Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/b363cd-5a14-417e-80f5-9215865d37b9/1/scmT1cBX-2Z2viiSTphK-mT8QwY.roa
File: scmT1cBX-2Z2viiSTphK-mT8QwY.roa (raw, json)
Hash identifier: N0EuTQ9cgi3BviB8pwLVmmkzELghXlW5sYCL9shLxEc=
Subject key identifier: B1:C9:93:D5:C0:57:FB:66:76:BE:28:92:4E:98:4A:FA:64:FC:43:06
Certificate issuer: /CN=2c61264467b1a7fef1c51867779e5ad616b619cf
Certificate serial: 018CC5DC3A80A9BF4AE04617FA86A803BEBF
Authority key identifier: 2C:61:26:44:67:B1:A7:FE:F1:C5:18:67:77:9E:5A:D6:16:B6:19:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LGEmRGexp_7xxRhnd55a1ha2Gc8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/b363cd-5a14-417e-80f5-9215865d37b9/1/scmT1cBX-2Z2viiSTphK-mT8QwY.roa
Signing time: Mon 01 Jan 2024 16:29:53 +0000
ROA not before: Mon 01 Jan 2024 16:29:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201006
IP address blocks: 2.58.220.0/22 maxlen: 22
185.89.52.0/22 maxlen: 22
2a05:ce40::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:3a:80:a9:bf:4a:e0:46:17:fa:86:a8:03:be:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c61264467b1a7fef1c51867779e5ad616b619cf
Validity
Not Before: Jan 1 16:29:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b1c993d5c057fb6676be28924e984afa64fc4306
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:ee:ba:3b:f4:8c:7c:3f:ca:43:29:51:7c:98:
11:6f:fc:7a:2e:f3:52:3c:b1:2c:16:e9:f3:9a:33:
b7:17:fa:af:2e:76:95:ff:f2:4b:8f:51:2b:bd:67:
b9:46:78:1a:e9:9e:bc:53:f7:7b:e2:30:2d:72:4d:
b9:66:c1:ad:93:df:59:f6:35:aa:21:32:c5:96:7f:
c2:63:bd:b9:08:09:7f:11:29:b9:74:6d:2b:bf:4a:
7e:bc:36:00:b5:4a:b4:28:ff:be:65:34:56:a0:f9:
b0:9b:27:e1:b7:66:4a:72:68:74:3b:a2:dd:74:cd:
3c:4c:cf:08:9a:6c:31:71:6b:cf:ca:40:83:f2:18:
1f:7d:ad:f2:39:b5:02:f7:cb:e6:cd:09:7c:14:95:
97:80:30:92:8c:cb:c1:26:c1:bb:ef:c0:fa:17:c1:
d8:21:18:f6:00:5e:be:c7:48:42:95:30:20:02:9c:
36:f0:9b:7c:af:86:fe:e3:0d:6c:92:99:25:14:25:
c6:9e:5f:1a:ea:14:3e:98:86:ee:69:49:d6:a2:44:
5e:54:05:89:77:8d:35:b0:9a:02:70:00:3a:89:45:
9c:3d:69:d6:69:fc:0c:01:08:54:96:8d:28:af:16:
bc:1d:96:b7:6b:c2:d9:9b:4c:9f:bd:f2:54:4a:4e:
d7:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:C9:93:D5:C0:57:FB:66:76:BE:28:92:4E:98:4A:FA:64:FC:43:06
X509v3 Authority Key Identifier:
keyid:2C:61:26:44:67:B1:A7:FE:F1:C5:18:67:77:9E:5A:D6:16:B6:19:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LGEmRGexp_7xxRhnd55a1ha2Gc8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/b363cd-5a14-417e-80f5-9215865d37b9/1/scmT1cBX-2Z2viiSTphK-mT8QwY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/b363cd-5a14-417e-80f5-9215865d37b9/1/LGEmRGexp_7xxRhnd55a1ha2Gc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.220.0/22
185.89.52.0/22
IPv6:
2a05:ce40::/29
Signature Algorithm: sha256WithRSAEncryption
bf:27:66:20:f9:6c:c2:d5:f7:06:96:6f:b2:78:34:af:c7:4c:
70:db:46:cc:af:65:09:3d:a3:2b:ed:d4:99:65:e3:c0:66:1c:
86:df:d2:f1:ed:c5:00:c7:e6:03:fb:0a:57:7c:f7:91:d2:b6:
f9:31:58:3b:62:6b:13:d9:1a:31:ae:76:33:1f:b8:e3:89:19:
01:bd:16:bd:ce:d7:ba:42:15:63:78:d5:e6:9f:73:3e:ae:ed:
06:4a:c8:e0:e1:d2:b4:86:bd:19:4c:a3:4a:95:63:de:b7:9f:
7d:21:db:1c:8a:c8:bf:62:aa:04:13:ac:4a:50:62:a4:c2:9e:
23:04:b7:43:05:53:4a:53:6a:0e:ac:72:07:7a:b5:cb:72:05:
06:e1:8f:d3:24:33:14:9a:25:7b:4d:ce:e7:1b:97:2e:4e:05:
97:93:f9:63:50:0b:ba:6f:f3:80:23:46:47:3e:55:2f:0a:c1:
13:61:32:0f:28:17:f8:43:36:eb:97:75:ad:be:1e:63:72:d2:
ac:4a:41:9f:cb:4c:ff:99:7b:09:96:e1:74:de:ca:2c:65:85:
49:03:98:d2:b1:22:5c:ab:2b:d2:45:1a:27:99:e1:ea:78:c2:
00:d2:3f:b0:c5:6a:29:38:42:b4:d9:09:d6:17:77:df:f3:8a:
bf:8b:64:f3
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzF3DqAqb9K4EYX+oaoA76/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjNjEyNjQ0NjdiMWE3ZmVmMWM1MTg2Nzc3OWU1YWQ2MTZi
NjE5Y2YwHhcNMjQwMTAxMTYyOTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWM5OTNkNWMwNTdmYjY2NzZiZTI4OTI0ZTk4NGFmYTY0ZmM0MzA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+66O/SMfD/KQylRfJgRb/x6LvNS
PLEsFunzmjO3F/qvLnaV//JLj1ErvWe5Rnga6Z68U/d74jAtck25ZsGtk99Z9jWq
ITLFln/CY725CAl/ESm5dG0rv0p+vDYAtUq0KP++ZTRWoPmwmyfht2ZKcmh0O6Ld
dM08TM8ImmwxcWvPykCD8hgffa3yObUC98vmzQl8FJWXgDCSjMvBJsG778D6F8HY
IRj2AF6+x0hClTAgApw28Jt8r4b+4w1skpklFCXGnl8a6hQ+mIbuaUnWokReVAWJ
d401sJoCcAA6iUWcPWnWafwMAQhUlo0orxa8HZa3a8LZm0yfvfJUSk7XuQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLHJk9XAV/tmdr4okk6YSvpk/EMGMB8GA1UdIwQY
MBaAFCxhJkRnsaf+8cUYZ3eeWtYWthnPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEdFbVJHZXhwXzd4eFJobmQ1NWExaGEyR2M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9iMzYzY2QtNWExNC00MTdlLTgwZjUt
OTIxNTg2NWQzN2I5LzEvc2NtVDFjQlgtMloydmlpU1RwaEstbVQ4UXdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9iMzYzY2QtNWExNC00MTdlLTgwZjUtOTIxNTg2NWQzN2I5
LzEvTEdFbVJHZXhwXzd4eFJobmQ1NWExaGEyR2M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCAjrcAwQC
uVk0MA0EAgACMAcDBQMqBc5AMA0GCSqGSIb3DQEBCwUAA4IBAQC/J2Yg+WzC1fcG
lm+yeDSvx0xw20bMr2UJPaMr7dSZZePAZhyG39Lx7cUAx+YD+wpXfPeR0rb5MVg7
YmsT2RoxrnYzH7jjiRkBvRa9zte6QhVjeNXmn3M+ru0GSsjg4dK0hr0ZTKNKlWPe
t599Idscisi/YqoEE6xKUGKkwp4jBLdDBVNKU2oOrHIHerXLcgUG4Y/TJDMUmiV7
Tc7nG5cuTgWXk/ljUAu6b/OAI0ZHPlUvCsETYTIPKBf4Qzbrl3Wtvh5jctKsSkGf
y0z/mXsJluF03sosZYVJA5jSsSJcqyvSRRonmeHqeMIA0j+wxWopOEK02QnWF3ff
84q/i2Tz
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:56:00 2025 by rpki-client