Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/0f9f02-c2ad-4ec8-b4d5-dfbfa3fcf021/1/KbHlB-poW6PwrXUcZ2SikIScgUw.roa
File: KbHlB-poW6PwrXUcZ2SikIScgUw.roa (raw, json)
Hash identifier: ZhLL8EQbntEfsQC9YNSw+5zWvzjofLy25/L0/+cmma8=
Subject key identifier: 29:B1:E5:07:EA:68:5B:A3:F0:AD:75:1C:67:64:A2:90:84:9C:81:4C
Certificate issuer: /CN=e4be8efec1fb03d8af979af1cba13a0845a7b0ba
Certificate serial: 018FF2D1824D0398D59EF338A45A20CE079F
Authority key identifier: E4:BE:8E:FE:C1:FB:03:D8:AF:97:9A:F1:CB:A1:3A:08:45:A7:B0:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5L6O_sH7A9ivl5rxy6E6CEWnsLo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/0f9f02-c2ad-4ec8-b4d5-dfbfa3fcf021/1/KbHlB-poW6PwrXUcZ2SikIScgUw.roa
Signing time: Fri 07 Jun 2024 13:09:27 +0000
ROA not before: Fri 07 Jun 2024 13:09:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212570
IP address blocks: 2.58.217.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:48:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:f2:d1:82:4d:03:98:d5:9e:f3:38:a4:5a:20:ce:07:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4be8efec1fb03d8af979af1cba13a0845a7b0ba
Validity
Not Before: Jun 7 13:09:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=29b1e507ea685ba3f0ad751c6764a290849c814c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:58:f9:d2:8b:31:af:91:93:4b:e3:09:22:58:
38:b9:6d:6c:94:8f:a4:9b:47:48:ad:9f:2d:5b:f8:
9d:f2:f4:9a:b7:61:d1:f2:1e:6f:f9:b8:b9:9a:21:
e0:f3:e6:8c:7d:7f:30:7c:0e:fc:b8:3f:55:a8:f5:
d7:4d:c7:37:47:b5:01:42:94:80:ec:e2:47:fb:8a:
d3:16:a1:2d:4a:6e:62:5b:74:24:90:54:eb:e1:5a:
9b:df:04:5d:e3:55:2e:65:93:65:1f:fc:9e:8c:c3:
18:b6:d3:f4:56:a5:24:8f:d0:87:7c:77:d1:38:26:
10:d3:9a:c0:65:9a:8c:f3:8d:a3:1a:df:4f:c7:cb:
96:ab:fd:ad:d6:2b:2c:32:51:a6:45:64:e7:93:d4:
c7:58:26:3a:7e:4a:1e:f6:21:70:13:94:c5:0c:bb:
b6:45:90:0a:13:06:78:43:5f:f7:5c:38:41:53:da:
e5:28:1c:56:99:27:cd:c3:d8:65:56:f3:c9:de:80:
5a:21:b9:af:18:10:5f:32:b5:0f:c5:c8:1b:0f:71:
93:f3:59:24:91:bc:f7:5d:7c:8b:eb:80:9e:6c:18:
5c:04:fb:d3:bc:6e:72:6c:97:96:39:c3:08:6a:30:
a2:af:2d:ea:9a:fd:dc:f5:11:cf:bc:6c:86:6f:8b:
f4:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:B1:E5:07:EA:68:5B:A3:F0:AD:75:1C:67:64:A2:90:84:9C:81:4C
X509v3 Authority Key Identifier:
keyid:E4:BE:8E:FE:C1:FB:03:D8:AF:97:9A:F1:CB:A1:3A:08:45:A7:B0:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5L6O_sH7A9ivl5rxy6E6CEWnsLo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/0f9f02-c2ad-4ec8-b4d5-dfbfa3fcf021/1/KbHlB-poW6PwrXUcZ2SikIScgUw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/0f9f02-c2ad-4ec8-b4d5-dfbfa3fcf021/1/5L6O_sH7A9ivl5rxy6E6CEWnsLo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.217.0/24
Signature Algorithm: sha256WithRSAEncryption
22:46:22:1b:f7:f2:83:30:b4:b7:b6:6e:ea:cb:6c:61:f6:55:
73:19:fa:36:f8:ca:b7:d2:e7:6d:81:93:f2:f7:9c:a4:fd:3b:
fb:bd:c6:de:10:26:c2:04:83:15:ba:03:d0:d0:9c:77:ca:fa:
ee:b8:ba:75:19:f9:b8:f6:21:79:f0:66:34:7c:d3:c4:4a:84:
cc:b9:a8:a8:76:ac:d1:44:91:f9:14:3b:6d:98:e7:2f:d4:85:
55:c9:ad:c3:65:36:b2:d2:dc:29:42:e3:fd:32:b4:6c:8b:47:
16:e4:48:9c:bd:f5:42:1d:22:86:ee:92:9b:ec:ad:a6:0b:b1:
8f:84:79:62:76:01:9f:c1:d1:bb:e7:62:92:24:16:c2:89:3f:
da:63:15:a9:d8:87:db:4f:53:e7:ca:3b:cd:0d:a0:6b:bf:10:
8f:5b:be:ab:6e:3b:cd:9d:6b:e1:d2:e6:b0:d1:29:03:79:4d:
22:2f:4b:78:74:be:ed:51:23:a5:d6:7a:93:b8:72:de:17:f9:
ff:55:19:18:8e:47:67:30:f5:e0:bc:26:59:c0:4e:59:ab:b1:
f0:b4:f4:ee:f9:dd:77:7a:44:e1:a5:16:c0:7a:32:75:8e:05:
51:99:c9:39:55:db:fe:8a:95:98:5b:5f:01:73:39:40:ce:1e:
55:be:ad:41
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY/y0YJNA5jVnvM4pFogzgefMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YmU4ZWZlYzFmYjAzZDhhZjk3OWFmMWNiYTEzYTA4NDVh
N2IwYmEwHhcNMjQwNjA3MTMwOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWIxZTUwN2VhNjg1YmEzZjBhZDc1MWM2NzY0YTI5MDg0OWM4MTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvVj50osxr5GTS+MJIlg4uW1slI+k
m0dIrZ8tW/id8vSat2HR8h5v+bi5miHg8+aMfX8wfA78uD9VqPXXTcc3R7UBQpSA
7OJH+4rTFqEtSm5iW3QkkFTr4Vqb3wRd41UuZZNlH/yejMMYttP0VqUkj9CHfHfR
OCYQ05rAZZqM842jGt9Px8uWq/2t1issMlGmRWTnk9THWCY6fkoe9iFwE5TFDLu2
RZAKEwZ4Q1/3XDhBU9rlKBxWmSfNw9hlVvPJ3oBaIbmvGBBfMrUPxcgbD3GT81kk
kbz3XXyL64CebBhcBPvTvG5ybJeWOcMIajCiry3qmv3c9RHPvGyGb4v0QwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCmx5QfqaFuj8K11HGdkopCEnIFMMB8GA1UdIwQY
MBaAFOS+jv7B+wPYr5ea8cuhOghFp7C6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUw2T19zSDdBOWl2bDVyeHk2RTZDRVduc0xvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS8wZjlmMDItYzJhZC00ZWM4LWI0ZDUt
ZGZiZmEzZmNmMDIxLzEvS2JIbEItcG9XNlB3clhVY1oyU2lrSVNjZ1V3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS8wZjlmMDItYzJhZC00ZWM4LWI0ZDUtZGZiZmEzZmNmMDIx
LzEvNUw2T19zSDdBOWl2bDVyeHk2RTZDRVduc0xvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAjrZMA0G
CSqGSIb3DQEBCwUAA4IBAQAiRiIb9/KDMLS3tm7qy2xh9lVzGfo2+Mq30udtgZPy
95yk/Tv7vcbeECbCBIMVugPQ0Jx3yvruuLp1Gfm49iF58GY0fNPESoTMuaiodqzR
RJH5FDttmOcv1IVVya3DZTay0twpQuP9MrRsi0cW5EicvfVCHSKG7pKb7K2mC7GP
hHlidgGfwdG752KSJBbCiT/aYxWp2IfbT1PnyjvNDaBrvxCPW76rbjvNnWvh0uaw
0SkDeU0iL0t4dL7tUSOl1nqTuHLeF/n/VRkYjkdnMPXgvCZZwE5Zq7HwtPTu+d13
ekThpRbAejJ1jgVRmck5Vdv+ipWYW18BczlAzh5Vvq1B
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:07:15 2025 by rpki-client