Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/JRd6GYh5D5S4VSYUoej1xm2JXtk.roa
File: JRd6GYh5D5S4VSYUoej1xm2JXtk.roa (raw, json)
Hash identifier: vLNkCEzMJfSN5qwQtJslqvynVlvD3v0AuJih9BiXWQo=
Subject key identifier: 25:17:7A:19:88:79:0F:94:B8:55:26:14:A1:E8:F5:C6:6D:89:5E:D9
Certificate issuer: /CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
Certificate serial: 018CF421201EF4B4FB09D66CA1E07DEE0538
Authority key identifier: 43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/JRd6GYh5D5S4VSYUoej1xm2JXtk.roa
Signing time: Wed 10 Jan 2024 16:07:40 +0000
ROA not before: Wed 10 Jan 2024 16:07:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198912
IP address blocks: 57.191.0.0/21 maxlen: 24
57.191.224.0/19 maxlen: 24
57.250.220.0/24 maxlen: 24
57.191.127.0/24 maxlen: 24
57.191.192.0/19 maxlen: 24
2a0a:90c2:1000::/36 maxlen: 36
2a0a:90c2::/36 maxlen: 36
Validation: Failed, certificate revoked on Thu 01 Feb 2024 16:28:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f4:21:20:1e:f4:b4:fb:09:d6:6c:a1:e0:7d:ee:05:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
Validity
Not Before: Jan 10 16:07:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=25177a1988790f94b8552614a1e8f5c66d895ed9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:7d:19:36:35:1d:21:5c:b1:a2:ed:5d:6a:23:
21:06:71:33:4d:10:8e:60:26:c9:14:a2:e7:f4:61:
3e:2b:91:e7:a0:a9:bc:09:d0:77:21:e2:43:ec:b9:
04:11:6c:a5:4a:65:27:ff:c8:9d:7e:ce:f7:24:7f:
82:b8:2c:d3:0d:ef:14:43:2c:66:b8:64:11:d8:0a:
99:c8:6c:8f:c8:21:6a:42:d2:03:4d:73:0e:af:5a:
af:89:71:a3:e9:04:c8:5b:e2:6d:9c:66:70:2a:bc:
67:8b:c6:96:45:3e:70:9b:0c:7e:4d:1b:1a:f0:4c:
3d:d5:bc:40:5a:ce:9d:fa:8a:a5:cb:51:90:c0:80:
27:b5:1a:ff:b7:fc:57:16:85:d6:73:71:ec:56:b0:
bc:8b:c0:d5:f4:04:c1:9a:c3:ac:a8:f1:ac:06:0f:
78:a8:39:b3:20:03:3f:09:ce:bc:b0:f5:4e:ab:4c:
ef:a5:eb:83:1b:96:c5:77:04:13:96:4b:ec:4f:8f:
4d:8e:9e:03:a9:1d:d0:b9:5c:57:e9:21:7b:80:28:
a1:7a:e5:23:6f:d9:97:87:be:d2:c2:ec:3f:cb:a2:
fb:9c:5e:37:1b:62:5b:a2:4e:5b:40:b8:7a:56:f5:
54:b2:72:a6:b3:d1:59:35:22:a2:8d:17:64:ef:0f:
45:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:17:7A:19:88:79:0F:94:B8:55:26:14:A1:E8:F5:C6:6D:89:5E:D9
X509v3 Authority Key Identifier:
keyid:43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/JRd6GYh5D5S4VSYUoej1xm2JXtk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.191.0.0/21
57.191.127.0/24
57.191.192.0/18
57.250.220.0/24
IPv6:
2a0a:90c2::/35
Signature Algorithm: sha256WithRSAEncryption
19:f3:bd:14:52:b7:ce:5c:91:e6:e3:6f:d1:c4:74:a5:99:ee:
9f:37:86:c1:ce:84:d9:6d:5d:b5:55:a6:bf:12:b8:9a:35:30:
b9:9d:89:9f:25:41:75:96:98:db:e4:13:1f:53:50:25:e5:e2:
3e:f5:7f:aa:c4:45:06:ac:e5:41:66:f5:f1:9d:6a:f3:a0:21:
c3:ec:a5:0b:dd:8f:a2:f7:f2:28:4d:ef:2b:09:4d:64:7d:fa:
4d:bd:f9:af:ad:ff:cb:a4:b0:eb:ea:3c:ef:c4:da:40:1e:ae:
4c:bc:0b:6f:24:17:22:c3:86:f9:b9:3d:7f:55:f4:d0:18:71:
81:37:40:1c:30:11:1c:ef:ce:c2:02:2b:65:98:2f:0e:a4:2a:
a8:6d:3b:d3:4f:96:f1:59:a5:ba:58:e3:53:f4:8d:51:8c:e0:
c2:4f:6b:bd:63:22:ab:bb:e0:34:a6:88:26:f0:06:06:87:48:
26:f3:e6:dc:20:60:a1:4b:34:22:6f:87:91:0f:91:41:98:9a:
42:bf:a7:5a:f4:c8:9e:dd:7f:a1:87:44:e4:d2:8a:d4:01:74:
07:0d:58:74:ee:ad:bf:35:fc:91:40:b7:e4:b6:a9:39:3a:43:
4b:b0:8e:b8:94:ed:78:f9:a5:38:bc:43:da:4b:9b:3b:4d:a8:
1c:b7:75:3a
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYz0ISAe9LT7CdZsoeB97gU4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZDViYTA4MTVjOWY1MTkzZjgwOTg5ZWU4OTNhY2FjYzRi
YTg4NDkwHhcNMjQwMTEwMTYwNzQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTE3N2ExOTg4NzkwZjk0Yjg1NTI2MTRhMWU4ZjVjNjZkODk1ZWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA430ZNjUdIVyxou1daiMhBnEzTRCO
YCbJFKLn9GE+K5HnoKm8CdB3IeJD7LkEEWylSmUn/8idfs73JH+CuCzTDe8UQyxm
uGQR2AqZyGyPyCFqQtIDTXMOr1qviXGj6QTIW+JtnGZwKrxni8aWRT5wmwx+TRsa
8Ew91bxAWs6d+oqly1GQwIAntRr/t/xXFoXWc3HsVrC8i8DV9ATBmsOsqPGsBg94
qDmzIAM/Cc68sPVOq0zvpeuDG5bFdwQTlkvsT49Njp4DqR3QuVxX6SF7gCiheuUj
b9mXh77Swuw/y6L7nF43G2Jbok5bQLh6VvVUsnKms9FZNSKijRdk7w9F7wIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFCUXehmIeQ+UuFUmFKHo9cZtiV7ZMB8GA1UdIwQY
MBaAFEPVuggVyfUZP4CYnuiTrKzEuohJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEt
ZTEzZTU1NzljNWRjLzEvSlJkNkdZaDVENVM0VlNZVW9lajF4bTJKWHRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEtZTEzZTU1NzljNWRj
LzEvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAeBAIAATAYAwQDOb8AAwQA
Ob9/AwQGOb/AAwQAOfrcMA4EAgACMAgDBgUqCpDCADANBgkqhkiG9w0BAQsFAAOC
AQEAGfO9FFK3zlyR5uNv0cR0pZnunzeGwc6E2W1dtVWmvxK4mjUwuZ2JnyVBdZaY
2+QTH1NQJeXiPvV/qsRFBqzlQWb18Z1q86Ahw+ylC92PovfyKE3vKwlNZH36Tb35
r63/y6Sw6+o878TaQB6uTLwLbyQXIsOG+bk9f1X00BhxgTdAHDARHO/OwgIrZZgv
DqQqqG0700+W8VmluljjU/SNUYzgwk9rvWMiq7vgNKaIJvAGBodIJvPm3CBgoUs0
Im+HkQ+RQZiaQr+nWvTInt1/oYdE5NKK1AF0Bw1YdO6tvzX8kUC35LapOTpDS7CO
uJTtePmlOLxD2kubO02oHLd1Og==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:17 2024 by rpki-client on console-fra.rpki-client.org