Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/l9ZDuFxTiFqwev8fuU2Ntmo2Gaw.roa
File: l9ZDuFxTiFqwev8fuU2Ntmo2Gaw.roa (raw, json)
Hash identifier: C5ciWBtuxZUpJaDss6CH3z93ZYfmWwN9cCr/FT4N/LM=
Subject key identifier: 97:D6:43:B8:5C:53:88:5A:B0:7A:FF:1F:B9:4D:8D:B6:6A:36:19:AC
Certificate issuer: /CN=cdb83cfe5489835f294d0af4dd4db6e3dc25f1f3
Certificate serial: 018D2D4F0CC2E3109F0A995A664D5327C3AE
Authority key identifier: CD:B8:3C:FE:54:89:83:5F:29:4D:0A:F4:DD:4D:B6:E3:DC:25:F1:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zbg8_lSJg18pTQr03U2249wl8fM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/l9ZDuFxTiFqwev8fuU2Ntmo2Gaw.roa
Signing time: Sun 21 Jan 2024 18:36:11 +0000
ROA not before: Sun 21 Jan 2024 18:36:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2647
IP address blocks: 57.68.0.0/15 maxlen: 32
57.68.10.0/24 maxlen: 24
57.70.0.0/16 maxlen: 32
57.77.0.0/16 maxlen: 32
57.100.0.0/16 maxlen: 16
Validation: Failed, certificate revoked on Sun 21 Jan 2024 19:16:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:2d:4f:0c:c2:e3:10:9f:0a:99:5a:66:4d:53:27:c3:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdb83cfe5489835f294d0af4dd4db6e3dc25f1f3
Validity
Not Before: Jan 21 18:36:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=97d643b85c53885ab07aff1fb94d8db66a3619ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:ce:59:a5:e2:eb:33:da:c6:0a:e9:d4:86:d3:
93:35:fe:3b:eb:58:62:61:01:f2:c4:c6:d8:3a:3f:
c2:30:ab:ae:05:2e:be:3f:95:d0:13:80:38:83:e2:
c4:b7:5e:ca:5b:c9:94:50:da:56:37:34:c8:c9:dc:
22:f2:da:1a:c7:66:f8:87:6e:36:fd:30:c7:33:20:
f6:f1:4d:12:54:51:8d:58:46:ac:4c:62:f6:eb:11:
58:1a:8e:f0:d0:21:a5:cd:66:c8:70:37:9c:d0:72:
61:17:1e:9f:64:78:4f:78:86:9d:4c:a5:52:9a:4e:
fd:bd:29:2c:b1:58:2d:aa:2c:6d:3e:6e:b7:87:6c:
4f:6b:2c:5c:e9:5c:3e:e8:b9:f8:9b:b9:0b:00:58:
27:84:93:07:0e:8d:82:29:e6:3c:ec:3f:c3:50:fc:
01:9b:77:9f:eb:f1:2a:63:b9:45:be:f0:26:35:bf:
f6:c2:c0:14:64:6c:5e:8d:a1:1a:af:44:94:38:76:
2c:a2:ed:1e:c1:db:89:f7:1b:65:18:2f:f2:d5:6d:
9c:1c:1b:0e:ed:24:7e:e8:44:e5:28:b7:ee:3b:9e:
be:88:29:69:16:d9:36:73:a2:a1:25:fe:29:5e:ba:
8e:37:6f:7b:b7:f3:e5:3c:4e:2c:d5:3e:f9:13:76:
68:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:D6:43:B8:5C:53:88:5A:B0:7A:FF:1F:B9:4D:8D:B6:6A:36:19:AC
X509v3 Authority Key Identifier:
keyid:CD:B8:3C:FE:54:89:83:5F:29:4D:0A:F4:DD:4D:B6:E3:DC:25:F1:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zbg8_lSJg18pTQr03U2249wl8fM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/l9ZDuFxTiFqwev8fuU2Ntmo2Gaw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/zbg8_lSJg18pTQr03U2249wl8fM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.68.0.0-57.70.255.255
57.77.0.0/16
57.100.0.0/16
Signature Algorithm: sha256WithRSAEncryption
75:35:e0:9f:4a:17:ad:30:31:20:ee:da:cf:75:9a:cb:3f:9f:
63:60:1b:ac:37:34:bc:01:a7:81:f7:07:77:60:de:f4:97:86:
b1:60:4d:31:d6:f8:62:67:e8:56:c5:c4:0f:f7:1d:e6:3c:45:
03:ee:43:ef:f2:99:66:da:43:f8:67:ca:53:cb:ae:ba:c7:9f:
0f:3d:67:bf:3d:8b:3d:45:e1:d6:eb:09:db:f9:cb:d1:f6:c9:
34:a2:95:cf:96:ff:30:f4:f8:6e:cd:63:1e:3f:77:d1:aa:be:
66:82:5c:33:e1:6c:6d:62:6e:b7:bc:e7:a9:64:05:95:44:a6:
a0:78:ae:f2:43:3b:83:4c:34:6a:e7:61:5f:1d:8f:0c:bd:a0:
9b:84:7b:5b:2b:23:1d:38:e2:65:56:6b:72:73:01:2f:f3:cb:
93:25:f8:e4:ac:78:48:83:4d:43:9a:c6:31:aa:a4:e8:c1:0c:
d6:b2:77:4e:9e:4c:48:9f:7d:94:65:8a:46:ac:91:26:bf:07:
52:c3:20:41:5d:50:eb:59:7c:56:63:cd:36:8c:fd:07:1e:e8:
9b:70:b5:a9:4c:ea:9d:70:dc:a4:83:78:d1:9c:d5:3b:c8:44:
46:85:39:af:09:e3:0f:33:a7:82:ed:59:10:34:03:af:a8:a7:
b0:52:d7:5b
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAY0tTwzC4xCfCplaZk1TJ8OuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYjgzY2ZlNTQ4OTgzNWYyOTRkMGFmNGRkNGRiNmUzZGMy
NWYxZjMwHhcNMjQwMTIxMTgzNjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2Q2NDNiODVjNTM4ODVhYjA3YWZmMWZiOTRkOGRiNjZhMzYxOWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp85ZpeLrM9rGCunUhtOTNf4761hi
YQHyxMbYOj/CMKuuBS6+P5XQE4A4g+LEt17KW8mUUNpWNzTIydwi8toax2b4h242
/TDHMyD28U0SVFGNWEasTGL26xFYGo7w0CGlzWbIcDec0HJhFx6fZHhPeIadTKVS
mk79vSkssVgtqixtPm63h2xPayxc6Vw+6Ln4m7kLAFgnhJMHDo2CKeY87D/DUPwB
m3ef6/EqY7lFvvAmNb/2wsAUZGxejaEar0SUOHYsou0ewduJ9xtlGC/y1W2cHBsO
7SR+6ETlKLfuO56+iClpFtk2c6KhJf4pXrqON297t/PlPE4s1T75E3ZodQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFJfWQ7hcU4hasHr/H7lNjbZqNhmsMB8GA1UdIwQY
MBaAFM24PP5UiYNfKU0K9N1NtuPcJfHzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemJnOF9sU0pnMThwVFFyMDNVMjI0OXdsOGZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS83Mzk3MTYtOWFmMi00N2Y1LWE2ZjEt
YTNiNzRmOTY0MWFjLzEvbDlaRHVGeFRpRnF3ZXY4ZnVVMk50bW8yR2F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS83Mzk3MTYtOWFmMi00N2Y1LWE2ZjEtYTNiNzRmOTY0MWFj
LzEvemJnOF9sU0pnMThwVFFyMDNVMjI0OXdsOGZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAcBAIAATAWMAoDAwI5RAMD
ADlGAwMAOU0DAwA5ZDANBgkqhkiG9w0BAQsFAAOCAQEAdTXgn0oXrTAxIO7az3Wa
yz+fY2AbrDc0vAGngfcHd2De9JeGsWBNMdb4YmfoVsXED/cd5jxFA+5D7/KZZtpD
+GfKU8uuusefDz1nvz2LPUXh1usJ2/nL0fbJNKKVz5b/MPT4bs1jHj930aq+ZoJc
M+FsbWJut7znqWQFlUSmoHiu8kM7g0w0audhXx2PDL2gm4R7WysjHTjiZVZrcnMB
L/PLkyX45Kx4SINNQ5rGMaqk6MEM1rJ3Tp5MSJ99lGWKRqyRJr8HUsMgQV1Q61l8
VmPNNoz9Bx7om3C1qUzqnXDcpIN40ZzVO8hERoU5rwnjDzOngu1ZEDQDr6insFLX
Ww==
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:30:50 2025 by rpki-client