Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/NZqWaDcXy3V-0XvDlh-DOiZBUiI.roa
File: NZqWaDcXy3V-0XvDlh-DOiZBUiI.roa (raw, json)
Hash identifier: McKpZHrW3nCFo3zYyY2BvGS9etJfVUO+nNNRIt7mnZI=
Subject key identifier: 35:9A:96:68:37:17:CB:75:7E:D1:7B:C3:96:1F:83:3A:26:41:52:22
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018A93CFE5C348615B066E876D27A9DE1F2D
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/NZqWaDcXy3V-0XvDlh-DOiZBUiI.roa
Signing time: Thu 14 Sep 2023 13:09:50 +0000
ROA not before: Thu 14 Sep 2023 13:09:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198361
IP address blocks: 2.56.111.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
77.83.38.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 24 Oct 2023 21:14:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:93:cf:e5:c3:48:61:5b:06:6e:87:6d:27:a9:de:1f:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Sep 14 13:09:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=359a96683717cb757ed17bc3961f833a26415222
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:bf:9b:36:42:1d:40:d8:07:48:38:db:58:f0:
d1:fa:68:fa:94:7e:89:3e:5a:2b:c9:2a:b8:4f:8b:
48:87:20:4b:6e:e1:f8:cc:77:01:2c:af:a7:10:2a:
2c:e1:81:b0:57:d6:db:81:31:34:c5:4c:e3:58:6c:
be:c9:00:ec:80:b7:8d:bb:bd:0b:28:8e:80:24:73:
fc:7a:71:8a:44:71:2a:81:de:dc:74:ef:2e:19:77:
06:e8:42:8d:d7:3b:4c:29:ba:6e:c3:b7:45:99:cb:
8e:5f:07:4a:1f:c7:56:a3:14:2a:6a:c7:3d:07:a3:
02:a1:21:0e:2a:04:ad:09:f6:07:fd:28:fd:77:88:
ab:f3:a1:20:00:e5:b6:08:0d:fb:f2:c4:0c:d9:ad:
8a:c0:86:42:61:00:d2:b1:71:e9:64:d6:2d:56:c0:
58:93:3a:3e:98:17:74:4f:3c:66:c8:49:ed:d3:cc:
3b:61:89:e7:c3:38:1f:10:c4:c9:4b:e9:be:8a:60:
9c:29:21:c3:cc:77:b4:fc:75:0d:c8:59:79:0c:76:
6c:74:99:4a:8f:7f:a2:2a:6e:44:82:0b:2c:6b:31:
7e:02:6f:6e:57:6d:95:5a:55:75:23:ca:19:58:8c:
bb:a6:bf:b8:3c:2e:ab:33:fb:dd:19:d9:36:c9:29:
f7:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:9A:96:68:37:17:CB:75:7E:D1:7B:C3:96:1F:83:3A:26:41:52:22
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/NZqWaDcXy3V-0XvDlh-DOiZBUiI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.111.0/24
45.88.138.0/24
77.83.38.0/24
Signature Algorithm: sha256WithRSAEncryption
99:2b:64:64:10:85:b1:b7:92:a9:e2:20:38:95:29:c1:b8:ae:
2d:24:73:b2:59:03:65:38:66:6b:f4:f1:ef:b5:23:01:41:a8:
1c:0a:59:1b:fb:8e:77:7f:40:ea:0e:3b:2c:96:f4:41:09:d2:
be:ff:9f:9f:bc:1d:b0:29:8f:09:33:76:ef:31:3c:2e:12:09:
8c:3b:ab:c7:09:c7:57:cf:3d:1c:21:d8:fb:7c:16:18:78:36:
86:40:bd:de:a1:11:ac:25:25:f5:16:3d:bc:9b:8c:dd:ba:52:
c0:a7:c0:2d:d3:c7:97:17:f4:e0:92:ff:d0:4e:0f:9d:bf:18:
4a:2d:98:f4:0a:28:ca:0e:69:4b:ad:08:d3:69:3a:3c:21:fe:
e8:ee:9d:65:29:53:75:04:8c:c2:d4:e6:ba:5b:48:d0:ae:9f:
58:1b:87:5b:52:0d:9d:6b:de:c5:42:41:43:d4:fc:50:9c:c2:
13:99:4c:13:60:77:0b:a4:e7:ae:b2:73:b3:0b:9e:8f:99:98:
ba:e1:3c:a0:d3:63:66:0a:45:a9:88:89:77:4a:74:0e:49:ac:
63:92:fe:6e:fd:7c:81:13:d4:54:be:ce:50:e6:39:37:de:fc:
29:20:34:13:35:b2:46:b0:5b:a5:9c:09:75:31:d7:5f:de:09:
f0:80:cb:da
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYqTz+XDSGFbBm6HbSep3h8tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwOTE0MTMwOTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTlhOTY2ODM3MTdjYjc1N2VkMTdiYzM5NjFmODMzYTI2NDE1MjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAub+bNkIdQNgHSDjbWPDR+mj6lH6J
PlorySq4T4tIhyBLbuH4zHcBLK+nECos4YGwV9bbgTE0xUzjWGy+yQDsgLeNu70L
KI6AJHP8enGKRHEqgd7cdO8uGXcG6EKN1ztMKbpuw7dFmcuOXwdKH8dWoxQqasc9
B6MCoSEOKgStCfYH/Sj9d4ir86EgAOW2CA378sQM2a2KwIZCYQDSsXHpZNYtVsBY
kzo+mBd0TzxmyEnt08w7YYnnwzgfEMTJS+m+imCcKSHDzHe0/HUNyFl5DHZsdJlK
j3+iKm5EggssazF+Am9uV22VWlV1I8oZWIy7pr+4PC6rM/vdGdk2ySn38QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDWalmg3F8t1ftF7w5YfgzomQVIiMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvTlpxV2FEY1h5M1YtMFh2RGxoLURPaVpCVWlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAAjhvAwQA
LViKAwQATVMmMA0GCSqGSIb3DQEBCwUAA4IBAQCZK2RkEIWxt5Kp4iA4lSnBuK4t
JHOyWQNlOGZr9PHvtSMBQagcClkb+453f0DqDjsslvRBCdK+/5+fvB2wKY8JM3bv
MTwuEgmMO6vHCcdXzz0cIdj7fBYYeDaGQL3eoRGsJSX1Fj28m4zdulLAp8At08eX
F/Tgkv/QTg+dvxhKLZj0CijKDmlLrQjTaTo8If7o7p1lKVN1BIzC1Oa6W0jQrp9Y
G4dbUg2da97FQkFD1PxQnMITmUwTYHcLpOeusnOzC56PmZi64Tyg02NmCkWpiIl3
SnQOSaxjkv5u/XyBE9RUvs5Q5jk33vwpIDQTNbJGsFulnAl1Mddf3gnwgMva
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:18 2024 by rpki-client on console-ams.rpki-client.org