Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/TPsyhuB9nXurVdnzzXESH8uZqV0.roa
File: TPsyhuB9nXurVdnzzXESH8uZqV0.roa (raw, json)
Hash identifier: kfu7HddUdheOW0n6abPAQZqvEg58xgsgIjIP//40AcM=
Subject key identifier: 4C:FB:32:86:E0:7D:9D:7B:AB:55:D9:F3:CD:71:12:1F:CB:99:A9:5D
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018C81ADE4E9162E8316F72DD68642E836FA
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/TPsyhuB9nXurVdnzzXESH8uZqV0.roa
Signing time: Tue 19 Dec 2023 10:45:06 +0000
ROA not before: Tue 19 Dec 2023 10:45:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198361
IP address blocks: 77.83.39.0/24 maxlen: 24
2.56.111.0/24 maxlen: 24
45.144.215.0/24 maxlen: 24
45.132.180.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
77.83.38.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 25 Dec 2023 09:36:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:81:ad:e4:e9:16:2e:83:16:f7:2d:d6:86:42:e8:36:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Dec 19 10:45:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4cfb3286e07d9d7bab55d9f3cd71121fcb99a95d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:27:4a:be:bb:cb:9c:0f:06:67:32:39:5d:f6:
5a:fc:4e:7f:be:0a:5e:0c:9a:12:b0:2c:25:d8:b1:
59:cc:32:5e:00:93:bc:f3:8d:96:85:63:e9:4c:f6:
38:df:d5:55:c6:a8:ce:3a:4b:c6:4e:a8:73:85:84:
60:a6:98:cc:2e:48:01:ed:74:3e:10:ee:76:0c:40:
a5:a6:66:b3:a1:fb:be:65:b1:57:e5:86:fb:70:3d:
62:c0:d9:db:e7:41:b2:a5:ad:a2:71:db:d4:d8:39:
5a:8c:76:45:7d:97:b3:c7:c9:4d:af:e7:08:e1:c7:
50:1e:d2:3a:21:a4:39:fc:9a:32:69:8e:ca:af:84:
72:91:f0:b6:09:c9:62:6e:47:bc:63:0b:50:19:cf:
34:d0:ef:83:b9:75:93:b4:59:56:9e:89:2b:67:6c:
6b:33:b0:c4:09:49:e3:59:57:a9:d2:1b:f3:5e:dd:
07:40:af:0f:5f:4b:4a:23:40:c6:f7:f0:6e:64:6a:
5b:6f:70:b0:6e:d6:14:ca:39:f9:2c:51:0c:ed:e9:
c6:79:61:dc:e8:a9:1f:09:a4:ef:25:42:11:cf:9c:
ae:81:79:e5:3b:51:66:90:7c:1f:9b:34:ea:80:66:
07:79:44:7c:e1:c4:d3:b9:08:63:da:84:9a:12:6c:
ed:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:FB:32:86:E0:7D:9D:7B:AB:55:D9:F3:CD:71:12:1F:CB:99:A9:5D
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/TPsyhuB9nXurVdnzzXESH8uZqV0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.111.0/24
45.88.138.0/24
45.132.180.0/24
45.144.215.0/24
77.83.38.0/23
Signature Algorithm: sha256WithRSAEncryption
52:78:31:32:8d:32:c9:f4:06:df:4c:a2:a4:0f:cd:fc:38:82:
7b:53:04:3f:f0:79:28:d5:f7:2f:1f:38:3a:9e:2d:b4:dc:37:
f0:1f:97:30:cf:00:25:29:16:21:65:93:38:49:b8:4f:36:ea:
3b:72:ef:05:ed:d6:bf:2d:95:d1:41:93:eb:27:87:d2:7e:aa:
3f:72:a0:34:dc:2d:3d:e8:f7:0b:bf:be:0d:e0:e3:3d:be:36:
44:11:34:35:87:c1:a8:3d:1c:3b:80:f4:3b:84:67:ef:66:f5:
44:fa:36:b7:e7:43:90:90:f1:7c:72:61:2b:ee:90:83:be:2e:
45:7d:04:35:33:49:d8:e7:20:7b:4a:04:92:a4:34:14:f6:e3:
19:3e:ef:da:18:ff:b0:eb:10:21:c7:2f:57:9d:bf:db:79:79:
c7:05:bd:ad:dc:65:e1:cf:98:2b:05:8a:8a:20:c7:3e:de:69:
ef:37:5c:4d:48:ae:01:0a:63:be:2b:c3:03:9f:3a:31:5a:29:
fc:e0:25:27:26:93:74:d5:06:77:b2:15:9b:ea:b0:cc:a2:78:
cd:44:05:33:d8:bc:4d:95:1b:d2:c5:f0:fa:5d:ca:64:06:62:
c9:22:bd:27:1c:af:da:46:63:e8:75:99:e0:b8:16:be:17:03:
54:ca:e3:a9
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYyBreTpFi6DFvct1oZC6Db6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMxMjE5MTA0NTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2ZiMzI4NmUwN2Q5ZDdiYWI1NWQ5ZjNjZDcxMTIxZmNiOTlhOTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvSdKvrvLnA8GZzI5XfZa/E5/vgpe
DJoSsCwl2LFZzDJeAJO8842WhWPpTPY439VVxqjOOkvGTqhzhYRgppjMLkgB7XQ+
EO52DEClpmazofu+ZbFX5Yb7cD1iwNnb50Gypa2icdvU2DlajHZFfZezx8lNr+cI
4cdQHtI6IaQ5/JoyaY7Kr4RykfC2Cclibke8YwtQGc800O+DuXWTtFlWnokrZ2xr
M7DECUnjWVep0hvzXt0HQK8PX0tKI0DG9/BuZGpbb3CwbtYUyjn5LFEM7enGeWHc
6KkfCaTvJUIRz5yugXnlO1FmkHwfmzTqgGYHeUR84cTTuQhj2oSaEmztGQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEz7MobgfZ17q1XZ881xEh/LmaldMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvVFBzeWh1QjluWHVyVmRuenpYRVNIOHVacVYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAAjhvAwQA
LViKAwQALYS0AwQALZDXAwQBTVMmMA0GCSqGSIb3DQEBCwUAA4IBAQBSeDEyjTLJ
9AbfTKKkD838OIJ7UwQ/8Hko1fcvHzg6ni203DfwH5cwzwAlKRYhZZM4SbhPNuo7
cu8F7da/LZXRQZPrJ4fSfqo/cqA03C096PcLv74N4OM9vjZEETQ1h8GoPRw7gPQ7
hGfvZvVE+ja350OQkPF8cmEr7pCDvi5FfQQ1M0nY5yB7SgSSpDQU9uMZPu/aGP+w
6xAhxy9Xnb/beXnHBb2t3GXhz5grBYqKIMc+3mnvN1xNSK4BCmO+K8MDnzoxWin8
4CUnJpN01QZ3shWb6rDMonjNRAUz2LxNlRvSxfD6XcpkBmLJIr0nHK/aRmPodZng
uBa+FwNUyuOp
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:18 2024 by rpki-client on console-ams.rpki-client.org