Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/1XAoU2rHfD23mglQI2xnnJc91z4.roa
File: 1XAoU2rHfD23mglQI2xnnJc91z4.roa (raw, json)
Hash identifier: HQr/J2w1Nl0tliVwEULlKqej33sfU2OGLW6N/5FGMYw=
Subject key identifier: D5:70:28:53:6A:C7:7C:3D:B7:9A:09:50:23:6C:67:9C:97:3D:D7:3E
Certificate issuer: /CN=cdb83cfe5489835f294d0af4dd4db6e3dc25f1f3
Certificate serial: 01857070841143E829CA8B99C53299F1EA0F
Authority key identifier: CD:B8:3C:FE:54:89:83:5F:29:4D:0A:F4:DD:4D:B6:E3:DC:25:F1:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zbg8_lSJg18pTQr03U2249wl8fM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/1XAoU2rHfD23mglQI2xnnJc91z4.roa
Signing time: Mon 02 Jan 2023 03:05:00 +0000
ROA not before: Mon 02 Jan 2023 03:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 17650
IP address blocks: 57.100.0.0/21 maxlen: 24
57.68.248.0/21 maxlen: 24
57.100.64.0/21 maxlen: 24
57.100.96.0/21 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:70:84:11:43:e8:29:ca:8b:99:c5:32:99:f1:ea:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdb83cfe5489835f294d0af4dd4db6e3dc25f1f3
Validity
Not Before: Jan 2 03:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d57028536ac77c3db79a0950236c679c973dd73e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:ad:4d:be:a2:20:a3:83:52:9b:a7:ae:f7:84:
e4:21:75:1e:67:8d:80:df:15:f7:3f:0b:eb:02:6a:
15:14:9d:cd:11:5b:0e:e5:eb:96:51:ca:92:8d:19:
fc:37:f3:de:f2:c3:c6:06:a6:de:3a:56:3f:99:7d:
06:7e:01:f9:4c:b2:56:1a:e8:6b:63:4e:d2:04:c3:
33:aa:80:52:36:18:c2:db:0b:7e:f2:d5:51:2b:79:
45:69:5b:87:6b:38:2d:a9:d3:38:37:40:02:59:4e:
72:53:cc:f2:e3:31:96:83:bb:47:aa:d3:55:d5:14:
fe:ce:44:00:10:86:c2:9e:a4:72:ea:a6:4b:cc:3d:
c0:1a:01:de:63:86:29:48:96:df:84:38:e6:da:96:
95:a4:1c:1b:63:a6:f8:91:d8:4e:0e:21:dc:6c:f0:
1c:80:78:4c:b2:65:22:e4:a5:a8:91:42:a6:28:5f:
ba:10:fe:0c:10:1c:16:dc:fe:ff:8e:be:26:da:4f:
7a:17:66:ad:a3:01:f7:87:fa:5f:98:88:a5:d1:9e:
ff:ab:e1:f6:6d:01:68:1b:d0:55:6e:0a:82:ba:02:
34:de:0e:e9:5a:91:9d:e4:7f:f4:4f:39:0b:2c:cb:
be:67:d5:28:9e:88:ca:e3:dc:62:1d:3e:be:78:e4:
3c:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:70:28:53:6A:C7:7C:3D:B7:9A:09:50:23:6C:67:9C:97:3D:D7:3E
X509v3 Authority Key Identifier:
keyid:CD:B8:3C:FE:54:89:83:5F:29:4D:0A:F4:DD:4D:B6:E3:DC:25:F1:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zbg8_lSJg18pTQr03U2249wl8fM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/1XAoU2rHfD23mglQI2xnnJc91z4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/zbg8_lSJg18pTQr03U2249wl8fM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.68.248.0/21
57.100.0.0/21
57.100.64.0/21
57.100.96.0/21
Signature Algorithm: sha256WithRSAEncryption
48:cd:ef:ad:b0:10:b9:1f:6e:c5:06:7d:90:dd:46:f0:00:33:
a3:4b:84:7e:a7:08:94:5d:ed:fe:57:85:9a:1e:8f:81:bb:cc:
0a:7f:d1:bc:04:39:2c:b9:bf:85:ed:3a:4c:28:f5:ed:7a:2e:
5d:9b:6d:96:89:8e:ee:ff:c8:c6:38:06:c7:9c:c2:91:70:15:
4e:52:12:e7:08:8e:0b:b2:5a:a8:57:fb:b1:79:bb:fe:c4:5c:
d1:7e:d7:76:f1:2c:f0:75:55:b3:61:eb:fc:e1:b0:ed:e2:c0:
92:17:c5:00:53:3f:22:10:ea:0b:5e:ca:58:78:b3:47:93:10:
f3:9a:d1:31:17:92:46:d7:9a:ba:60:37:fa:b6:0e:a4:d8:f1:
04:9d:0c:a5:7c:01:28:6f:d0:cd:75:90:66:ce:52:79:13:23:
7e:cd:04:ba:fc:7e:39:66:85:97:ea:7a:61:ab:38:d4:f3:1d:
db:a9:ac:0f:72:22:05:96:37:26:0d:c1:21:51:52:a3:21:5d:
d5:9c:a5:af:28:3a:89:03:33:65:03:8a:04:37:c7:3b:9e:31:
f8:16:b2:f5:e8:87:14:7c:f3:44:51:31:01:e6:5f:a0:76:b2:
35:23:c1:a1:23:53:5f:d7:9b:f2:cd:d3:e0:2a:e7:f8:38:9c:
b1:43:4f:e2
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVwcIQRQ+gpyouZxTKZ8eoPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYjgzY2ZlNTQ4OTgzNWYyOTRkMGFmNGRkNGRiNmUzZGMy
NWYxZjMwHhcNMjMwMTAyMDMwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTcwMjg1MzZhYzc3YzNkYjc5YTA5NTAyMzZjNjc5Yzk3M2RkNzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi61NvqIgo4NSm6eu94TkIXUeZ42A
3xX3PwvrAmoVFJ3NEVsO5euWUcqSjRn8N/Pe8sPGBqbeOlY/mX0GfgH5TLJWGuhr
Y07SBMMzqoBSNhjC2wt+8tVRK3lFaVuHazgtqdM4N0ACWU5yU8zy4zGWg7tHqtNV
1RT+zkQAEIbCnqRy6qZLzD3AGgHeY4YpSJbfhDjm2paVpBwbY6b4kdhODiHcbPAc
gHhMsmUi5KWokUKmKF+6EP4MEBwW3P7/jr4m2k96F2atowH3h/pfmIil0Z7/q+H2
bQFoG9BVbgqCugI03g7pWpGd5H/0TzkLLMu+Z9UonojK49xiHT6+eOQ8CwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNVwKFNqx3w9t5oJUCNsZ5yXPdc+MB8GA1UdIwQY
MBaAFM24PP5UiYNfKU0K9N1NtuPcJfHzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemJnOF9sU0pnMThwVFFyMDNVMjI0OXdsOGZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS83Mzk3MTYtOWFmMi00N2Y1LWE2ZjEt
YTNiNzRmOTY0MWFjLzEvMVhBb1UyckhmRDIzbWdsUUkyeG5uSmM5MXo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS83Mzk3MTYtOWFmMi00N2Y1LWE2ZjEtYTNiNzRmOTY0MWFj
LzEvemJnOF9sU0pnMThwVFFyMDNVMjI0OXdsOGZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDOUT4AwQD
OWQAAwQDOWRAAwQDOWRgMA0GCSqGSIb3DQEBCwUAA4IBAQBIze+tsBC5H27FBn2Q
3UbwADOjS4R+pwiUXe3+V4WaHo+Bu8wKf9G8BDksub+F7TpMKPXtei5dm22WiY7u
/8jGOAbHnMKRcBVOUhLnCI4LslqoV/uxebv+xFzRftd28SzwdVWzYev84bDt4sCS
F8UAUz8iEOoLXspYeLNHkxDzmtExF5JG15q6YDf6tg6k2PEEnQylfAEob9DNdZBm
zlJ5EyN+zQS6/H45ZoWX6nphqzjU8x3bqawPciIFljcmDcEhUVKjIV3VnKWvKDqJ
AzNlA4oEN8c7njH4FrL16IcUfPNEUTEB5l+gdrI1I8GhI1Nf15vyzdPgKuf4OJyx
Q0/i
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:35 2024 by rpki-client on console-ams.rpki-client.org