Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/3uwP_vRADuBoYBoeLRYotZhhMn8.roa
File: 3uwP_vRADuBoYBoeLRYotZhhMn8.roa (raw, json)
Hash identifier: lwiTNLKfbEJ8IUsh5LIpuv1GBMA4RJODQvhaDaYixy0=
Subject key identifier: DE:EC:0F:FE:F4:40:0E:E0:68:60:1A:1E:2D:16:28:B5:98:61:32:7F
Certificate issuer: /CN=cdb83cfe5489835f294d0af4dd4db6e3dc25f1f3
Certificate serial: 018570707E09138592FD2C033127BCF5B9BB
Authority key identifier: CD:B8:3C:FE:54:89:83:5F:29:4D:0A:F4:DD:4D:B6:E3:DC:25:F1:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zbg8_lSJg18pTQr03U2249wl8fM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/3uwP_vRADuBoYBoeLRYotZhhMn8.roa
Signing time: Mon 02 Jan 2023 03:04:58 +0000
ROA not before: Mon 02 Jan 2023 03:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2647
IP address blocks: 57.100.0.0/16 maxlen: 16
57.68.10.0/24 maxlen: 24
57.68.0.0/15 maxlen: 32
57.77.0.0/16 maxlen: 32
57.70.0.0/16 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:70:7e:09:13:85:92:fd:2c:03:31:27:bc:f5:b9:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdb83cfe5489835f294d0af4dd4db6e3dc25f1f3
Validity
Not Before: Jan 2 03:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=deec0ffef4400ee068601a1e2d1628b59861327f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:4a:37:45:e0:ef:57:96:61:36:3f:26:82:46:
9c:83:02:ed:69:12:ee:a7:2a:7d:07:fd:9e:5b:55:
93:b0:52:c7:f8:d1:54:3c:95:60:f2:74:bc:09:21:
75:85:48:1a:5b:c1:51:2f:b2:40:bd:43:af:12:59:
2d:54:60:30:ba:88:f4:a3:b9:2f:b4:4f:e7:b7:37:
78:d1:74:35:39:03:f0:c1:29:73:c5:bb:b0:26:25:
7e:28:4c:43:b4:11:da:33:fb:35:92:36:21:41:76:
91:6c:e5:14:8d:f9:08:95:a3:8c:d4:ca:3d:bc:c2:
e2:85:86:ed:c6:24:ec:d5:a5:77:33:28:8e:f5:f1:
f1:07:be:0c:2c:00:7e:f5:ba:78:54:9c:21:c3:29:
20:47:ca:6b:0f:65:9d:46:3b:73:cb:7c:90:b3:6c:
af:dc:42:1a:cd:0e:1b:90:6a:6c:e9:12:bb:db:9b:
6d:d0:79:ae:ff:46:75:a8:1f:90:58:4c:61:c1:ac:
9c:9c:be:72:c4:42:2b:50:5c:17:d7:d7:1d:7a:ac:
85:7d:fa:0d:5c:37:23:cb:69:0d:dc:da:2d:a5:36:
0d:d6:63:b7:49:ec:4b:23:5e:aa:8d:be:dc:db:53:
26:f7:a4:0d:17:c3:20:f2:fc:3f:6b:b7:a3:b4:24:
9d:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:EC:0F:FE:F4:40:0E:E0:68:60:1A:1E:2D:16:28:B5:98:61:32:7F
X509v3 Authority Key Identifier:
keyid:CD:B8:3C:FE:54:89:83:5F:29:4D:0A:F4:DD:4D:B6:E3:DC:25:F1:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zbg8_lSJg18pTQr03U2249wl8fM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/3uwP_vRADuBoYBoeLRYotZhhMn8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/zbg8_lSJg18pTQr03U2249wl8fM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.68.0.0-57.70.255.255
57.77.0.0/16
57.100.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2e:3a:b9:c2:9c:82:91:bb:33:fc:7b:44:82:a5:12:d3:91:fb:
74:79:fd:44:8f:bf:b1:49:bd:b4:14:62:64:77:84:b4:b9:97:
24:1e:86:cf:de:a1:9c:e9:b3:5b:a4:5b:85:14:d2:a4:07:ad:
40:2d:1c:1f:8d:67:0e:1e:b7:dd:8d:b3:13:da:c5:a2:90:08:
73:65:b5:fa:20:85:9f:09:85:6c:34:fb:84:b5:d7:dc:09:42:
5e:c8:91:c0:df:89:25:bf:49:6d:37:7e:04:72:e4:ef:92:9f:
6d:ed:42:58:ec:dc:df:c9:90:b7:49:09:00:09:47:bc:35:06:
be:df:4d:4c:21:ab:c4:0e:4d:a2:70:38:b4:dc:f4:02:33:5c:
81:b1:7d:a8:e6:13:13:71:e8:f9:6e:84:b4:56:e2:15:31:07:
59:fd:7a:3e:b3:4c:eb:f3:cc:ba:40:4c:ed:66:d8:3d:9c:63:
65:9a:d1:84:71:cf:91:28:c0:2d:e2:5c:3b:82:87:15:ea:62:
45:b5:c1:06:9d:79:8a:9f:aa:f7:6e:cb:c4:b2:4a:f0:c8:59:
12:dd:e2:94:d2:20:ac:69:f7:6a:ca:09:da:26:c8:cf:e4:79:
6c:21:b7:77:49:b0:fc:46:e9:18:12:b8:a8:0e:98:30:8d:b8:
cb:ac:5b:34
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVwcH4JE4WS/SwDMSe89bm7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYjgzY2ZlNTQ4OTgzNWYyOTRkMGFmNGRkNGRiNmUzZGMy
NWYxZjMwHhcNMjMwMTAyMDMwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWVjMGZmZWY0NDAwZWUwNjg2MDFhMWUyZDE2MjhiNTk4NjEzMjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiUo3ReDvV5ZhNj8mgkacgwLtaRLu
pyp9B/2eW1WTsFLH+NFUPJVg8nS8CSF1hUgaW8FRL7JAvUOvElktVGAwuoj0o7kv
tE/ntzd40XQ1OQPwwSlzxbuwJiV+KExDtBHaM/s1kjYhQXaRbOUUjfkIlaOM1Mo9
vMLihYbtxiTs1aV3MyiO9fHxB74MLAB+9bp4VJwhwykgR8prD2WdRjtzy3yQs2yv
3EIazQ4bkGps6RK725tt0Hmu/0Z1qB+QWExhwaycnL5yxEIrUFwX19cdeqyFffoN
XDcjy2kN3NotpTYN1mO3SexLI16qjb7c21Mm96QNF8Mg8vw/a7ejtCSdHQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFN7sD/70QA7gaGAaHi0WKLWYYTJ/MB8GA1UdIwQY
MBaAFM24PP5UiYNfKU0K9N1NtuPcJfHzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemJnOF9sU0pnMThwVFFyMDNVMjI0OXdsOGZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS83Mzk3MTYtOWFmMi00N2Y1LWE2ZjEt
YTNiNzRmOTY0MWFjLzEvM3V3UF92UkFEdUJvWUJvZUxSWW90WmhoTW44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS83Mzk3MTYtOWFmMi00N2Y1LWE2ZjEtYTNiNzRmOTY0MWFj
LzEvemJnOF9sU0pnMThwVFFyMDNVMjI0OXdsOGZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAcBAIAATAWMAoDAwI5RAMD
ADlGAwMAOU0DAwA5ZDANBgkqhkiG9w0BAQsFAAOCAQEALjq5wpyCkbsz/HtEgqUS
05H7dHn9RI+/sUm9tBRiZHeEtLmXJB6Gz96hnOmzW6RbhRTSpAetQC0cH41nDh63
3Y2zE9rFopAIc2W1+iCFnwmFbDT7hLXX3AlCXsiRwN+JJb9JbTd+BHLk75Kfbe1C
WOzc38mQt0kJAAlHvDUGvt9NTCGrxA5NonA4tNz0AjNcgbF9qOYTE3Ho+W6EtFbi
FTEHWf16PrNM6/PMukBM7WbYPZxjZZrRhHHPkSjALeJcO4KHFepiRbXBBp15ip+q
927LxLJK8MhZEt3ilNIgrGn3asoJ2ibIz+R5bCG3d0mw/EbpGBK4qA6YMI24y6xb
NA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:44 2024 by rpki-client on console-fra.rpki-client.org