Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/fSX7DbUqzMSwHJvZ_A5lx_uVMbA.roa
File: fSX7DbUqzMSwHJvZ_A5lx_uVMbA.roa (raw, json)
Hash identifier: an+0o/5nIvc3OkMnt9tFuZZHl3CTaSWBPBHy1XBh3NQ=
Subject key identifier: 7D:25:FB:0D:B5:2A:CC:C4:B0:1C:9B:D9:FC:0E:65:C7:FB:95:31:B0
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 018570FBCBF0B60E5BE9B73747CA0B17E71A
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/fSX7DbUqzMSwHJvZ_A5lx_uVMbA.roa
Signing time: Mon 02 Jan 2023 05:37:07 +0000
ROA not before: Mon 02 Jan 2023 05:37:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207732
IP address blocks: 2.58.55.0/24 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fb:cb:f0:b6:0e:5b:e9:b7:37:47:ca:0b:17:e7:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Jan 2 05:37:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7d25fb0db52accc4b01c9bd9fc0e65c7fb9531b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:06:07:bf:26:be:49:64:82:71:29:a3:bb:95:
ed:b7:3f:89:2e:78:0d:de:5e:1a:af:c7:9f:bf:7a:
e7:63:24:19:cc:c1:28:32:46:96:e6:9f:2b:d2:3e:
63:4c:85:e9:df:f0:08:18:e6:d0:67:4a:cc:d1:96:
0d:64:63:c3:37:69:f1:84:a0:f8:fe:bb:2d:c1:67:
3c:8c:16:7a:65:2e:53:af:40:96:75:3d:51:9b:b3:
82:2a:d8:4d:29:f0:47:ba:e6:85:64:ad:0a:49:a0:
a7:f2:f9:25:51:33:14:19:a8:d9:95:81:37:09:33:
60:c1:ed:4f:f6:b7:1a:b1:55:b7:ef:d0:df:03:90:
0f:c9:6f:af:9e:b9:63:86:dd:d0:0b:5f:80:63:ab:
e6:a7:d6:78:72:e9:ba:37:49:90:d3:14:26:11:e8:
b8:4f:b7:4f:a8:bc:a6:86:9a:5c:8e:8e:57:64:68:
e5:96:ae:54:ef:a4:f2:59:1c:f5:64:3e:fe:91:bf:
d3:80:67:b5:a7:33:75:59:6e:1d:ad:48:6e:37:14:
55:49:f9:32:34:3a:a7:97:5f:6e:c2:bf:85:d3:a6:
d4:59:18:84:88:ee:c9:7a:13:fc:97:32:e1:3c:87:
e4:db:08:54:dd:51:1a:ab:4a:f1:47:e1:ee:b9:2d:
b8:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:25:FB:0D:B5:2A:CC:C4:B0:1C:9B:D9:FC:0E:65:C7:FB:95:31:B0
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/fSX7DbUqzMSwHJvZ_A5lx_uVMbA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.55.0/24
Signature Algorithm: sha256WithRSAEncryption
07:72:c9:fa:96:06:00:4b:e9:a8:00:9a:ae:85:93:b6:cb:71:
1e:df:33:67:fb:34:4d:60:da:cd:08:6c:98:9d:94:7c:3e:77:
90:7f:90:76:a6:23:b3:05:87:ca:94:e0:fc:0a:f8:52:ed:f6:
be:8f:83:ff:9f:67:ba:04:7e:d3:65:70:be:59:0d:96:0c:56:
f3:37:b0:b6:17:97:a9:ab:bb:7d:93:99:f1:4b:dd:8c:72:e9:
99:ce:a1:56:29:84:bf:07:03:64:d2:d6:d4:d0:a1:18:4c:13:
68:3e:ab:ba:d3:6d:12:7a:3a:9a:ac:cd:cc:bd:c6:52:5e:cc:
88:ad:da:df:df:10:5a:8e:1c:0f:26:98:90:8e:c8:52:74:25:
f9:ae:80:5b:9d:75:65:fb:b7:0d:87:5a:07:3d:83:e1:ed:23:
17:75:42:e9:5b:81:de:60:d7:1f:8f:8a:0d:b2:ae:67:46:0e:
9b:0c:02:16:94:a7:76:96:20:92:59:c0:0e:8c:d9:fd:77:41:
e5:6f:22:7e:67:c4:1d:e1:38:5e:a5:97:a1:57:77:aa:2c:b8:
55:98:ea:33:86:92:fe:a1:31:e5:be:d4:e7:d4:27:75:77:f4:
6e:ec:2a:b2:5b:2a:16:bb:d2:f4:28:17:f0:43:e6:ab:df:d3:
61:55:52:ae
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw+8vwtg5b6bc3R8oLF+caMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjMwMTAyMDUzNzA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDI1ZmIwZGI1MmFjY2M0YjAxYzliZDlmYzBlNjVjN2ZiOTUzMWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQYHvya+SWSCcSmju5Xttz+JLngN
3l4ar8efv3rnYyQZzMEoMkaW5p8r0j5jTIXp3/AIGObQZ0rM0ZYNZGPDN2nxhKD4
/rstwWc8jBZ6ZS5Tr0CWdT1Rm7OCKthNKfBHuuaFZK0KSaCn8vklUTMUGajZlYE3
CTNgwe1P9rcasVW379DfA5APyW+vnrljht3QC1+AY6vmp9Z4cum6N0mQ0xQmEei4
T7dPqLymhppcjo5XZGjllq5U76TyWRz1ZD7+kb/TgGe1pzN1WW4drUhuNxRVSfky
NDqnl19uwr+F06bUWRiEiO7JehP8lzLhPIfk2whU3VEaq0rxR+HuuS24VwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH0l+w21KszEsByb2fwOZcf7lTGwMB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvZlNYN0RiVXF6TVN3SEp2Wl9BNWx4X3VWTWJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAjo3MA0G
CSqGSIb3DQEBCwUAA4IBAQAHcsn6lgYAS+moAJquhZO2y3Ee3zNn+zRNYNrNCGyY
nZR8PneQf5B2piOzBYfKlOD8CvhS7fa+j4P/n2e6BH7TZXC+WQ2WDFbzN7C2F5ep
q7t9k5nxS92McumZzqFWKYS/BwNk0tbU0KEYTBNoPqu6020SejqarM3MvcZSXsyI
rdrf3xBajhwPJpiQjshSdCX5roBbnXVl+7cNh1oHPYPh7SMXdULpW4HeYNcfj4oN
sq5nRg6bDAIWlKd2liCSWcAOjNn9d0HlbyJ+Z8Qd4ThepZehV3eqLLhVmOozhpL+
oTHlvtTn1Cd1d/Ru7CqyWyoWu9L0KBfwQ+ar39NhVVKu
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:28:19 2024 by rpki-client on console-fra.rpki-client.org