Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/otFZUvKdw52SmOPar5I2WN3NvDM.roa
File: otFZUvKdw52SmOPar5I2WN3NvDM.roa (raw, json)
Hash identifier: SPg/OCEAxTpA0d0irjT/H7lAkiN6SimSsodR3MspVFI=
Subject key identifier: A2:D1:59:52:F2:9D:C3:9D:92:98:E3:DA:AF:92:36:58:DD:CD:BC:33
Certificate issuer: /CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
Certificate serial: 018AD23932E14BD9B76A827B0AA01B115C8C
Authority key identifier: 43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/otFZUvKdw52SmOPar5I2WN3NvDM.roa
Signing time: Tue 26 Sep 2023 16:01:18 +0000
ROA not before: Tue 26 Sep 2023 16:01:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 132399
IP address blocks: 57.191.95.0/24 maxlen: 24
57.191.96.0/19 maxlen: 24
57.191.160.0/19 maxlen: 24
57.191.64.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d2:39:32:e1:4b:d9:b7:6a:82:7b:0a:a0:1b:11:5c:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
Validity
Not Before: Sep 26 16:01:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a2d15952f29dc39d9298e3daaf923658ddcdbc33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:23:69:8d:66:c0:36:04:63:66:b1:c0:08:8a:
26:3c:f6:92:8c:37:79:58:38:c0:9c:cf:bf:8a:c0:
19:4a:f5:78:b0:a0:ff:40:81:3b:59:fd:56:b2:62:
81:2e:57:c1:73:59:b0:3f:31:f7:12:85:6b:1a:a1:
44:f3:f3:62:2f:d2:47:7b:99:83:34:08:ba:f5:3c:
bc:f4:64:2c:b5:5e:36:42:f8:57:cd:18:32:3f:e9:
77:26:15:a5:78:8d:4e:a8:fb:86:44:3b:9b:72:17:
7a:cb:f2:91:1b:91:10:d4:80:4b:55:85:bb:7d:28:
0e:21:fd:83:85:ec:05:c6:ec:3a:2d:b3:70:b8:dc:
7d:70:e1:09:0e:88:71:36:79:09:52:92:02:bf:d5:
da:69:ba:69:4b:08:59:a0:0e:99:42:f7:02:70:74:
ef:3e:ff:29:b2:3c:d8:53:78:ea:7e:b7:4a:78:b6:
77:9c:07:88:15:3d:42:0b:ce:ff:94:d5:2d:aa:44:
ae:47:69:30:a1:64:29:f5:ad:19:cf:33:a2:99:bd:
5a:36:c5:52:ed:e8:92:6c:4f:ac:19:28:33:44:37:
32:d0:66:c6:a6:54:34:12:ca:76:54:df:37:f5:1c:
55:26:0e:c6:a6:2c:97:3b:dd:5a:f9:59:45:88:64:
f3:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:D1:59:52:F2:9D:C3:9D:92:98:E3:DA:AF:92:36:58:DD:CD:BC:33
X509v3 Authority Key Identifier:
keyid:43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/otFZUvKdw52SmOPar5I2WN3NvDM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.191.64.0/22
57.191.95.0-57.191.127.255
57.191.160.0/19
Signature Algorithm: sha256WithRSAEncryption
47:6f:52:07:db:49:0f:fb:79:2b:60:38:8f:e4:20:35:f6:e4:
1f:d7:6c:bb:62:05:cf:20:89:4b:11:dc:3f:04:0c:61:be:90:
8b:28:91:1a:c4:fe:99:da:56:d8:e0:1c:c1:af:87:a9:a6:29:
c9:58:af:87:fb:2b:8a:fb:cc:d2:9f:dc:0b:ed:11:e7:1e:58:
93:b4:2c:bb:a0:46:9a:5d:47:7f:66:5e:5c:9e:bb:83:58:4c:
ca:d9:a6:ce:d5:c7:c6:12:9a:84:31:eb:69:b1:66:2a:bf:18:
5e:2c:30:16:67:b0:9f:e9:b7:e5:f5:10:54:25:c7:90:e2:13:
86:ac:84:7f:58:08:c8:ca:48:75:c1:1a:27:a3:10:f0:a6:8b:
6a:a1:84:8e:2b:d0:e6:2f:28:d9:0e:d1:0a:c7:c8:e8:0f:6b:
b1:36:70:60:89:b4:02:d9:88:d1:80:4d:64:c3:16:5a:5f:50:
b9:fe:64:23:4f:d3:40:e6:72:58:9b:75:a9:84:34:f6:6e:6f:
6d:a5:1e:f6:0d:e6:64:8c:f8:ab:89:58:b0:50:92:c1:86:14:
21:88:02:93:78:5f:ff:53:1f:28:06:1f:4d:04:50:d0:6a:fd:
db:37:31:7d:36:b4:25:f7:e1:46:a7:bc:d3:5f:99:11:d7:0d:
d7:79:2d:a8
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYrSOTLhS9m3aoJ7CqAbEVyMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZDViYTA4MTVjOWY1MTkzZjgwOTg5ZWU4OTNhY2FjYzRi
YTg4NDkwHhcNMjMwOTI2MTYwMTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmQxNTk1MmYyOWRjMzlkOTI5OGUzZGFhZjkyMzY1OGRkY2RiYzMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkyNpjWbANgRjZrHACIomPPaSjDd5
WDjAnM+/isAZSvV4sKD/QIE7Wf1WsmKBLlfBc1mwPzH3EoVrGqFE8/NiL9JHe5mD
NAi69Ty89GQstV42QvhXzRgyP+l3JhWleI1OqPuGRDubchd6y/KRG5EQ1IBLVYW7
fSgOIf2DhewFxuw6LbNwuNx9cOEJDohxNnkJUpICv9XaabppSwhZoA6ZQvcCcHTv
Pv8psjzYU3jqfrdKeLZ3nAeIFT1CC87/lNUtqkSuR2kwoWQp9a0ZzzOimb1aNsVS
7eiSbE+sGSgzRDcy0GbGplQ0Esp2VN839RxVJg7GpiyXO91a+VlFiGTzpQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFKLRWVLyncOdkpjj2q+SNljdzbwzMB8GA1UdIwQY
MBaAFEPVuggVyfUZP4CYnuiTrKzEuohJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEt
ZTEzZTU1NzljNWRjLzEvb3RGWlV2S2R3NTJTbU9QYXI1STJXTjNOdkRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEtZTEzZTU1NzljNWRj
LzEvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCOb9AMAwD
BAA5v18DBAc5vwADBAU5v6AwDQYJKoZIhvcNAQELBQADggEBAEdvUgfbSQ/7eStg
OI/kIDX25B/XbLtiBc8giUsR3D8EDGG+kIsokRrE/pnaVtjgHMGvh6mmKclYr4f7
K4r7zNKf3AvtEeceWJO0LLugRppdR39mXlyeu4NYTMrZps7Vx8YSmoQx62mxZiq/
GF4sMBZnsJ/pt+X1EFQlx5DiE4ashH9YCMjKSHXBGiejEPCmi2qhhI4r0OYvKNkO
0QrHyOgPa7E2cGCJtALZiNGATWTDFlpfULn+ZCNP00DmclibdamENPZub22lHvYN
5mSM+KuJWLBQksGGFCGIApN4X/9THygGH00EUNBq/ds3MX02tCX34UanvNNfmRHX
Ddd5Lag=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:48 2024 by rpki-client on console-ams.rpki-client.org