Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/79dd9c-ce64-4b25-8f23-e6e8aae34826/1/TiNlH0l_QpNZiuR-b7y0cK0AWS0.roa
File: TiNlH0l_QpNZiuR-b7y0cK0AWS0.roa (raw, json)
Hash identifier: 4kRi5G+YCxvo+cujiKwxYp3j8VMVsn1VUNe2ZCnEgBc=
Subject key identifier: 4E:23:65:1F:49:7F:42:93:59:8A:E4:7E:6F:BC:B4:70:AD:00:59:2D
Certificate issuer: /CN=57b80e60b5adf45aeba5c0c8abccc63997a0f1db
Certificate serial: 018CC5014C94F921D298DBE84A046947EEC0
Authority key identifier: 57:B8:0E:60:B5:AD:F4:5A:EB:A5:C0:C8:AB:CC:C6:39:97:A0:F1:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V7gOYLWt9FrrpcDIq8zGOZeg8ds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/79dd9c-ce64-4b25-8f23-e6e8aae34826/1/TiNlH0l_QpNZiuR-b7y0cK0AWS0.roa
Signing time: Mon 01 Jan 2024 12:30:45 +0000
ROA not before: Mon 01 Jan 2024 12:30:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49902
IP address blocks: 213.55.0.0/18 maxlen: 18
109.122.128.0/18 maxlen: 18
185.147.224.0/22 maxlen: 22
5.57.96.0/19 maxlen: 19
5.57.110.0/24 maxlen: 24
2a00:a080::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 25 Jun 2024 12:39:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:4c:94:f9:21:d2:98:db:e8:4a:04:69:47:ee:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57b80e60b5adf45aeba5c0c8abccc63997a0f1db
Validity
Not Before: Jan 1 12:30:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4e23651f497f4293598ae47e6fbcb470ad00592d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:ee:44:ba:73:2d:da:82:6f:0f:bf:26:db:4d:
ad:ea:ab:c4:29:1d:c1:f8:bf:35:a1:f1:9f:83:b3:
b6:10:df:38:79:88:b0:f2:f0:2a:72:79:c9:1b:ff:
ea:38:e6:95:e6:83:05:95:3f:b1:23:52:f1:49:08:
17:ba:e2:87:36:4f:3b:4e:b6:0f:50:ce:e4:36:24:
6a:52:5d:e4:fa:ba:ec:96:c6:82:f3:83:38:2d:2b:
bc:d2:93:ec:f6:e8:33:dd:a2:81:00:7f:1c:de:e4:
c4:b8:72:8e:10:fe:6a:8f:e1:d7:9f:c0:6c:15:b4:
61:fb:f8:47:c0:51:3f:ea:46:c6:3b:b1:25:bc:0a:
03:33:b6:1a:05:88:90:e6:4c:eb:b2:00:13:b5:92:
5b:a9:16:ae:fe:44:74:0e:48:86:17:a2:53:dd:bd:
ae:2a:cc:39:bd:0d:19:f1:f4:d3:a8:9b:2e:63:f4:
d7:43:c2:2d:68:79:48:b1:cf:4d:c0:73:fc:84:ca:
a0:11:3f:9a:47:82:d6:95:f7:b8:02:54:cf:50:93:
ed:c1:46:30:12:bb:7b:2b:ec:4c:28:06:42:3a:6b:
ff:75:f0:6d:7d:7e:bb:81:7e:cc:49:5d:f8:3c:ab:
56:43:81:f2:62:9c:b6:28:48:d2:a6:86:7e:81:a6:
25:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:23:65:1F:49:7F:42:93:59:8A:E4:7E:6F:BC:B4:70:AD:00:59:2D
X509v3 Authority Key Identifier:
keyid:57:B8:0E:60:B5:AD:F4:5A:EB:A5:C0:C8:AB:CC:C6:39:97:A0:F1:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V7gOYLWt9FrrpcDIq8zGOZeg8ds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/79dd9c-ce64-4b25-8f23-e6e8aae34826/1/TiNlH0l_QpNZiuR-b7y0cK0AWS0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/79dd9c-ce64-4b25-8f23-e6e8aae34826/1/V7gOYLWt9FrrpcDIq8zGOZeg8ds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.96.0/19
109.122.128.0/18
185.147.224.0/22
213.55.0.0/18
IPv6:
2a00:a080::/32
Signature Algorithm: sha256WithRSAEncryption
8b:43:cd:09:34:e3:28:ee:69:4e:c5:57:34:de:e3:c2:ca:74:
38:42:06:53:a9:c1:24:17:17:16:9a:9d:41:90:ac:1c:59:36:
10:30:55:92:9a:8d:e6:56:1e:f9:a0:48:57:d3:8c:87:d5:ae:
95:85:43:7b:75:b3:bc:d8:1b:85:31:ea:f1:c5:8a:14:fc:2d:
36:42:40:23:36:e8:86:68:58:3c:0f:16:e2:43:88:86:67:f5:
f1:8d:80:d2:e7:47:70:0e:83:30:67:2a:01:6a:26:db:77:ee:
50:e7:d8:14:1a:45:d8:92:7b:41:4d:f8:0b:f8:1b:44:fe:af:
38:3a:38:fb:ea:11:98:62:d9:d7:a2:3f:de:f8:71:eb:5b:a1:
1f:f3:b8:32:92:7a:a8:60:b3:45:6c:64:a4:fd:c6:f8:0e:47:
bc:a7:0c:01:d2:9b:9f:00:55:69:3c:1d:a2:26:aa:fa:f5:c1:
2f:ef:88:3c:c9:00:26:a8:cf:1e:8c:95:3c:cd:8d:d0:e4:40:
76:10:b8:39:bf:fc:b1:1a:3e:26:af:a5:cc:71:f3:15:54:46:
45:f2:7d:08:b3:bf:15:89:c3:33:9b:c5:12:cb:2c:f0:25:a0:
c2:9c:a3:b2:dd:f7:a5:52:53:58:ba:c3:2d:90:83:b9:5c:20:
98:a4:49:32
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzFAUyU+SHSmNvoSgRpR+7AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3YjgwZTYwYjVhZGY0NWFlYmE1YzBjOGFiY2NjNjM5OTdh
MGYxZGIwHhcNMjQwMTAxMTIzMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTIzNjUxZjQ5N2Y0MjkzNTk4YWU0N2U2ZmJjYjQ3MGFkMDA1OTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqe5EunMt2oJvD78m202t6qvEKR3B
+L81ofGfg7O2EN84eYiw8vAqcnnJG//qOOaV5oMFlT+xI1LxSQgXuuKHNk87TrYP
UM7kNiRqUl3k+rrslsaC84M4LSu80pPs9ugz3aKBAH8c3uTEuHKOEP5qj+HXn8Bs
FbRh+/hHwFE/6kbGO7ElvAoDM7YaBYiQ5kzrsgATtZJbqRau/kR0DkiGF6JT3b2u
Ksw5vQ0Z8fTTqJsuY/TXQ8ItaHlIsc9NwHP8hMqgET+aR4LWlfe4AlTPUJPtwUYw
Ert7K+xMKAZCOmv/dfBtfX67gX7MSV34PKtWQ4HyYpy2KEjSpoZ+gaYlTwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFE4jZR9Jf0KTWYrkfm+8tHCtAFktMB8GA1UdIwQY
MBaAFFe4DmC1rfRa66XAyKvMxjmXoPHbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjdnT1lMV3Q5RnJycGNESXE4ekdPWmVnOGRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi83OWRkOWMtY2U2NC00YjI1LThmMjMt
ZTZlOGFhZTM0ODI2LzEvVGlObEgwbF9RcE5aaXVSLWI3eTBjSzBBV1MwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi83OWRkOWMtY2U2NC00YjI1LThmMjMtZTZlOGFhZTM0ODI2
LzEvVjdnT1lMV3Q5RnJycGNESXE4ekdPWmVnOGRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQFBTlgAwQG
bXqAAwQCuZPgAwQG1TcAMA0EAgACMAcDBQAqAKCAMA0GCSqGSIb3DQEBCwUAA4IB
AQCLQ80JNOMo7mlOxVc03uPCynQ4QgZTqcEkFxcWmp1BkKwcWTYQMFWSmo3mVh75
oEhX04yH1a6VhUN7dbO82BuFMerxxYoU/C02QkAjNuiGaFg8DxbiQ4iGZ/XxjYDS
50dwDoMwZyoBaibbd+5Q59gUGkXYkntBTfgL+BtE/q84Ojj76hGYYtnXoj/e+HHr
W6Ef87gyknqoYLNFbGSk/cb4Dke8pwwB0pufAFVpPB2iJqr69cEv74g8yQAmqM8e
jJU8zY3Q5EB2ELg5v/yxGj4mr6XMcfMVVEZF8n0Is78VicMzm8USyyzwJaDCnKOy
3felUlNYusMtkIO5XCCYpEky
-----END CERTIFICATE-----
Generated at Tue Jun 25 16:30:45 2024 by rpki-client on console-ams.rpki-client.org