Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/EAfF6qTVvUJc37WpspmxxmQwBnw.roa
File: EAfF6qTVvUJc37WpspmxxmQwBnw.roa (raw, json)
Hash identifier: wIekeXN08Mmz40ttVLLu1plL3WPwvPAuDanveTVizt0=
Subject key identifier: 10:07:C5:EA:A4:D5:BD:42:5C:DF:B5:A9:B2:99:B1:C6:64:30:06:7C
Certificate issuer: /CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
Certificate serial: 01909C29A94A6C20C07586212BCDCB33B2BC
Authority key identifier: 43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/EAfF6qTVvUJc37WpspmxxmQwBnw.roa
Signing time: Wed 10 Jul 2024 10:21:34 +0000
ROA not before: Wed 10 Jul 2024 10:21:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198912
IP address blocks: 57.191.127.0/24 maxlen: 24
57.191.192.0/19 maxlen: 24
57.191.224.0/19 maxlen: 24
57.250.220.0/24 maxlen: 24
57.250.255.0/24 maxlen: 24
2a0a:90c2::/36 maxlen: 36
2a0a:90c2:1000::/36 maxlen: 36
Validation: Failed, certificate revoked on Tue 30 Jul 2024 10:05:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:9c:29:a9:4a:6c:20:c0:75:86:21:2b:cd:cb:33:b2:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
Validity
Not Before: Jul 10 10:21:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1007c5eaa4d5bd425cdfb5a9b299b1c66430067c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:41:c6:c6:02:e6:ce:7c:13:3a:58:b0:69:84:
56:c9:d2:34:99:9b:0d:5a:87:98:35:48:4e:ce:49:
ef:8e:58:17:67:d1:36:a2:96:4e:4e:ff:3d:1c:7c:
48:a1:0b:42:28:60:59:9c:60:f2:d9:0c:3d:14:cc:
65:20:ba:29:a3:07:be:2e:50:0d:ae:96:bb:36:85:
43:df:ab:e0:7b:4f:4d:f4:84:9b:1d:84:43:cb:54:
c2:12:67:95:9d:90:3c:37:72:67:2e:71:57:5a:fa:
e1:82:fa:d0:3b:1c:20:5c:60:2d:9d:66:8d:27:ad:
b8:e8:75:52:5e:c5:6a:73:26:e0:ee:a6:89:40:06:
00:04:0e:4e:ff:d1:27:01:d1:ac:a4:e6:b0:a2:1a:
66:76:62:39:75:96:d9:c3:8c:7a:80:51:be:6c:9d:
25:78:d7:11:31:64:bd:d6:c9:c4:8b:bd:f8:88:73:
75:28:a0:04:ea:87:66:dd:ca:8e:f7:32:94:57:e6:
96:de:6a:23:ee:0e:e6:4b:50:6f:ff:90:b3:63:f9:
33:ec:76:9c:04:40:cb:dc:2b:53:38:1f:5a:3a:5d:
63:3f:fc:7a:4c:55:1d:1f:75:5b:0e:35:09:a4:0c:
7d:83:de:18:18:0b:98:27:a1:28:d0:09:67:3a:9b:
fb:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:07:C5:EA:A4:D5:BD:42:5C:DF:B5:A9:B2:99:B1:C6:64:30:06:7C
X509v3 Authority Key Identifier:
keyid:43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/EAfF6qTVvUJc37WpspmxxmQwBnw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.191.127.0/24
57.191.192.0/18
57.250.220.0/24
57.250.255.0/24
IPv6:
2a0a:90c2::/35
Signature Algorithm: sha256WithRSAEncryption
18:16:e9:3e:5b:2a:97:77:cb:61:ea:33:15:53:c0:3f:0d:be:
f9:22:63:bf:ac:46:35:dd:11:3c:0b:03:67:31:6a:6c:20:6a:
dd:3d:8e:0c:4d:a1:63:10:b2:13:48:ce:35:81:df:65:bd:17:
c1:23:0f:fa:f1:8e:2e:08:63:26:53:86:2b:15:57:9a:45:89:
72:c1:e5:a0:b1:06:f6:83:15:32:63:d4:83:b9:8f:f3:ae:5c:
a8:d9:20:27:9c:7c:f7:63:f1:68:de:41:05:5c:b8:e6:4e:bd:
2b:c5:3f:4e:6c:b2:f8:96:87:89:74:92:d9:4e:9e:d0:6a:f3:
10:01:74:fa:43:cf:95:19:62:77:50:fd:f3:70:af:fa:04:e1:
aa:bb:ed:55:af:85:5e:09:73:9e:db:f2:96:07:a8:69:cb:e9:
1e:ce:b6:40:7b:be:f7:c6:45:7b:bc:3b:af:66:b1:18:e3:c5:
ca:f8:22:bc:48:02:c8:0a:2a:d8:68:bf:a4:a1:46:46:d5:68:
35:3e:68:0f:89:dc:a1:dd:46:ce:b9:ba:57:80:b6:57:71:06:
f9:82:7b:18:94:6e:87:13:84:b1:99:75:eb:15:bd:64:99:68:
c7:34:03:a2:8b:5e:2d:a5:0b:f9:34:92:bd:56:f9:61:fa:91:
dd:d8:64:3d
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZCcKalKbCDAdYYhK83LM7K8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZDViYTA4MTVjOWY1MTkzZjgwOTg5ZWU4OTNhY2FjYzRi
YTg4NDkwHhcNMjQwNzEwMTAyMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDA3YzVlYWE0ZDViZDQyNWNkZmI1YTliMjk5YjFjNjY0MzAwNjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnkHGxgLmznwTOliwaYRWydI0mZsN
WoeYNUhOzknvjlgXZ9E2opZOTv89HHxIoQtCKGBZnGDy2Qw9FMxlILopowe+LlAN
rpa7NoVD36vge09N9ISbHYRDy1TCEmeVnZA8N3JnLnFXWvrhgvrQOxwgXGAtnWaN
J6246HVSXsVqcybg7qaJQAYABA5O/9EnAdGspOawohpmdmI5dZbZw4x6gFG+bJ0l
eNcRMWS91snEi734iHN1KKAE6odm3cqO9zKUV+aW3moj7g7mS1Bv/5CzY/kz7Hac
BEDL3CtTOB9aOl1jP/x6TFUdH3VbDjUJpAx9g94YGAuYJ6Eo0AlnOpv78wIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFBAHxeqk1b1CXN+1qbKZscZkMAZ8MB8GA1UdIwQY
MBaAFEPVuggVyfUZP4CYnuiTrKzEuohJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEt
ZTEzZTU1NzljNWRjLzEvRUFmRjZxVFZ2VUpjMzdXcHNwbXh4bVF3Qm53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEtZTEzZTU1NzljNWRj
LzEvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAeBAIAATAYAwQAOb9/AwQG
Ob/AAwQAOfrcAwQAOfr/MA4EAgACMAgDBgUqCpDCADANBgkqhkiG9w0BAQsFAAOC
AQEAGBbpPlsql3fLYeozFVPAPw2++SJjv6xGNd0RPAsDZzFqbCBq3T2ODE2hYxCy
E0jONYHfZb0XwSMP+vGOLghjJlOGKxVXmkWJcsHloLEG9oMVMmPUg7mP865cqNkg
J5x892PxaN5BBVy45k69K8U/Tmyy+JaHiXSS2U6e0GrzEAF0+kPPlRlid1D983Cv
+gThqrvtVa+FXglzntvylgeoacvpHs62QHu+98ZFe7w7r2axGOPFyvgivEgCyAoq
2Gi/pKFGRtVoNT5oD4ncod1Gzrm6V4C2V3EG+YJ7GJRuhxOEsZl16xW9ZJloxzQD
ooteLaUL+TSSvVb5YfqR3dhkPQ==
-----END CERTIFICATE-----
Generated at Tue Jul 30 11:55:49 2024 by rpki-client on console-fra.rpki-client.org