Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/oShuk-Jnf8bCwiRl02pspL8H__k.roa
File: oShuk-Jnf8bCwiRl02pspL8H__k.roa (raw, json)
Hash identifier: Q8Gq+VHeD4HfT7X6eXgdAAaay9FbbkLJfZtP9IZ7UwQ=
Subject key identifier: A1:28:6E:93:E2:67:7F:C6:C2:C2:24:65:D3:6A:6C:A4:BF:07:FF:F9
Certificate issuer: /CN=cdb83cfe5489835f294d0af4dd4db6e3dc25f1f3
Certificate serial: 018CC801514DC0AEADD7EAE3E896B463096B
Authority key identifier: CD:B8:3C:FE:54:89:83:5F:29:4D:0A:F4:DD:4D:B6:E3:DC:25:F1:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zbg8_lSJg18pTQr03U2249wl8fM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/oShuk-Jnf8bCwiRl02pspL8H__k.roa
Signing time: Tue 02 Jan 2024 02:29:38 +0000
ROA not before: Tue 02 Jan 2024 02:29:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2647
IP address blocks: 57.100.0.0/16 maxlen: 16
57.68.10.0/24 maxlen: 24
57.68.0.0/15 maxlen: 32
57.77.0.0/16 maxlen: 32
57.70.0.0/16 maxlen: 32
Validation: Failed, certificate revoked on Fri 19 Jan 2024 13:49:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:51:4d:c0:ae:ad:d7:ea:e3:e8:96:b4:63:09:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdb83cfe5489835f294d0af4dd4db6e3dc25f1f3
Validity
Not Before: Jan 2 02:29:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a1286e93e2677fc6c2c22465d36a6ca4bf07fff9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:24:20:ca:8f:e5:9a:8a:fe:f0:68:d3:7e:39:
4f:dc:67:d7:0c:8a:3f:e1:78:27:f6:be:c9:ba:c2:
83:0b:13:8a:90:1a:9e:41:ae:46:cd:ba:d1:72:54:
52:6b:a6:25:7b:5e:20:ad:23:6a:fd:40:e5:90:c0:
60:c7:75:bf:2d:13:0b:bd:e7:12:4c:59:7f:e8:e0:
ee:29:69:83:2e:a9:58:ec:59:53:11:13:6e:9f:81:
f0:d2:81:94:bb:db:6f:32:27:c6:b0:e0:b6:34:88:
c2:69:af:98:26:29:d9:c3:ca:74:b2:17:4e:85:2c:
1c:cd:00:ab:5f:8f:49:0b:c4:9e:18:6d:7b:ea:70:
c0:33:9c:d8:54:34:99:7c:0e:01:0e:76:d7:95:64:
cf:33:2f:7c:49:9b:e3:a0:74:95:cc:78:42:97:47:
bb:de:77:fc:69:8f:44:5d:a4:d4:eb:10:0c:e8:89:
15:96:b2:71:ac:e4:8f:f2:73:a2:8d:89:51:db:65:
ef:00:8f:71:27:4c:c8:1f:20:4e:77:5b:a2:89:ad:
fb:6d:35:ae:ba:58:72:9e:8a:02:2e:ea:d2:b3:05:
fe:c1:83:97:e3:66:1a:e1:c4:c6:29:60:8c:54:5b:
08:1d:21:61:36:8e:53:12:a0:3c:9a:c9:ca:7a:64:
b2:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:28:6E:93:E2:67:7F:C6:C2:C2:24:65:D3:6A:6C:A4:BF:07:FF:F9
X509v3 Authority Key Identifier:
keyid:CD:B8:3C:FE:54:89:83:5F:29:4D:0A:F4:DD:4D:B6:E3:DC:25:F1:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zbg8_lSJg18pTQr03U2249wl8fM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/oShuk-Jnf8bCwiRl02pspL8H__k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/zbg8_lSJg18pTQr03U2249wl8fM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.68.0.0-57.70.255.255
57.77.0.0/16
57.100.0.0/16
Signature Algorithm: sha256WithRSAEncryption
56:5b:b0:5e:ca:fc:63:6c:1b:32:89:4c:c0:a4:7b:05:1c:25:
bf:98:d1:18:20:59:44:5b:12:3a:72:62:fe:2e:37:ec:b0:a4:
b9:c2:9b:e6:ed:d6:42:9c:3d:51:a9:59:e0:e0:7c:10:f5:50:
3b:e4:78:25:5a:83:a9:6d:14:fa:a6:2e:7b:ad:4a:b4:31:c5:
72:03:79:c0:03:bf:ba:63:7f:bf:e2:b0:ad:6d:3c:fc:e5:c7:
2d:a3:b0:ab:23:d8:ae:0f:1e:80:52:01:c7:fc:50:d2:7d:b7:
22:8f:6a:e0:af:bb:bd:8b:b6:78:1a:23:71:d4:8b:e9:69:dc:
61:d9:92:52:fb:49:4a:d1:9b:16:d2:b9:3f:78:c4:fd:92:6f:
8a:4e:63:c8:3f:05:cc:a4:4b:f0:86:ac:80:89:f5:29:bf:c6:
97:41:83:2b:a4:6c:db:e4:43:69:48:f0:3b:f4:99:98:b8:32:
60:ad:51:8d:86:d9:1b:f8:77:3a:ea:87:37:7d:af:3b:ab:1a:
69:e8:6a:cc:9a:96:52:38:17:be:55:e5:1a:41:75:70:a4:33:
82:b8:34:94:c5:6d:90:b3:14:e2:9d:7f:83:36:5b:a3:6f:a5:
35:74:a2:36:b8:fc:8c:68:90:7b:f8:a7:47:d7:8a:d3:7e:db:
1d:90:9f:90
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYzIAVFNwK6t1+rj6Ja0YwlrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYjgzY2ZlNTQ4OTgzNWYyOTRkMGFmNGRkNGRiNmUzZGMy
NWYxZjMwHhcNMjQwMTAyMDIyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTI4NmU5M2UyNjc3ZmM2YzJjMjI0NjVkMzZhNmNhNGJmMDdmZmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmyQgyo/lmor+8GjTfjlP3GfXDIo/
4Xgn9r7JusKDCxOKkBqeQa5GzbrRclRSa6Yle14grSNq/UDlkMBgx3W/LRMLvecS
TFl/6ODuKWmDLqlY7FlTERNun4Hw0oGUu9tvMifGsOC2NIjCaa+YJinZw8p0shdO
hSwczQCrX49JC8SeGG176nDAM5zYVDSZfA4BDnbXlWTPMy98SZvjoHSVzHhCl0e7
3nf8aY9EXaTU6xAM6IkVlrJxrOSP8nOijYlR22XvAI9xJ0zIHyBOd1uiia37bTWu
ulhynooCLurSswX+wYOX42Ya4cTGKWCMVFsIHSFhNo5TEqA8msnKemSyGQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFKEobpPiZ3/GwsIkZdNqbKS/B//5MB8GA1UdIwQY
MBaAFM24PP5UiYNfKU0K9N1NtuPcJfHzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemJnOF9sU0pnMThwVFFyMDNVMjI0OXdsOGZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS83Mzk3MTYtOWFmMi00N2Y1LWE2ZjEt
YTNiNzRmOTY0MWFjLzEvb1NodWstSm5mOGJDd2lSbDAycHNwTDhIX19rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS83Mzk3MTYtOWFmMi00N2Y1LWE2ZjEtYTNiNzRmOTY0MWFj
LzEvemJnOF9sU0pnMThwVFFyMDNVMjI0OXdsOGZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAcBAIAATAWMAoDAwI5RAMD
ADlGAwMAOU0DAwA5ZDANBgkqhkiG9w0BAQsFAAOCAQEAVluwXsr8Y2wbMolMwKR7
BRwlv5jRGCBZRFsSOnJi/i437LCkucKb5u3WQpw9UalZ4OB8EPVQO+R4JVqDqW0U
+qYue61KtDHFcgN5wAO/umN/v+KwrW08/OXHLaOwqyPYrg8egFIBx/xQ0n23Io9q
4K+7vYu2eBojcdSL6WncYdmSUvtJStGbFtK5P3jE/ZJvik5jyD8FzKRL8IasgIn1
Kb/Gl0GDK6Rs2+RDaUjwO/SZmLgyYK1RjYbZG/h3OuqHN32vO6saaehqzJqWUjgX
vlXlGkF1cKQzgrg0lMVtkLMU4p1/gzZbo2+lNXSiNrj8jGiQe/inR9eK037bHZCf
kA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:35 2024 by rpki-client on console-ams.rpki-client.org