Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/afe2b9-f9a5-4c6b-ab5e-b9d7f41fc189/1/G9mrxpmhx3HKOUmUh7rCtUTY1mg.roa
File: G9mrxpmhx3HKOUmUh7rCtUTY1mg.roa (raw, json)
Hash identifier: 7eKrUAohwJWT8UPGS8kW2tq/nSspIqa6j3woACs4W/8=
Subject key identifier: 1B:D9:AB:C6:99:A1:C7:71:CA:39:49:94:87:BA:C2:B5:44:D8:D6:68
Certificate issuer: /CN=d73b40aebf88c17b1b562128a56f4245f2f15438
Certificate serial: 01856FE6EB8D7FC965AF8960024AE133D52F
Authority key identifier: D7:3B:40:AE:BF:88:C1:7B:1B:56:21:28:A5:6F:42:45:F2:F1:54:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1ztArr-IwXsbViEopW9CRfLxVDg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/afe2b9-f9a5-4c6b-ab5e-b9d7f41fc189/1/G9mrxpmhx3HKOUmUh7rCtUTY1mg.roa
Signing time: Mon 02 Jan 2023 00:34:42 +0000
ROA not before: Mon 02 Jan 2023 00:34:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201893
IP address blocks: 2.57.132.0/22 maxlen: 22
185.229.124.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:e6:eb:8d:7f:c9:65:af:89:60:02:4a:e1:33:d5:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d73b40aebf88c17b1b562128a56f4245f2f15438
Validity
Not Before: Jan 2 00:34:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1bd9abc699a1c771ca39499487bac2b544d8d668
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:7e:52:0d:66:4b:46:22:e6:9e:2f:16:e5:30:
17:80:f1:08:c7:c9:3e:ad:ef:56:7d:ba:3f:d8:0f:
50:f9:fe:59:59:a4:18:62:28:6d:6d:73:55:b9:64:
a6:f0:1c:c3:e0:1c:fc:04:5c:bd:8e:96:d7:72:40:
be:31:af:fe:a4:f4:4c:73:4b:f5:d7:15:3f:f7:a9:
3b:0f:46:c7:0c:28:d6:c0:9f:e7:b5:9c:e7:71:ef:
ef:14:65:02:9b:f5:4e:41:e1:4e:7c:b5:9d:26:dd:
fc:e7:49:04:e6:33:ce:da:21:7e:88:b6:3c:78:3e:
7a:c1:42:0c:65:22:9c:f0:c5:51:3b:32:d2:42:8b:
15:73:8a:a6:f9:5a:16:1b:da:ee:8f:3a:f6:73:7a:
2c:27:d4:7d:22:2d:81:79:92:6d:6d:6a:7b:92:15:
07:ea:04:39:d3:f7:49:ae:d4:71:06:a1:28:6b:97:
2b:ad:ea:21:70:f4:d6:f9:3e:fa:f6:e3:97:5c:ee:
db:61:88:51:60:71:cb:77:89:d4:33:7e:a4:93:11:
cb:18:91:bc:20:69:4f:cb:82:5e:21:a7:a0:f6:12:
3d:4f:0b:b3:34:cd:b1:9d:58:70:bf:c2:dd:f6:48:
ad:a9:6b:c9:24:80:c2:92:85:29:24:1f:1e:c4:b2:
a0:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:D9:AB:C6:99:A1:C7:71:CA:39:49:94:87:BA:C2:B5:44:D8:D6:68
X509v3 Authority Key Identifier:
keyid:D7:3B:40:AE:BF:88:C1:7B:1B:56:21:28:A5:6F:42:45:F2:F1:54:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1ztArr-IwXsbViEopW9CRfLxVDg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/afe2b9-f9a5-4c6b-ab5e-b9d7f41fc189/1/G9mrxpmhx3HKOUmUh7rCtUTY1mg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/afe2b9-f9a5-4c6b-ab5e-b9d7f41fc189/1/1ztArr-IwXsbViEopW9CRfLxVDg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.132.0/22
185.229.124.0/22
Signature Algorithm: sha256WithRSAEncryption
8c:93:87:a8:af:5e:10:76:da:35:ce:7c:d0:6e:a7:e5:8a:80:
98:f7:f3:6e:64:c1:bf:b8:2b:ba:3c:b2:c6:53:18:4d:25:16:
66:c4:f7:e6:34:01:86:d5:ea:2d:fb:df:36:14:c6:04:17:b3:
9d:21:48:60:72:19:91:d1:66:ba:d3:d8:ad:14:d6:0b:dc:7d:
41:71:ab:4c:1b:af:6a:97:91:8a:08:ba:1b:a6:d1:39:b9:b9:
75:8d:8c:65:d9:4f:2e:d3:f0:cf:46:c5:ff:c0:f2:07:02:4a:
bb:57:75:52:87:a3:31:06:a7:14:b4:d4:e7:e4:03:ef:65:a4:
bf:16:73:d3:f8:43:8f:d1:b5:df:63:78:4a:2f:e2:27:80:d0:
88:63:9a:e4:bd:9a:b8:42:7b:ae:08:85:4c:0c:8e:dd:09:1c:
75:68:37:38:fe:5c:be:21:fc:64:50:ad:14:a3:b0:af:81:4a:
43:0c:8d:5a:51:c1:4c:0f:0e:58:5a:25:d2:4c:db:85:3d:4d:
a4:96:a2:af:ae:ac:74:a1:14:00:72:94:9a:09:1c:8d:5f:8e:
fc:2a:c9:3a:e7:27:c7:20:eb:39:69:0f:b3:45:e0:d7:52:a7:
d1:a5:32:75:8f:20:93:c5:03:41:f9:c9:91:47:b1:99:81:9f:
74:ae:55:28
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVv5uuNf8llr4lgAkrhM9UvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3M2I0MGFlYmY4OGMxN2IxYjU2MjEyOGE1NmY0MjQ1ZjJm
MTU0MzgwHhcNMjMwMTAyMDAzNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmQ5YWJjNjk5YTFjNzcxY2EzOTQ5OTQ4N2JhYzJiNTQ0ZDhkNjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvX5SDWZLRiLmni8W5TAXgPEIx8k+
re9Wfbo/2A9Q+f5ZWaQYYihtbXNVuWSm8BzD4Bz8BFy9jpbXckC+Ma/+pPRMc0v1
1xU/96k7D0bHDCjWwJ/ntZznce/vFGUCm/VOQeFOfLWdJt3850kE5jPO2iF+iLY8
eD56wUIMZSKc8MVROzLSQosVc4qm+VoWG9rujzr2c3osJ9R9Ii2BeZJtbWp7khUH
6gQ50/dJrtRxBqEoa5crreohcPTW+T769uOXXO7bYYhRYHHLd4nUM36kkxHLGJG8
IGlPy4JeIaeg9hI9TwuzNM2xnVhwv8Ld9kitqWvJJIDCkoUpJB8exLKgBwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBvZq8aZocdxyjlJlIe6wrVE2NZoMB8GA1UdIwQY
MBaAFNc7QK6/iMF7G1YhKKVvQkXy8VQ4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXp0QXJyLUl3WHNiVmlFb3BXOUNSZkx4VkRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9hZmUyYjktZjlhNS00YzZiLWFiNWUt
YjlkN2Y0MWZjMTg5LzEvRzltcnhwbWh4M0hLT1VtVWg3ckN0VVRZMW1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9hZmUyYjktZjlhNS00YzZiLWFiNWUtYjlkN2Y0MWZjMTg5
LzEvMXp0QXJyLUl3WHNiVmlFb3BXOUNSZkx4VkRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCAjmEAwQC
ueV8MA0GCSqGSIb3DQEBCwUAA4IBAQCMk4eor14Qdto1znzQbqflioCY9/NuZMG/
uCu6PLLGUxhNJRZmxPfmNAGG1eot+982FMYEF7OdIUhgchmR0Wa609itFNYL3H1B
catMG69ql5GKCLobptE5ubl1jYxl2U8u0/DPRsX/wPIHAkq7V3VSh6MxBqcUtNTn
5APvZaS/FnPT+EOP0bXfY3hKL+IngNCIY5rkvZq4QnuuCIVMDI7dCRx1aDc4/ly+
IfxkUK0Uo7CvgUpDDI1aUcFMDw5YWiXSTNuFPU2klqKvrqx0oRQAcpSaCRyNX478
Ksk65yfHIOs5aQ+zReDXUqfRpTJ1jyCTxQNB+cmRR7GZgZ90rlUo
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:16:36 2024 by rpki-client on console-ams.rpki-client.org