Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/6njZoBPGivDiO64HJG8XOwhk4yg.roa
File: 6njZoBPGivDiO64HJG8XOwhk4yg.roa (raw, json)
Hash identifier: 3ZDJ7Bf1D8CUXUwNe6vHWr/XMkWpcuuwSvw2QYBInQU=
Subject key identifier: EA:78:D9:A0:13:C6:8A:F0:E2:3B:AE:07:24:6F:17:3B:08:64:E3:28
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018BA64B0511A022024C43841C4189CE2C22
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/6njZoBPGivDiO64HJG8XOwhk4yg.roa
Signing time: Mon 06 Nov 2023 20:20:16 +0000
ROA not before: Mon 06 Nov 2023 20:20:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202972
IP address blocks: 91.223.110.0/24 maxlen: 24
2.56.109.0/24 maxlen: 24
45.81.112.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 29 Nov 2023 10:22:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a6:4b:05:11:a0:22:02:4c:43:84:1c:41:89:ce:2c:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Nov 6 20:20:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ea78d9a013c68af0e23bae07246f173b0864e328
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:5d:e8:c0:1c:b2:3f:8e:89:ff:e6:b8:94:88:
94:ca:cc:a6:cd:8c:08:b2:fb:84:92:22:5f:d5:40:
e5:da:88:6f:87:25:0f:5e:f8:9b:07:1a:99:a9:fe:
3b:4c:5e:7d:c5:4e:e1:67:ba:3e:a2:f5:9c:22:01:
e3:e4:59:6a:14:e9:d7:c4:a8:9b:36:6a:3d:32:51:
4a:99:ca:97:41:7a:37:0c:d8:30:c3:d5:0b:6f:9e:
7f:6a:68:18:7a:cc:e0:ac:99:96:dd:6c:1c:f8:09:
ff:81:ec:78:87:d2:3b:3e:aa:cc:a2:18:85:3f:be:
d2:c3:c1:cb:5d:4d:4f:6f:a5:a2:f2:73:cb:93:9d:
b8:45:3a:1c:69:11:da:05:f3:03:51:3e:e3:58:15:
10:e9:52:87:d2:71:6a:53:b1:ed:68:74:ef:39:41:
f9:42:e1:4e:71:13:79:5b:19:30:46:f2:11:c8:c4:
6b:2f:a7:48:cb:fb:ef:70:48:5c:7e:ef:7c:8e:be:
37:d0:93:8a:1a:ac:99:fb:0d:00:9b:3b:c1:2d:98:
67:60:5b:c5:13:d1:d2:bf:60:0c:53:96:2f:f4:a9:
08:98:d6:42:b9:cb:cd:29:d4:86:7b:dc:56:44:df:
3b:4d:72:18:5f:5e:20:11:4b:bf:69:70:17:83:ad:
27:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:78:D9:A0:13:C6:8A:F0:E2:3B:AE:07:24:6F:17:3B:08:64:E3:28
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/6njZoBPGivDiO64HJG8XOwhk4yg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.109.0/24
45.81.112.0/24
91.223.110.0/24
Signature Algorithm: sha256WithRSAEncryption
99:fa:75:96:32:3e:90:47:7c:b7:8e:1c:1e:0d:d8:73:04:fc:
55:6e:99:a0:45:95:f5:2c:97:8c:77:a3:2d:ba:a6:ee:5f:45:
6d:80:5b:91:08:4d:1c:13:fc:14:30:92:e3:ea:af:c3:45:b0:
73:b6:68:17:c5:af:8d:ec:10:35:f1:0b:79:23:ec:b6:db:fe:
15:3e:69:23:44:c6:e0:d3:6e:32:3d:55:c8:cf:68:6d:5e:08:
e6:b1:91:3a:3b:20:7b:7a:26:01:85:8e:e9:ad:7e:35:3a:13:
b0:61:ad:20:e1:41:4d:df:41:93:b3:57:82:54:fc:e1:83:18:
71:11:40:7f:63:b2:53:b3:97:ab:bf:9b:6a:9f:0f:ba:b1:59:
0e:13:ec:4f:ca:82:a9:43:4d:e6:09:be:20:c4:c0:3d:8b:46:
46:7c:a7:ab:28:ad:36:45:ab:be:be:a1:3c:f1:77:54:84:d7:
4f:df:a3:5f:98:35:5a:e3:3a:94:e8:2e:96:76:14:64:f2:4e:
04:ce:0c:1a:44:2b:28:a5:ff:84:38:12:c4:95:86:a1:e4:b7:
0e:3d:9b:61:b9:1f:49:c8:85:22:18:52:38:72:0a:d1:66:43:
bf:0a:dc:4e:7f:cf:c6:8f:15:39:ed:fc:99:44:8e:e7:a2:63:
66:94:0e:e0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYumSwURoCICTEOEHEGJziwiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMxMTA2MjAyMDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTc4ZDlhMDEzYzY4YWYwZTIzYmFlMDcyNDZmMTczYjA4NjRlMzI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvF3owByyP46J/+a4lIiUysymzYwI
svuEkiJf1UDl2ohvhyUPXvibBxqZqf47TF59xU7hZ7o+ovWcIgHj5FlqFOnXxKib
Nmo9MlFKmcqXQXo3DNgww9ULb55/amgYeszgrJmW3Wwc+An/gex4h9I7PqrMohiF
P77Sw8HLXU1Pb6Wi8nPLk524RTocaRHaBfMDUT7jWBUQ6VKH0nFqU7HtaHTvOUH5
QuFOcRN5WxkwRvIRyMRrL6dIy/vvcEhcfu98jr430JOKGqyZ+w0AmzvBLZhnYFvF
E9HSv2AMU5Yv9KkImNZCucvNKdSGe9xWRN87TXIYX14gEUu/aXAXg60nPwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOp42aATxorw4juuByRvFzsIZOMoMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvNm5qWm9CUEdpdkRpTzY0SEpHOFhPd2hrNHlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAAjhtAwQA
LVFwAwQAW99uMA0GCSqGSIb3DQEBCwUAA4IBAQCZ+nWWMj6QR3y3jhweDdhzBPxV
bpmgRZX1LJeMd6MtuqbuX0VtgFuRCE0cE/wUMJLj6q/DRbBztmgXxa+N7BA18Qt5
I+y22/4VPmkjRMbg024yPVXIz2htXgjmsZE6OyB7eiYBhY7prX41OhOwYa0g4UFN
30GTs1eCVPzhgxhxEUB/Y7JTs5erv5tqnw+6sVkOE+xPyoKpQ03mCb4gxMA9i0ZG
fKerKK02Rau+vqE88XdUhNdP36NfmDVa4zqU6C6WdhRk8k4EzgwaRCsopf+EOBLE
lYah5LcOPZthuR9JyIUiGFI4cgrRZkO/CtxOf8/GjxU57fyZRI7nomNmlA7g
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:17 2024 by rpki-client on console-ams.rpki-client.org