Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/8b162c-4e35-4061-81be-79d42882c8c0/1/T5ffJofIVw77VtSbaW898yqndTQ.roa
File: T5ffJofIVw77VtSbaW898yqndTQ.roa (raw, json)
Hash identifier: HBk59RCPh4ckTP20u5waNh7BAlcRVnS9n0FG1eI8JKQ=
Subject key identifier: 4F:97:DF:26:87:C8:57:0E:FB:56:D4:9B:69:6F:3D:F3:2A:A7:75:34
Certificate issuer: /CN=b7dc936a7f6ba5078224f801736fdeb0dae8a9fb
Certificate serial: 01856C411D3B1509D7D0D1D8AC5745A5E5D8
Authority key identifier: B7:DC:93:6A:7F:6B:A5:07:82:24:F8:01:73:6F:DE:B0:DA:E8:A9:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t9yTan9rpQeCJPgBc2_esNroqfs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/8b162c-4e35-4061-81be-79d42882c8c0/1/T5ffJofIVw77VtSbaW898yqndTQ.roa
Signing time: Sun 01 Jan 2023 07:34:44 +0000
ROA not before: Sun 01 Jan 2023 07:34:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 64421
IP address blocks: 2.58.16.0/22 maxlen: 22
195.26.20.0/23 maxlen: 23
2a09:e0c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:41:1d:3b:15:09:d7:d0:d1:d8:ac:57:45:a5:e5:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b7dc936a7f6ba5078224f801736fdeb0dae8a9fb
Validity
Not Before: Jan 1 07:34:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4f97df2687c8570efb56d49b696f3df32aa77534
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:eb:0d:6f:8d:49:a1:65:d3:4c:69:02:7b:37:
2d:9b:70:0a:cb:3e:ab:87:65:4e:e4:ff:4c:27:3b:
1d:a7:c0:62:bf:cf:bf:de:25:ae:2a:47:6c:0d:eb:
9b:67:f4:cd:c7:54:bb:de:d5:f4:cb:fe:73:25:0c:
e8:96:a6:9f:13:80:8d:7c:de:6f:f7:c7:0a:80:c8:
24:e0:fb:14:74:6d:35:85:f5:d4:e2:74:26:ae:4a:
50:fe:fb:4b:f2:f4:22:e1:c1:94:f5:76:40:7a:33:
ee:2e:40:ac:a0:f6:e3:0e:71:51:a1:b6:98:41:db:
c9:13:6f:95:98:2a:92:01:08:01:42:f5:28:3b:ba:
d4:d1:79:e2:5a:9c:dd:5b:bc:e2:a2:9e:f1:af:5d:
b4:b7:f3:49:6c:5c:cc:53:b7:b5:6b:3f:26:8e:d7:
32:24:0b:5f:a1:e3:e7:47:82:92:f6:b9:1d:c4:5a:
66:75:ed:43:4a:6f:df:e4:68:83:13:9e:ba:ce:20:
d6:c2:d0:6a:bd:5b:86:d6:9d:1e:db:5a:aa:a3:b0:
04:b2:19:d3:a2:03:53:83:42:2d:11:a3:68:fe:6f:
f8:96:b5:a4:1c:3f:f4:1c:e3:a9:9b:c4:9a:07:57:
d0:37:0e:38:d7:6c:37:cd:22:30:2e:7b:4e:ad:bc:
ae:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:97:DF:26:87:C8:57:0E:FB:56:D4:9B:69:6F:3D:F3:2A:A7:75:34
X509v3 Authority Key Identifier:
keyid:B7:DC:93:6A:7F:6B:A5:07:82:24:F8:01:73:6F:DE:B0:DA:E8:A9:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t9yTan9rpQeCJPgBc2_esNroqfs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/8b162c-4e35-4061-81be-79d42882c8c0/1/T5ffJofIVw77VtSbaW898yqndTQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/8b162c-4e35-4061-81be-79d42882c8c0/1/t9yTan9rpQeCJPgBc2_esNroqfs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.16.0/22
195.26.20.0/23
IPv6:
2a09:e0c0::/29
Signature Algorithm: sha256WithRSAEncryption
ac:62:1a:7c:a6:7e:e8:b8:ea:c1:50:44:c4:f1:57:d6:6b:18:
b1:38:08:6e:0c:84:27:21:17:73:a8:e2:66:1f:5a:84:a3:b8:
5b:c7:ba:bc:1c:2e:01:ed:2b:14:61:f4:7b:6e:3a:1c:a4:52:
ba:6d:5a:15:b1:1d:6b:76:47:01:f6:6c:97:d1:02:04:8a:9c:
cd:6e:8d:9b:ca:eb:4b:6a:e6:19:7f:20:28:fe:b1:b9:bd:a8:
3f:eb:99:e2:41:2a:f8:b1:6e:eb:ad:6f:7b:61:61:10:f1:ab:
4b:21:bc:ad:4d:41:7f:68:f5:e0:dd:2f:69:30:ae:dc:9e:90:
89:fa:71:a6:b6:0e:bd:f8:70:87:57:08:61:94:a5:6d:96:c6:
1c:6e:ce:2c:09:02:45:69:89:65:57:fa:e4:c7:ed:6b:a0:20:
45:79:86:7d:11:4e:9a:f4:76:40:e7:b4:61:ad:03:fa:c4:21:
d3:66:67:b7:fb:14:cf:89:73:e9:40:cf:74:01:d4:2e:7e:c6:
24:ff:e5:f8:03:82:35:f7:36:7f:60:64:5c:5c:8c:0f:38:40:
b2:04:ea:50:fe:10:89:02:1b:fa:15:52:3a:e6:15:73:33:c9:
44:22:ca:8a:37:26:98:ec:e5:5f:dc:e3:0f:26:4d:39:d0:35:
74:dc:e3:81
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVsQR07FQnX0NHYrFdFpeXYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3ZGM5MzZhN2Y2YmE1MDc4MjI0ZjgwMTczNmZkZWIwZGFl
OGE5ZmIwHhcNMjMwMTAxMDczNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Zjk3ZGYyNjg3Yzg1NzBlZmI1NmQ0OWI2OTZmM2RmMzJhYTc3NTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh+sNb41JoWXTTGkCezctm3AKyz6r
h2VO5P9MJzsdp8Biv8+/3iWuKkdsDeubZ/TNx1S73tX0y/5zJQzolqafE4CNfN5v
98cKgMgk4PsUdG01hfXU4nQmrkpQ/vtL8vQi4cGU9XZAejPuLkCsoPbjDnFRobaY
QdvJE2+VmCqSAQgBQvUoO7rU0XniWpzdW7ziop7xr120t/NJbFzMU7e1az8mjtcy
JAtfoePnR4KS9rkdxFpmde1DSm/f5GiDE566ziDWwtBqvVuG1p0e21qqo7AEshnT
ogNTg0ItEaNo/m/4lrWkHD/0HOOpm8SaB1fQNw4412w3zSIwLntOrbyuNQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFE+X3yaHyFcO+1bUm2lvPfMqp3U0MB8GA1UdIwQY
MBaAFLfck2p/a6UHgiT4AXNv3rDa6Kn7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDl5VGFuOXJwUWVDSlBnQmMyX2VzTnJvcWZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC84YjE2MmMtNGUzNS00MDYxLTgxYmUt
NzlkNDI4ODJjOGMwLzEvVDVmZkpvZklWdzc3VnRTYmFXODk4eXFuZFRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC84YjE2MmMtNGUzNS00MDYxLTgxYmUtNzlkNDI4ODJjOGMw
LzEvdDl5VGFuOXJwUWVDSlBnQmMyX2VzTnJvcWZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCAjoQAwQB
wxoUMA0EAgACMAcDBQMqCeDAMA0GCSqGSIb3DQEBCwUAA4IBAQCsYhp8pn7ouOrB
UETE8VfWaxixOAhuDIQnIRdzqOJmH1qEo7hbx7q8HC4B7SsUYfR7bjocpFK6bVoV
sR1rdkcB9myX0QIEipzNbo2byutLauYZfyAo/rG5vag/65niQSr4sW7rrW97YWEQ
8atLIbytTUF/aPXg3S9pMK7cnpCJ+nGmtg69+HCHVwhhlKVtlsYcbs4sCQJFaYll
V/rkx+1roCBFeYZ9EU6a9HZA57RhrQP6xCHTZme3+xTPiXPpQM90AdQufsYk/+X4
A4I19zZ/YGRcXIwPOECyBOpQ/hCJAhv6FVI65hVzM8lEIsqKNyaY7OVf3OMPJk05
0DV03OOB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:41 2024 by rpki-client on console-fra.rpki-client.org