Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/FcVpGz5kzmOCdvDxdJQ3DMit1AA.roa
File: FcVpGz5kzmOCdvDxdJQ3DMit1AA.roa (raw, json)
Hash identifier: 9Q5ly1I6Nl77EEXQvLUuy5t8IQpcuqOsbndVHrjgAlo=
Subject key identifier: 15:C5:69:1B:3E:64:CE:63:82:76:F0:F1:74:94:37:0C:C8:AD:D4:00
Certificate issuer: /CN=cdb83cfe5489835f294d0af4dd4db6e3dc25f1f3
Certificate serial: 0185707080C0BC63791C12C2B9544CD5214F
Authority key identifier: CD:B8:3C:FE:54:89:83:5F:29:4D:0A:F4:DD:4D:B6:E3:DC:25:F1:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zbg8_lSJg18pTQr03U2249wl8fM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/FcVpGz5kzmOCdvDxdJQ3DMit1AA.roa
Signing time: Mon 02 Jan 2023 03:04:59 +0000
ROA not before: Mon 02 Jan 2023 03:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5583
IP address blocks: 57.79.0.0/16 maxlen: 32
57.82.0.0/15 maxlen: 32
57.66.0.0/15 maxlen: 32
Validation: Failed, certificate revoked on Tue 05 Sep 2023 06:30:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:70:80:c0:bc:63:79:1c:12:c2:b9:54:4c:d5:21:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdb83cfe5489835f294d0af4dd4db6e3dc25f1f3
Validity
Not Before: Jan 2 03:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=15c5691b3e64ce638276f0f17494370cc8add400
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:bc:c0:5a:5e:52:06:b0:e2:1c:04:a3:04:e7:
d3:c9:80:36:d9:1a:6a:b8:5d:ac:50:3d:29:6c:0a:
86:7e:92:6a:d5:0c:2b:aa:75:08:f6:d7:0d:ba:a1:
3b:ad:5a:29:9d:53:7e:68:87:c5:11:1a:78:38:15:
4f:9e:58:b7:f7:c5:07:7f:99:fa:90:37:d5:0d:8f:
4e:04:0a:65:03:4f:09:56:95:ea:42:fb:b5:9f:e4:
5d:f2:1f:f4:ab:4e:f8:41:ad:98:fa:8e:dc:4c:8d:
40:97:04:92:65:27:2b:98:af:19:3c:69:f3:58:77:
90:b8:f0:43:d0:2f:d2:ea:3f:2b:41:38:17:b0:6d:
4b:5e:22:d1:bd:a4:85:3b:e2:02:8a:07:90:9c:d1:
f6:4f:32:4d:35:24:a6:d1:e4:74:55:7b:6e:f9:3b:
dc:9e:8b:20:f7:a4:e5:02:a9:d4:8b:76:1b:b7:7f:
36:23:06:50:61:9b:3f:8c:2f:b1:55:a1:55:87:d7:
d7:30:b9:19:4e:ba:d1:2f:c9:8d:8a:e5:d0:a2:60:
74:65:16:e9:b4:4c:fc:e6:33:a3:42:81:14:e5:98:
ed:19:bb:68:2a:e6:90:9e:b8:70:cf:89:5e:df:a8:
3a:22:f7:b9:ff:cf:fb:3d:a1:4d:bf:5b:21:a2:17:
f2:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:C5:69:1B:3E:64:CE:63:82:76:F0:F1:74:94:37:0C:C8:AD:D4:00
X509v3 Authority Key Identifier:
keyid:CD:B8:3C:FE:54:89:83:5F:29:4D:0A:F4:DD:4D:B6:E3:DC:25:F1:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zbg8_lSJg18pTQr03U2249wl8fM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/FcVpGz5kzmOCdvDxdJQ3DMit1AA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/zbg8_lSJg18pTQr03U2249wl8fM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.66.0.0/15
57.79.0.0/16
57.82.0.0/15
Signature Algorithm: sha256WithRSAEncryption
b3:c6:2a:0a:5e:b2:79:cc:87:d1:6e:dc:c2:58:df:da:1d:2f:
a2:fe:dc:bb:d0:c0:d4:e0:92:7a:e6:30:1a:71:7f:0a:a0:d0:
04:f1:d6:ee:e3:7c:1d:3a:19:79:55:58:fd:f0:4c:21:4a:c6:
aa:16:c0:94:54:0d:39:db:af:8e:c7:76:c8:6a:0c:4b:a3:0d:
5d:fa:1d:c5:55:24:01:8f:ac:90:5e:bb:1f:1c:11:fc:74:ff:
6a:c9:56:80:93:f5:4e:b8:47:71:8e:9a:46:0f:2d:40:04:d7:
df:75:f2:06:03:74:00:9c:59:de:fc:14:ae:f2:d3:ac:d9:78:
83:03:fa:95:b3:ef:40:2b:b0:7c:39:31:31:3e:c0:13:94:ca:
42:a1:e4:13:c0:69:70:83:8b:a0:c5:52:76:cb:f8:7b:eb:67:
ff:7f:d6:af:0c:9e:ca:7a:61:da:c0:60:1a:6a:7c:50:8f:4d:
6b:f8:67:02:fa:e4:29:3c:0f:3c:fd:26:e7:19:85:4b:1b:28:
df:a9:77:30:8f:2d:00:2e:3e:20:d4:f4:6e:e4:e1:ca:c5:27:
50:2d:90:40:63:c6:f3:b1:7a:df:c9:3f:7f:69:1d:db:c0:43:
c0:fe:fa:34:27:16:c0:91:75:0e:02:e8:2a:b8:71:85:63:0e:
d1:d4:bc:7c
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgISAYVwcIDAvGN5HBLCuVRM1SFPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYjgzY2ZlNTQ4OTgzNWYyOTRkMGFmNGRkNGRiNmUzZGMy
NWYxZjMwHhcNMjMwMTAyMDMwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWM1NjkxYjNlNjRjZTYzODI3NmYwZjE3NDk0MzcwY2M4YWRkNDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhLzAWl5SBrDiHASjBOfTyYA22Rpq
uF2sUD0pbAqGfpJq1QwrqnUI9tcNuqE7rVopnVN+aIfFERp4OBVPnli398UHf5n6
kDfVDY9OBAplA08JVpXqQvu1n+Rd8h/0q074Qa2Y+o7cTI1AlwSSZScrmK8ZPGnz
WHeQuPBD0C/S6j8rQTgXsG1LXiLRvaSFO+ICigeQnNH2TzJNNSSm0eR0VXtu+Tvc
nosg96TlAqnUi3Ybt382IwZQYZs/jC+xVaFVh9fXMLkZTrrRL8mNiuXQomB0ZRbp
tEz85jOjQoEU5ZjtGbtoKuaQnrhwz4le36g6Ive5/8/7PaFNv1shohfyTwIDAQAB
o4ICEjCCAg4wHQYDVR0OBBYEFBXFaRs+ZM5jgnbw8XSUNwzIrdQAMB8GA1UdIwQY
MBaAFM24PP5UiYNfKU0K9N1NtuPcJfHzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemJnOF9sU0pnMThwVFFyMDNVMjI0OXdsOGZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS83Mzk3MTYtOWFmMi00N2Y1LWE2ZjEt
YTNiNzRmOTY0MWFjLzEvRmNWcEd6NWt6bU9DZHZEeGRKUTNETWl0MUFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS83Mzk3MTYtOWFmMi00N2Y1LWE2ZjEtYTNiNzRmOTY0MWFj
LzEvemJnOF9sU0pnMThwVFFyMDNVMjI0OXdsOGZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCgGCCsGAQUFBwEHAQH/BBkwFzAVBAIAATAPAwMBOUIDAwA5
TwMDATlSMA0GCSqGSIb3DQEBCwUAA4IBAQCzxioKXrJ5zIfRbtzCWN/aHS+i/ty7
0MDU4JJ65jAacX8KoNAE8dbu43wdOhl5VVj98EwhSsaqFsCUVA0526+Ox3bIagxL
ow1d+h3FVSQBj6yQXrsfHBH8dP9qyVaAk/VOuEdxjppGDy1ABNffdfIGA3QAnFne
/BSu8tOs2XiDA/qVs+9AK7B8OTExPsATlMpCoeQTwGlwg4ugxVJ2y/h762f/f9av
DJ7KemHawGAaanxQj01r+GcC+uQpPA88/SbnGYVLGyjfqXcwjy0ALj4g1PRu5OHK
xSdQLZBAY8bzsXrfyT9/aR3bwEPA/vo0JxbAkXUOAugquHGFYw7R1Lx8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:35 2024 by rpki-client on console-ams.rpki-client.org