYJKoZIhvcNAQELBQADggEBAFLqqhzQB/IH0mfRiyqj
yS7Lk/WtievtQ66AIKPXoFjkilLt1koUXiCjHmQ+KoOGJsVQhi4KiSSrDzXAw6Se
h01U6U9SNiDo/FMk/Vq5SHowGS0TeULh7a23ayEDG6FHSOTpG53XbDNDX2slxHTA
F2MpIPivailb6NrpiaLtYY4eWGxpfYdpYmKhj/c3BQIF/A9rjgftBIU3/gaE2MfV
TB9YI9H6jlSp+CoO9Oyo0XciHujRtC/FL6FgVAP1xvUFu9Kj9It+8aavt0QNXp1L
CQ+ssaAYpitmHWv6rqiRwtHMkxKtryrLOQ7doBTNsFYQPXiXap059rxfGtk3ajSn
9n0=
-----END CERTIFICATE-----
Generated at Tue Apr 22 20:46:58 2025 by rpki-client