Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/tPR8tGQ20KJs9RJXFbGHSyEIUlc.roa
File: tPR8tGQ20KJs9RJXFbGHSyEIUlc.roa (raw, json)
Hash identifier: M+IQ7xrv58V7cDLbc9K/OFnGxy2SizSZDCppn2fdbEU=
Subject key identifier: B4:F4:7C:B4:64:36:D0:A2:6C:F5:12:57:15:B1:87:4B:21:08:52:57
Certificate issuer: /CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
Certificate serial: 01856F5DA73EECB8B7560F2E8789007249D3
Authority key identifier: 43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/tPR8tGQ20KJs9RJXFbGHSyEIUlc.roa
Signing time: Sun 01 Jan 2023 22:04:46 +0000
ROA not before: Sun 01 Jan 2023 22:04:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205080
IP address blocks: 57.188.0.0/18 maxlen: 24
2a0a:90c0:1000::/40 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:5d:a7:3e:ec:b8:b7:56:0f:2e:87:89:00:72:49:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
Validity
Not Before: Jan 1 22:04:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b4f47cb46436d0a26cf5125715b1874b21085257
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:7a:20:44:ad:09:19:72:63:63:d8:0b:bb:0a:
96:ae:07:b5:36:ff:ad:c3:9a:8f:c6:d8:ab:45:14:
3f:20:b7:aa:d9:e8:7d:9e:36:df:3b:27:0d:69:4d:
cc:bd:82:26:36:0c:a3:81:fe:95:7b:c5:be:74:1c:
29:a9:67:78:47:c4:3e:a7:f0:8c:4e:11:16:ef:9f:
e5:19:a7:b0:69:5b:51:57:bc:7f:33:29:91:84:ed:
a1:06:bb:56:ff:2e:00:0f:ae:4a:a8:fc:fd:9b:93:
2d:98:64:56:2d:2e:20:77:c9:ec:6b:8f:47:d1:f7:
a6:91:0a:98:e5:4f:e2:ca:32:f0:72:57:bf:1f:01:
79:bf:4c:4a:fd:05:98:27:f7:da:05:25:17:8f:dd:
ff:2c:11:ab:12:ce:b0:cc:67:9d:ed:a3:a9:b6:c2:
91:cf:3d:9b:84:93:c0:8b:77:27:43:a4:a0:33:99:
38:06:1c:27:4f:a8:74:20:01:57:85:33:3b:92:6e:
53:93:10:71:6c:28:2c:c7:b6:7c:a5:6b:10:5f:07:
2f:a8:54:03:42:06:1b:01:f6:56:f6:af:e8:d9:a9:
24:40:5a:f2:30:a4:1e:82:79:79:7e:4f:13:47:d1:
1b:f8:5e:49:7d:c3:49:47:cd:74:ea:15:a6:47:e0:
ce:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:F4:7C:B4:64:36:D0:A2:6C:F5:12:57:15:B1:87:4B:21:08:52:57
X509v3 Authority Key Identifier:
keyid:43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/tPR8tGQ20KJs9RJXFbGHSyEIUlc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.188.0.0/18
IPv6:
2a0a:90c0:1000::/40
Signature Algorithm: sha256WithRSAEncryption
60:bc:4c:c9:28:a5:3c:6f:18:12:98:3e:86:b5:ff:da:38:c2:
bc:d8:6d:16:a5:9a:2b:ab:b1:98:c1:df:06:a4:88:29:cf:1d:
1a:fe:1d:66:ef:29:43:50:33:96:a0:ec:c9:74:8b:04:20:e6:
1e:3d:44:86:97:d3:bc:b7:2e:7e:a4:c9:e9:77:04:09:ac:0e:
aa:d6:2d:59:1f:59:2d:50:1a:7b:45:d0:83:3f:c0:53:21:52:
61:f6:ce:2f:62:12:68:5f:93:65:f0:f5:57:38:88:db:df:75:
68:40:5a:2f:6b:37:b1:df:07:15:9a:16:07:25:b4:8d:a2:20:
8d:5c:17:45:18:59:a8:fd:d7:00:de:21:b8:2d:3f:4a:92:96:
6c:52:59:d8:c0:73:59:67:90:eb:ee:cd:57:16:93:04:e8:da:
b4:72:dd:60:23:45:ab:62:18:86:f3:35:c3:90:cf:4a:ac:d9:
45:56:10:d7:0e:ce:b8:e7:b0:5b:60:94:4f:c7:76:93:8f:3f:
9c:0d:a2:67:ee:42:9e:f3:6c:dc:fa:88:ba:51:00:8a:de:3e:
10:21:10:51:08:4e:f0:98:da:a1:6d:8e:ad:0f:93:f2:95:5b:
df:89:cd:ed:ea:c0:94:12:0d:73:8e:55:b0:2c:47:3d:c4:b9:
63:0d:f5:0e
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVvXac+7Li3Vg8uh4kAcknTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZDViYTA4MTVjOWY1MTkzZjgwOTg5ZWU4OTNhY2FjYzRi
YTg4NDkwHhcNMjMwMTAxMjIwNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGY0N2NiNDY0MzZkMGEyNmNmNTEyNTcxNWIxODc0YjIxMDg1MjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl3ogRK0JGXJjY9gLuwqWrge1Nv+t
w5qPxtirRRQ/ILeq2eh9njbfOycNaU3MvYImNgyjgf6Ve8W+dBwpqWd4R8Q+p/CM
ThEW75/lGaewaVtRV7x/MymRhO2hBrtW/y4AD65KqPz9m5MtmGRWLS4gd8nsa49H
0femkQqY5U/iyjLwcle/HwF5v0xK/QWYJ/faBSUXj93/LBGrEs6wzGed7aOptsKR
zz2bhJPAi3cnQ6SgM5k4BhwnT6h0IAFXhTM7km5TkxBxbCgsx7Z8pWsQXwcvqFQD
QgYbAfZW9q/o2akkQFryMKQegnl5fk8TR9Eb+F5JfcNJR8106hWmR+DOEQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFLT0fLRkNtCibPUSVxWxh0shCFJXMB8GA1UdIwQY
MBaAFEPVuggVyfUZP4CYnuiTrKzEuohJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEt
ZTEzZTU1NzljNWRjLzEvdFBSOHRHUTIwS0pzOVJKWEZiR0hTeUVJVWxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEtZTEzZTU1NzljNWRj
LzEvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQGObwAMA4E
AgACMAgDBgAqCpDAEDANBgkqhkiG9w0BAQsFAAOCAQEAYLxMySilPG8YEpg+hrX/
2jjCvNhtFqWaK6uxmMHfBqSIKc8dGv4dZu8pQ1AzlqDsyXSLBCDmHj1EhpfTvLcu
fqTJ6XcECawOqtYtWR9ZLVAae0XQgz/AUyFSYfbOL2ISaF+TZfD1VziI2991aEBa
L2s3sd8HFZoWByW0jaIgjVwXRRhZqP3XAN4huC0/SpKWbFJZ2MBzWWeQ6+7NVxaT
BOjatHLdYCNFq2IYhvM1w5DPSqzZRVYQ1w7OuOewW2CUT8d2k48/nA2iZ+5CnvNs
3PqIulEAit4+ECEQUQhO8JjaoW2OrQ+T8pVb34nN7erAlBINc45VsCxHPcS5Yw31
Dg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:17 2024 by rpki-client on console-fra.rpki-client.org