Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/94cdb2-9399-450b-a82e-7c590bcf981a/1/DNrBarUKqHlhPqA_F50CuH5CtVo.roa
File: DNrBarUKqHlhPqA_F50CuH5CtVo.roa (raw, json)
Hash identifier: 7JYhlRgj5QU9crD/9PbkTIK4k5LClO5nUmj6ktm9eN4=
Subject key identifier: 0C:DA:C1:6A:B5:0A:A8:79:61:3E:A0:3F:17:9D:02:B8:7E:42:B5:5A
Certificate issuer: /CN=1a5caaf3a0993b76ae13e119136dbf0069698911
Certificate serial: 018A4A5A453CF0BEA37D4D9BAB76D06BBC06
Authority key identifier: 1A:5C:AA:F3:A0:99:3B:76:AE:13:E1:19:13:6D:BF:00:69:69:89:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Glyq86CZO3auE-EZE22_AGlpiRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/94cdb2-9399-450b-a82e-7c590bcf981a/1/DNrBarUKqHlhPqA_F50CuH5CtVo.roa
Signing time: Thu 31 Aug 2023 06:49:04 +0000
ROA not before: Thu 31 Aug 2023 06:49:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39052
IP address blocks: 144.57.128.0/17 maxlen: 17
144.57.64.0/18 maxlen: 18
144.57.0.0/19 maxlen: 19
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:30:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:4a:5a:45:3c:f0:be:a3:7d:4d:9b:ab:76:d0:6b:bc:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a5caaf3a0993b76ae13e119136dbf0069698911
Validity
Not Before: Aug 31 06:49:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0cdac16ab50aa879613ea03f179d02b87e42b55a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:8a:f5:bb:21:ad:fb:84:5c:a7:a9:ca:7c:6a:
c3:c6:94:42:ce:2e:7d:75:53:3f:b9:88:96:ed:fe:
16:33:1f:0a:21:7c:9d:48:1a:4f:e1:2e:06:4f:3b:
07:0d:e5:a4:36:8a:89:4d:58:2d:39:4d:f7:aa:67:
fb:b7:b4:b4:8b:9d:c5:2f:a8:81:32:65:9b:c7:3c:
34:28:bf:68:e9:b2:d2:9f:e1:b1:01:1c:a6:01:a4:
77:fb:eb:c2:de:85:15:dd:03:85:98:57:ae:c1:87:
60:b6:d6:57:c4:57:49:a9:0c:be:de:d2:ad:3e:20:
45:5e:83:f1:e2:7e:4e:63:f7:49:a6:da:f6:6f:bd:
6d:30:cb:6b:b9:94:ef:2c:52:ae:6c:23:c8:2b:8e:
05:02:15:a1:64:3b:b7:a5:c9:10:01:24:2f:21:a1:
de:72:fb:9d:c5:16:42:7e:ac:4b:36:0b:97:d8:18:
56:d7:5f:5d:77:b3:14:f4:d0:a3:5e:10:ee:5b:4a:
af:cd:4d:1f:ab:14:9e:97:95:0c:b7:7c:80:f0:12:
2b:8b:09:f4:8f:e5:5b:c8:24:e6:c4:9b:19:a8:e9:
b3:23:ff:d9:f3:70:7d:87:8e:1b:1a:76:8a:d8:2c:
43:8c:a8:2f:86:f2:69:4c:4e:a7:d2:3f:c5:95:d7:
a2:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:DA:C1:6A:B5:0A:A8:79:61:3E:A0:3F:17:9D:02:B8:7E:42:B5:5A
X509v3 Authority Key Identifier:
keyid:1A:5C:AA:F3:A0:99:3B:76:AE:13:E1:19:13:6D:BF:00:69:69:89:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Glyq86CZO3auE-EZE22_AGlpiRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/94cdb2-9399-450b-a82e-7c590bcf981a/1/DNrBarUKqHlhPqA_F50CuH5CtVo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/94cdb2-9399-450b-a82e-7c590bcf981a/1/Glyq86CZO3auE-EZE22_AGlpiRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.57.0.0/19
144.57.64.0-144.57.255.255
Signature Algorithm: sha256WithRSAEncryption
27:9b:fb:de:ce:89:69:e9:ac:fe:45:53:d7:81:58:e0:22:79:
c1:c6:54:d8:a0:cf:10:a4:09:5c:78:3c:eb:26:2d:75:28:b6:
f8:74:c7:6c:bf:bc:64:b1:4d:0d:d2:b9:d9:90:ac:a2:0d:49:
f5:ee:f2:2b:dc:d9:70:a9:6b:d7:61:22:d1:8a:6c:dd:90:ad:
a3:d8:00:ac:a4:06:a8:68:a4:ed:25:57:e2:5d:05:9c:4a:20:
ea:99:a6:84:c4:7a:09:4b:1d:4e:11:37:ad:53:fb:08:46:e3:
b8:57:8e:b0:51:4a:45:6e:6a:dd:67:4d:84:8e:0f:f1:6b:70:
a7:b5:4c:c7:5c:8b:b1:b0:75:29:cd:97:2c:74:a9:1c:59:ca:
e0:98:b4:ef:0c:3f:65:68:9e:47:76:5c:95:fe:82:c1:0c:3c:
46:b5:50:46:61:84:c9:9a:30:1c:07:71:cf:3f:67:f9:b7:a2:
85:69:73:eb:1b:e2:f7:9a:6c:50:f1:cb:49:e8:6a:c0:2e:6a:
4b:cd:52:be:13:47:e9:26:2a:da:fe:3c:d4:0b:3a:80:c6:a2:
a0:d3:a5:d1:b9:40:67:d2:69:6d:b0:8a:8b:d9:17:8c:86:94:
84:58:38:77:67:ee:c1:fd:d5:80:33:9d:ee:1f:84:6e:41:f5:
28:2b:d6:f7
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAYpKWkU88L6jfU2bq3bQa7wGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhNWNhYWYzYTA5OTNiNzZhZTEzZTExOTEzNmRiZjAwNjk2
OTg5MTEwHhcNMjMwODMxMDY0OTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2RhYzE2YWI1MGFhODc5NjEzZWEwM2YxNzlkMDJiODdlNDJiNTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnIr1uyGt+4Rcp6nKfGrDxpRCzi59
dVM/uYiW7f4WMx8KIXydSBpP4S4GTzsHDeWkNoqJTVgtOU33qmf7t7S0i53FL6iB
MmWbxzw0KL9o6bLSn+GxARymAaR3++vC3oUV3QOFmFeuwYdgttZXxFdJqQy+3tKt
PiBFXoPx4n5OY/dJptr2b71tMMtruZTvLFKubCPIK44FAhWhZDu3pckQASQvIaHe
cvudxRZCfqxLNguX2BhW119dd7MU9NCjXhDuW0qvzU0fqxSel5UMt3yA8BIriwn0
j+VbyCTmxJsZqOmzI//Z83B9h44bGnaK2CxDjKgvhvJpTE6n0j/FldeijwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFAzawWq1Cqh5YT6gPxedArh+QrVaMB8GA1UdIwQY
MBaAFBpcqvOgmTt2rhPhGRNtvwBpaYkRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2x5cTg2Q1pPM2F1RS1FWkUyMl9BR2xwaVJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny85NGNkYjItOTM5OS00NTBiLWE4MmUt
N2M1OTBiY2Y5ODFhLzEvRE5yQmFyVUtxSGxoUHFBX0Y1MEN1SDVDdFZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny85NGNkYjItOTM5OS00NTBiLWE4MmUtN2M1OTBiY2Y5ODFh
LzEvR2x5cTg2Q1pPM2F1RS1FWkUyMl9BR2xwaVJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAATATAwQFkDkAMAsD
BAaQOUADAwGQODANBgkqhkiG9w0BAQsFAAOCAQEAJ5v73s6Jaems/kVT14FY4CJ5
wcZU2KDPEKQJXHg86yYtdSi2+HTHbL+8ZLFNDdK52ZCsog1J9e7yK9zZcKlr12Ei
0Yps3ZCto9gArKQGqGik7SVX4l0FnEog6pmmhMR6CUsdThE3rVP7CEbjuFeOsFFK
RW5q3WdNhI4P8Wtwp7VMx1yLsbB1Kc2XLHSpHFnK4Ji07ww/ZWieR3Zclf6CwQw8
RrVQRmGEyZowHAdxzz9n+beihWlz6xvi95psUPHLSehqwC5qS81SvhNH6SYq2v48
1As6gMaioNOl0blAZ9JpbbCKi9kXjIaUhFg4d2fuwf3VgDOd7h+EbkH1KCvW9w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:22 2024 by rpki-client on console-ams.rpki-client.org