Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/jwwkYkS49UfhHUVr4lKc5pCfKDs.roa
File: jwwkYkS49UfhHUVr4lKc5pCfKDs.roa (raw, json)
Hash identifier: QbaEqsYamijcUXYc+9gmzar5EYoTr8jhdOYg1mNCVvk=
Subject key identifier: 8F:0C:24:62:44:B8:F5:47:E1:1D:45:6B:E2:52:9C:E6:90:9F:28:3B
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018AB21F429ABCDCF579155294552440F3FD
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/jwwkYkS49UfhHUVr4lKc5pCfKDs.roa
Signing time: Wed 20 Sep 2023 10:25:07 +0000
ROA not before: Wed 20 Sep 2023 10:25:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 77.83.39.0/24 maxlen: 24
85.209.120.0/23 maxlen: 24
45.94.171.0/24 maxlen: 24
2.56.110.0/24 maxlen: 24
45.138.183.0/24 maxlen: 24
195.62.24.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 21 Sep 2023 20:19:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b2:1f:42:9a:bc:dc:f5:79:15:52:94:55:24:40:f3:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Sep 20 10:25:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8f0c246244b8f547e11d456be2529ce6909f283b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:e2:da:11:8b:b7:5e:de:57:cd:ec:84:08:ee:
cd:99:61:d2:56:ac:46:6d:c3:1e:28:82:98:23:c7:
40:7b:e7:e5:32:4c:4f:5e:b5:67:4f:ee:d7:27:55:
fa:e6:09:36:ad:d0:58:6f:43:86:fe:3a:a2:2f:c0:
b1:87:de:90:92:1d:a5:7e:1d:95:75:cb:ff:c6:bf:
ce:fd:a1:e7:b2:7b:d4:a0:cd:8c:f2:37:32:ae:6c:
bd:4a:5b:13:fd:2a:89:18:89:1f:a0:ae:c0:09:c6:
75:6b:43:27:d3:90:0d:6d:ee:be:7c:3d:c9:1a:36:
83:98:e5:2a:a3:58:b5:87:40:1f:58:99:82:1f:34:
f1:a4:dd:98:54:28:3a:1c:94:cf:4a:55:c4:06:8a:
a6:d8:7a:c6:bd:c4:12:3e:20:4e:2e:e8:ac:79:0a:
30:0f:35:20:b0:16:20:0c:35:0a:91:0e:0a:9f:42:
98:6b:24:59:ba:2f:94:67:08:d7:2c:53:17:7b:91:
2a:7b:bd:75:94:ad:fe:99:8b:de:45:09:80:74:55:
4a:39:b9:72:a0:59:34:39:6c:68:6b:f6:c1:24:77:
56:be:10:9b:3c:11:e0:92:5e:58:fc:25:83:9b:73:
cd:de:21:cb:36:51:08:97:3c:f0:8e:fd:c5:22:cb:
2c:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:0C:24:62:44:B8:F5:47:E1:1D:45:6B:E2:52:9C:E6:90:9F:28:3B
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/jwwkYkS49UfhHUVr4lKc5pCfKDs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.110.0/24
45.94.171.0/24
45.138.183.0/24
77.83.39.0/24
85.209.120.0/23
195.62.24.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:03:4a:0f:47:52:d7:cc:f3:eb:4f:cb:0b:ba:8b:de:ff:e7:
a6:69:d6:cd:f7:bb:f0:d4:d0:a7:e6:25:c7:72:7e:38:60:f0:
6e:03:d0:a3:d6:88:e0:0c:90:4a:f2:2a:cd:16:96:c3:64:dd:
79:6f:ba:41:6c:d5:0b:d9:e3:0f:b4:3a:62:2d:bf:78:cb:07:
72:f8:f0:11:0c:55:4c:a8:b6:29:1a:8e:0e:33:6d:54:09:91:
a6:a0:dd:83:ed:f0:29:93:89:3d:98:52:30:df:cb:9a:7b:1b:
6b:82:76:e2:c6:00:4f:b3:21:07:8b:35:64:73:e6:c4:05:55:
7c:e3:a8:73:db:0a:73:eb:0f:15:58:96:7f:84:35:08:73:a7:
5e:a9:1d:8f:af:fa:f5:11:0e:3d:14:2e:f3:a8:1b:b8:e9:ea:
61:ae:a9:7d:d6:4f:02:dd:f7:53:d9:c5:9b:39:94:bc:a6:26:
b5:12:97:a2:0b:f8:42:e1:12:4d:d0:2d:2e:16:5f:90:8d:4b:
ce:a7:a9:6e:a2:04:05:2d:d7:ee:81:12:e3:3b:bc:4d:9b:c9:
f0:b1:bd:31:59:01:f5:1a:a3:e7:bf:97:43:65:55:73:09:10:
cb:1c:32:2c:75:4b:8e:e6:61:46:c9:76:dd:82:54:ba:ec:90:
e2:6b:7e:9a
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYqyH0KavNz1eRVSlFUkQPP9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwOTIwMTAyNTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjBjMjQ2MjQ0YjhmNTQ3ZTExZDQ1NmJlMjUyOWNlNjkwOWYyODNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAluLaEYu3Xt5XzeyECO7NmWHSVqxG
bcMeKIKYI8dAe+flMkxPXrVnT+7XJ1X65gk2rdBYb0OG/jqiL8Cxh96Qkh2lfh2V
dcv/xr/O/aHnsnvUoM2M8jcyrmy9SlsT/SqJGIkfoK7ACcZ1a0Mn05ANbe6+fD3J
GjaDmOUqo1i1h0AfWJmCHzTxpN2YVCg6HJTPSlXEBoqm2HrGvcQSPiBOLuiseQow
DzUgsBYgDDUKkQ4Kn0KYayRZui+UZwjXLFMXe5Eqe711lK3+mYveRQmAdFVKObly
oFk0OWxoa/bBJHdWvhCbPBHgkl5Y/CWDm3PN3iHLNlEIlzzwjv3FIsss+wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFI8MJGJEuPVH4R1Fa+JSnOaQnyg7MB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvand3a1lrUzQ5VWZoSFVWcjRsS2M1cENmS0RzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAAjhuAwQA
LV6rAwQALYq3AwQATVMnAwQBVdF4AwQAwz4YMA0GCSqGSIb3DQEBCwUAA4IBAQAs
A0oPR1LXzPPrT8sLuove/+emadbN97vw1NCn5iXHcn44YPBuA9Cj1ojgDJBK8irN
FpbDZN15b7pBbNUL2eMPtDpiLb94ywdy+PARDFVMqLYpGo4OM21UCZGmoN2D7fAp
k4k9mFIw38uaextrgnbixgBPsyEHizVkc+bEBVV846hz2wpz6w8VWJZ/hDUIc6de
qR2Pr/r1EQ49FC7zqBu46ephrql91k8C3fdT2cWbOZS8pia1EpeiC/hC4RJN0C0u
Fl+QjUvOp6luogQFLdfugRLjO7xNm8nwsb0xWQH1GqPnv5dDZVVzCRDLHDIsdUuO
5mFGyXbdglS67JDia36a
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:19 2024 by rpki-client on console-ams.rpki-client.org