Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/qk-IdJtExzRkZU1MfFNtIPUfCYY.roa
File: qk-IdJtExzRkZU1MfFNtIPUfCYY.roa (raw, json)
Hash identifier: 3YY5L7gWH+6NCMPeYyih6LFQ6TnK2r4sZEJkqjec7Rk=
Subject key identifier: AA:4F:88:74:9B:44:C7:34:64:65:4D:4C:7C:53:6D:20:F5:1F:09:86
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 019372046308D2455D42FB91E709253E3EF0
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/qk-IdJtExzRkZU1MfFNtIPUfCYY.roa
Signing time: Thu 28 Nov 2024 09:05:10 +0000
ROA not before: Thu 28 Nov 2024 09:05:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 136557
IP address blocks: 2.58.170.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:72:04:63:08:d2:45:5d:42:fb:91:e7:09:25:3e:3e:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Nov 28 09:05:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aa4f88749b44c73464654d4c7c536d20f51f0986
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:82:a3:35:25:2c:81:66:b4:ac:a4:6e:f9:64:
7a:b6:7d:2a:40:a2:9d:c4:46:ef:11:7f:d3:63:d5:
c0:0f:e9:9c:09:60:05:b1:1c:c3:cf:9d:c5:44:c3:
69:d7:75:fa:c2:53:79:cc:3d:6a:11:5e:ca:c9:da:
ca:2d:2f:bc:c2:4a:14:39:55:dd:d3:85:5e:21:a7:
1f:b8:6e:68:0d:7a:0e:75:4d:10:e3:e1:d8:52:46:
73:f1:87:84:af:b6:af:f7:b2:c8:c2:39:c9:0f:1e:
5f:95:54:35:13:4d:c2:af:21:f1:76:fd:83:7c:83:
c9:2c:f0:d8:11:7f:cc:c7:99:7e:5d:c8:a9:c1:b6:
00:0e:43:b2:80:41:26:04:cf:97:85:2a:54:a3:75:
f2:bd:ed:f6:81:91:ad:65:ab:9d:8c:c8:77:a0:b1:
ae:29:ab:8b:48:b1:2f:3a:b8:b7:24:f8:27:68:9f:
58:30:1d:c7:85:a3:ee:fd:1b:59:1a:71:a3:f7:b2:
03:9f:71:5e:02:0c:2d:ad:dd:0e:04:10:df:f9:7a:
a4:ad:42:d6:a3:ed:0e:5c:37:dd:89:79:57:5b:06:
69:95:c6:22:8a:19:c5:a1:aa:7d:2f:e0:96:8f:88:
a4:76:65:93:7e:a5:61:9b:11:8a:02:50:30:d7:ec:
ad:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:4F:88:74:9B:44:C7:34:64:65:4D:4C:7C:53:6D:20:F5:1F:09:86
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/qk-IdJtExzRkZU1MfFNtIPUfCYY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.170.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:04:44:6f:dc:9c:b7:3a:3a:e6:25:ba:80:ab:ee:c7:78:a1:
72:84:61:7c:b0:66:8e:85:15:3c:ac:a2:dd:63:40:d7:98:d0:
b8:e2:3c:93:ad:2a:68:44:11:13:38:81:51:e6:e1:0d:7e:dd:
b0:fa:b4:ad:97:d3:32:22:4e:d4:e1:12:75:e8:a4:9f:8c:be:
27:f5:dc:97:60:5f:e9:88:9b:58:44:18:82:20:7e:b7:30:88:
87:0b:6c:eb:1c:1c:ff:9c:c1:f1:bc:5d:aa:ad:b4:83:0c:a7:
02:c9:50:e9:0c:73:0e:d8:1b:a8:b1:fe:04:da:e3:45:34:22:
59:fc:83:27:cf:0a:86:3b:8d:fa:93:26:bb:13:87:ae:df:95:
f9:12:d5:39:36:c2:f4:d4:96:97:da:67:9d:b0:38:61:38:11:
54:a6:d6:ef:45:2c:61:df:a5:38:b1:ce:ca:e1:d9:88:da:c9:
8b:40:58:0d:43:6a:ac:ba:36:f8:e8:21:78:7b:50:a9:38:d4:
e4:da:59:85:f9:e7:5b:7e:fd:63:7b:07:0e:a2:1a:50:ca:f4:
61:af:41:34:ff:c6:7f:30:85:75:43:5b:84:59:08:80:12:0b:
5a:33:51:4e:0b:f8:e9:23:e2:d6:ad:ab:c7:77:9d:0d:c8:f8:
3c:7d:39:ea
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZNyBGMI0kVdQvuR5wklPj7wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjQxMTI4MDkwNTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTRmODg3NDliNDRjNzM0NjQ2NTRkNGM3YzUzNmQyMGY1MWYwOTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoIKjNSUsgWa0rKRu+WR6tn0qQKKd
xEbvEX/TY9XAD+mcCWAFsRzDz53FRMNp13X6wlN5zD1qEV7KydrKLS+8wkoUOVXd
04VeIacfuG5oDXoOdU0Q4+HYUkZz8YeEr7av97LIwjnJDx5flVQ1E03CryHxdv2D
fIPJLPDYEX/Mx5l+XcipwbYADkOygEEmBM+XhSpUo3Xyve32gZGtZaudjMh3oLGu
KauLSLEvOri3JPgnaJ9YMB3HhaPu/RtZGnGj97IDn3FeAgwtrd0OBBDf+XqkrULW
o+0OXDfdiXlXWwZplcYiihnFoap9L+CWj4ikdmWTfqVhmxGKAlAw1+ytCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKpPiHSbRMc0ZGVNTHxTbSD1HwmGMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvcWstSWRKdEV4elJrWlUxTWZGTnRJUFVmQ1lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAjqqMA0G
CSqGSIb3DQEBCwUAA4IBAQCfBERv3Jy3OjrmJbqAq+7HeKFyhGF8sGaOhRU8rKLd
Y0DXmNC44jyTrSpoRBETOIFR5uENft2w+rStl9MyIk7U4RJ16KSfjL4n9dyXYF/p
iJtYRBiCIH63MIiHC2zrHBz/nMHxvF2qrbSDDKcCyVDpDHMO2Buosf4E2uNFNCJZ
/IMnzwqGO436kya7E4eu35X5EtU5NsL01JaX2medsDhhOBFUptbvRSxh36U4sc7K
4dmI2smLQFgNQ2qsujb46CF4e1CpONTk2lmF+edbfv1jewcOohpQyvRhr0E0/8Z/
MIV1Q1uEWQiAEgtaM1FOC/jpI+LWravHd50NyPg8fTnq
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:09:49 2025 by rpki-client