Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/8b162c-4e35-4061-81be-79d42882c8c0/1/bB-xewlNjaKj2ZirZItuBwQNaE8.roa
File: bB-xewlNjaKj2ZirZItuBwQNaE8.roa (raw, json)
Hash identifier: DESK6LtKWyYOBqm/sucP+kTgBKDnTF1t+us6QZuXFnU=
Subject key identifier: 6C:1F:B1:7B:09:4D:8D:A2:A3:D9:98:AB:64:8B:6E:07:04:0D:68:4F
Certificate issuer: /CN=b7dc936a7f6ba5078224f801736fdeb0dae8a9fb
Certificate serial: 018CC94D2EE00D8C71D0F432D12E3B66E333
Authority key identifier: B7:DC:93:6A:7F:6B:A5:07:82:24:F8:01:73:6F:DE:B0:DA:E8:A9:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t9yTan9rpQeCJPgBc2_esNroqfs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/8b162c-4e35-4061-81be-79d42882c8c0/1/bB-xewlNjaKj2ZirZItuBwQNaE8.roa
Signing time: Tue 02 Jan 2024 08:32:07 +0000
ROA not before: Tue 02 Jan 2024 08:32:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64421
IP address blocks: 2.58.16.0/22 maxlen: 22
195.26.20.0/23 maxlen: 23
2a09:e0c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:49:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:2e:e0:0d:8c:71:d0:f4:32:d1:2e:3b:66:e3:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b7dc936a7f6ba5078224f801736fdeb0dae8a9fb
Validity
Not Before: Jan 2 08:32:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6c1fb17b094d8da2a3d998ab648b6e07040d684f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:e1:0f:ef:0b:a8:ec:e4:32:8b:6e:f7:9d:58:
40:d6:6a:88:7c:33:b0:4f:83:1b:00:9e:39:0a:06:
43:68:87:6c:2a:68:cd:8a:12:e1:ae:2f:bd:56:98:
6c:e1:32:81:e6:11:ee:3c:d6:fc:74:f0:77:98:eb:
86:ee:18:6f:e7:2a:a2:a3:39:ab:af:49:b8:a2:67:
a4:40:ce:b7:1e:5f:4e:c5:d6:5f:9d:45:5a:9c:a7:
13:39:9e:b3:79:02:d3:ce:27:47:d1:5b:32:2d:91:
84:94:01:06:9b:fd:40:e7:9f:cc:db:cd:d6:e5:c0:
03:bb:39:db:96:2f:b7:8b:bc:86:77:32:b9:65:a3:
26:ab:22:f9:1e:7c:34:45:0b:5a:03:61:8f:06:88:
eb:ca:ce:c3:1d:9d:ae:86:63:18:41:63:2c:7a:e6:
b2:e1:37:48:84:93:27:40:dd:0b:15:79:8b:3b:bb:
57:7e:0b:ff:39:c0:07:46:eb:a0:85:4a:0a:72:fa:
e6:22:2e:a0:ff:6f:af:7a:6f:95:4c:ac:ec:60:d2:
e2:4b:52:a8:d0:ab:14:ae:2c:40:44:56:c5:88:27:
e0:45:97:77:0d:cb:c9:e1:d2:a1:55:92:b4:c6:da:
7d:72:f7:ab:bf:3c:60:3b:85:ac:c4:65:52:8a:d7:
6d:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:1F:B1:7B:09:4D:8D:A2:A3:D9:98:AB:64:8B:6E:07:04:0D:68:4F
X509v3 Authority Key Identifier:
keyid:B7:DC:93:6A:7F:6B:A5:07:82:24:F8:01:73:6F:DE:B0:DA:E8:A9:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t9yTan9rpQeCJPgBc2_esNroqfs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/8b162c-4e35-4061-81be-79d42882c8c0/1/bB-xewlNjaKj2ZirZItuBwQNaE8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/8b162c-4e35-4061-81be-79d42882c8c0/1/t9yTan9rpQeCJPgBc2_esNroqfs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.16.0/22
195.26.20.0/23
IPv6:
2a09:e0c0::/29
Signature Algorithm: sha256WithRSAEncryption
9b:25:67:95:54:e5:41:d8:72:7c:46:1c:cf:5b:a0:5d:18:36:
c1:88:7b:ed:61:5b:e8:63:d3:07:70:53:57:09:f2:91:3c:19:
49:fb:a0:f6:f0:ce:21:64:53:69:97:90:ef:29:55:59:7f:c8:
20:d2:c0:f5:57:d5:5a:ff:23:ad:c2:de:2f:d9:0c:9f:b8:49:
c6:50:db:29:d4:70:f1:e6:d8:8f:74:ff:13:47:18:8c:66:9b:
34:f6:ca:2b:a5:ae:31:22:02:67:40:f7:98:a2:7a:e6:43:79:
b0:eb:be:a9:12:19:a6:0a:d0:e1:f0:5d:03:e8:f8:40:ae:2a:
75:ad:5e:b5:90:ec:4e:9b:cf:f1:5d:b7:f7:b0:b0:c3:9b:55:
c0:22:6a:27:8b:23:11:76:1e:cf:ac:8c:3f:30:85:a0:78:a0:
15:0f:0d:fb:9f:19:be:97:47:e1:57:29:f6:c3:7d:3a:e4:07:
d4:99:11:d9:d6:f1:e5:8f:b0:54:e1:84:93:11:13:2b:b9:c8:
cd:8b:c1:47:3e:06:e9:4b:94:b4:71:90:ac:cc:c4:e5:0a:0a:
d0:16:a6:80:f0:8d:54:78:25:d6:78:8e:56:4f:3d:cc:5d:54:
e8:79:57:8e:61:7f:04:b9:9e:ed:59:d0:13:2b:6e:12:3d:fe:
4b:8e:40:d5
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzJTS7gDYxx0PQy0S47ZuMzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3ZGM5MzZhN2Y2YmE1MDc4MjI0ZjgwMTczNmZkZWIwZGFl
OGE5ZmIwHhcNMjQwMTAyMDgzMjA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzFmYjE3YjA5NGQ4ZGEyYTNkOTk4YWI2NDhiNmUwNzA0MGQ2ODRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjeEP7wuo7OQyi273nVhA1mqIfDOw
T4MbAJ45CgZDaIdsKmjNihLhri+9Vphs4TKB5hHuPNb8dPB3mOuG7hhv5yqiozmr
r0m4omekQM63Hl9OxdZfnUVanKcTOZ6zeQLTzidH0VsyLZGElAEGm/1A55/M283W
5cADuznbli+3i7yGdzK5ZaMmqyL5Hnw0RQtaA2GPBojrys7DHZ2uhmMYQWMseuay
4TdIhJMnQN0LFXmLO7tXfgv/OcAHRuughUoKcvrmIi6g/2+vem+VTKzsYNLiS1Ko
0KsUrixARFbFiCfgRZd3DcvJ4dKhVZK0xtp9cvervzxgO4WsxGVSitdtOQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGwfsXsJTY2io9mYq2SLbgcEDWhPMB8GA1UdIwQY
MBaAFLfck2p/a6UHgiT4AXNv3rDa6Kn7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDl5VGFuOXJwUWVDSlBnQmMyX2VzTnJvcWZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC84YjE2MmMtNGUzNS00MDYxLTgxYmUt
NzlkNDI4ODJjOGMwLzEvYkIteGV3bE5qYUtqMlppclpJdHVCd1FOYUU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC84YjE2MmMtNGUzNS00MDYxLTgxYmUtNzlkNDI4ODJjOGMw
LzEvdDl5VGFuOXJwUWVDSlBnQmMyX2VzTnJvcWZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCAjoQAwQB
wxoUMA0EAgACMAcDBQMqCeDAMA0GCSqGSIb3DQEBCwUAA4IBAQCbJWeVVOVB2HJ8
RhzPW6BdGDbBiHvtYVvoY9MHcFNXCfKRPBlJ+6D28M4hZFNpl5DvKVVZf8gg0sD1
V9Va/yOtwt4v2QyfuEnGUNsp1HDx5tiPdP8TRxiMZps09sorpa4xIgJnQPeYonrm
Q3mw676pEhmmCtDh8F0D6PhArip1rV61kOxOm8/xXbf3sLDDm1XAImoniyMRdh7P
rIw/MIWgeKAVDw37nxm+l0fhVyn2w3065AfUmRHZ1vHlj7BU4YSTERMrucjNi8FH
PgbpS5S0cZCszMTlCgrQFqaA8I1UeCXWeI5WTz3MXVToeVeOYX8EuZ7tWdATK24S
Pf5LjkDV
-----END CERTIFICATE-----
Generated at Mon Apr 7 18:39:00 2025 by rpki-client