Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/878d0c-2200-4c27-94c0-5c6e19d070e5/1/m00ohTSMIQubJB4CjT_lfEAziQo.roa
File: m00ohTSMIQubJB4CjT_lfEAziQo.roa (raw, json)
Hash identifier: MT4QeK8s+IVkpfg6xnC9O2P/Wi+shlGBoJ08APYN9t0=
Subject key identifier: 9B:4D:28:85:34:8C:21:0B:9B:24:1E:02:8D:3F:E5:7C:40:33:89:0A
Certificate issuer: /CN=aa22bffd2d5a070e2ec8a3fc46e7911af96feaad
Certificate serial: 0185711EA05A01F94948D924EAEEE322ABD4
Authority key identifier: AA:22:BF:FD:2D:5A:07:0E:2E:C8:A3:FC:46:E7:91:1A:F9:6F:EA:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qiK__S1aBw4uyKP8RueRGvlv6q0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/878d0c-2200-4c27-94c0-5c6e19d070e5/1/m00ohTSMIQubJB4CjT_lfEAziQo.roa
Signing time: Mon 02 Jan 2023 06:15:10 +0000
ROA not before: Mon 02 Jan 2023 06:15:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209198
IP address blocks: 2.57.200.0/22 maxlen: 24
2a09:de40::/32 maxlen: 56
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:1e:a0:5a:01:f9:49:48:d9:24:ea:ee:e3:22:ab:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa22bffd2d5a070e2ec8a3fc46e7911af96feaad
Validity
Not Before: Jan 2 06:15:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9b4d2885348c210b9b241e028d3fe57c4033890a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:d8:fa:58:5f:e8:02:bf:ab:ef:67:29:53:dd:
2c:8f:dc:7f:8b:9c:90:06:40:ad:dc:2b:b9:07:82:
3e:9d:d3:2a:28:35:a6:5c:be:f7:39:94:7e:93:a9:
aa:77:32:b0:b2:ec:22:b1:30:01:a9:e8:03:07:3e:
1f:68:e3:1d:80:5d:31:e0:1c:08:99:bd:7f:fb:bd:
3f:3e:e3:9b:af:a0:f8:e6:54:07:dc:be:3f:8e:99:
6b:bb:05:43:17:0b:88:38:52:74:ec:d6:03:f7:f7:
ae:f9:93:10:f0:8d:4c:ac:a1:23:54:8f:c8:71:1d:
b2:62:63:20:6e:73:ae:7e:0b:be:c5:18:8a:53:5b:
7e:42:b4:b8:99:77:8c:a9:37:b0:d0:7b:3e:dd:ab:
49:1b:ed:9d:c8:46:5a:80:1b:ed:54:60:39:0d:70:
09:7c:3b:a3:70:97:2a:e4:05:29:77:62:1f:24:d8:
07:a1:12:1e:51:38:d3:98:c8:62:af:d9:55:bc:aa:
35:d7:57:d4:9c:bc:d7:03:cc:25:59:1a:d2:36:1c:
73:c5:71:56:2a:46:0d:6e:22:ac:5a:3b:83:d7:0b:
cc:d7:43:f5:08:31:aa:55:6f:ff:b5:6e:fc:b1:c0:
82:98:58:b0:6b:7a:7c:13:76:a3:89:d3:dd:4d:87:
ca:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:4D:28:85:34:8C:21:0B:9B:24:1E:02:8D:3F:E5:7C:40:33:89:0A
X509v3 Authority Key Identifier:
keyid:AA:22:BF:FD:2D:5A:07:0E:2E:C8:A3:FC:46:E7:91:1A:F9:6F:EA:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qiK__S1aBw4uyKP8RueRGvlv6q0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/878d0c-2200-4c27-94c0-5c6e19d070e5/1/m00ohTSMIQubJB4CjT_lfEAziQo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/878d0c-2200-4c27-94c0-5c6e19d070e5/1/qiK__S1aBw4uyKP8RueRGvlv6q0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.200.0/22
IPv6:
2a09:de40::/32
Signature Algorithm: sha256WithRSAEncryption
35:ab:25:44:65:b4:12:57:2c:fa:4a:aa:ba:91:1b:0c:a4:8d:
1b:9b:b0:c0:14:68:e8:a1:80:dc:87:55:b3:69:18:05:71:e1:
35:24:09:2f:23:a4:0d:0e:eb:0e:93:a0:f0:ca:a5:af:c7:78:
2e:e8:cf:83:e7:5a:23:cb:5c:18:65:94:9d:b1:89:5a:71:8b:
92:4a:ed:17:6d:21:4b:42:48:5e:ef:e6:5a:de:23:fd:44:a5:
b2:40:de:cc:e7:7f:2b:ba:0d:3c:47:c1:63:9f:f6:1e:c2:19:
66:3d:10:28:f9:66:42:fa:d6:0a:ff:da:71:51:f8:42:50:d0:
44:3a:99:49:e9:48:e0:fb:62:5f:97:51:22:04:ba:bd:1f:76:
0d:5f:79:c8:2e:f7:76:4f:81:19:d4:fb:d2:01:f5:9e:a1:ce:
26:ff:56:ad:42:01:ba:ff:7b:20:58:d1:a7:82:37:16:4d:92:
c0:b3:b5:8f:97:a1:ba:1f:70:0f:60:75:27:b7:66:58:fc:65:
14:c4:1e:37:1c:ea:5e:49:9a:ee:c5:4d:91:f3:81:6c:d6:1a:
a5:87:b3:b1:9a:c4:0b:d9:e6:bc:c9:61:9d:18:4f:de:60:5e:
be:b8:12:38:72:f7:cd:49:f5:8f:46:7e:aa:61:92:74:00:8f:
b4:76:0d:58
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxHqBaAflJSNkk6u7jIqvUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMjJiZmZkMmQ1YTA3MGUyZWM4YTNmYzQ2ZTc5MTFhZjk2
ZmVhYWQwHhcNMjMwMTAyMDYxNTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjRkMjg4NTM0OGMyMTBiOWIyNDFlMDI4ZDNmZTU3YzQwMzM4OTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtdj6WF/oAr+r72cpU90sj9x/i5yQ
BkCt3Cu5B4I+ndMqKDWmXL73OZR+k6mqdzKwsuwisTABqegDBz4faOMdgF0x4BwI
mb1/+70/PuObr6D45lQH3L4/jplruwVDFwuIOFJ07NYD9/eu+ZMQ8I1MrKEjVI/I
cR2yYmMgbnOufgu+xRiKU1t+QrS4mXeMqTew0Hs+3atJG+2dyEZagBvtVGA5DXAJ
fDujcJcq5AUpd2IfJNgHoRIeUTjTmMhir9lVvKo111fUnLzXA8wlWRrSNhxzxXFW
KkYNbiKsWjuD1wvM10P1CDGqVW//tW78scCCmFiwa3p8E3ajidPdTYfKjQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJtNKIU0jCELmyQeAo0/5XxAM4kKMB8GA1UdIwQY
MBaAFKoiv/0tWgcOLsij/EbnkRr5b+qtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWlLX19TMWFCdzR1eUtQOFJ1ZVJHdmx2NnEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC84NzhkMGMtMjIwMC00YzI3LTk0YzAt
NWM2ZTE5ZDA3MGU1LzEvbTAwb2hUU01JUXViSkI0Q2pUX2xmRUF6aVFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC84NzhkMGMtMjIwMC00YzI3LTk0YzAtNWM2ZTE5ZDA3MGU1
LzEvcWlLX19TMWFCdzR1eUtQOFJ1ZVJHdmx2NnEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCAjnIMA0E
AgACMAcDBQAqCd5AMA0GCSqGSIb3DQEBCwUAA4IBAQA1qyVEZbQSVyz6Sqq6kRsM
pI0bm7DAFGjooYDch1WzaRgFceE1JAkvI6QNDusOk6DwyqWvx3gu6M+D51ojy1wY
ZZSdsYlacYuSSu0XbSFLQkhe7+Za3iP9RKWyQN7M538rug08R8Fjn/YewhlmPRAo
+WZC+tYK/9pxUfhCUNBEOplJ6Ujg+2Jfl1EiBLq9H3YNX3nILvd2T4EZ1PvSAfWe
oc4m/1atQgG6/3sgWNGngjcWTZLAs7WPl6G6H3APYHUnt2ZY/GUUxB43HOpeSZru
xU2R84Fs1hqlh7OxmsQL2ea8yWGdGE/eYF6+uBI4cvfNSfWPRn6qYZJ0AI+0dg1Y
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:07 2024 by rpki-client on console-ams.rpki-client.org