Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/68MfbbDgtusdstMqMsy3II8J-ag.roa
File: 68MfbbDgtusdstMqMsy3II8J-ag.roa (raw, json)
Hash identifier: zCW3+ywykGNjBJjfFi4MauK9v4jF8cvFuHVBsVhPnXQ=
Subject key identifier: EB:C3:1F:6D:B0:E0:B6:EB:1D:B2:D3:2A:32:CC:B7:20:8F:09:F9:A8
Certificate issuer: /CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
Certificate serial: 01856F5DA8642355AB4C84FD90EDE55FB7CA
Authority key identifier: 43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/68MfbbDgtusdstMqMsy3II8J-ag.roa
Signing time: Sun 01 Jan 2023 22:04:46 +0000
ROA not before: Sun 01 Jan 2023 22:04:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206433
IP address blocks: 57.190.0.0/20 maxlen: 20
57.190.0.0/19 maxlen: 19
57.190.16.0/24 maxlen: 24
57.190.17.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:5d:a8:64:23:55:ab:4c:84:fd:90:ed:e5:5f:b7:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
Validity
Not Before: Jan 1 22:04:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ebc31f6db0e0b6eb1db2d32a32ccb7208f09f9a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:2a:0c:30:44:f5:be:6e:4e:5e:c4:31:63:48:
c6:ab:0d:59:9c:03:30:3a:32:8e:5a:e3:cd:ad:69:
7e:0e:40:51:57:d2:5a:24:c1:f6:98:8f:7e:6e:74:
e6:84:46:01:e2:8c:df:46:6a:2e:ad:f1:f3:32:ac:
1e:fc:1a:64:22:9b:99:21:b7:5d:f2:a6:ec:60:da:
7d:57:e5:26:fd:65:e1:e1:54:f7:c6:ce:6c:a3:11:
de:45:cb:ab:7f:7a:0e:6f:7f:21:82:5f:23:86:3b:
62:4c:89:d7:96:43:f0:9a:5d:a6:19:b5:5d:3a:44:
aa:60:6a:07:b9:c4:cc:5b:56:b5:7c:94:9a:58:2c:
81:ad:39:df:a4:42:b5:29:34:8f:ba:d1:e2:1c:80:
10:74:52:f6:8b:c0:48:25:96:9c:6a:ac:6b:88:a3:
18:21:ee:3c:43:4a:01:ef:72:06:cd:1e:05:7d:92:
51:c5:75:a6:bd:c5:66:21:b7:41:7b:9f:1d:03:18:
03:32:ea:7a:f5:48:b5:bf:b6:df:e8:e6:0b:cf:00:
1c:1f:0e:22:1f:ca:ba:0b:40:9a:50:b6:c1:f4:d7:
9c:b6:a8:92:4d:e1:3b:05:c7:5a:86:dc:3e:b6:4a:
04:97:d3:e9:09:14:de:b0:b3:8e:64:6d:00:33:8a:
48:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:C3:1F:6D:B0:E0:B6:EB:1D:B2:D3:2A:32:CC:B7:20:8F:09:F9:A8
X509v3 Authority Key Identifier:
keyid:43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/68MfbbDgtusdstMqMsy3II8J-ag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.190.0.0/19
Signature Algorithm: sha256WithRSAEncryption
11:8c:09:44:40:f1:20:c8:a6:91:06:40:f2:30:f8:93:d3:23:
f2:22:51:c1:26:94:fa:ed:5a:46:51:de:54:f1:12:8e:56:59:
00:c2:22:76:8a:e7:f1:cb:ce:4f:b6:fd:04:b0:55:2b:9c:b6:
73:6b:b0:76:2c:17:47:ce:d9:75:5b:51:b9:88:23:57:df:79:
21:ff:ef:df:ff:af:e3:5d:80:2e:f5:e7:89:03:8b:12:67:87:
be:1f:bb:52:c0:4d:83:ba:bb:eb:22:d9:3d:0a:e1:13:04:3d:
76:a3:ab:08:cb:53:14:4b:35:71:f2:f3:47:de:1d:4b:6c:ea:
9f:3b:2f:80:8e:dc:38:05:ce:84:e1:71:50:cd:61:88:5e:ef:
1b:64:59:ab:b3:35:90:56:35:d4:f1:d9:c1:06:f0:d6:5f:5d:
bc:87:6f:74:dd:47:5d:db:d9:66:41:7b:13:e7:e4:16:eb:eb:
db:96:57:4d:fe:e8:53:ee:9d:c6:9e:f6:42:be:41:a4:91:8c:
6b:e5:83:af:19:af:a7:65:fc:93:87:cc:29:10:d9:0f:a3:f7:
41:68:b0:c9:69:70:03:88:1f:66:89:94:54:9f:37:f8:83:a9:
95:78:93:f3:e9:ff:d6:dc:26:f5:5d:9e:d1:73:ef:13:ab:e4:
9c:ce:20:a8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvXahkI1WrTIT9kO3lX7fKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZDViYTA4MTVjOWY1MTkzZjgwOTg5ZWU4OTNhY2FjYzRi
YTg4NDkwHhcNMjMwMTAxMjIwNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmMzMWY2ZGIwZTBiNmViMWRiMmQzMmEzMmNjYjcyMDhmMDlmOWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApSoMMET1vm5OXsQxY0jGqw1ZnAMw
OjKOWuPNrWl+DkBRV9JaJMH2mI9+bnTmhEYB4ozfRmourfHzMqwe/BpkIpuZIbdd
8qbsYNp9V+Um/WXh4VT3xs5soxHeRcurf3oOb38hgl8jhjtiTInXlkPwml2mGbVd
OkSqYGoHucTMW1a1fJSaWCyBrTnfpEK1KTSPutHiHIAQdFL2i8BIJZacaqxriKMY
Ie48Q0oB73IGzR4FfZJRxXWmvcVmIbdBe58dAxgDMup69Ui1v7bf6OYLzwAcHw4i
H8q6C0CaULbB9NectqiSTeE7Bcdahtw+tkoEl9PpCRTesLOOZG0AM4pIWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOvDH22w4LbrHbLTKjLMtyCPCfmoMB8GA1UdIwQY
MBaAFEPVuggVyfUZP4CYnuiTrKzEuohJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEt
ZTEzZTU1NzljNWRjLzEvNjhNZmJiRGd0dXNkc3RNcU1zeTNJSThKLWFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEtZTEzZTU1NzljNWRj
LzEvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFOb4AMA0G
CSqGSIb3DQEBCwUAA4IBAQARjAlEQPEgyKaRBkDyMPiT0yPyIlHBJpT67VpGUd5U
8RKOVlkAwiJ2iufxy85Ptv0EsFUrnLZza7B2LBdHztl1W1G5iCNX33kh/+/f/6/j
XYAu9eeJA4sSZ4e+H7tSwE2DurvrItk9CuETBD12o6sIy1MUSzVx8vNH3h1LbOqf
Oy+Ajtw4Bc6E4XFQzWGIXu8bZFmrszWQVjXU8dnBBvDWX128h2903Udd29lmQXsT
5+QW6+vblldN/uhT7p3GnvZCvkGkkYxr5YOvGa+nZfyTh8wpENkPo/dBaLDJaXAD
iB9miZRUnzf4g6mVeJPz6f/W3Cb1XZ7Rc+8Tq+ScziCo
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:17 2024 by rpki-client on console-fra.rpki-client.org