Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/17836a-d678-41ca-8fb2-5eb7bef9a7a8/1/1tXKFK_KPo0ibtBbTF8Zg7yups0.roa
File: 1tXKFK_KPo0ibtBbTF8Zg7yups0.roa (raw, json)
Hash identifier: SjVPpLuCHUnPpmyqlLMagJiUCvyrY/+7bQQPBThTX6M=
Subject key identifier: D6:D5:CA:14:AF:CA:3E:8D:22:6E:D0:5B:4C:5F:19:83:BC:AE:A6:CD
Certificate issuer: /CN=fb744006eac3084bf88f128349b0e733bb3d79e3
Certificate serial: 018973A51A3F0A9D906A4B0EC5CDB80E05DD
Authority key identifier: FB:74:40:06:EA:C3:08:4B:F8:8F:12:83:49:B0:E7:33:BB:3D:79:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-3RABurDCEv4jxKDSbDnM7s9eeM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/17836a-d678-41ca-8fb2-5eb7bef9a7a8/1/1tXKFK_KPo0ibtBbTF8Zg7yups0.roa
Signing time: Thu 20 Jul 2023 14:12:27 +0000
ROA not before: Thu 20 Jul 2023 14:12:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35133
IP address blocks: 2.58.58.0/24 maxlen: 24
2.58.57.0/24 maxlen: 24
2.58.59.0/24 maxlen: 24
2a09:e244::/33 maxlen: 33
2a09:e240:22::/48 maxlen: 48
2a09:e240:2::/48 maxlen: 48
2a09:e240::/48 maxlen: 48
2a09:e240:1::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:73:a5:1a:3f:0a:9d:90:6a:4b:0e:c5:cd:b8:0e:05:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb744006eac3084bf88f128349b0e733bb3d79e3
Validity
Not Before: Jul 20 14:12:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d6d5ca14afca3e8d226ed05b4c5f1983bcaea6cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:df:94:ae:5c:89:29:fa:c1:9a:ae:44:61:c2:
45:d4:63:9c:86:df:1b:6e:55:a9:6e:bb:19:f8:c9:
46:a4:ec:fd:91:26:fe:63:a1:9d:7e:7f:95:98:c1:
52:b3:25:ce:43:8a:2f:e3:24:d3:f4:f6:7d:f3:17:
38:85:db:34:13:98:4a:ff:0f:63:00:f8:b4:a6:46:
30:8e:c5:3d:15:b1:d2:7f:1e:10:fd:36:b3:c1:fc:
ac:7b:17:cb:91:33:65:cf:fd:b6:b6:7c:8d:24:6c:
2e:7d:2e:15:4d:d2:41:8a:3e:73:60:e8:c5:be:8e:
ff:42:a0:60:0d:97:73:78:9d:82:80:e7:35:62:90:
6f:56:ac:23:77:f2:6c:63:b7:74:b9:26:77:f6:37:
35:74:48:09:6a:1d:8a:a8:6e:7e:5a:f9:d6:09:d6:
81:6b:22:42:5f:93:a4:a3:90:09:6e:68:1e:40:13:
68:9f:5c:54:6c:5c:e7:d8:25:49:67:0c:5b:61:ed:
1e:80:1c:71:3f:51:85:ac:17:2b:9f:73:bd:6c:29:
94:17:20:df:4d:e6:e1:ed:58:42:07:86:2b:24:63:
ec:84:94:43:8b:fc:26:a8:0e:a8:e9:de:51:26:01:
1e:b4:7d:5a:93:a4:d4:7d:f2:d7:90:c5:c5:b2:57:
cc:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:D5:CA:14:AF:CA:3E:8D:22:6E:D0:5B:4C:5F:19:83:BC:AE:A6:CD
X509v3 Authority Key Identifier:
keyid:FB:74:40:06:EA:C3:08:4B:F8:8F:12:83:49:B0:E7:33:BB:3D:79:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-3RABurDCEv4jxKDSbDnM7s9eeM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/17836a-d678-41ca-8fb2-5eb7bef9a7a8/1/1tXKFK_KPo0ibtBbTF8Zg7yups0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/17836a-d678-41ca-8fb2-5eb7bef9a7a8/1/1-3RABurDCEv4jxKDSbDnM7s9eeM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.57.0-2.58.59.255
IPv6:
2a09:e240::-2a09:e240:2:ffff:ffff:ffff:ffff:ffff
2a09:e240:22::/48
2a09:e244::/33
Signature Algorithm: sha256WithRSAEncryption
3a:25:bc:4d:fa:85:25:03:62:93:fb:7a:e1:16:25:d0:4f:34:
9c:a5:df:d1:ef:2f:24:b5:e8:49:3e:0b:3a:28:39:b7:a3:65:
4e:81:b3:29:9c:75:ac:00:32:a1:e5:8e:7a:80:a2:1f:bb:ee:
5c:43:dc:a3:25:51:52:2c:31:19:a9:a9:cd:15:81:93:6e:a6:
db:67:c2:4b:67:a5:be:53:2c:3c:89:67:ba:d4:38:97:80:36:
a2:1b:2b:72:3a:6f:41:46:48:05:75:ad:6c:b9:58:dc:21:a8:
86:c7:0a:d8:fa:c7:9a:7f:dd:2e:b6:69:d8:6b:52:55:95:86:
bd:ac:70:bb:2e:c4:be:56:4c:0c:ed:01:11:44:19:a7:ae:2d:
a5:07:16:64:fe:66:02:0e:f6:1d:f7:9e:8e:e4:ba:7b:4b:2f:
1f:fa:0f:8e:d9:f9:c9:71:13:5b:16:b6:48:48:99:9e:a7:98:
50:75:fa:00:d9:5a:13:43:14:06:03:1e:57:2e:d2:f7:9e:36:
3d:4e:9b:00:2b:c6:79:cf:97:47:da:bf:b1:d2:fe:18:57:ae:
bf:d8:6e:69:bf:77:9e:4f:fb:b9:c3:0e:f8:ea:cc:dd:05:c9:
33:d8:45:db:4f:75:f4:ce:95:50:c6:5f:1d:93:d4:7a:54:b5:
59:c8:ba:b2
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAYlzpRo/Cp2QaksOxc24DgXdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiNzQ0MDA2ZWFjMzA4NGJmODhmMTI4MzQ5YjBlNzMzYmIz
ZDc5ZTMwHhcNMjMwNzIwMTQxMjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmQ1Y2ExNGFmY2EzZThkMjI2ZWQwNWI0YzVmMTk4M2JjYWVhNmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgd+UrlyJKfrBmq5EYcJF1GOcht8b
blWpbrsZ+MlGpOz9kSb+Y6Gdfn+VmMFSsyXOQ4ov4yTT9PZ98xc4hds0E5hK/w9j
APi0pkYwjsU9FbHSfx4Q/TazwfysexfLkTNlz/22tnyNJGwufS4VTdJBij5zYOjF
vo7/QqBgDZdzeJ2CgOc1YpBvVqwjd/JsY7d0uSZ39jc1dEgJah2KqG5+WvnWCdaB
ayJCX5Oko5AJbmgeQBNon1xUbFzn2CVJZwxbYe0egBxxP1GFrBcrn3O9bCmUFyDf
Tebh7VhCB4YrJGPshJRDi/wmqA6o6d5RJgEetH1ak6TUffLXkMXFslfM+wIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFNbVyhSvyj6NIm7QW0xfGYO8rqbNMB8GA1UdIwQY
MBaAFPt0QAbqwwhL+I8Sg0mw5zO7PXnjMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS0zUkFCdXJEQ0V2NGp4S0RTYkRuTTdzOWVlTS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmUvMTc4MzZhLWQ2NzgtNDFjYS04ZmIy
LTVlYjdiZWY5YTdhOC8xLzF0WEtGS19LUG8waWJ0QmJURjhaZzd5dXBzMC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZmUvMTc4MzZhLWQ2NzgtNDFjYS04ZmIyLTVlYjdiZWY5YTdh
OC8xLzEtM1JBQnVyRENFdjRqeEtEU2JEbk03czllZU0uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwUgYIKwYBBQUHAQcBAf8EQzBBMBQEAgABMA4wDAMEAAI6
OQMEAgI6ODApBAIAAjAjMBADBQYqCeJAAwcAKgniQAACAwcAKgniQAAiAwYHKgni
RAAwDQYJKoZIhvcNAQELBQADggEBADolvE36hSUDYpP7euEWJdBPNJyl39HvLyS1
6Ek+CzooObejZU6BsymcdawAMqHljnqAoh+77lxD3KMlUVIsMRmpqc0VgZNupttn
wktnpb5TLDyJZ7rUOJeANqIbK3I6b0FGSAV1rWy5WNwhqIbHCtj6x5p/3S62adhr
UlWVhr2scLsuxL5WTAztARFEGaeuLaUHFmT+ZgIO9h33no7kuntLLx/6D47Z+clx
E1sWtkhImZ6nmFB1+gDZWhNDFAYDHlcu0veeNj1OmwArxnnPl0fav7HS/hhXrr/Y
bmm/d55P+7nDDvjqzN0FyTPYRdtPdfTOlVDGXx2T1HpUtVnIurI=
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:57 2024 by rpki-client on console-fra.rpki-client.org