Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/28cb5c-298f-4d8b-815b-e5a3778be3ad/1/Ie8q0SMRV4OVzrr9gGXNFdGlax0.roa
File: Ie8q0SMRV4OVzrr9gGXNFdGlax0.roa (raw, json)
Hash identifier: hudmojbtqn4qFde2QMoDOdYcQ4jxvM8qGgZaKQm/VT0=
Subject key identifier: 21:EF:2A:D1:23:11:57:83:95:CE:BA:FD:80:65:CD:15:D1:A5:6B:1D
Certificate issuer: /CN=ba60a4d874d9601c8142c352f80c56a43276cd47
Certificate serial: 018C81E4D2FD6B3B7A3F4B587D8E93D70F55
Authority key identifier: BA:60:A4:D8:74:D9:60:1C:81:42:C3:52:F8:0C:56:A4:32:76:CD:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/umCk2HTZYByBQsNS-AxWpDJ2zUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/28cb5c-298f-4d8b-815b-e5a3778be3ad/1/Ie8q0SMRV4OVzrr9gGXNFdGlax0.roa
Signing time: Tue 19 Dec 2023 11:45:06 +0000
ROA not before: Tue 19 Dec 2023 11:45:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44413
IP address blocks: 2.58.115.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:30:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:81:e4:d2:fd:6b:3b:7a:3f:4b:58:7d:8e:93:d7:0f:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba60a4d874d9601c8142c352f80c56a43276cd47
Validity
Not Before: Dec 19 11:45:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=21ef2ad12311578395cebafd8065cd15d1a56b1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:71:2b:b2:c1:e6:c1:48:6a:5c:9f:83:87:55:
e2:77:9c:ac:0d:a5:6e:9a:ba:68:61:2c:d2:9e:b1:
ad:8e:8e:19:33:c6:27:08:11:45:b8:86:97:18:9f:
16:72:c2:01:eb:9b:79:08:1b:3b:fd:72:d3:f8:b3:
1d:96:7c:fe:92:58:a0:6c:f9:f5:93:c7:5e:a0:4b:
ed:8d:7b:86:e1:44:a3:56:d1:ca:90:83:cb:45:cf:
df:dd:29:63:99:d7:e7:c7:54:e2:94:2c:05:04:ff:
bc:88:ab:da:84:4d:18:15:0c:84:0b:ef:59:c5:4e:
9a:d2:b9:e9:a3:2b:c5:36:5a:2a:73:61:5a:07:78:
f5:12:b9:ca:6c:c5:91:8a:42:3e:ad:1d:ee:4b:cc:
0d:e6:dd:01:b1:3c:53:a0:02:71:92:5e:c8:69:3e:
69:db:b7:ae:ee:4e:ec:fa:53:d9:f0:be:af:8a:5c:
62:c5:54:14:62:56:94:1c:29:a1:0c:da:4b:c4:55:
43:38:13:40:c6:66:5d:18:82:07:dc:78:c1:57:c5:
5f:0d:96:bf:e1:e0:8c:b6:21:4b:46:08:8e:0b:31:
5d:f1:8e:80:ea:41:ed:d2:cc:b8:ab:21:2b:97:32:
73:4c:73:01:b8:0c:5d:18:cd:4f:9e:77:87:e6:71:
91:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:EF:2A:D1:23:11:57:83:95:CE:BA:FD:80:65:CD:15:D1:A5:6B:1D
X509v3 Authority Key Identifier:
keyid:BA:60:A4:D8:74:D9:60:1C:81:42:C3:52:F8:0C:56:A4:32:76:CD:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/umCk2HTZYByBQsNS-AxWpDJ2zUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/28cb5c-298f-4d8b-815b-e5a3778be3ad/1/Ie8q0SMRV4OVzrr9gGXNFdGlax0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/28cb5c-298f-4d8b-815b-e5a3778be3ad/1/umCk2HTZYByBQsNS-AxWpDJ2zUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.115.0/24
Signature Algorithm: sha256WithRSAEncryption
72:ea:1d:3b:de:b8:22:bd:64:6d:b6:d8:32:2b:49:63:b3:59:
fa:3b:7d:98:e6:b9:5d:b1:56:bd:7c:37:e6:8d:24:60:94:54:
2e:4b:b5:e3:19:8a:1c:22:38:d4:08:cb:05:db:14:48:ff:65:
5a:7d:18:60:41:ce:17:66:09:af:bd:2e:84:6a:e8:18:72:b7:
d2:6c:f3:a6:9d:9c:05:77:2e:67:6f:5d:de:6c:66:b2:d8:ec:
da:d5:31:35:0a:1f:ac:e8:1b:a1:c7:e9:f8:e1:36:17:7d:18:
e9:38:6e:e9:ed:aa:77:c9:29:2a:b4:3d:fd:30:5a:1e:f9:be:
5b:56:38:f3:e5:96:c0:70:42:54:82:e7:31:e2:fe:48:60:85:
d1:ec:e3:81:a3:0e:4b:f4:13:4d:49:3f:33:c2:00:98:10:cc:
9e:54:44:aa:22:46:d4:82:9e:e1:83:0f:5d:f8:65:6f:aa:2a:
e7:af:dd:dc:22:76:b0:6a:3f:e9:fb:78:6a:4c:f2:38:b9:9f:
c1:fe:94:b4:77:16:96:37:22:52:02:76:86:02:43:55:6e:8d:
a0:ea:07:9d:93:06:fc:e5:ec:2d:fa:dc:a0:c7:d4:80:e7:ef:
65:8b:a5:88:c2:09:6f:49:1d:2c:2c:30:96:c9:57:aa:9d:b8:
42:db:7a:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYyB5NL9azt6P0tYfY6T1w9VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNjBhNGQ4NzRkOTYwMWM4MTQyYzM1MmY4MGM1NmE0MzI3
NmNkNDcwHhcNMjMxMjE5MTE0NTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWVmMmFkMTIzMTE1NzgzOTVjZWJhZmQ4MDY1Y2QxNWQxYTU2YjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl3ErssHmwUhqXJ+Dh1Xid5ysDaVu
mrpoYSzSnrGtjo4ZM8YnCBFFuIaXGJ8WcsIB65t5CBs7/XLT+LMdlnz+kligbPn1
k8deoEvtjXuG4USjVtHKkIPLRc/f3Sljmdfnx1TilCwFBP+8iKvahE0YFQyEC+9Z
xU6a0rnpoyvFNloqc2FaB3j1ErnKbMWRikI+rR3uS8wN5t0BsTxToAJxkl7IaT5p
27eu7k7s+lPZ8L6vilxixVQUYlaUHCmhDNpLxFVDOBNAxmZdGIIH3HjBV8VfDZa/
4eCMtiFLRgiOCzFd8Y6A6kHt0sy4qyErlzJzTHMBuAxdGM1PnneH5nGREwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCHvKtEjEVeDlc66/YBlzRXRpWsdMB8GA1UdIwQY
MBaAFLpgpNh02WAcgULDUvgMVqQyds1HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW1DazJIVFpZQnlCUXNOUy1BeFdwREoyelVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8yOGNiNWMtMjk4Zi00ZDhiLTgxNWIt
ZTVhMzc3OGJlM2FkLzEvSWU4cTBTTVJWNE9WenJyOWdHWE5GZEdsYXgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8yOGNiNWMtMjk4Zi00ZDhiLTgxNWItZTVhMzc3OGJlM2Fk
LzEvdW1DazJIVFpZQnlCUXNOUy1BeFdwREoyelVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAjpzMA0G
CSqGSIb3DQEBCwUAA4IBAQBy6h073rgivWRtttgyK0ljs1n6O32Y5rldsVa9fDfm
jSRglFQuS7XjGYocIjjUCMsF2xRI/2VafRhgQc4XZgmvvS6EaugYcrfSbPOmnZwF
dy5nb13ebGay2Oza1TE1Ch+s6Buhx+n44TYXfRjpOG7p7ap3ySkqtD39MFoe+b5b
Vjjz5ZbAcEJUgucx4v5IYIXR7OOBow5L9BNNST8zwgCYEMyeVESqIkbUgp7hgw9d
+GVvqirnr93cInawaj/p+3hqTPI4uZ/B/pS0dxaWNyJSAnaGAkNVbo2g6gedkwb8
5ewt+tygx9SA5+9li6WIwglvSR0sLDCWyVeqnbhC23o2
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:03 2024 by rpki-client on console-ams.rpki-client.org