Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/94cdb2-9399-450b-a82e-7c590bcf981a/1/Sgfgd9mKOQaiy_68Odtml6xJ6pI.roa
File: Sgfgd9mKOQaiy_68Odtml6xJ6pI.roa (raw, json)
Hash identifier: aEQUC67oaSXnsTPlBmLvX3M2t5IJCfyacuiPMyTPlCA=
Subject key identifier: 4A:07:E0:77:D9:8A:39:06:A2:CB:FE:BC:39:DB:66:97:AC:49:EA:92
Certificate issuer: /CN=1a5caaf3a0993b76ae13e119136dbf0069698911
Certificate serial: 018A4A5A4584421171213D47186C33E891F5
Authority key identifier: 1A:5C:AA:F3:A0:99:3B:76:AE:13:E1:19:13:6D:BF:00:69:69:89:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Glyq86CZO3auE-EZE22_AGlpiRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/94cdb2-9399-450b-a82e-7c590bcf981a/1/Sgfgd9mKOQaiy_68Odtml6xJ6pI.roa
Signing time: Thu 31 Aug 2023 06:49:04 +0000
ROA not before: Thu 31 Aug 2023 06:49:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398577
IP address blocks: 144.57.40.0/24 maxlen: 24
144.57.41.0/24 maxlen: 24
144.57.40.0/21 maxlen: 21
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:30:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:4a:5a:45:84:42:11:71:21:3d:47:18:6c:33:e8:91:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a5caaf3a0993b76ae13e119136dbf0069698911
Validity
Not Before: Aug 31 06:49:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4a07e077d98a3906a2cbfebc39db6697ac49ea92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:29:22:98:f2:cf:db:b7:32:35:dd:64:b0:82:
4c:c4:f5:2f:99:e2:85:b2:ba:07:aa:d9:9a:df:8e:
43:4e:8f:ab:d3:09:e2:7a:dd:5b:d0:3a:53:51:eb:
f5:f4:5c:79:8f:4e:d3:eb:f5:3e:7f:ad:5b:c8:2e:
01:e5:46:42:60:da:a4:86:ca:85:4e:73:51:a6:ab:
5b:af:6a:0e:41:5d:52:17:5d:c7:7f:fc:db:65:ad:
51:79:c5:61:cd:22:c6:6e:8f:f5:d4:13:f9:29:df:
54:24:9b:ca:7f:91:3c:90:16:05:5d:1f:0e:2a:7c:
0a:ac:20:9a:43:86:f7:94:37:80:b0:01:39:8e:4c:
cd:f7:c2:4f:f8:1b:eb:5c:f2:30:bd:17:7f:bc:37:
91:7a:d5:e3:fa:98:97:64:ce:bf:43:9a:be:1b:0c:
8e:62:ca:05:51:08:bd:80:be:32:a7:86:6b:c4:0e:
12:24:b1:69:73:4b:88:1f:7f:47:a9:1c:1d:3e:3d:
f7:37:fd:2e:b6:db:8e:c1:6e:69:87:71:38:1c:69:
a8:51:88:ac:e2:25:af:57:0e:92:39:30:5f:69:03:
f2:94:c6:85:93:60:4e:62:78:ee:d7:47:b2:b7:06:
92:95:80:47:fe:17:0e:fa:a6:0b:a0:bf:f2:b2:fb:
98:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:07:E0:77:D9:8A:39:06:A2:CB:FE:BC:39:DB:66:97:AC:49:EA:92
X509v3 Authority Key Identifier:
keyid:1A:5C:AA:F3:A0:99:3B:76:AE:13:E1:19:13:6D:BF:00:69:69:89:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Glyq86CZO3auE-EZE22_AGlpiRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/94cdb2-9399-450b-a82e-7c590bcf981a/1/Sgfgd9mKOQaiy_68Odtml6xJ6pI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/94cdb2-9399-450b-a82e-7c590bcf981a/1/Glyq86CZO3auE-EZE22_AGlpiRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.57.40.0/21
Signature Algorithm: sha256WithRSAEncryption
95:28:8c:60:58:17:9f:f3:47:0f:42:f0:cf:84:72:84:c0:da:
c6:97:0d:42:49:7c:56:ae:a1:42:a7:23:ff:31:26:36:85:35:
af:95:2e:9a:00:f9:2f:c4:7e:2b:5e:a8:99:0c:96:35:9b:51:
03:59:3a:68:85:88:ba:31:7b:6d:9d:e4:f0:16:8b:f8:6a:8d:
82:c0:3a:d4:26:ee:46:19:84:6b:67:a4:17:0a:56:d9:ef:52:
69:b1:30:17:be:1e:0a:c5:e3:27:98:6b:62:d5:11:3a:c4:01:
86:ff:99:6e:35:6f:09:e8:6d:b3:99:af:85:30:62:89:5b:61:
15:d0:5d:41:65:6a:9d:ee:cc:47:80:e1:ff:67:21:b3:0b:76:
41:c3:d2:53:7b:56:66:98:b4:b6:8c:4b:ed:74:1b:0c:03:eb:
86:50:d1:76:56:03:66:69:f5:f6:c2:4b:77:56:f0:db:fb:99:
1f:c6:c8:79:2c:d8:1c:3c:01:89:f0:de:c1:2f:38:48:62:37:
ff:5f:e2:dd:71:83:e1:e9:f8:18:82:e7:6e:97:d8:60:75:5f:
cc:32:5f:92:9e:31:cb:e4:a6:80:0f:90:17:7f:04:c9:3c:15:
80:2e:f4:c9:eb:ea:20:dd:d3:f2:1c:53:57:51:e1:3f:2b:ea:
42:98:7c:f8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYpKWkWEQhFxIT1HGGwz6JH1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhNWNhYWYzYTA5OTNiNzZhZTEzZTExOTEzNmRiZjAwNjk2
OTg5MTEwHhcNMjMwODMxMDY0OTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTA3ZTA3N2Q5OGEzOTA2YTJjYmZlYmMzOWRiNjY5N2FjNDllYTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAySkimPLP27cyNd1ksIJMxPUvmeKF
sroHqtma345DTo+r0wniet1b0DpTUev19Fx5j07T6/U+f61byC4B5UZCYNqkhsqF
TnNRpqtbr2oOQV1SF13Hf/zbZa1RecVhzSLGbo/11BP5Kd9UJJvKf5E8kBYFXR8O
KnwKrCCaQ4b3lDeAsAE5jkzN98JP+BvrXPIwvRd/vDeRetXj+piXZM6/Q5q+GwyO
YsoFUQi9gL4yp4ZrxA4SJLFpc0uIH39HqRwdPj33N/0uttuOwW5ph3E4HGmoUYis
4iWvVw6SOTBfaQPylMaFk2BOYnju10eytwaSlYBH/hcO+qYLoL/ysvuYgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEoH4HfZijkGosv+vDnbZpesSeqSMB8GA1UdIwQY
MBaAFBpcqvOgmTt2rhPhGRNtvwBpaYkRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2x5cTg2Q1pPM2F1RS1FWkUyMl9BR2xwaVJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny85NGNkYjItOTM5OS00NTBiLWE4MmUt
N2M1OTBiY2Y5ODFhLzEvU2dmZ2Q5bUtPUWFpeV82OE9kdG1sNnhKNnBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny85NGNkYjItOTM5OS00NTBiLWE4MmUtN2M1OTBiY2Y5ODFh
LzEvR2x5cTg2Q1pPM2F1RS1FWkUyMl9BR2xwaVJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDkDkoMA0G
CSqGSIb3DQEBCwUAA4IBAQCVKIxgWBef80cPQvDPhHKEwNrGlw1CSXxWrqFCpyP/
MSY2hTWvlS6aAPkvxH4rXqiZDJY1m1EDWTpohYi6MXttneTwFov4ao2CwDrUJu5G
GYRrZ6QXClbZ71JpsTAXvh4KxeMnmGti1RE6xAGG/5luNW8J6G2zma+FMGKJW2EV
0F1BZWqd7sxHgOH/ZyGzC3ZBw9JTe1ZmmLS2jEvtdBsMA+uGUNF2VgNmafX2wkt3
VvDb+5kfxsh5LNgcPAGJ8N7BLzhIYjf/X+LdcYPh6fgYgudul9hgdV/MMl+SnjHL
5KaAD5AXfwTJPBWALvTJ6+og3dPyHFNXUeE/K+pCmHz4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:48 2024 by rpki-client on console-fra.rpki-client.org