Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/RSaQ5MmF9byHcfQXWnqRmjVzRaA.roa
File: RSaQ5MmF9byHcfQXWnqRmjVzRaA.roa (raw, json)
Hash identifier: UFSLhXdOLmqSRer0pq36SD8C3cbyjGG0iTVtcoirE4A=
Subject key identifier: 45:26:90:E4:C9:85:F5:BC:87:71:F4:17:5A:7A:91:9A:35:73:45:A0
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 018CC64AE2722F09FE0FC5D189B6C18D366E
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/RSaQ5MmF9byHcfQXWnqRmjVzRaA.roa
Signing time: Mon 01 Jan 2024 18:30:45 +0000
ROA not before: Mon 01 Jan 2024 18:30:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197071
IP address blocks: 2.58.54.0/24 maxlen: 24
2a00:f826:4::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 02 Mar 2024 18:18:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:e2:72:2f:09:fe:0f:c5:d1:89:b6:c1:8d:36:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Jan 1 18:30:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=452690e4c985f5bc8771f4175a7a919a357345a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:dc:86:38:e3:a0:2f:b0:7d:6b:82:92:0d:67:
c3:10:20:a7:bc:49:54:75:10:bd:6d:16:1a:de:68:
c1:b8:6c:4a:6c:6a:ce:74:ba:9e:f1:ad:7c:db:15:
02:bc:f5:29:65:21:a2:d1:54:cf:ab:f2:68:42:aa:
9f:fb:78:2c:78:84:9a:7b:32:32:dc:68:9c:32:77:
1f:ba:dd:68:6f:9d:65:7a:6f:a7:c1:69:30:c0:e9:
a2:79:00:09:d6:dd:ee:e9:90:e6:53:38:28:83:47:
e3:37:50:ad:fb:e6:55:89:56:6e:87:54:0a:7c:0d:
35:d2:10:02:36:ef:13:13:07:0c:3f:ee:62:bd:e2:
64:a8:21:c2:80:28:7a:53:fa:83:4c:e1:d8:1a:71:
76:1d:b2:7c:7e:e7:48:ef:0e:bc:0b:80:2e:93:4e:
8c:f9:ed:d0:a9:0a:6c:2d:85:e1:19:2e:f7:da:1b:
34:7e:5f:ff:f3:07:6c:f4:e5:0f:c0:8e:4a:ca:33:
5d:94:f6:59:aa:20:26:4a:a0:5b:70:ee:c8:0e:b3:
08:2a:75:4e:fc:cc:fa:19:4b:5c:1b:5e:6a:6a:6f:
09:e9:82:c3:c0:39:94:9d:4f:62:0c:f2:ed:ac:82:
61:6b:84:2f:75:13:07:1d:1b:18:da:76:4d:7a:30:
79:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:26:90:E4:C9:85:F5:BC:87:71:F4:17:5A:7A:91:9A:35:73:45:A0
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/RSaQ5MmF9byHcfQXWnqRmjVzRaA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.54.0/24
IPv6:
2a00:f826:4::/48
Signature Algorithm: sha256WithRSAEncryption
01:79:f4:ee:6d:da:2b:7a:3a:b6:b1:59:80:28:07:7a:42:d0:
aa:c2:ff:a2:51:16:a2:f7:cb:9a:b8:29:9c:c1:87:25:bb:dc:
fc:92:e7:c3:66:30:54:b1:8f:e2:38:cc:4e:c3:f0:51:ac:7f:
a5:46:27:e4:ec:66:b0:05:b0:81:d2:28:bb:07:ba:52:4d:6e:
6c:f4:50:78:a7:81:b7:38:9d:4f:97:0c:9c:91:c8:df:68:89:
1d:09:d3:de:af:a7:67:88:c4:d1:03:8c:df:f5:77:9b:8e:ad:
d9:70:b5:90:1a:4f:c8:ac:03:3a:3f:50:8a:65:a8:04:e3:22:
7d:68:ba:54:0c:bc:68:c1:4e:a6:fb:23:75:fe:b4:a0:58:83:
04:63:65:1b:6a:28:f5:21:e7:61:81:4b:db:66:57:c6:d7:b5:
02:1d:5d:5f:c8:34:bc:6a:1e:76:4b:d9:c1:96:f9:4e:bd:b1:
d0:c4:53:cb:96:73:85:e3:d5:19:38:0a:8f:3a:cb:21:02:ae:
04:6b:14:6e:a0:f6:7f:f1:24:7e:7b:f5:9b:5f:e4:7b:1b:7f:
9f:ba:3e:35:0b:45:3b:bd:90:85:55:07:46:40:bd:f3:5a:d7:
2a:05:35:9e:b4:0a:df:de:75:aa:01:ee:08:0d:d5:bd:bd:76:
88:2e:15:35
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzGSuJyLwn+D8XRibbBjTZuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjQwMTAxMTgzMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTI2OTBlNGM5ODVmNWJjODc3MWY0MTc1YTdhOTE5YTM1NzM0NWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsdyGOOOgL7B9a4KSDWfDECCnvElU
dRC9bRYa3mjBuGxKbGrOdLqe8a182xUCvPUpZSGi0VTPq/JoQqqf+3gseISaezIy
3GicMncfut1ob51lem+nwWkwwOmieQAJ1t3u6ZDmUzgog0fjN1Ct++ZViVZuh1QK
fA010hACNu8TEwcMP+5iveJkqCHCgCh6U/qDTOHYGnF2HbJ8fudI7w68C4Auk06M
+e3QqQpsLYXhGS732hs0fl//8wds9OUPwI5KyjNdlPZZqiAmSqBbcO7IDrMIKnVO
/Mz6GUtcG15qam8J6YLDwDmUnU9iDPLtrIJha4QvdRMHHRsY2nZNejB5ZwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEUmkOTJhfW8h3H0F1p6kZo1c0WgMB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvUlNhUTVNbUY5YnlIY2ZRWFducVJtalZ6UmFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAAjo2MA8E
AgACMAkDBwAqAPgmAAQwDQYJKoZIhvcNAQELBQADggEBAAF59O5t2it6OraxWYAo
B3pC0KrC/6JRFqL3y5q4KZzBhyW73PyS58NmMFSxj+I4zE7D8FGsf6VGJ+TsZrAF
sIHSKLsHulJNbmz0UHingbc4nU+XDJyRyN9oiR0J096vp2eIxNEDjN/1d5uOrdlw
tZAaT8isAzo/UIplqATjIn1oulQMvGjBTqb7I3X+tKBYgwRjZRtqKPUh52GBS9tm
V8bXtQIdXV/INLxqHnZL2cGW+U69sdDEU8uWc4Xj1Rk4Co86yyECrgRrFG6g9n/x
JH579Ztf5Hsbf5+6PjULRTu9kIVVB0ZAvfNa1yoFNZ60Ct/edaoB7ggN1b29dogu
FTU=
-----END CERTIFICATE-----
Generated at Sat Mar 2 20:38:36 2024 by rpki-client on console-fra.rpki-client.org