Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/xc9XdsR09SO2PJeNMmzQ7YXkRfk.roa
File: xc9XdsR09SO2PJeNMmzQ7YXkRfk.roa (raw, json)
Hash identifier: ylL9X9xTUAharnp73GxLv5aE+PhOACOSOY4KbB4TouY=
Subject key identifier: C5:CF:57:76:C4:74:F5:23:B6:3C:97:8D:32:6C:D0:ED:85:E4:45:F9
Certificate issuer: /CN=cdb83cfe5489835f294d0af4dd4db6e3dc25f1f3
Certificate serial: 0193C0390A0BED03C887C6922746F618AF35
Authority key identifier: CD:B8:3C:FE:54:89:83:5F:29:4D:0A:F4:DD:4D:B6:E3:DC:25:F1:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zbg8_lSJg18pTQr03U2249wl8fM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/xc9XdsR09SO2PJeNMmzQ7YXkRfk.roa
Signing time: Fri 13 Dec 2024 13:33:03 +0000
ROA not before: Fri 13 Dec 2024 13:33:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51964
IP address blocks: 57.7.0.0/16 maxlen: 24
57.21.0.0/16 maxlen: 24
57.35.0.0/16 maxlen: 24
57.66.0.0/15 maxlen: 32
57.68.0.0/15 maxlen: 32
57.70.0.0/16 maxlen: 32
57.72.0.0/15 maxlen: 32
57.74.0.0/16 maxlen: 32
57.76.0.0/14 maxlen: 32
57.80.0.0/14 maxlen: 32
57.86.0.0/15 maxlen: 32
57.90.0.0/16 maxlen: 32
57.96.0.0/15 maxlen: 24
57.98.0.0/16 maxlen: 24
57.100.0.0/16 maxlen: 24
57.194.0.0/15 maxlen: 24
57.197.0.0/16 maxlen: 24
57.199.0.0/16 maxlen: 24
57.200.0.0/16 maxlen: 24
57.202.0.0/15 maxlen: 24
57.205.0.0/16 maxlen: 24
57.207.0.0/16 maxlen: 24
57.208.0.0/12 maxlen: 24
Validation: Failed, certificate revoked on Tue 17 Dec 2024 10:55:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:c0:39:0a:0b:ed:03:c8:87:c6:92:27:46:f6:18:af:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdb83cfe5489835f294d0af4dd4db6e3dc25f1f3
Validity
Not Before: Dec 13 13:33:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c5cf5776c474f523b63c978d326cd0ed85e445f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:2c:3f:6f:c1:cf:5b:63:d0:1e:61:0b:f8:c4:
40:70:09:27:b2:1a:53:cf:71:49:f8:95:f7:a5:be:
68:bb:b5:53:3f:a2:35:ef:01:31:ef:97:4c:fd:9a:
ab:07:8c:bc:41:d8:62:ac:b0:91:c8:5e:17:b6:de:
a1:a1:1e:12:18:03:65:be:cc:b0:2a:56:a8:53:1b:
bc:96:1c:06:bc:77:12:93:91:94:8e:c7:b3:cc:8b:
a3:2e:a1:6a:fe:61:aa:0a:5d:3e:27:d0:d3:46:86:
c8:00:cd:0e:a7:56:5a:55:f7:b0:5d:bf:0b:12:4b:
f4:66:5c:19:fc:d7:34:f9:ea:ad:d6:86:7f:75:6e:
c5:c5:f8:80:08:b8:9c:ac:5e:9b:51:07:07:1e:3c:
b2:c1:dc:51:9e:f8:7a:d6:88:fe:46:7e:98:58:16:
b7:ce:6b:39:23:b1:c3:4e:4e:a8:8a:38:28:1f:d0:
a4:a5:ba:c8:68:08:6f:8d:c1:aa:b1:65:69:ce:c5:
99:88:6e:bd:c1:0f:03:b6:94:e2:73:64:ad:d2:26:
78:3e:22:82:31:f5:90:63:68:89:3a:2c:75:44:c3:
21:2b:3d:c4:e6:07:36:8f:e4:17:a8:e6:ab:0a:64:
df:e8:16:a0:5b:ed:6f:97:97:64:94:49:7f:7a:ea:
62:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:CF:57:76:C4:74:F5:23:B6:3C:97:8D:32:6C:D0:ED:85:E4:45:F9
X509v3 Authority Key Identifier:
keyid:CD:B8:3C:FE:54:89:83:5F:29:4D:0A:F4:DD:4D:B6:E3:DC:25:F1:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zbg8_lSJg18pTQr03U2249wl8fM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/xc9XdsR09SO2PJeNMmzQ7YXkRfk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/zbg8_lSJg18pTQr03U2249wl8fM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.7.0.0/16
57.21.0.0/16
57.35.0.0/16
57.66.0.0-57.70.255.255
57.72.0.0-57.74.255.255
57.76.0.0-57.83.255.255
57.86.0.0/15
57.90.0.0/16
57.96.0.0-57.98.255.255
57.100.0.0/16
57.194.0.0/15
57.197.0.0/16
57.199.0.0-57.200.255.255
57.202.0.0/15
57.205.0.0/16
57.207.0.0-57.223.255.255
Signature Algorithm: sha256WithRSAEncryption
c5:65:e1:7e:8e:67:ff:57:45:d3:6c:59:fe:49:dc:f3:b3:fd:
63:ea:d4:0f:3d:5b:36:6d:b8:1b:97:54:b0:b6:91:1d:f1:cd:
57:7b:29:2f:3b:4b:9a:68:4e:d9:95:d2:50:33:4b:e5:90:31:
ad:81:40:50:ac:57:fe:a4:49:a9:65:c8:83:b3:a4:44:7b:3a:
ac:79:a0:c9:b9:80:f6:9a:5c:73:db:ee:2b:34:d3:84:d0:bc:
c4:a1:88:f4:81:60:b4:f2:74:89:d3:e8:10:97:81:9f:5c:b1:
40:f1:be:1c:b1:8e:b7:81:d8:18:46:6f:e2:6d:57:72:cb:03:
37:0b:a9:09:ba:40:82:e4:ec:5c:7b:c6:3b:0b:9b:9c:a3:59:
9f:cc:e6:0d:6a:7b:9f:11:4e:f2:0b:fa:9d:85:b1:37:a3:72:
79:d3:4f:5d:66:eb:da:07:8d:3f:ef:3a:0b:8e:f2:b3:34:f6:
46:22:c4:ad:1f:44:70:2b:b2:8e:f4:fa:52:fa:18:27:f4:c7:
f7:1c:1a:a5:d7:1c:b9:ea:dd:7a:13:4d:4f:3b:60:14:9b:00:
75:72:e4:15:7c:35:f3:45:7c:16:7d:c8:f4:35:07:98:9d:04:
ba:32:e4:7b:90:da:63:b6:49:ed:d6:63:f9:01:48:28:8a:a0:
90:68:e2:d2
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAZPAOQoL7QPIh8aSJ0b2GK81MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYjgzY2ZlNTQ4OTgzNWYyOTRkMGFmNGRkNGRiNmUzZGMy
NWYxZjMwHhcNMjQxMjEzMTMzMzAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWNmNTc3NmM0NzRmNTIzYjYzYzk3OGQzMjZjZDBlZDg1ZTQ0NWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmCw/b8HPW2PQHmEL+MRAcAknshpT
z3FJ+JX3pb5ou7VTP6I17wEx75dM/ZqrB4y8QdhirLCRyF4Xtt6hoR4SGANlvsyw
KlaoUxu8lhwGvHcSk5GUjsezzIujLqFq/mGqCl0+J9DTRobIAM0Op1ZaVfewXb8L
Ekv0ZlwZ/Nc0+eqt1oZ/dW7FxfiACLicrF6bUQcHHjyywdxRnvh61oj+Rn6YWBa3
zms5I7HDTk6oijgoH9CkpbrIaAhvjcGqsWVpzsWZiG69wQ8DtpTic2St0iZ4PiKC
MfWQY2iJOix1RMMhKz3E5gc2j+QXqOarCmTf6BagW+1vl5dklEl/eupiCwIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFMXPV3bEdPUjtjyXjTJs0O2F5EX5MB8GA1UdIwQY
MBaAFM24PP5UiYNfKU0K9N1NtuPcJfHzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemJnOF9sU0pnMThwVFFyMDNVMjI0OXdsOGZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS83Mzk3MTYtOWFmMi00N2Y1LWE2ZjEt
YTNiNzRmOTY0MWFjLzEveGM5WGRzUjA5U08yUEplTk1telE3WVhrUmZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS83Mzk3MTYtOWFmMi00N2Y1LWE2ZjEtYTNiNzRmOTY0MWFj
LzEvemJnOF9sU0pnMThwVFFyMDNVMjI0OXdsOGZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzCBgAQCAAEwegMDADkH
AwMAORUDAwA5IzAKAwMBOUIDAwA5RjAKAwMDOUgDAwA5SjAKAwMCOUwDAwI5UAMD
ATlWAwMAOVowCgMDBTlgAwMAOWIDAwA5ZAMDATnCAwMAOcUwCgMDADnHAwMAOcgD
AwE5ygMDADnNMAoDAwA5zwMDBTnAMA0GCSqGSIb3DQEBCwUAA4IBAQDFZeF+jmf/
V0XTbFn+Sdzzs/1j6tQPPVs2bbgbl1SwtpEd8c1XeykvO0uaaE7ZldJQM0vlkDGt
gUBQrFf+pEmpZciDs6REezqseaDJuYD2mlxz2+4rNNOE0LzEoYj0gWC08nSJ0+gQ
l4GfXLFA8b4csY63gdgYRm/ibVdyywM3C6kJukCC5Oxce8Y7C5uco1mfzOYNanuf
EU7yC/qdhbE3o3J5009dZuvaB40/7zoLjvKzNPZGIsStH0RwK7KO9PpS+hgn9Mf3
HBql1xy56t16E01PO2AUmwB1cuQVfDXzRXwWfcj0NQeYnQS6MuR7kNpjtknt1mP5
AUgoiqCQaOLS
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:35:40 2025 by rpki-client