Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/66nYQebscmj0o_KyEnRLhc6hRUA.roa
File: 66nYQebscmj0o_KyEnRLhc6hRUA.roa (raw, json)
Hash identifier: Mq448CEvVrJDiQ5n+Dj+YiZG+z1TKyfNepj1/E4V2wk=
Subject key identifier: EB:A9:D8:41:E6:EC:72:68:F4:A3:F2:B2:12:74:4B:85:CE:A1:45:40
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018D9DFEE844A192641DFE2E33AC88A51945
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/66nYQebscmj0o_KyEnRLhc6hRUA.roa
Signing time: Mon 12 Feb 2024 15:45:44 +0000
ROA not before: Mon 12 Feb 2024 15:45:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205463
IP address blocks: 2.56.109.0/24 maxlen: 24
45.81.115.0/24 maxlen: 24
194.15.52.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 19 Mar 2024 06:06:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:9d:fe:e8:44:a1:92:64:1d:fe:2e:33:ac:88:a5:19:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Feb 12 15:45:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eba9d841e6ec7268f4a3f2b212744b85cea14540
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:51:f3:d0:cd:e3:93:cf:8a:66:ab:af:66:ea:
29:ca:4c:04:67:2b:40:46:e5:e4:10:52:b8:64:16:
34:cd:98:e1:e1:c6:13:ab:fa:48:d7:2d:98:b1:78:
6c:de:30:6f:70:9a:db:3b:4d:78:87:b5:38:d1:5f:
27:c2:e1:c2:d5:88:9f:bd:4c:33:19:bc:72:9f:32:
af:76:50:27:df:22:dd:8e:02:0a:b3:b6:11:de:9b:
e0:bb:a8:81:69:6b:62:b5:dd:66:ec:8a:cb:09:12:
d4:af:19:98:bd:ea:b1:6c:8d:0b:42:1e:08:2e:8b:
38:d3:0b:3e:68:45:b7:83:71:41:ed:77:96:e3:20:
2b:0a:58:7b:7b:bc:40:fe:1d:c6:09:e9:f7:eb:37:
b1:fd:b9:90:6c:89:9a:50:ed:93:2f:1b:83:62:9a:
1a:45:ba:47:f5:51:b6:9b:93:9b:d3:49:0d:75:84:
f9:f6:3d:20:eb:c6:7f:5f:4f:de:3c:61:7d:14:e3:
88:9b:30:c5:4a:2f:9b:c6:77:a9:ea:df:82:76:e3:
45:9a:3f:a1:c1:53:49:a9:2b:7e:a8:09:46:55:a4:
d6:d4:7e:54:2f:c8:9f:6a:a9:ee:94:e1:b1:62:22:
d2:0f:06:d8:5e:0e:fe:40:f1:1a:4a:f4:cb:ab:33:
a4:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:A9:D8:41:E6:EC:72:68:F4:A3:F2:B2:12:74:4B:85:CE:A1:45:40
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/66nYQebscmj0o_KyEnRLhc6hRUA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.109.0/24
45.81.115.0/24
194.15.52.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:35:71:c0:44:2a:b4:c5:e3:2a:da:4d:cf:cb:e2:69:5b:82:
c1:e8:18:a2:49:9f:b6:48:cc:97:52:6d:bb:8d:34:73:8e:d3:
c1:92:77:37:eb:68:b8:b4:15:0c:7a:e4:73:f7:d6:cb:34:79:
b0:e9:ff:15:3f:a9:60:5a:9c:ac:11:61:0b:f6:1f:c8:82:45:
30:8b:5d:3c:7f:dd:38:31:a9:df:dc:3b:f0:2e:e1:2e:3a:28:
22:9b:b9:82:60:81:f4:f4:db:f8:48:eb:1e:25:02:7d:c4:08:
c9:2d:6b:76:f3:ab:6c:b4:28:a8:ba:3f:41:31:60:b0:8c:4e:
f3:7f:f5:96:73:a6:a8:4d:7a:80:28:bf:e3:b0:09:31:cc:b1:
49:83:16:14:14:80:26:18:e4:39:b5:e7:3f:c8:11:ba:4a:4d:
75:f4:27:71:3c:30:bd:c9:60:a4:92:78:0a:4b:23:1b:53:94:
b8:6e:f4:7f:07:83:3b:e4:ae:9d:da:9e:88:a3:82:6e:28:a3:
40:78:7c:bc:a0:bd:2d:a2:fe:fc:26:4f:bc:f7:04:d4:35:bb:
a1:c3:2c:a1:b0:65:af:3b:ef:4f:ba:2f:ad:b5:a9:0f:e5:a3:
50:71:9e:dd:d4:19:bf:52:bf:7d:d8:b5:52:35:b5:20:9c:42:
df:34:f6:6a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY2d/uhEoZJkHf4uM6yIpRlFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwMjEyMTU0NTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmE5ZDg0MWU2ZWM3MjY4ZjRhM2YyYjIxMjc0NGI4NWNlYTE0NTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhFHz0M3jk8+KZquvZuopykwEZytA
RuXkEFK4ZBY0zZjh4cYTq/pI1y2YsXhs3jBvcJrbO014h7U40V8nwuHC1YifvUwz
GbxynzKvdlAn3yLdjgIKs7YR3pvgu6iBaWtitd1m7IrLCRLUrxmYveqxbI0LQh4I
Los40ws+aEW3g3FB7XeW4yArClh7e7xA/h3GCen36zex/bmQbImaUO2TLxuDYpoa
RbpH9VG2m5Ob00kNdYT59j0g68Z/X0/ePGF9FOOImzDFSi+bxnep6t+CduNFmj+h
wVNJqSt+qAlGVaTW1H5UL8ifaqnulOGxYiLSDwbYXg7+QPEaSvTLqzOkOwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOup2EHm7HJo9KPyshJ0S4XOoUVAMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvNjZuWVFlYnNjbWowb19LeUVuUkxoYzZoUlVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAAjhtAwQA
LVFzAwQAwg80MA0GCSqGSIb3DQEBCwUAA4IBAQArNXHARCq0xeMq2k3Py+JpW4LB
6BiiSZ+2SMyXUm27jTRzjtPBknc362i4tBUMeuRz99bLNHmw6f8VP6lgWpysEWEL
9h/IgkUwi108f904Manf3DvwLuEuOigim7mCYIH09Nv4SOseJQJ9xAjJLWt286ts
tCiouj9BMWCwjE7zf/WWc6aoTXqAKL/jsAkxzLFJgxYUFIAmGOQ5tec/yBG6Sk11
9CdxPDC9yWCkkngKSyMbU5S4bvR/B4M75K6d2p6Io4JuKKNAeHy8oL0tov78Jk+8
9wTUNbuhwyyhsGWvO+9Pui+ttakP5aNQcZ7d1Bm/Ur992LVSNbUgnELfNPZq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:31 2024 by rpki-client on console-fra.rpki-client.org