Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/cCpMoWBgJjYaBYl3QhkDgHsPFXk.roa
File: cCpMoWBgJjYaBYl3QhkDgHsPFXk.roa (raw, json)
Hash identifier: isvU6MPn7TiwertBQyLon+DanOgkRoMYTgNLU5aRvZA=
Subject key identifier: 70:2A:4C:A1:60:60:26:36:1A:05:89:77:42:19:03:80:7B:0F:15:79
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 01942369C2E978288C69B49691933CCFAC87
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/cCpMoWBgJjYaBYl3QhkDgHsPFXk.roa
Signing time: Wed 01 Jan 2025 19:48:41 +0000
ROA not before: Wed 01 Jan 2025 19:48:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 193.142.58.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 13 Jan 2025 09:09:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:c2:e9:78:28:8c:69:b4:96:91:93:3c:cf:ac:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Jan 1 19:48:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=702a4ca1606026361a058977421903807b0f1579
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:0f:40:52:88:25:e4:49:e1:b9:73:22:0a:9a:
e6:35:66:74:8a:ef:c0:25:f9:c8:81:7b:db:4c:7a:
bf:6d:43:8c:4b:b7:72:1b:21:81:2f:e5:0f:72:11:
a2:b3:0e:79:2b:1a:85:37:26:b5:b9:4f:a9:89:ed:
da:df:0e:76:94:6b:8e:f3:43:b7:48:0e:d3:2e:58:
28:c8:31:bc:3e:e8:4d:72:e1:5c:be:e6:53:f2:b5:
58:f8:7d:aa:f4:79:9d:33:6a:de:6e:c3:0c:5a:32:
8f:bf:53:44:79:b7:46:7c:c8:0a:86:c5:25:af:0a:
a0:60:38:e2:ae:3f:1f:c6:05:7f:bf:96:7e:70:b3:
bc:8c:1b:f4:0e:64:13:2b:77:63:81:84:7c:64:a7:
b1:91:e9:04:61:85:0a:d3:81:e8:3a:75:91:b1:56:
ee:bd:7b:df:31:da:d9:b9:8c:6b:00:d5:79:5d:ec:
5c:a0:d7:c1:be:7d:29:ab:b8:08:c2:bc:7f:62:af:
d3:77:b5:67:74:7f:98:ea:32:2b:09:20:c5:fd:62:
2f:71:1b:3b:df:88:d4:a4:57:1a:a0:f6:71:63:33:
57:17:cb:f4:12:0b:d0:9b:a4:c7:b4:8a:4b:71:d1:
59:5a:81:cc:7a:7d:2b:3e:57:2c:02:2c:3a:ed:b7:
66:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:2A:4C:A1:60:60:26:36:1A:05:89:77:42:19:03:80:7B:0F:15:79
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/cCpMoWBgJjYaBYl3QhkDgHsPFXk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.142.58.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:c8:ab:fd:34:49:c4:3d:3f:9b:ef:61:cc:fc:62:23:1d:ec:
13:78:00:ae:0a:6b:6a:47:3b:40:3c:79:a7:8b:8c:6a:c2:52:
9d:96:8b:7c:24:b7:61:3f:85:2c:e2:67:4e:5c:f3:e9:10:65:
c1:f0:b9:6e:77:69:cb:c0:32:3a:c4:f8:15:df:5c:a8:42:b4:
7b:b8:f4:f1:dd:e7:41:13:97:7a:83:5b:58:c1:09:3a:bf:c9:
98:0b:56:98:81:22:b9:2c:77:e0:e3:cb:f6:6b:72:69:be:fa:
5b:ad:02:d4:f5:7f:35:e7:89:af:a0:64:fa:af:37:93:47:aa:
54:2c:f8:76:01:d8:82:d3:8a:ae:3d:24:48:ae:6e:fe:47:e1:
12:ab:64:f8:ed:3f:7b:36:d0:0a:79:e2:5d:66:0d:b0:76:67:
86:6e:5b:a1:9f:b2:2b:8e:3d:8e:93:23:5f:87:3d:95:27:70:
87:e4:f0:72:bd:8c:ba:0a:43:ed:f3:f6:33:d0:65:3f:a2:cd:
82:e8:f4:3f:2f:ce:8f:64:85:f0:1f:82:f7:c4:73:bb:45:c0:
20:98:e4:36:3d:89:cf:7f:a8:2f:54:29:2d:7b:21:a8:9b:10:
db:b8:e9:9c:5e:c2:46:11:c2:d0:57:92:03:a7:ce:14:8a:be:
8e:df:7f:38
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjacLpeCiMabSWkZM8z6yHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjUwMTAxMTk0ODQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDJhNGNhMTYwNjAyNjM2MWEwNTg5Nzc0MjE5MDM4MDdiMGYxNTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Q9AUogl5EnhuXMiCprmNWZ0iu/A
JfnIgXvbTHq/bUOMS7dyGyGBL+UPchGisw55KxqFNya1uU+pie3a3w52lGuO80O3
SA7TLlgoyDG8PuhNcuFcvuZT8rVY+H2q9HmdM2rebsMMWjKPv1NEebdGfMgKhsUl
rwqgYDjirj8fxgV/v5Z+cLO8jBv0DmQTK3djgYR8ZKexkekEYYUK04HoOnWRsVbu
vXvfMdrZuYxrANV5XexcoNfBvn0pq7gIwrx/Yq/Td7VndH+Y6jIrCSDF/WIvcRs7
34jUpFcaoPZxYzNXF8v0EgvQm6THtIpLcdFZWoHMen0rPlcsAiw67bdmQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHAqTKFgYCY2GgWJd0IZA4B7DxV5MB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvY0NwTW9XQmdKallhQllsM1Foa0RnSHNQRlhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwY46MA0G
CSqGSIb3DQEBCwUAA4IBAQA9yKv9NEnEPT+b72HM/GIjHewTeACuCmtqRztAPHmn
i4xqwlKdlot8JLdhP4Us4mdOXPPpEGXB8Llud2nLwDI6xPgV31yoQrR7uPTx3edB
E5d6g1tYwQk6v8mYC1aYgSK5LHfg48v2a3JpvvpbrQLU9X8154mvoGT6rzeTR6pU
LPh2AdiC04quPSRIrm7+R+ESq2T47T97NtAKeeJdZg2wdmeGbluhn7Irjj2OkyNf
hz2VJ3CH5PByvYy6CkPt8/Yz0GU/os2C6PQ/L86PZIXwH4L3xHO7RcAgmOQ2PYnP
f6gvVCkteyGomxDbuOmcXsJGEcLQV5IDp84Uir6O3384
-----END CERTIFICATE-----
Generated at Sun Jun 8 18:32:12 2025 by rpki-client