Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/22911c-ce51-438b-86cf-e856613d2b10/1/dawXr6G8e6UzbpgxY9gVgXct-Io.roa
File: dawXr6G8e6UzbpgxY9gVgXct-Io.roa (raw, json)
Hash identifier: BunXSxBJMMtmtiU0GNFk8sLjO0cdkhUkhLngVYj4NpU=
Subject key identifier: 75:AC:17:AF:A1:BC:7B:A5:33:6E:98:31:63:D8:15:81:77:2D:F8:8A
Certificate issuer: /CN=7ec610d215d3891342bc32872a50f4d0cfa9dc9f
Certificate serial: 018CC3B6B0D0EDECAF627E79DDA119C6F387
Authority key identifier: 7E:C6:10:D2:15:D3:89:13:42:BC:32:87:2A:50:F4:D0:CF:A9:DC:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fsYQ0hXTiRNCvDKHKlD00M-p3J8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/22911c-ce51-438b-86cf-e856613d2b10/1/dawXr6G8e6UzbpgxY9gVgXct-Io.roa
Signing time: Mon 01 Jan 2024 06:29:39 +0000
ROA not before: Mon 01 Jan 2024 06:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60718
IP address blocks: 2.57.72.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:b0:d0:ed:ec:af:62:7e:79:dd:a1:19:c6:f3:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ec610d215d3891342bc32872a50f4d0cfa9dc9f
Validity
Not Before: Jan 1 06:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=75ac17afa1bc7ba5336e983163d81581772df88a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:37:41:ea:29:c9:32:4c:0c:59:c9:a8:52:18:
98:d9:07:1d:ae:0a:a7:eb:12:c0:42:36:52:de:51:
e7:3d:84:d3:d1:3e:7a:38:31:3d:78:76:36:d4:cb:
70:8a:b7:b4:7b:90:c9:bc:91:31:df:c7:df:78:e8:
c3:a6:20:0b:9f:91:6b:f3:a2:b3:4f:59:95:5d:bd:
fd:94:3c:c2:30:f0:12:33:a2:ec:4f:45:a9:fb:63:
e0:3e:e3:0b:e5:19:0e:f1:35:ca:a1:dc:21:2c:f7:
4f:7b:9a:c8:d0:21:52:ac:1b:69:48:ee:61:be:1a:
52:c8:5c:c4:57:38:db:2d:3b:82:28:9a:b1:10:06:
d7:94:f8:12:60:cb:60:21:2f:bd:ca:66:95:52:6f:
d6:be:3c:65:06:db:af:89:ea:6c:18:f4:32:f1:25:
90:86:02:39:b6:ca:94:b2:71:03:76:f9:f2:ee:8a:
a1:34:f6:41:6c:46:2f:6e:7d:a8:c2:aa:52:bb:60:
79:17:1b:13:73:36:4b:61:09:0e:8d:66:ac:62:2a:
c9:eb:0b:9b:89:88:d0:10:d9:6b:d8:2a:c6:be:52:
f8:4c:ca:70:f7:4b:19:d3:8c:9b:25:53:83:1d:70:
f4:1b:50:22:2f:b7:39:eb:03:76:13:ee:95:25:3d:
ea:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:AC:17:AF:A1:BC:7B:A5:33:6E:98:31:63:D8:15:81:77:2D:F8:8A
X509v3 Authority Key Identifier:
keyid:7E:C6:10:D2:15:D3:89:13:42:BC:32:87:2A:50:F4:D0:CF:A9:DC:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fsYQ0hXTiRNCvDKHKlD00M-p3J8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/22911c-ce51-438b-86cf-e856613d2b10/1/dawXr6G8e6UzbpgxY9gVgXct-Io.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/22911c-ce51-438b-86cf-e856613d2b10/1/fsYQ0hXTiRNCvDKHKlD00M-p3J8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.72.0/22
Signature Algorithm: sha256WithRSAEncryption
0a:5b:22:21:13:43:32:81:1e:04:b5:6a:24:86:de:d4:ca:ea:
ba:87:0a:c5:65:32:fb:b8:f1:f4:b0:11:79:42:54:e1:ff:49:
c2:e6:90:8d:e7:64:9a:e3:56:4d:62:f0:59:9b:a2:8f:33:a5:
f0:e6:fd:3d:0e:7e:92:cf:d1:dc:73:03:68:0d:6e:33:43:22:
e7:79:10:b6:e4:b1:e8:5d:9a:3d:2c:72:06:25:3d:81:9b:cc:
13:0b:0b:1d:54:16:1b:51:41:af:94:4d:fb:fb:91:04:de:96:
47:0f:47:7a:54:d8:39:a4:3b:03:11:db:71:de:b1:48:79:b9:
c7:17:31:5c:27:4c:dc:52:36:c0:13:03:5e:42:5e:f8:46:e3:
c6:1f:c9:ea:6f:7e:3b:51:1e:aa:d5:0c:51:1c:b8:bd:ac:86:
14:86:d7:d0:ed:eb:f3:61:4c:a7:2a:82:dd:8e:38:10:67:35:
91:3e:62:24:ba:77:17:21:83:6b:9c:0a:d9:56:da:55:ba:7f:
2a:8e:a5:a8:0c:72:58:8b:a0:86:b0:44:71:91:c4:4e:c3:5b:
fe:a2:5a:9f:61:85:f2:cf:4d:2c:2e:0f:8f:c6:7e:80:a9:48:
5d:a6:e1:bc:db:94:9d:f9:7c:8e:c9:bb:ab:ab:73:c2:15:a4:
02:b8:90:5f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtrDQ7eyvYn553aEZxvOHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlYzYxMGQyMTVkMzg5MTM0MmJjMzI4NzJhNTBmNGQwY2Zh
OWRjOWYwHhcNMjQwMTAxMDYyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWFjMTdhZmExYmM3YmE1MzM2ZTk4MzE2M2Q4MTU4MTc3MmRmODhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzdB6inJMkwMWcmoUhiY2Qcdrgqn
6xLAQjZS3lHnPYTT0T56ODE9eHY21Mtwire0e5DJvJEx38ffeOjDpiALn5Fr86Kz
T1mVXb39lDzCMPASM6LsT0Wp+2PgPuML5RkO8TXKodwhLPdPe5rI0CFSrBtpSO5h
vhpSyFzEVzjbLTuCKJqxEAbXlPgSYMtgIS+9ymaVUm/WvjxlBtuviepsGPQy8SWQ
hgI5tsqUsnEDdvny7oqhNPZBbEYvbn2owqpSu2B5FxsTczZLYQkOjWasYirJ6wub
iYjQENlr2CrGvlL4TMpw90sZ04ybJVODHXD0G1AiL7c56wN2E+6VJT3qBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHWsF6+hvHulM26YMWPYFYF3LfiKMB8GA1UdIwQY
MBaAFH7GENIV04kTQrwyhypQ9NDPqdyfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZnNZUTBoWFRpUk5DdkRLSEtsRDAwTS1wM0o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS8yMjkxMWMtY2U1MS00MzhiLTg2Y2Yt
ZTg1NjYxM2QyYjEwLzEvZGF3WHI2RzhlNlV6YnBneFk5Z1ZnWGN0LUlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS8yMjkxMWMtY2U1MS00MzhiLTg2Y2YtZTg1NjYxM2QyYjEw
LzEvZnNZUTBoWFRpUk5DdkRLSEtsRDAwTS1wM0o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCAjlIMA0G
CSqGSIb3DQEBCwUAA4IBAQAKWyIhE0MygR4EtWokht7Uyuq6hwrFZTL7uPH0sBF5
QlTh/0nC5pCN52Sa41ZNYvBZm6KPM6Xw5v09Dn6Sz9HccwNoDW4zQyLneRC25LHo
XZo9LHIGJT2Bm8wTCwsdVBYbUUGvlE37+5EE3pZHD0d6VNg5pDsDEdtx3rFIebnH
FzFcJ0zcUjbAEwNeQl74RuPGH8nqb347UR6q1QxRHLi9rIYUhtfQ7evzYUynKoLd
jjgQZzWRPmIkuncXIYNrnArZVtpVun8qjqWoDHJYi6CGsERxkcROw1v+olqfYYXy
z00sLg+Pxn6AqUhdpuG825Sd+XyOyburq3PCFaQCuJBf
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:59:28 2025 by rpki-client