Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/28cb5c-298f-4d8b-815b-e5a3778be3ad/1/KiKY0DYvKaWF0eoqogzSNEALuhg.roa
File: KiKY0DYvKaWF0eoqogzSNEALuhg.roa (raw, json)
Hash identifier: 7RZa/aKBS8wDNyDRgPmeIfjlwAJWplFPAS2jb/WaWrQ=
Subject key identifier: 2A:22:98:D0:36:2F:29:A5:85:D1:EA:2A:A2:0C:D2:34:40:0B:BA:18
Certificate issuer: /CN=ba60a4d874d9601c8142c352f80c56a43276cd47
Certificate serial: 018CC56EA57457D1D2FA901477197D6D0F99
Authority key identifier: BA:60:A4:D8:74:D9:60:1C:81:42:C3:52:F8:0C:56:A4:32:76:CD:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/umCk2HTZYByBQsNS-AxWpDJ2zUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/28cb5c-298f-4d8b-815b-e5a3778be3ad/1/KiKY0DYvKaWF0eoqogzSNEALuhg.roa
Signing time: Mon 01 Jan 2024 14:30:12 +0000
ROA not before: Mon 01 Jan 2024 14:30:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209185
IP address blocks: 2.58.112.0/24 maxlen: 24
2.58.114.0/24 maxlen: 24
2a09:e440::/40 maxlen: 48
Validation: Failed, certificate revoked on Thu 14 Mar 2024 17:06:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:a5:74:57:d1:d2:fa:90:14:77:19:7d:6d:0f:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba60a4d874d9601c8142c352f80c56a43276cd47
Validity
Not Before: Jan 1 14:30:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2a2298d0362f29a585d1ea2aa20cd234400bba18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:de:56:9b:fc:0a:a0:86:55:9e:82:11:de:78:
d9:41:0a:f7:d6:39:49:15:f8:27:33:c7:fd:2f:07:
62:89:48:10:3e:16:dc:31:4e:8a:1d:77:2e:36:f3:
c7:23:85:f1:0c:e0:7e:83:f4:6e:1f:b7:cd:b9:6c:
e6:d9:1d:ac:ae:4d:70:67:a4:14:e3:48:53:ad:34:
3a:04:6e:7c:d3:58:a2:f5:50:2e:7f:69:7e:9d:9a:
6e:ff:dd:27:66:0e:19:88:93:84:c3:33:d6:80:1c:
44:fa:b9:22:90:cf:14:4c:2b:6d:e7:cf:e8:cf:f7:
9c:63:55:45:c8:b9:f1:eb:49:a5:19:f8:92:18:60:
df:80:a3:f4:72:cd:c4:eb:ea:b7:c3:d6:4c:21:c4:
46:14:02:e0:da:07:b5:a9:2b:1d:ed:74:ae:de:ce:
8d:b1:19:32:1e:08:85:d2:ae:09:4a:df:0b:fb:b2:
bd:38:24:48:c8:34:8d:f4:c2:7f:f5:6e:88:9d:8c:
98:fc:a4:b1:69:55:40:3d:75:44:66:61:e8:4a:eb:
1f:92:48:98:02:a9:ff:42:c1:c0:26:b7:0d:54:85:
52:ab:93:1f:b4:12:f7:08:e7:88:c8:b9:56:62:61:
bf:04:6b:7f:4a:92:ec:cd:56:39:bb:d2:a9:1f:8a:
80:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:22:98:D0:36:2F:29:A5:85:D1:EA:2A:A2:0C:D2:34:40:0B:BA:18
X509v3 Authority Key Identifier:
keyid:BA:60:A4:D8:74:D9:60:1C:81:42:C3:52:F8:0C:56:A4:32:76:CD:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/umCk2HTZYByBQsNS-AxWpDJ2zUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/28cb5c-298f-4d8b-815b-e5a3778be3ad/1/KiKY0DYvKaWF0eoqogzSNEALuhg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/28cb5c-298f-4d8b-815b-e5a3778be3ad/1/umCk2HTZYByBQsNS-AxWpDJ2zUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.112.0/24
2.58.114.0/24
IPv6:
2a09:e440::/40
Signature Algorithm: sha256WithRSAEncryption
76:55:1a:81:56:5a:18:52:e4:ca:0f:51:ba:2e:22:b1:80:dc:
e4:b7:6b:99:e6:0b:cd:af:95:fe:9b:89:60:43:fc:a9:82:5d:
28:a7:1c:a0:d7:05:29:ab:36:f1:a0:67:74:c3:d7:70:bf:6a:
bd:27:ff:ee:c0:06:19:f2:fe:3b:3d:77:98:0f:50:1d:66:d0:
e1:a6:6e:16:62:ca:e2:de:5b:08:a1:70:e0:75:c0:0f:e9:e9:
31:39:ea:1d:39:b1:1e:0e:dd:15:f5:bd:71:72:f4:ff:64:91:
9d:45:16:0a:1f:26:f1:bd:e4:fc:55:d0:20:84:2c:2e:ab:a3:
05:b6:63:ca:cf:21:c8:06:d8:12:a1:26:db:84:5a:4b:0b:ba:
67:29:9d:65:3d:7d:2d:19:8e:fd:ec:30:81:97:62:34:7c:40:
b3:1c:b1:6d:77:af:39:62:22:a8:86:92:8d:60:d3:62:f0:74:
6a:c0:a0:50:f9:ad:d1:bf:ad:7a:fd:5e:b0:ba:ed:d3:ed:d4:
cd:81:a7:1c:46:4b:e6:35:aa:20:7e:b0:dc:06:38:f4:f2:50:
c1:9e:af:4f:3c:55:d7:c6:f5:9b:86:f7:a4:52:af:56:67:68:
c0:ef:5a:a8:6b:e9:bc:3b:36:db:f3:bb:ea:62:fc:e7:84:80:
66:7d:78:a9
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYzFbqV0V9HS+pAUdxl9bQ+ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNjBhNGQ4NzRkOTYwMWM4MTQyYzM1MmY4MGM1NmE0MzI3
NmNkNDcwHhcNMjQwMTAxMTQzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTIyOThkMDM2MmYyOWE1ODVkMWVhMmFhMjBjZDIzNDQwMGJiYTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjd5Wm/wKoIZVnoIR3njZQQr31jlJ
FfgnM8f9LwdiiUgQPhbcMU6KHXcuNvPHI4XxDOB+g/RuH7fNuWzm2R2srk1wZ6QU
40hTrTQ6BG5801ii9VAuf2l+nZpu/90nZg4ZiJOEwzPWgBxE+rkikM8UTCtt58/o
z/ecY1VFyLnx60mlGfiSGGDfgKP0cs3E6+q3w9ZMIcRGFALg2ge1qSsd7XSu3s6N
sRkyHgiF0q4JSt8L+7K9OCRIyDSN9MJ/9W6InYyY/KSxaVVAPXVEZmHoSusfkkiY
Aqn/QsHAJrcNVIVSq5MftBL3COeIyLlWYmG/BGt/SpLszVY5u9KpH4qASQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFCoimNA2LymlhdHqKqIM0jRAC7oYMB8GA1UdIwQY
MBaAFLpgpNh02WAcgULDUvgMVqQyds1HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW1DazJIVFpZQnlCUXNOUy1BeFdwREoyelVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8yOGNiNWMtMjk4Zi00ZDhiLTgxNWIt
ZTVhMzc3OGJlM2FkLzEvS2lLWTBEWXZLYVdGMGVvcW9nelNORUFMdWhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8yOGNiNWMtMjk4Zi00ZDhiLTgxNWItZTVhMzc3OGJlM2Fk
LzEvdW1DazJIVFpZQnlCUXNOUy1BeFdwREoyelVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQAAjpwAwQA
AjpyMA4EAgACMAgDBgAqCeRAADANBgkqhkiG9w0BAQsFAAOCAQEAdlUagVZaGFLk
yg9Rui4isYDc5LdrmeYLza+V/puJYEP8qYJdKKccoNcFKas28aBndMPXcL9qvSf/
7sAGGfL+Oz13mA9QHWbQ4aZuFmLK4t5bCKFw4HXAD+npMTnqHTmxHg7dFfW9cXL0
/2SRnUUWCh8m8b3k/FXQIIQsLqujBbZjys8hyAbYEqEm24RaSwu6ZymdZT19LRmO
/ewwgZdiNHxAsxyxbXevOWIiqIaSjWDTYvB0asCgUPmt0b+tev1esLrt0+3UzYGn
HEZL5jWqIH6w3AY49PJQwZ6vTzxV18b1m4b3pFKvVmdowO9aqGvpvDs22/O76mL8
54SAZn14qQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:08 2024 by rpki-client on console-fra.rpki-client.org