Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/1-eUm8dgJVUYvoruZmozPzlx5ISo.roa
File: 1-eUm8dgJVUYvoruZmozPzlx5ISo.roa (raw, json)
Hash identifier: 1FHjz1txI3BESP+Mh/79EgO+UUJkWeuAF0kbAC8en/g=
Subject key identifier: F9:E5:26:F1:D8:09:55:46:2F:A2:BB:99:9A:8C:CF:CE:5C:79:21:2A
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018AE655D82812C314F98054BCF7533F1ABE
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/1-eUm8dgJVUYvoruZmozPzlx5ISo.roa
Signing time: Sat 30 Sep 2023 13:45:00 +0000
ROA not before: Sat 30 Sep 2023 13:45:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207508
IP address blocks: 2.56.109.0/24 maxlen: 24
45.138.183.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:e6:55:d8:28:12:c3:14:f9:80:54:bc:f7:53:3f:1a:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Sep 30 13:45:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f9e526f1d80955462fa2bb999a8ccfce5c79212a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:dd:b3:8a:35:2f:01:30:04:7c:a3:d1:72:94:
5a:a5:3a:a6:23:3b:03:c4:66:66:00:48:4f:8f:3b:
0c:e9:2b:70:a7:98:b2:24:bf:1a:4a:32:d9:f9:00:
c9:03:43:0b:92:81:6e:21:55:d4:65:60:85:b5:1f:
e6:4f:6f:89:3c:fc:ee:1f:f0:91:6d:87:83:83:f2:
61:7a:2f:be:e3:61:78:06:24:5f:90:fb:71:ec:6b:
97:ed:d5:da:85:03:83:24:5f:0f:05:de:ca:54:06:
f3:c5:b4:1e:99:d2:6f:ff:0d:92:8b:b2:21:1e:cd:
70:37:e9:71:9f:22:79:04:46:cb:ea:40:65:7f:45:
39:73:89:a5:5e:3d:a7:fa:e5:69:05:c2:db:5b:4e:
02:bf:e6:4b:9c:83:db:95:c1:ac:9c:81:95:54:9d:
14:5f:55:9f:f1:77:ec:0c:e5:c0:de:98:17:bc:38:
ef:77:b7:41:73:e3:c6:1e:91:a9:62:16:7c:d2:36:
90:9f:40:73:c0:44:b0:47:19:0d:9d:cb:95:16:91:
9f:13:32:af:f2:a1:2d:fc:4f:5a:f2:66:c5:0c:2d:
7b:1f:95:e8:2a:51:a4:27:bd:19:43:a1:a7:f1:f2:
ef:8a:67:52:c0:50:08:85:c9:95:0d:22:e2:21:e5:
2f:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:E5:26:F1:D8:09:55:46:2F:A2:BB:99:9A:8C:CF:CE:5C:79:21:2A
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/1-eUm8dgJVUYvoruZmozPzlx5ISo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.109.0/24
45.138.183.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:ab:ef:e2:41:04:bd:55:85:1f:0e:a4:9c:34:b0:28:a9:a3:
36:af:2b:d8:53:00:ce:38:64:b2:c4:43:6f:a8:b2:d3:3b:2e:
52:3f:91:ed:32:13:35:d0:79:a4:21:43:24:67:e5:78:57:60:
71:73:df:b9:4b:0b:51:55:35:35:db:07:81:87:07:d6:4b:20:
89:45:bf:fe:42:f0:b8:2f:93:60:ba:6f:21:c2:92:6f:e5:e8:
cf:22:44:c7:73:e0:1c:d6:25:9b:9e:36:f3:e9:94:6b:b7:cd:
70:eb:34:9e:55:0a:62:ee:de:0b:b5:66:0d:b4:f5:5f:19:8b:
fd:16:3a:fe:85:16:42:d4:20:93:c4:ce:b9:38:ae:5b:c8:98:
d1:5e:c0:b6:f0:32:31:4b:42:4d:cf:1e:c5:c9:66:56:6f:75:
ff:65:cb:ad:9d:29:24:87:64:aa:33:52:50:95:fb:f6:5c:95:
cb:f5:ce:34:b6:0f:5c:b3:66:6d:f6:22:41:31:f6:74:3f:3b:
bb:e1:6d:23:7b:e2:b8:af:24:4d:05:bc:cf:4e:77:20:20:2e:
d7:5b:4a:9f:d4:ed:1e:53:9d:f1:bf:4d:37:a9:6b:5e:33:aa:
2d:01:89:2b:fc:b3:3a:cb:ce:a3:6b:b1:94:c3:fb:78:9b:b0:
b5:25:5a:18
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYrmVdgoEsMU+YBUvPdTPxq+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwOTMwMTM0NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWU1MjZmMWQ4MDk1NTQ2MmZhMmJiOTk5YThjY2ZjZTVjNzkyMTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7d2zijUvATAEfKPRcpRapTqmIzsD
xGZmAEhPjzsM6Stwp5iyJL8aSjLZ+QDJA0MLkoFuIVXUZWCFtR/mT2+JPPzuH/CR
bYeDg/Jhei++42F4BiRfkPtx7GuX7dXahQODJF8PBd7KVAbzxbQemdJv/w2Si7Ih
Hs1wN+lxnyJ5BEbL6kBlf0U5c4mlXj2n+uVpBcLbW04Cv+ZLnIPblcGsnIGVVJ0U
X1Wf8XfsDOXA3pgXvDjvd7dBc+PGHpGpYhZ80jaQn0BzwESwRxkNncuVFpGfEzKv
8qEt/E9a8mbFDC17H5XoKlGkJ70ZQ6Gn8fLvimdSwFAIhcmVDSLiIeUvcQIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPnlJvHYCVVGL6K7mZqMz85ceSEqMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvMS1lVW04ZGdKVlVZdm9ydVptb3pQemx4NUlTby5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMTYvNjYzZGY1LTU4MGMtNGYyYy1hNjZjLWVlZjM1MTFmNmM2
MC8xL25TcEhpN0N3am1ZYkN5LWZ2b2sxdkp3cUtLRS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAAI4bQME
AC2KtzANBgkqhkiG9w0BAQsFAAOCAQEAravv4kEEvVWFHw6knDSwKKmjNq8r2FMA
zjhkssRDb6iy0zsuUj+R7TITNdB5pCFDJGfleFdgcXPfuUsLUVU1NdsHgYcH1ksg
iUW//kLwuC+TYLpvIcKSb+XozyJEx3PgHNYlm5428+mUa7fNcOs0nlUKYu7eC7Vm
DbT1XxmL/RY6/oUWQtQgk8TOuTiuW8iY0V7AtvAyMUtCTc8exclmVm91/2XLrZ0p
JIdkqjNSUJX79lyVy/XONLYPXLNmbfYiQTH2dD87u+FtI3viuK8kTQW8z053ICAu
11tKn9TtHlOd8b9NN6lrXjOqLQGJK/yzOsvOo2uxlMP7eJuwtSVaGA==
-----END CERTIFICATE-----
Generated at Mon Oct 30 11:50:15 2023 by rpki-client on console-fra.rpki-client.org