Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/c65aab-8a52-476f-9e32-10959aaa8b3e/1/MxIPjBHCDYd9wYSoL-sC-ZoOmg0.roa
File: MxIPjBHCDYd9wYSoL-sC-ZoOmg0.roa (raw, json)
Hash identifier: ZU2H+tVQmMeUPopmu4ADilf6jSF7dOLQk9aUIvU0ElM=
Subject key identifier: 33:12:0F:8C:11:C2:0D:87:7D:C1:84:A8:2F:EB:02:F9:9A:0E:9A:0D
Certificate issuer: /CN=c4ff23b1c371352f39b73d39a4e07f8ca98ccd67
Certificate serial: 01929E8D5C94872BC4EAD8805B185624C4C5
Authority key identifier: C4:FF:23:B1:C3:71:35:2F:39:B7:3D:39:A4:E0:7F:8C:A9:8C:CD:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xP8jscNxNS85tz05pOB_jKmMzWc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/c65aab-8a52-476f-9e32-10959aaa8b3e/1/MxIPjBHCDYd9wYSoL-sC-ZoOmg0.roa
Signing time: Fri 18 Oct 2024 07:35:17 +0000
ROA not before: Fri 18 Oct 2024 07:35:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 397688
IP address blocks: 2.58.8.0/24 maxlen: 24
2.58.9.0/24 maxlen: 24
2.58.10.0/24 maxlen: 24
147.189.164.0/24 maxlen: 24
147.189.165.0/24 maxlen: 24
147.189.166.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 21 Oct 2024 12:53:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:9e:8d:5c:94:87:2b:c4:ea:d8:80:5b:18:56:24:c4:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ff23b1c371352f39b73d39a4e07f8ca98ccd67
Validity
Not Before: Oct 18 07:35:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=33120f8c11c20d877dc184a82feb02f99a0e9a0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:c4:08:14:5f:04:35:75:11:07:02:b6:55:33:
e1:ae:8f:52:64:c6:8c:6f:a1:a3:fc:b3:ab:b7:6c:
92:d2:1d:61:8d:b9:66:90:68:1b:52:b8:40:c4:f6:
38:d3:fa:62:94:18:f5:e6:0b:03:b5:65:bf:53:5e:
32:96:df:79:d6:71:50:3f:88:0d:86:74:92:ab:5c:
d1:ba:d0:82:20:95:18:9e:97:70:e5:67:05:53:53:
92:ca:c7:a9:d5:c8:5b:bd:82:fd:ee:32:da:8e:d4:
41:bb:fe:fe:fd:ce:e4:98:5f:79:30:84:da:47:6f:
3e:13:59:8e:31:ff:50:2d:c0:65:0e:8c:8f:45:f4:
f6:3c:b9:9c:43:1e:e0:03:2b:7c:f5:5a:cc:b4:79:
d3:7a:39:7f:e6:4d:02:b2:a2:7e:8d:ab:68:ba:c4:
39:b8:43:0f:b6:0e:4d:cc:38:55:8b:1c:3b:45:21:
2b:41:74:24:86:9e:c4:ee:37:25:4b:48:55:0a:d1:
8d:6b:b5:ef:cf:a4:49:d4:f5:f6:87:32:76:c1:04:
e4:1a:29:19:fd:d9:42:a4:60:49:fb:a5:69:63:bc:
d1:15:a1:f8:bb:60:d7:47:f1:0d:cc:dd:a5:57:26:
6c:35:f7:d4:eb:eb:f8:6b:82:14:1b:5d:c7:dd:a1:
54:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:12:0F:8C:11:C2:0D:87:7D:C1:84:A8:2F:EB:02:F9:9A:0E:9A:0D
X509v3 Authority Key Identifier:
keyid:C4:FF:23:B1:C3:71:35:2F:39:B7:3D:39:A4:E0:7F:8C:A9:8C:CD:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xP8jscNxNS85tz05pOB_jKmMzWc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/c65aab-8a52-476f-9e32-10959aaa8b3e/1/MxIPjBHCDYd9wYSoL-sC-ZoOmg0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/c65aab-8a52-476f-9e32-10959aaa8b3e/1/xP8jscNxNS85tz05pOB_jKmMzWc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.8.0-2.58.10.255
147.189.164.0-147.189.166.255
Signature Algorithm: sha256WithRSAEncryption
00:93:eb:8e:ca:70:ce:b6:ad:2c:ef:fb:8a:51:fd:d3:a7:96:
9a:e8:00:19:f9:8a:f2:30:4b:12:bd:0c:05:17:6b:ef:f0:aa:
2e:da:d6:5f:1a:99:61:a5:ae:f9:a1:fd:e6:ea:c2:dc:4f:03:
87:f9:e6:70:a5:22:37:63:2f:85:d6:79:e8:63:d0:0a:82:e1:
b1:9f:c3:ae:c4:2a:b7:02:5e:48:64:34:51:f9:ba:88:6c:b3:
d6:a7:0c:26:db:4e:34:5f:b4:22:0c:e5:f3:3a:f1:be:03:18:
77:0e:48:ba:da:bf:db:b3:92:71:8f:0d:df:d7:a7:7b:b8:25:
d2:29:f6:c8:13:93:1e:be:72:ea:c0:f6:82:7a:2e:77:39:06:
06:5e:68:54:9a:6a:ea:84:bd:98:eb:05:d7:4c:b2:5a:02:46:
5e:71:e9:81:8c:fe:bf:89:cf:5e:e7:f3:28:68:47:5b:49:e9:
3a:bb:87:87:56:dd:8c:14:bc:f8:9a:a2:3a:63:9d:4b:f2:9a:
f6:88:7a:7e:56:b7:af:ef:53:0e:5a:b8:18:24:cb:f7:b5:74:
9e:6d:09:d4:7d:79:0e:23:14:9d:c9:be:c5:65:f0:fc:58:ca:
f1:56:a2:9a:e3:2d:b0:c3:2b:0b:c8:81:2f:de:7d:85:27:59:
a6:21:e5:d7
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZKejVyUhyvE6tiAWxhWJMTFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0ZmYyM2IxYzM3MTM1MmYzOWI3M2QzOWE0ZTA3ZjhjYTk4
Y2NkNjcwHhcNMjQxMDE4MDczNTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzEyMGY4YzExYzIwZDg3N2RjMTg0YTgyZmViMDJmOTlhMGU5YTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz8QIFF8ENXURBwK2VTPhro9SZMaM
b6Gj/LOrt2yS0h1hjblmkGgbUrhAxPY40/pilBj15gsDtWW/U14ylt951nFQP4gN
hnSSq1zRutCCIJUYnpdw5WcFU1OSysep1chbvYL97jLajtRBu/7+/c7kmF95MITa
R28+E1mOMf9QLcBlDoyPRfT2PLmcQx7gAyt89VrMtHnTejl/5k0CsqJ+jatousQ5
uEMPtg5NzDhVixw7RSErQXQkhp7E7jclS0hVCtGNa7Xvz6RJ1PX2hzJ2wQTkGikZ
/dlCpGBJ+6VpY7zRFaH4u2DXR/ENzN2lVyZsNffU6+v4a4IUG13H3aFUNwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFDMSD4wRwg2HfcGEqC/rAvmaDpoNMB8GA1UdIwQY
MBaAFMT/I7HDcTUvObc9OaTgf4ypjM1nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFA4anNjTnhOUzg1dHowNXBPQl9qS21NeldjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9jNjVhYWItOGE1Mi00NzZmLTllMzIt
MTA5NTlhYWE4YjNlLzEvTXhJUGpCSENEWWQ5d1lTb0wtc0MtWm9PbWcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9jNjVhYWItOGE1Mi00NzZmLTllMzItMTA5NTlhYWE4YjNl
LzEveFA4anNjTnhOUzg1dHowNXBPQl9qS21NeldjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBAMCOggD
BAACOgowDAMEApO9pAMEAJO9pjANBgkqhkiG9w0BAQsFAAOCAQEAAJPrjspwzrat
LO/7ilH906eWmugAGfmK8jBLEr0MBRdr7/CqLtrWXxqZYaWu+aH95urC3E8Dh/nm
cKUiN2MvhdZ56GPQCoLhsZ/DrsQqtwJeSGQ0Ufm6iGyz1qcMJttONF+0Igzl8zrx
vgMYdw5Iutq/27OScY8N39ene7gl0in2yBOTHr5y6sD2gnoudzkGBl5oVJpq6oS9
mOsF10yyWgJGXnHpgYz+v4nPXufzKGhHW0npOruHh1bdjBS8+JqiOmOdS/Ka9oh6
fla3r+9TDlq4GCTL97V0nm0J1H15DiMUncm+xWXw/FjK8VaimuMtsMMrC8iBL959
hSdZpiHl1w==
-----END CERTIFICATE-----
Generated at Mon Oct 21 16:36:34 2024 by rpki-client on console-ams.rpki-client.org