Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/80b481-6535-40a3-81a8-313a4c163b10/1/iLBR1ccK-0-MIV8Cwmd4GtTZKt0.roa
File: iLBR1ccK-0-MIV8Cwmd4GtTZKt0.roa (raw, json)
Hash identifier: ZwHVcn+D+44OeyHFNUDxlFlwQBfjcFrfC9wvelh9I8Y=
Subject key identifier: 88:B0:51:D5:C7:0A:FB:4F:8C:21:5F:02:C2:67:78:1A:D4:D9:2A:DD
Certificate issuer: /CN=c4ddfe0f4bfb6982f1960ab2a3fae7a2fb457a93
Certificate serial: 0189D743C9049FF49C2BB4AD7A591240468B
Authority key identifier: C4:DD:FE:0F:4B:FB:69:82:F1:96:0A:B2:A3:FA:E7:A2:FB:45:7A:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xN3-D0v7aYLxlgqyo_rnovtFepM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/80b481-6535-40a3-81a8-313a4c163b10/1/iLBR1ccK-0-MIV8Cwmd4GtTZKt0.roa
Signing time: Tue 08 Aug 2023 22:28:11 +0000
ROA not before: Tue 08 Aug 2023 22:28:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42229
IP address blocks: 2.57.2.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:d7:43:c9:04:9f:f4:9c:2b:b4:ad:7a:59:12:40:46:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ddfe0f4bfb6982f1960ab2a3fae7a2fb457a93
Validity
Not Before: Aug 8 22:28:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=88b051d5c70afb4f8c215f02c267781ad4d92add
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:2c:2c:2a:a9:84:c9:fb:9e:b4:a2:21:8c:b8:
e2:fe:4c:85:d4:b1:87:03:73:90:41:28:75:b5:cb:
80:92:05:de:45:6e:54:86:40:1d:3d:8a:bc:9d:93:
90:22:58:86:c1:6f:4b:ab:f0:b5:ce:3f:60:75:8d:
29:59:0e:5f:74:15:75:b0:51:bc:15:55:c7:a4:1e:
d7:8d:45:28:75:35:ff:6b:fa:e8:22:80:ba:3f:0a:
55:c3:5d:c9:4d:96:78:2b:19:08:e3:1a:6c:73:4c:
a4:b2:ad:55:43:64:cd:23:fc:85:8f:15:df:fc:87:
1d:55:de:5e:d0:50:4f:98:08:47:0a:9c:5c:23:e4:
97:6f:60:8e:da:46:5c:55:32:e4:a5:84:8b:3d:01:
ac:31:6d:9c:ae:2c:4f:d2:13:ad:fb:d7:4c:1f:c4:
88:2f:03:a4:fb:4c:ae:b8:aa:31:2f:20:5d:83:05:
48:01:78:02:47:f3:dc:ca:f3:e0:3b:6e:d9:41:1a:
cd:3a:b9:7f:f4:1b:8c:88:37:4b:c5:8d:8e:0f:2c:
1a:dd:0c:cd:5d:ef:2a:e7:cc:94:0d:41:51:6a:d4:
2c:6e:cf:42:60:f7:19:90:65:67:1c:a3:b4:fc:c5:
ae:ed:0b:41:53:48:8d:bd:18:fc:cb:b8:05:f3:45:
9d:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:B0:51:D5:C7:0A:FB:4F:8C:21:5F:02:C2:67:78:1A:D4:D9:2A:DD
X509v3 Authority Key Identifier:
keyid:C4:DD:FE:0F:4B:FB:69:82:F1:96:0A:B2:A3:FA:E7:A2:FB:45:7A:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xN3-D0v7aYLxlgqyo_rnovtFepM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/80b481-6535-40a3-81a8-313a4c163b10/1/iLBR1ccK-0-MIV8Cwmd4GtTZKt0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/80b481-6535-40a3-81a8-313a4c163b10/1/xN3-D0v7aYLxlgqyo_rnovtFepM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.2.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:de:00:36:37:02:12:e5:92:63:e2:ad:4f:fd:b4:c6:82:1e:
cd:ad:52:a2:58:1b:3d:0a:d7:dc:14:bf:d2:6a:94:6f:be:b6:
be:a5:89:b0:12:59:35:a0:84:51:8c:91:66:00:a1:dc:75:14:
2f:73:3b:bb:e8:0f:01:58:57:65:d5:c9:1b:e4:e5:7c:61:0a:
27:b6:79:d9:b5:f4:1a:1a:42:dc:9b:17:00:f1:d7:04:4f:a7:
8f:e9:85:96:16:ac:a4:89:11:71:38:59:55:37:9f:78:dc:34:
1e:c0:99:f9:92:aa:70:e2:8e:80:7e:2d:d5:d3:b5:59:84:ec:
bc:bf:d8:48:53:e0:aa:ea:9f:db:a4:15:42:64:5e:63:7c:04:
1f:6f:46:31:66:c9:54:aa:b3:d2:4c:c1:9a:93:15:d5:11:2d:
33:4b:d5:42:7f:7c:60:df:e7:ad:6d:21:76:03:6c:ac:f1:55:
7b:9b:67:85:25:01:94:8e:1b:6a:0f:98:94:e6:e9:c3:1b:57:
21:cf:58:92:58:64:7e:0a:4e:15:1d:88:3e:fb:3a:3d:ad:e3:
b3:04:35:ed:6b:2b:cf:f3:30:5a:85:16:84:d5:0a:ca:7c:58:
3a:48:e7:11:c3:46:7e:f4:c4:55:08:3d:ba:d7:2f:9b:ae:9f:
e9:ca:a1:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYnXQ8kEn/ScK7StelkSQEaLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0ZGRmZTBmNGJmYjY5ODJmMTk2MGFiMmEzZmFlN2EyZmI0
NTdhOTMwHhcNMjMwODA4MjIyODExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGIwNTFkNWM3MGFmYjRmOGMyMTVmMDJjMjY3NzgxYWQ0ZDkyYWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsiwsKqmEyfuetKIhjLji/kyF1LGH
A3OQQSh1tcuAkgXeRW5UhkAdPYq8nZOQIliGwW9Lq/C1zj9gdY0pWQ5fdBV1sFG8
FVXHpB7XjUUodTX/a/roIoC6PwpVw13JTZZ4KxkI4xpsc0yksq1VQ2TNI/yFjxXf
/IcdVd5e0FBPmAhHCpxcI+SXb2CO2kZcVTLkpYSLPQGsMW2crixP0hOt+9dMH8SI
LwOk+0yuuKoxLyBdgwVIAXgCR/PcyvPgO27ZQRrNOrl/9BuMiDdLxY2ODywa3QzN
Xe8q58yUDUFRatQsbs9CYPcZkGVnHKO0/MWu7QtBU0iNvRj8y7gF80WdcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIiwUdXHCvtPjCFfAsJneBrU2SrdMB8GA1UdIwQY
MBaAFMTd/g9L+2mC8ZYKsqP656L7RXqTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveE4zLUQwdjdhWUx4bGdxeW9fcm5vdnRGZXBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84MGI0ODEtNjUzNS00MGEzLTgxYTgt
MzEzYTRjMTYzYjEwLzEvaUxCUjFjY0stMC1NSVY4Q3dtZDRHdFRaS3QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84MGI0ODEtNjUzNS00MGEzLTgxYTgtMzEzYTRjMTYzYjEw
LzEveE4zLUQwdjdhWUx4bGdxeW9fcm5vdnRGZXBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAjkCMA0G
CSqGSIb3DQEBCwUAA4IBAQAK3gA2NwIS5ZJj4q1P/bTGgh7NrVKiWBs9CtfcFL/S
apRvvra+pYmwElk1oIRRjJFmAKHcdRQvczu76A8BWFdl1ckb5OV8YQontnnZtfQa
GkLcmxcA8dcET6eP6YWWFqykiRFxOFlVN5943DQewJn5kqpw4o6Afi3V07VZhOy8
v9hIU+Cq6p/bpBVCZF5jfAQfb0YxZslUqrPSTMGakxXVES0zS9VCf3xg3+etbSF2
A2ys8VV7m2eFJQGUjhtqD5iU5unDG1chz1iSWGR+Ck4VHYg++zo9reOzBDXtayvP
8zBahRaE1QrKfFg6SOcRw0Z+9MRVCD261y+brp/pyqFw
-----END CERTIFICATE-----
Generated at Wed Aug 30 11:53:16 2023 by rpki-client on console-ams.rpki-client.org