Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/H2epc-q8aDcXbOhKxmjDh8zo0L4.roa
File: H2epc-q8aDcXbOhKxmjDh8zo0L4.roa (raw, json)
Hash identifier: azsS/zG49B4Pavj6d40hb+e1DJ+yQZTotD+u3/4URrw=
Subject key identifier: 1F:67:A9:73:EA:BC:68:37:17:6C:E8:4A:C6:68:C3:87:CC:E8:D0:BE
Certificate issuer: /CN=cdb83cfe5489835f294d0af4dd4db6e3dc25f1f3
Certificate serial: 018A6408AC55121023EC731EA8E97A2D4DAD
Authority key identifier: CD:B8:3C:FE:54:89:83:5F:29:4D:0A:F4:DD:4D:B6:E3:DC:25:F1:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zbg8_lSJg18pTQr03U2249wl8fM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/H2epc-q8aDcXbOhKxmjDh8zo0L4.roa
Signing time: Tue 05 Sep 2023 06:30:04 +0000
ROA not before: Tue 05 Sep 2023 06:30:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5583
IP address blocks: 57.79.0.0/16 maxlen: 32
57.82.0.0/15 maxlen: 32
57.66.0.0/15 maxlen: 32
57.210.21.192/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 05 Sep 2023 06:55:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:64:08:ac:55:12:10:23:ec:73:1e:a8:e9:7a:2d:4d:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdb83cfe5489835f294d0af4dd4db6e3dc25f1f3
Validity
Not Before: Sep 5 06:30:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1f67a973eabc6837176ce84ac668c387cce8d0be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:f0:a2:2a:25:f6:b1:31:4f:c8:60:82:47:d3:
04:bb:19:8d:fd:5f:c3:1e:83:d1:9f:40:3b:1b:51:
f7:8d:ae:86:40:9e:6b:e4:36:0b:23:8e:15:4f:a8:
d7:58:47:bb:7b:c2:fb:e0:cc:20:1f:79:76:e5:67:
bf:05:59:e7:5f:b1:1f:db:2d:ca:13:24:79:35:91:
9b:73:4c:6d:6b:42:c7:18:d4:97:e9:32:c2:e0:92:
92:85:47:88:72:11:23:22:f3:70:bf:59:b0:ec:b9:
ed:c2:ae:34:bf:5a:42:a9:86:32:77:dd:a4:0c:a5:
83:b7:78:77:29:00:bf:e5:a2:5a:e4:d7:7b:91:32:
fe:fe:ac:79:31:3f:30:5f:3b:b0:a9:66:f4:41:11:
87:64:ae:21:58:5f:38:bb:41:7d:10:10:ea:7b:75:
7c:40:8c:07:03:7f:3f:16:3a:4e:e1:72:91:76:55:
2d:86:7e:c1:7c:17:80:33:a4:c7:46:3a:3d:e4:42:
c0:c7:50:d5:56:8d:73:01:30:b0:9e:fa:c9:ce:8e:
e2:9b:5e:6f:6e:2d:6b:aa:0d:39:6f:09:76:53:9d:
75:00:58:cd:5f:29:df:69:56:4b:6b:67:e9:08:5d:
4a:7d:a5:c8:eb:54:93:af:7c:53:02:91:c4:5b:74:
b9:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:67:A9:73:EA:BC:68:37:17:6C:E8:4A:C6:68:C3:87:CC:E8:D0:BE
X509v3 Authority Key Identifier:
keyid:CD:B8:3C:FE:54:89:83:5F:29:4D:0A:F4:DD:4D:B6:E3:DC:25:F1:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zbg8_lSJg18pTQr03U2249wl8fM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/H2epc-q8aDcXbOhKxmjDh8zo0L4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/zbg8_lSJg18pTQr03U2249wl8fM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.66.0.0/15
57.79.0.0/16
57.82.0.0/15
57.210.21.192/29
Signature Algorithm: sha256WithRSAEncryption
50:65:4a:74:cb:89:f7:87:20:bf:2a:f8:0b:12:d0:d6:32:cb:
16:3c:d2:34:9f:f8:4f:b2:11:b4:fd:5f:bf:43:8c:fb:61:ad:
82:00:9f:da:f0:3d:f1:ed:f4:e2:32:67:6f:1e:9d:d9:bd:08:
32:e3:46:30:b6:04:8e:b0:7b:94:fc:78:a6:8e:66:15:98:09:
1f:99:17:ec:c0:ff:7d:64:dd:12:5c:c9:85:fa:ac:87:e0:43:
8b:17:83:ad:cb:01:ef:dd:38:04:cd:65:db:51:40:03:1b:40:
fb:a5:a0:b8:18:d9:ca:37:8c:4c:61:e7:71:43:20:4d:53:d5:
36:52:58:13:6d:d2:fd:95:76:99:eb:aa:10:1c:42:00:86:e4:
9e:a6:e5:1a:22:99:fd:47:0d:fd:c4:ca:28:56:e2:6c:79:fe:
de:53:1c:95:b9:f8:e6:88:25:f4:eb:94:bd:25:bd:eb:f2:34:
bc:c3:6a:b6:86:13:6d:ba:1d:b1:4d:6e:1f:53:98:8e:28:6e:
bf:a4:bb:79:e8:b9:f1:93:73:6d:54:72:e4:07:94:80:10:90:
d9:b4:ea:1d:5d:84:93:ed:09:69:1b:b9:67:7f:a1:36:a8:72:
62:b7:91:1a:c7:5e:7e:1e:88:7e:c8:47:ce:35:1a:06:57:60:
95:38:80:3c
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYpkCKxVEhAj7HMeqOl6LU2tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYjgzY2ZlNTQ4OTgzNWYyOTRkMGFmNGRkNGRiNmUzZGMy
NWYxZjMwHhcNMjMwOTA1MDYzMDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjY3YTk3M2VhYmM2ODM3MTc2Y2U4NGFjNjY4YzM4N2NjZThkMGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvfCiKiX2sTFPyGCCR9MEuxmN/V/D
HoPRn0A7G1H3ja6GQJ5r5DYLI44VT6jXWEe7e8L74MwgH3l25We/BVnnX7Ef2y3K
EyR5NZGbc0xta0LHGNSX6TLC4JKShUeIchEjIvNwv1mw7Lntwq40v1pCqYYyd92k
DKWDt3h3KQC/5aJa5Nd7kTL+/qx5MT8wXzuwqWb0QRGHZK4hWF84u0F9EBDqe3V8
QIwHA38/FjpO4XKRdlUthn7BfBeAM6THRjo95ELAx1DVVo1zATCwnvrJzo7im15v
bi1rqg05bwl2U511AFjNXynfaVZLa2fpCF1KfaXI61STr3xTApHEW3S5cQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFB9nqXPqvGg3F2zoSsZow4fM6NC+MB8GA1UdIwQY
MBaAFM24PP5UiYNfKU0K9N1NtuPcJfHzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemJnOF9sU0pnMThwVFFyMDNVMjI0OXdsOGZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS83Mzk3MTYtOWFmMi00N2Y1LWE2ZjEt
YTNiNzRmOTY0MWFjLzEvSDJlcGMtcThhRGNYYk9oS3htakRoOHpvMEw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS83Mzk3MTYtOWFmMi00N2Y1LWE2ZjEtYTNiNzRmOTY0MWFj
LzEvemJnOF9sU0pnMThwVFFyMDNVMjI0OXdsOGZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAcBAIAATAWAwMBOUIDAwA5
TwMDATlSAwUDOdIVwDANBgkqhkiG9w0BAQsFAAOCAQEAUGVKdMuJ94cgvyr4CxLQ
1jLLFjzSNJ/4T7IRtP1fv0OM+2GtggCf2vA98e304jJnbx6d2b0IMuNGMLYEjrB7
lPx4po5mFZgJH5kX7MD/fWTdElzJhfqsh+BDixeDrcsB7904BM1l21FAAxtA+6Wg
uBjZyjeMTGHncUMgTVPVNlJYE23S/ZV2meuqEBxCAIbknqblGiKZ/UcN/cTKKFbi
bHn+3lMclbn45ogl9OuUvSW96/I0vMNqtoYTbbodsU1uH1OYjihuv6S7eei58ZNz
bVRy5AeUgBCQ2bTqHV2Ek+0JaRu5Z3+hNqhyYreRGsdefh6IfshHzjUaBldglTiA
PA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:35 2024 by rpki-client on console-ams.rpki-client.org