Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/3eaeb4-fb99-4993-8122-e45350414ddf/1/TtupOTo4hsF-k7DL9Bsme4LHA3E.roa
File: TtupOTo4hsF-k7DL9Bsme4LHA3E.roa (raw, json)
Hash identifier: g0HiZnbzTp/JtsgHRKGAcC+HWE/so35AId3L/u0vwUo=
Subject key identifier: 4E:DB:A9:39:3A:38:86:C1:7E:93:B0:CB:F4:1B:26:7B:82:C7:03:71
Certificate issuer: /CN=39704769d087d9fe8f790a6555cb4fbefcd24d38
Certificate serial: 019426D9A195CEB592F815D3FB0227DFD0AE
Authority key identifier: 39:70:47:69:D0:87:D9:FE:8F:79:0A:65:55:CB:4F:BE:FC:D2:4D:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OXBHadCH2f6PeQplVctPvvzSTTg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/3eaeb4-fb99-4993-8122-e45350414ddf/1/TtupOTo4hsF-k7DL9Bsme4LHA3E.roa
Signing time: Thu 02 Jan 2025 11:49:44 +0000
ROA not before: Thu 02 Jan 2025 11:49:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57706
IP address blocks: 2.58.58.0/24 maxlen: 24
2a09:e240::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 14 Jan 2025 13:27:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:a1:95:ce:b5:92:f8:15:d3:fb:02:27:df:d0:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39704769d087d9fe8f790a6555cb4fbefcd24d38
Validity
Not Before: Jan 2 11:49:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4edba9393a3886c17e93b0cbf41b267b82c70371
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:59:4d:e5:a7:a5:c7:05:83:6a:10:9a:d4:b1:
87:45:c4:a5:54:c4:22:f9:31:1c:62:ae:1a:9a:41:
36:1f:71:29:52:1d:72:3b:52:e7:5f:0c:67:78:3e:
05:22:ca:ed:91:3a:7d:3f:67:f7:cf:6e:3b:94:3f:
55:a1:ce:47:d5:5b:99:54:6a:32:18:3f:29:56:2f:
a8:ac:c4:41:8c:17:72:73:ec:5b:0d:40:0d:4c:ca:
d6:9c:2d:c0:00:45:f7:ed:01:d4:2e:a0:a0:7f:6d:
d9:82:10:a5:35:91:e9:3e:fb:ee:b9:ed:8a:6b:b6:
9e:e5:8e:87:79:b2:ae:fe:e6:6e:6e:e7:69:9d:07:
d4:6b:b2:d3:c6:f2:7f:03:0e:76:c1:b3:8e:2b:94:
1a:f5:65:d8:4b:78:51:06:1c:2e:08:55:19:47:a3:
61:69:ef:2e:7a:6f:51:93:b8:69:27:7a:f6:da:71:
f1:42:0b:40:73:44:1d:74:01:e5:05:fe:81:0d:2f:
30:35:28:08:c7:fe:07:c6:46:5c:95:2a:75:23:e3:
bf:c0:4c:e7:2e:12:7c:f5:7a:27:ed:8d:b2:85:92:
26:a4:a6:b2:5d:6b:64:79:e2:9a:82:54:d7:cc:5b:
30:a4:a5:05:35:f0:1a:29:b1:79:15:8a:1e:4a:a6:
71:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:DB:A9:39:3A:38:86:C1:7E:93:B0:CB:F4:1B:26:7B:82:C7:03:71
X509v3 Authority Key Identifier:
keyid:39:70:47:69:D0:87:D9:FE:8F:79:0A:65:55:CB:4F:BE:FC:D2:4D:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OXBHadCH2f6PeQplVctPvvzSTTg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/3eaeb4-fb99-4993-8122-e45350414ddf/1/TtupOTo4hsF-k7DL9Bsme4LHA3E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/3eaeb4-fb99-4993-8122-e45350414ddf/1/OXBHadCH2f6PeQplVctPvvzSTTg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.58.0/24
IPv6:
2a09:e240::/48
Signature Algorithm: sha256WithRSAEncryption
af:17:57:11:4a:20:9f:02:b7:ff:5c:e6:35:4e:da:08:a3:c1:
68:42:b6:36:18:d5:15:f6:ac:a2:8b:82:e0:c8:27:a1:54:89:
17:5e:30:ee:a2:b5:23:d1:2e:bc:a1:3b:47:c4:aa:d3:8a:a8:
8d:e8:c9:0e:c4:23:64:a8:be:ef:8b:6b:98:bf:51:50:71:ce:
aa:b6:06:c3:48:2b:b2:51:0e:da:eb:59:24:a0:03:54:63:f1:
85:28:57:9d:83:16:08:01:6d:4f:e7:41:87:83:11:06:e2:f5:
70:d7:a3:d3:08:15:94:fb:36:04:56:03:ec:bb:18:1c:60:24:
be:d6:37:b0:cf:43:18:c7:0d:2e:74:cf:8d:57:f6:74:66:da:
06:af:07:56:e1:49:44:71:27:76:4a:60:aa:bd:b8:a1:29:aa:
a1:8a:c2:ac:e1:c6:69:1b:3e:c2:e2:89:ac:14:e7:31:0e:07:
83:ae:f8:5e:c8:cd:12:31:70:1b:a8:c4:cd:93:c6:07:2c:bc:
04:38:a9:13:ba:c1:44:bb:7e:6c:9c:58:65:ad:c4:3b:ae:b4:
4d:4d:3f:7f:3a:47:63:85:00:5a:25:5c:c1:4d:39:6a:c4:18:
76:7c:f2:05:cd:fa:8f:be:61:d8:4a:b6:b7:d6:13:f1:d7:b9:
55:e4:1f:b6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQm2aGVzrWS+BXT+wIn39CuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5NzA0NzY5ZDA4N2Q5ZmU4Zjc5MGE2NTU1Y2I0ZmJlZmNk
MjRkMzgwHhcNMjUwMTAyMTE0OTQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWRiYTkzOTNhMzg4NmMxN2U5M2IwY2JmNDFiMjY3YjgyYzcwMzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqVlN5aelxwWDahCa1LGHRcSlVMQi
+TEcYq4amkE2H3EpUh1yO1LnXwxneD4FIsrtkTp9P2f3z247lD9Voc5H1VuZVGoy
GD8pVi+orMRBjBdyc+xbDUANTMrWnC3AAEX37QHULqCgf23ZghClNZHpPvvuue2K
a7ae5Y6HebKu/uZubudpnQfUa7LTxvJ/Aw52wbOOK5Qa9WXYS3hRBhwuCFUZR6Nh
ae8uem9Rk7hpJ3r22nHxQgtAc0QddAHlBf6BDS8wNSgIx/4HxkZclSp1I+O/wEzn
LhJ89Xon7Y2yhZImpKayXWtkeeKaglTXzFswpKUFNfAaKbF5FYoeSqZxAwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFE7bqTk6OIbBfpOwy/QbJnuCxwNxMB8GA1UdIwQY
MBaAFDlwR2nQh9n+j3kKZVXLT7780k04MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1hCSGFkQ0gyZjZQZVFwbFZjdFB2dnpTVFRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8zZWFlYjQtZmI5OS00OTkzLTgxMjIt
ZTQ1MzUwNDE0ZGRmLzEvVHR1cE9UbzRoc0YtazdETDlCc21lNExIQTNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8zZWFlYjQtZmI5OS00OTkzLTgxMjItZTQ1MzUwNDE0ZGRm
LzEvT1hCSGFkQ0gyZjZQZVFwbFZjdFB2dnpTVFRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAAjo6MA8E
AgACMAkDBwAqCeJAAAAwDQYJKoZIhvcNAQELBQADggEBAK8XVxFKIJ8Ct/9c5jVO
2gijwWhCtjYY1RX2rKKLguDIJ6FUiRdeMO6itSPRLryhO0fEqtOKqI3oyQ7EI2So
vu+La5i/UVBxzqq2BsNIK7JRDtrrWSSgA1Rj8YUoV52DFggBbU/nQYeDEQbi9XDX
o9MIFZT7NgRWA+y7GBxgJL7WN7DPQxjHDS50z41X9nRm2gavB1bhSURxJ3ZKYKq9
uKEpqqGKwqzhxmkbPsLiiawU5zEOB4Ou+F7IzRIxcBuoxM2TxgcsvAQ4qRO6wUS7
fmycWGWtxDuutE1NP386R2OFAFolXMFNOWrEGHZ88gXN+o++YdhKtrfWE/HXuVXk
H7Y=
-----END CERTIFICATE-----
Generated at Tue May 13 00:54:50 2025 by rpki-client