Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/95b186-f2ba-4c83-b630-8f95b8524c35/1/nBbI0wb-YAoO5JFY1uARycDQQWA.roa
File: nBbI0wb-YAoO5JFY1uARycDQQWA.roa (raw, json)
Hash identifier: m50+6N0EGGEVZ6xeGfC0WcsMBdhOB1Aw6Mt2JhU0ytA=
Subject key identifier: 9C:16:C8:D3:06:FE:60:0A:0E:E4:91:58:D6:E0:11:C9:C0:D0:41:60
Certificate issuer: /CN=ff4b7ba5a76c137152d0d0f3524fd6201b815bef
Certificate serial: 019600DB89A0761D1D864A2CD18A3397DE9A
Authority key identifier: FF:4B:7B:A5:A7:6C:13:71:52:D0:D0:F3:52:4F:D6:20:1B:81:5B:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_0t7padsE3FS0NDzUk_WIBuBW-8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/95b186-f2ba-4c83-b630-8f95b8524c35/1/nBbI0wb-YAoO5JFY1uARycDQQWA.roa
Signing time: Fri 04 Apr 2025 12:51:49 +0000
ROA not before: Fri 04 Apr 2025 12:51:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39686
IP address blocks: 2.58.108.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 08 Apr 2025 17:16:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:00:db:89:a0:76:1d:1d:86:4a:2c:d1:8a:33:97:de:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff4b7ba5a76c137152d0d0f3524fd6201b815bef
Validity
Not Before: Apr 4 12:51:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9c16c8d306fe600a0ee49158d6e011c9c0d04160
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:98:c5:b0:9d:4a:7c:bf:5e:a9:06:c7:a5:3a:
0d:28:45:11:6b:22:63:a6:6b:e0:95:a7:16:8b:34:
12:87:30:5f:b0:d8:1c:81:24:de:e7:d6:5e:b7:fa:
0d:e8:ee:5f:7e:19:d3:41:35:0e:26:63:ca:51:bc:
7b:7c:00:86:42:82:14:10:fb:19:11:f9:4e:39:e3:
f5:a7:d7:14:b8:20:be:9e:82:03:56:a7:fa:59:23:
8f:f7:d5:16:81:81:72:81:b6:83:af:da:42:16:a1:
f2:1e:ef:3d:6d:01:50:99:19:95:9c:c5:b7:36:10:
7b:5a:97:25:a4:bd:3e:19:3d:32:55:ac:0d:59:35:
46:7d:e6:3f:e7:df:b3:c5:36:b2:9d:11:f3:6a:34:
43:fe:85:34:11:0b:49:d1:af:97:b2:4e:dd:e2:de:
89:06:33:8f:06:a9:6e:12:b8:cc:20:d1:c9:62:bb:
47:c5:64:b7:ea:6f:32:2b:34:cb:76:f1:f2:9c:4a:
0e:2c:57:bd:5a:da:5a:75:ca:d4:87:bf:90:ed:37:
de:7c:fc:bc:f8:28:f0:b5:a4:16:90:b2:6c:3d:55:
48:9b:12:7c:a8:f5:b4:c2:99:27:55:ab:2f:c3:58:
6a:8d:f3:8d:2c:09:d1:af:6c:7c:e6:51:77:92:88:
b9:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:16:C8:D3:06:FE:60:0A:0E:E4:91:58:D6:E0:11:C9:C0:D0:41:60
X509v3 Authority Key Identifier:
keyid:FF:4B:7B:A5:A7:6C:13:71:52:D0:D0:F3:52:4F:D6:20:1B:81:5B:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_0t7padsE3FS0NDzUk_WIBuBW-8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/95b186-f2ba-4c83-b630-8f95b8524c35/1/nBbI0wb-YAoO5JFY1uARycDQQWA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/95b186-f2ba-4c83-b630-8f95b8524c35/1/_0t7padsE3FS0NDzUk_WIBuBW-8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.108.0/22
Signature Algorithm: sha256WithRSAEncryption
82:f4:be:36:67:96:5e:4f:b8:1c:0b:53:da:cd:ff:ad:b1:ab:
38:40:07:a9:8d:ad:ef:af:6b:24:b7:9a:40:bf:15:a2:f4:27:
a3:06:8a:fd:31:af:6e:43:62:e8:25:d2:95:05:d7:9e:fb:af:
14:48:99:d5:ff:99:54:e0:3a:f4:7b:d0:35:21:1b:a1:e7:60:
70:9d:b0:f0:20:b3:ae:2e:a0:61:b2:4f:22:d1:16:f3:85:3c:
b7:b9:87:7c:6b:ce:73:18:5b:11:d4:45:c6:3d:52:87:f2:27:
8c:43:21:0b:23:6d:ab:9c:c8:aa:65:d0:28:02:20:d6:22:6b:
ce:3e:75:a3:01:83:8a:3c:34:6b:8b:1e:38:94:da:b7:54:00:
d5:b1:b5:49:73:c7:11:03:74:8f:a5:36:3d:81:cc:34:77:f8:
47:c4:60:8e:d3:32:72:65:c9:3f:5b:0b:11:95:6c:f9:ce:a3:
fa:1c:50:78:ff:69:63:58:86:c7:3b:a4:37:88:1c:b3:ec:fe:
c0:4e:b9:41:3a:5e:70:f3:15:76:e0:19:ab:5c:ed:95:89:02:
08:93:27:34:a6:41:3e:79:da:f9:4e:d3:20:66:7c:2e:88:b0:
7b:1f:30:4c:4e:46:0a:e6:e5:f5:35:00:66:3c:3c:e2:6b:0e:
18:7f:de:fb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZYA24mgdh0dhkos0Yozl96aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmNGI3YmE1YTc2YzEzNzE1MmQwZDBmMzUyNGZkNjIwMWI4
MTViZWYwHhcNMjUwNDA0MTI1MTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzE2YzhkMzA2ZmU2MDBhMGVlNDkxNThkNmUwMTFjOWMwZDA0MTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJjFsJ1KfL9eqQbHpToNKEURayJj
pmvglacWizQShzBfsNgcgSTe59Zet/oN6O5ffhnTQTUOJmPKUbx7fACGQoIUEPsZ
EflOOeP1p9cUuCC+noIDVqf6WSOP99UWgYFygbaDr9pCFqHyHu89bQFQmRmVnMW3
NhB7WpclpL0+GT0yVawNWTVGfeY/59+zxTaynRHzajRD/oU0EQtJ0a+Xsk7d4t6J
BjOPBqluErjMINHJYrtHxWS36m8yKzTLdvHynEoOLFe9WtpadcrUh7+Q7TfefPy8
+CjwtaQWkLJsPVVImxJ8qPW0wpknVasvw1hqjfONLAnRr2x85lF3koi53QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJwWyNMG/mAKDuSRWNbgEcnA0EFgMB8GA1UdIwQY
MBaAFP9Le6WnbBNxUtDQ81JP1iAbgVvvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzB0N3BhZHNFM0ZTME5EelVrX1dJQnVCVy04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS85NWIxODYtZjJiYS00YzgzLWI2MzAt
OGY5NWI4NTI0YzM1LzEvbkJiSTB3Yi1ZQW9PNUpGWTF1QVJ5Y0RRUVdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS85NWIxODYtZjJiYS00YzgzLWI2MzAtOGY5NWI4NTI0YzM1
LzEvXzB0N3BhZHNFM0ZTME5EelVrX1dJQnVCVy04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCAjpsMA0G
CSqGSIb3DQEBCwUAA4IBAQCC9L42Z5ZeT7gcC1Pazf+tsas4QAepja3vr2skt5pA
vxWi9CejBor9Ma9uQ2LoJdKVBdee+68USJnV/5lU4Dr0e9A1IRuh52BwnbDwILOu
LqBhsk8i0RbzhTy3uYd8a85zGFsR1EXGPVKH8ieMQyELI22rnMiqZdAoAiDWImvO
PnWjAYOKPDRrix44lNq3VADVsbVJc8cRA3SPpTY9gcw0d/hHxGCO0zJyZck/WwsR
lWz5zqP6HFB4/2ljWIbHO6Q3iByz7P7ATrlBOl5w8xV24BmrXO2ViQIIkyc0pkE+
edr5TtMgZnwuiLB7HzBMTkYK5uX1NQBmPDziaw4Yf977
-----END CERTIFICATE-----
Generated at Wed Apr 30 18:17:43 2025 by rpki-client