Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/zQhQymCLBOiPArvsnaQVSHCTNSU.roa
File: zQhQymCLBOiPArvsnaQVSHCTNSU.roa (raw, json)
Hash identifier: flnQ+IZm7anq1clN1s4L5xhFV1S6rU0bvUPQZ5acVmk=
Subject key identifier: CD:08:50:CA:60:8B:04:E8:8F:02:BB:EC:9D:A4:15:48:70:93:35:25
Certificate issuer: /CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Certificate serial: 01942827F235B020CDD944500CBF33D0E159
Authority key identifier: 93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/zQhQymCLBOiPArvsnaQVSHCTNSU.roa
Signing time: Thu 02 Jan 2025 17:54:54 +0000
ROA not before: Thu 02 Jan 2025 17:54:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212335
IP address blocks: 2.58.233.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 22 Mar 2025 08:11:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:f2:35:b0:20:cd:d9:44:50:0c:bf:33:d0:e1:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Validity
Not Before: Jan 2 17:54:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cd0850ca608b04e88f02bbec9da4154870933525
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:51:5a:a6:52:23:51:e3:5e:ce:53:44:76:f3:
70:51:93:70:ef:35:8f:75:0e:4d:37:37:87:03:ef:
8e:46:b0:e8:0d:2d:e5:09:b9:5b:ad:b8:0b:d3:84:
99:7e:51:50:1d:ea:6e:c9:3a:e8:1b:23:a2:93:0b:
0c:40:28:0f:a7:96:64:c1:ea:da:98:4f:3e:98:11:
05:c4:13:c2:a8:44:77:b6:bd:6e:59:f4:2d:ec:8a:
97:8f:e1:40:40:9e:71:3a:83:da:7e:10:90:a1:fa:
44:61:7f:22:cc:5f:d4:4a:31:de:94:03:8d:47:7c:
74:13:76:8d:77:13:12:12:00:3d:89:97:de:cd:44:
69:29:6e:9c:04:c8:e7:ff:25:bc:9b:39:31:cc:e8:
ef:4b:bc:a7:78:b5:50:12:18:52:0a:b5:cc:52:e6:
ca:27:a8:5b:04:02:71:82:ae:fe:1d:fd:f7:75:5d:
f0:ee:f2:df:5e:56:7e:fa:cc:cf:ed:14:56:30:48:
b5:43:40:56:e0:e5:47:f0:2c:b7:b1:ae:f3:6c:19:
a0:a5:ec:b9:4d:a9:81:42:c6:d8:7c:9b:2f:ad:42:
d1:e4:9d:7b:cd:f8:5f:19:46:4c:e4:13:fa:1f:fb:
ff:40:70:96:08:68:cb:27:26:1a:0b:cc:64:88:03:
13:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:08:50:CA:60:8B:04:E8:8F:02:BB:EC:9D:A4:15:48:70:93:35:25
X509v3 Authority Key Identifier:
keyid:93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/zQhQymCLBOiPArvsnaQVSHCTNSU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.233.0/24
Signature Algorithm: sha256WithRSAEncryption
89:0f:e9:54:a8:d7:d6:71:34:52:7f:29:c8:b8:e3:8d:ea:4a:
33:6c:43:ec:93:e6:dc:b2:b7:6d:19:6c:ab:35:49:b1:e9:25:
96:fa:64:66:58:5f:80:80:9e:73:20:e6:52:20:72:96:0a:9b:
6e:86:53:c4:06:cc:a1:0e:e4:19:e8:bd:cf:f7:ed:5c:b9:19:
7b:5c:b7:3b:65:cd:2d:dd:54:39:9d:e0:ce:fa:68:fe:c9:27:
cd:79:47:c2:ff:2b:c5:fd:8d:53:3f:7c:4c:81:e8:a9:83:c1:
1d:47:12:58:26:ef:c8:ed:cc:0f:e0:90:75:31:97:40:c9:8b:
86:38:c3:a6:fd:c2:15:9f:d9:43:4f:b7:5c:42:01:64:5f:e2:
ca:bd:0f:e6:e7:73:94:45:c3:50:7b:38:90:ae:ca:c8:ae:5f:
f9:15:17:8c:62:c1:e0:6c:c6:8e:cd:f1:06:63:ac:48:2d:fa:
af:6d:44:ec:89:7f:8f:b3:20:d7:9b:05:63:4d:6d:f6:25:9c:
2c:fd:a1:66:2d:9c:84:a7:88:95:30:12:b9:4c:a8:e9:c6:82:
9c:e1:bf:03:f5:08:e9:06:ff:fb:58:93:7d:b0:e1:f7:11:f5:
c7:c5:f7:6d:0a:d0:1d:21:17:bf:bc:05:9e:ba:ab:81:25:ba:
a8:fa:d2:40
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJ/I1sCDN2URQDL8z0OFZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjc3ZDdjYjkyNzFjZTM2MTI1NmU5ODMzY2M3YjE0ZmQw
MjNlYmUwHhcNMjUwMTAyMTc1NDU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDA4NTBjYTYwOGIwNGU4OGYwMmJiZWM5ZGE0MTU0ODcwOTMzNTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvVFaplIjUeNezlNEdvNwUZNw7zWP
dQ5NNzeHA++ORrDoDS3lCblbrbgL04SZflFQHepuyTroGyOikwsMQCgPp5Zkwera
mE8+mBEFxBPCqER3tr1uWfQt7IqXj+FAQJ5xOoPafhCQofpEYX8izF/USjHelAON
R3x0E3aNdxMSEgA9iZfezURpKW6cBMjn/yW8mzkxzOjvS7yneLVQEhhSCrXMUubK
J6hbBAJxgq7+Hf33dV3w7vLfXlZ++szP7RRWMEi1Q0BW4OVH8Cy3sa7zbBmgpey5
TamBQsbYfJsvrULR5J17zfhfGUZM5BP6H/v/QHCWCGjLJyYaC8xkiAMT3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM0IUMpgiwTojwK77J2kFUhwkzUlMB8GA1UdIwQY
MBaAFJNnfXy5JxzjYSVumDPMexT9Aj6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYt
OTlhY2I5OWNlNzU0LzEvelFoUXltQ0xCT2lQQXJ2c25hUVZTSENUTlNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYtOTlhY2I5OWNlNzU0
LzEvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAjrpMA0G
CSqGSIb3DQEBCwUAA4IBAQCJD+lUqNfWcTRSfynIuOON6kozbEPsk+bcsrdtGWyr
NUmx6SWW+mRmWF+AgJ5zIOZSIHKWCptuhlPEBsyhDuQZ6L3P9+1cuRl7XLc7Zc0t
3VQ5neDO+mj+ySfNeUfC/yvF/Y1TP3xMgeipg8EdRxJYJu/I7cwP4JB1MZdAyYuG
OMOm/cIVn9lDT7dcQgFkX+LKvQ/m53OURcNQeziQrsrIrl/5FReMYsHgbMaOzfEG
Y6xILfqvbUTsiX+PsyDXmwVjTW32JZws/aFmLZyEp4iVMBK5TKjpxoKc4b8D9Qjp
Bv/7WJN9sOH3EfXHxfdtCtAdIRe/vAWeuquBJbqo+tJA
-----END CERTIFICATE-----
Generated at Wed Apr 9 01:04:58 2025 by rpki-client