Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/vQAHnGLbkd6nkk0c1InDig-Wql4.roa
File: vQAHnGLbkd6nkk0c1InDig-Wql4.roa (raw, json)
Hash identifier: q7GG48OoLzV76iJiiAwHLSbIwfuCV+wVEfIG0CNZnl8=
Subject key identifier: BD:00:07:9C:62:DB:91:DE:A7:92:4D:1C:D4:89:C3:8A:0F:96:AA:5E
Certificate issuer: /CN=cdb83cfe5489835f294d0af4dd4db6e3dc25f1f3
Certificate serial: 018570707EDB7FFB3510EBAEB977EEC9B6CE
Authority key identifier: CD:B8:3C:FE:54:89:83:5F:29:4D:0A:F4:DD:4D:B6:E3:DC:25:F1:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zbg8_lSJg18pTQr03U2249wl8fM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/vQAHnGLbkd6nkk0c1InDig-Wql4.roa
Signing time: Mon 02 Jan 2023 03:04:58 +0000
ROA not before: Mon 02 Jan 2023 03:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 4004
IP address blocks: 57.66.0.0/17 maxlen: 24
57.66.0.0/15 maxlen: 32
57.78.0.0/16 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:70:7e:db:7f:fb:35:10:eb:ae:b9:77:ee:c9:b6:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdb83cfe5489835f294d0af4dd4db6e3dc25f1f3
Validity
Not Before: Jan 2 03:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bd00079c62db91dea7924d1cd489c38a0f96aa5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:0f:ef:96:0c:eb:b5:61:37:40:3a:5e:59:3a:
31:a2:59:3f:e4:fd:49:ae:93:e8:48:aa:29:f9:1c:
06:1b:35:03:e9:50:ee:ce:df:0c:7c:24:42:8e:06:
76:57:30:a3:a6:8e:80:eb:d6:dd:82:ec:42:69:ce:
f7:5d:b1:82:4e:70:d0:3a:02:c8:55:e3:4a:fb:eb:
1b:65:ea:ed:78:f1:35:36:08:47:db:b2:7e:44:25:
65:b4:62:6d:56:19:6b:30:19:10:6d:df:35:89:59:
b1:cb:2d:37:97:67:01:ed:40:c3:9a:37:4e:5f:c4:
22:c3:a2:3c:4b:8d:03:7e:ff:89:fc:93:a3:95:d4:
30:c7:c3:06:be:84:cc:5d:30:13:f6:f6:8d:df:47:
44:b9:17:45:a2:b8:b1:b0:5c:64:0b:5e:51:15:73:
af:5e:24:4c:42:2d:f3:3c:a0:17:91:10:f9:de:21:
e3:c4:93:eb:65:bf:6c:4c:b6:16:48:35:a8:15:62:
d8:e5:9f:3a:00:cd:46:66:fe:06:a8:79:fe:84:2d:
5c:88:90:c8:6a:5d:52:bd:a0:86:c3:b9:bd:99:28:
c0:b3:65:94:74:be:55:37:7c:02:a0:1f:e4:4c:d5:
73:53:6f:46:ad:18:94:25:7b:ad:28:62:b7:32:47:
32:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:00:07:9C:62:DB:91:DE:A7:92:4D:1C:D4:89:C3:8A:0F:96:AA:5E
X509v3 Authority Key Identifier:
keyid:CD:B8:3C:FE:54:89:83:5F:29:4D:0A:F4:DD:4D:B6:E3:DC:25:F1:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zbg8_lSJg18pTQr03U2249wl8fM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/vQAHnGLbkd6nkk0c1InDig-Wql4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/zbg8_lSJg18pTQr03U2249wl8fM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.66.0.0/15
57.78.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6a:9b:a5:e1:ac:04:f4:b2:72:be:79:e5:95:ae:e7:f9:ad:db:
b8:92:c8:91:5d:2b:f3:46:ac:32:6e:b5:3a:09:0b:d0:90:24:
4a:4a:72:6e:cd:df:06:03:eb:e2:50:61:14:78:aa:46:07:37:
e0:7e:30:1a:ce:d2:a6:5c:ac:12:c8:37:c2:bb:99:98:81:19:
5d:79:fc:e8:23:ab:3b:30:23:33:ac:ce:69:3b:ff:f9:99:3d:
1b:e0:97:e4:68:88:e1:33:54:43:42:73:f5:e3:af:29:ed:da:
bb:91:a3:b8:e8:f0:2b:03:80:75:90:80:c1:c3:d3:9b:56:36:
68:9a:d0:e7:3d:f3:73:08:e8:84:e7:a7:7a:c8:26:68:fb:3e:
51:e1:b6:6d:ed:18:12:f8:28:64:be:94:e1:5d:0d:6a:05:31:
9b:85:3c:7b:51:6c:25:7d:41:2a:6a:dd:1d:fa:43:5a:bf:5a:
a8:23:61:91:cf:c4:c6:3b:94:1a:bc:62:e2:27:d2:d5:cf:67:
9b:1e:c8:56:d6:b2:fd:8a:89:c5:2b:62:f1:9b:f2:57:c3:2a:
86:75:15:ba:99:b5:d4:48:1f:c5:a3:74:e2:1d:1a:f9:b7:2f:
9c:40:29:34:3f:4c:a5:2d:fd:52:9c:4b:a4:94:05:25:ed:fb:
aa:a3:34:a1
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgISAYVwcH7bf/s1EOuuuXfuybbOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYjgzY2ZlNTQ4OTgzNWYyOTRkMGFmNGRkNGRiNmUzZGMy
NWYxZjMwHhcNMjMwMTAyMDMwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDAwMDc5YzYyZGI5MWRlYTc5MjRkMWNkNDg5YzM4YTBmOTZhYTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhw/vlgzrtWE3QDpeWToxolk/5P1J
rpPoSKop+RwGGzUD6VDuzt8MfCRCjgZ2VzCjpo6A69bdguxCac73XbGCTnDQOgLI
VeNK++sbZertePE1NghH27J+RCVltGJtVhlrMBkQbd81iVmxyy03l2cB7UDDmjdO
X8Qiw6I8S40Dfv+J/JOjldQwx8MGvoTMXTAT9vaN30dEuRdForixsFxkC15RFXOv
XiRMQi3zPKAXkRD53iHjxJPrZb9sTLYWSDWoFWLY5Z86AM1GZv4GqHn+hC1ciJDI
al1SvaCGw7m9mSjAs2WUdL5VN3wCoB/kTNVzU29GrRiUJXutKGK3Mkcy8wIDAQAB
o4ICDTCCAgkwHQYDVR0OBBYEFL0AB5xi25Hep5JNHNSJw4oPlqpeMB8GA1UdIwQY
MBaAFM24PP5UiYNfKU0K9N1NtuPcJfHzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemJnOF9sU0pnMThwVFFyMDNVMjI0OXdsOGZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS83Mzk3MTYtOWFmMi00N2Y1LWE2ZjEt
YTNiNzRmOTY0MWFjLzEvdlFBSG5HTGJrZDZua2swYzFJbkRpZy1XcWw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS83Mzk3MTYtOWFmMi00N2Y1LWE2ZjEtYTNiNzRmOTY0MWFj
LzEvemJnOF9sU0pnMThwVFFyMDNVMjI0OXdsOGZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCMGCCsGAQUFBwEHAQH/BBQwEjAQBAIAATAKAwMBOUIDAwA5
TjANBgkqhkiG9w0BAQsFAAOCAQEAapul4awE9LJyvnnlla7n+a3buJLIkV0r80as
Mm61OgkL0JAkSkpybs3fBgPr4lBhFHiqRgc34H4wGs7SplysEsg3wruZmIEZXXn8
6COrOzAjM6zOaTv/+Zk9G+CX5GiI4TNUQ0Jz9eOvKe3au5GjuOjwKwOAdZCAwcPT
m1Y2aJrQ5z3zcwjohOenesgmaPs+UeG2be0YEvgoZL6U4V0NagUxm4U8e1FsJX1B
KmrdHfpDWr9aqCNhkc/ExjuUGrxi4ifS1c9nmx7IVtay/YqJxSti8ZvyV8MqhnUV
upm11EgfxaN04h0a+bcvnEApND9MpS39UpxLpJQFJe37qqM0oQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:35 2024 by rpki-client on console-ams.rpki-client.org