Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/1ad468-e309-4ae6-a1ca-d54c49a46338/1/tdWRc9R9cqYnb9WB90hgjHc5mXI.roa
File: tdWRc9R9cqYnb9WB90hgjHc5mXI.roa (raw, json)
Hash identifier: +bKFqIZnyUQVasK5afnhnnca3JCaZxIbnfISXcL3/w0=
Subject key identifier: B5:D5:91:73:D4:7D:72:A6:27:6F:D5:81:F7:48:60:8C:77:39:99:72
Certificate issuer: /CN=2c76e0c8f6cb721e3bcf2011ba3aafba2a1017db
Certificate serial: 018FA4F344626F409E7E62AE233BB478CE56
Authority key identifier: 2C:76:E0:C8:F6:CB:72:1E:3B:CF:20:11:BA:3A:AF:BA:2A:10:17:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LHbgyPbLch47zyARujqvuioQF9s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/1ad468-e309-4ae6-a1ca-d54c49a46338/1/tdWRc9R9cqYnb9WB90hgjHc5mXI.roa
Signing time: Thu 23 May 2024 10:15:57 +0000
ROA not before: Thu 23 May 2024 10:15:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209200
IP address blocks: 2.57.8.0/22 maxlen: 22
2.57.8.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 24 Jun 2024 10:45:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:a4:f3:44:62:6f:40:9e:7e:62:ae:23:3b:b4:78:ce:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c76e0c8f6cb721e3bcf2011ba3aafba2a1017db
Validity
Not Before: May 23 10:15:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b5d59173d47d72a6276fd581f748608c77399972
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:aa:a2:b3:38:c3:80:fb:90:5b:79:c4:91:97:
65:6f:c6:be:93:0c:67:cd:f5:7a:fb:58:f1:7e:02:
80:83:8a:3e:f2:73:62:12:7b:b9:a4:94:6e:25:38:
3f:52:4e:13:85:95:56:21:24:e2:5a:b9:72:26:43:
0e:a1:d7:a3:72:25:93:c3:98:a8:ac:d5:4b:37:ea:
c5:3c:b3:ee:3f:82:74:e9:e0:4a:c9:4b:e3:5d:56:
1a:78:87:45:1b:41:64:cb:84:bb:91:c0:4b:89:10:
41:6a:82:26:53:5b:8b:e6:5d:91:b8:ed:aa:0a:ea:
e9:90:2a:7a:46:f8:da:c1:81:72:7c:6f:d1:15:e2:
58:35:82:70:69:15:cd:84:d4:3d:44:3b:31:fd:54:
22:49:a6:b2:0d:06:21:e8:4a:49:21:ed:cf:20:45:
72:96:13:ec:15:d5:e3:75:5f:71:9e:e1:fa:c3:f5:
9f:a5:c6:c7:14:72:74:a6:1a:e1:b6:9c:da:33:40:
cf:f8:dc:8e:2b:43:5f:4f:c1:21:95:38:36:04:9c:
40:46:9c:de:0b:24:0d:20:00:e4:23:ed:bd:fb:b1:
26:35:f0:b2:10:34:51:d7:34:67:68:4c:67:df:7a:
f7:24:3f:f1:69:8a:94:59:41:25:0b:2f:6d:6a:be:
aa:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:D5:91:73:D4:7D:72:A6:27:6F:D5:81:F7:48:60:8C:77:39:99:72
X509v3 Authority Key Identifier:
keyid:2C:76:E0:C8:F6:CB:72:1E:3B:CF:20:11:BA:3A:AF:BA:2A:10:17:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LHbgyPbLch47zyARujqvuioQF9s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/1ad468-e309-4ae6-a1ca-d54c49a46338/1/tdWRc9R9cqYnb9WB90hgjHc5mXI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/1ad468-e309-4ae6-a1ca-d54c49a46338/1/LHbgyPbLch47zyARujqvuioQF9s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.8.0/22
Signature Algorithm: sha256WithRSAEncryption
6a:07:a4:b6:6a:c6:8d:7f:db:e1:7f:1e:f8:03:97:54:4b:da:
27:61:c4:b5:e1:e9:f9:9e:17:7d:f9:bb:b4:27:35:b2:67:20:
32:06:e2:4f:c8:2f:62:48:24:fa:e5:8f:06:f7:f9:39:9c:f0:
58:ee:40:5c:26:8b:71:4e:af:7e:86:a8:8c:de:c2:3a:26:f5:
e8:db:7f:f0:83:bb:b9:ce:32:13:91:2c:b4:c5:f8:d8:dc:59:
53:e1:f0:dc:8b:9b:88:e7:28:ab:2a:4e:70:d5:75:38:63:e3:
92:d9:7f:ea:01:2e:5a:73:c4:04:34:f7:6e:2e:e4:c4:14:4d:
f3:5c:26:6d:a0:90:6d:0b:25:77:1d:f0:38:6e:ce:7f:b2:23:
c7:7e:01:49:85:73:96:2a:69:2d:a0:fa:d6:d5:0b:67:bc:f2:
1b:c4:4d:d3:2e:10:ee:70:b0:30:19:ea:3f:af:c0:24:89:28:
ca:20:83:4c:4e:57:94:ca:e5:a4:35:32:44:3a:2f:da:40:73:
10:48:71:be:12:2d:84:aa:c4:26:06:fd:a8:5b:22:f2:91:af:
6d:95:55:f4:20:80:ab:49:8d:49:e7:7b:f0:c3:f4:b8:75:c2:
79:83:d3:48:7e:d7:69:a0:44:37:1c:4a:15:bc:df:e1:81:28:
1c:98:11:fa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY+k80Rib0CefmKuIzu0eM5WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjNzZlMGM4ZjZjYjcyMWUzYmNmMjAxMWJhM2FhZmJhMmEx
MDE3ZGIwHhcNMjQwNTIzMTAxNTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWQ1OTE3M2Q0N2Q3MmE2Mjc2ZmQ1ODFmNzQ4NjA4Yzc3Mzk5OTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqaqiszjDgPuQW3nEkZdlb8a+kwxn
zfV6+1jxfgKAg4o+8nNiEnu5pJRuJTg/Uk4ThZVWISTiWrlyJkMOodejciWTw5io
rNVLN+rFPLPuP4J06eBKyUvjXVYaeIdFG0Fky4S7kcBLiRBBaoImU1uL5l2RuO2q
CurpkCp6RvjawYFyfG/RFeJYNYJwaRXNhNQ9RDsx/VQiSaayDQYh6EpJIe3PIEVy
lhPsFdXjdV9xnuH6w/WfpcbHFHJ0phrhtpzaM0DP+NyOK0NfT8EhlTg2BJxARpze
CyQNIADkI+29+7EmNfCyEDRR1zRnaExn33r3JD/xaYqUWUElCy9tar6quwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLXVkXPUfXKmJ2/VgfdIYIx3OZlyMB8GA1UdIwQY
MBaAFCx24Mj2y3IeO88gEbo6r7oqEBfbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEhiZ3lQYkxjaDQ3enlBUnVqcXZ1aW9RRjlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8xYWQ0NjgtZTMwOS00YWU2LWExY2Et
ZDU0YzQ5YTQ2MzM4LzEvdGRXUmM5UjljcVluYjlXQjkwaGdqSGM1bVhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8xYWQ0NjgtZTMwOS00YWU2LWExY2EtZDU0YzQ5YTQ2MzM4
LzEvTEhiZ3lQYkxjaDQ3enlBUnVqcXZ1aW9RRjlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCAjkIMA0G
CSqGSIb3DQEBCwUAA4IBAQBqB6S2asaNf9vhfx74A5dUS9onYcS14en5nhd9+bu0
JzWyZyAyBuJPyC9iSCT65Y8G9/k5nPBY7kBcJotxTq9+hqiM3sI6JvXo23/wg7u5
zjITkSy0xfjY3FlT4fDci5uI5yirKk5w1XU4Y+OS2X/qAS5ac8QENPduLuTEFE3z
XCZtoJBtCyV3HfA4bs5/siPHfgFJhXOWKmktoPrW1QtnvPIbxE3TLhDucLAwGeo/
r8AkiSjKIINMTleUyuWkNTJEOi/aQHMQSHG+Ei2EqsQmBv2oWyLyka9tlVX0IICr
SY1J53vww/S4dcJ5g9NIftdpoEQ3HEoVvN/hgSgcmBH6
-----END CERTIFICATE-----
Generated at Mon Jun 24 16:22:18 2024 by rpki-client on console-ams.rpki-client.org