Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/28cb5c-298f-4d8b-815b-e5a3778be3ad/1/eseJaBfwSFunx3B0AOWe549dFW0.roa
File: eseJaBfwSFunx3B0AOWe549dFW0.roa (raw, json)
Hash identifier: jywQW9G5jXSzAdR9suJQUMhsqlu8Yy2UkpJhFJfAVds=
Subject key identifier: 7A:C7:89:68:17:F0:48:5B:A7:C7:70:74:00:E5:9E:E7:8F:5D:15:6D
Certificate issuer: /CN=ba60a4d874d9601c8142c352f80c56a43276cd47
Certificate serial: 018B62562A9CE88A8134D40581CC26CB0889
Authority key identifier: BA:60:A4:D8:74:D9:60:1C:81:42:C3:52:F8:0C:56:A4:32:76:CD:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/umCk2HTZYByBQsNS-AxWpDJ2zUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/28cb5c-298f-4d8b-815b-e5a3778be3ad/1/eseJaBfwSFunx3B0AOWe549dFW0.roa
Signing time: Tue 24 Oct 2023 15:38:16 +0000
ROA not before: Tue 24 Oct 2023 15:38:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209185
IP address blocks: 2.58.112.0/24 maxlen: 24
2.58.114.0/24 maxlen: 24
2a09:e440::/40 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:30:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:62:56:2a:9c:e8:8a:81:34:d4:05:81:cc:26:cb:08:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba60a4d874d9601c8142c352f80c56a43276cd47
Validity
Not Before: Oct 24 15:38:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7ac7896817f0485ba7c7707400e59ee78f5d156d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:9d:15:d8:b2:cb:7e:1d:8d:35:6d:64:fb:cc:
9c:f8:5c:38:4f:d2:ef:ca:9f:d0:eb:5a:01:5d:bc:
bd:bc:12:a4:fd:2f:07:32:08:7d:0b:e1:23:98:6b:
43:1b:61:25:50:69:83:ff:08:05:e8:7e:e8:4d:89:
eb:3b:31:5a:6c:c5:e6:d6:41:82:65:05:57:6b:4b:
1b:66:14:16:69:16:ba:3a:12:f6:fe:8d:de:f8:ee:
15:32:81:7e:59:73:14:09:44:f1:cb:e0:ca:ce:8b:
c2:f7:65:eb:8c:d7:05:65:98:6f:64:ff:a5:27:21:
e4:27:7a:a1:6d:c9:2a:42:16:e2:9d:ef:4c:cb:04:
ed:84:ae:bd:f6:5a:d2:e5:eb:f1:07:b3:1d:e4:e7:
62:38:ea:19:3f:a9:c6:84:3e:c7:7f:ab:ae:d2:ce:
9b:cc:6c:89:46:19:06:fd:f7:60:bd:10:6d:e6:53:
25:1c:92:5f:3f:dc:41:de:61:a6:9f:7b:f0:14:b2:
72:92:5d:7c:ba:0d:ec:f7:98:91:73:bd:85:d2:c7:
cd:3e:9d:8b:21:f2:e0:ab:5a:fa:68:71:d2:9e:5e:
47:49:bc:2d:e2:33:5e:65:c2:51:32:51:d2:9a:6a:
dc:27:56:a1:a2:6a:71:89:8f:3b:01:09:95:27:de:
18:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:C7:89:68:17:F0:48:5B:A7:C7:70:74:00:E5:9E:E7:8F:5D:15:6D
X509v3 Authority Key Identifier:
keyid:BA:60:A4:D8:74:D9:60:1C:81:42:C3:52:F8:0C:56:A4:32:76:CD:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/umCk2HTZYByBQsNS-AxWpDJ2zUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/28cb5c-298f-4d8b-815b-e5a3778be3ad/1/eseJaBfwSFunx3B0AOWe549dFW0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/28cb5c-298f-4d8b-815b-e5a3778be3ad/1/umCk2HTZYByBQsNS-AxWpDJ2zUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.112.0/24
2.58.114.0/24
IPv6:
2a09:e440::/40
Signature Algorithm: sha256WithRSAEncryption
a1:70:1d:e2:60:65:fb:9a:1d:3f:f3:8d:60:63:a6:b6:3b:b7:
45:0f:42:bb:1b:e7:18:18:65:ce:98:dc:cd:d0:76:43:d3:10:
9c:6b:d8:84:ee:04:40:23:1a:52:82:3e:45:27:3c:6c:00:ad:
5d:13:be:07:09:76:98:66:b5:91:3b:43:82:cd:aa:e1:ce:91:
92:9a:eb:31:07:6c:ea:98:90:8c:22:53:37:0b:99:53:6c:ee:
a7:9f:62:20:d9:9d:7b:ff:3d:33:ba:8d:bb:34:f1:33:aa:c9:
6e:f4:01:42:da:cc:ed:43:e1:ad:37:23:12:9a:1e:1c:67:eb:
99:46:d7:e5:2a:4a:3b:88:48:3e:5a:4e:dc:9c:da:6b:71:57:
98:b6:be:7a:46:b7:b4:eb:3a:43:e3:c1:79:97:9f:5b:9f:82:
0a:49:bb:2b:8d:ef:10:fa:d3:21:8f:5e:c6:d0:45:95:56:36:
9e:eb:b1:6e:8a:c8:5f:77:2f:bb:9b:d5:02:0b:c4:6e:5f:6e:
db:fa:0f:34:ec:8e:27:10:e1:09:e2:c8:e8:8c:04:c9:be:5a:
57:83:cd:ed:93:7f:32:71:80:d2:b6:0f:16:96:08:12:6b:af:
c5:cd:e2:44:6b:b1:8c:24:e5:75:b8:0d:ed:97:67:70:85:9c:
0c:15:a8:5a
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYtiViqc6IqBNNQFgcwmywiJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNjBhNGQ4NzRkOTYwMWM4MTQyYzM1MmY4MGM1NmE0MzI3
NmNkNDcwHhcNMjMxMDI0MTUzODE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWM3ODk2ODE3ZjA0ODViYTdjNzcwNzQwMGU1OWVlNzhmNWQxNTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj50V2LLLfh2NNW1k+8yc+Fw4T9Lv
yp/Q61oBXby9vBKk/S8HMgh9C+EjmGtDG2ElUGmD/wgF6H7oTYnrOzFabMXm1kGC
ZQVXa0sbZhQWaRa6OhL2/o3e+O4VMoF+WXMUCUTxy+DKzovC92XrjNcFZZhvZP+l
JyHkJ3qhbckqQhbine9MywTthK699lrS5evxB7Md5OdiOOoZP6nGhD7Hf6uu0s6b
zGyJRhkG/fdgvRBt5lMlHJJfP9xB3mGmn3vwFLJykl18ug3s95iRc72F0sfNPp2L
IfLgq1r6aHHSnl5HSbwt4jNeZcJRMlHSmmrcJ1ahompxiY87AQmVJ94YZQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFHrHiWgX8Ehbp8dwdADlnuePXRVtMB8GA1UdIwQY
MBaAFLpgpNh02WAcgULDUvgMVqQyds1HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW1DazJIVFpZQnlCUXNOUy1BeFdwREoyelVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8yOGNiNWMtMjk4Zi00ZDhiLTgxNWIt
ZTVhMzc3OGJlM2FkLzEvZXNlSmFCZndTRnVueDNCMEFPV2U1NDlkRlcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8yOGNiNWMtMjk4Zi00ZDhiLTgxNWItZTVhMzc3OGJlM2Fk
LzEvdW1DazJIVFpZQnlCUXNOUy1BeFdwREoyelVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQAAjpwAwQA
AjpyMA4EAgACMAgDBgAqCeRAADANBgkqhkiG9w0BAQsFAAOCAQEAoXAd4mBl+5od
P/ONYGOmtju3RQ9CuxvnGBhlzpjczdB2Q9MQnGvYhO4EQCMaUoI+RSc8bACtXRO+
Bwl2mGa1kTtDgs2q4c6RkprrMQds6piQjCJTNwuZU2zup59iINmde/89M7qNuzTx
M6rJbvQBQtrM7UPhrTcjEpoeHGfrmUbX5SpKO4hIPlpO3Jzaa3FXmLa+eka3tOs6
Q+PBeZefW5+CCkm7K43vEPrTIY9extBFlVY2nuuxborIX3cvu5vVAgvEbl9u2/oP
NOyOJxDhCeLI6IwEyb5aV4PN7ZN/MnGA0rYPFpYIEmuvxc3iRGuxjCTldbgN7Zdn
cIWcDBWoWg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:03 2024 by rpki-client on console-ams.rpki-client.org