Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/1-zJCCpbX_o7ZfjHCZaPqjzwLDyk.roa
File: 1-zJCCpbX_o7ZfjHCZaPqjzwLDyk.roa (raw, json)
Hash identifier: 0uLXCgPK+laWu5O629pLwRnefvS2oLb2XqFXSd7bD5E=
Subject key identifier: FB:32:42:0A:96:D7:FE:8E:D9:7E:31:C2:65:A3:EA:8F:3C:0B:0F:29
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018B94F1CC0685DB8612BDD87CCD1209558C
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/1-zJCCpbX_o7ZfjHCZaPqjzwLDyk.roa
Signing time: Fri 03 Nov 2023 11:29:16 +0000
ROA not before: Fri 03 Nov 2023 11:29:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202972
IP address blocks: 91.223.110.0/24 maxlen: 24
2.56.109.0/24 maxlen: 24
45.132.180.0/24 maxlen: 24
45.81.112.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 06 Nov 2023 20:20:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:94:f1:cc:06:85:db:86:12:bd:d8:7c:cd:12:09:55:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Nov 3 11:29:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fb32420a96d7fe8ed97e31c265a3ea8f3c0b0f29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:e4:d5:87:54:03:b9:2c:e9:d2:f2:08:58:04:
b2:cf:84:22:a1:98:d4:2e:a3:96:da:fc:93:b4:75:
c7:a6:12:13:d7:d3:66:de:ea:e7:3d:d8:55:ce:b2:
5b:49:61:40:02:28:7a:3f:8a:6f:c6:a6:a9:d2:46:
c0:30:0a:56:13:19:b2:48:13:c8:38:50:7f:b8:5b:
f6:84:a2:d0:1d:00:e8:95:8b:c4:d1:fd:5f:e2:67:
79:5f:09:af:11:f4:6e:e0:76:ff:73:1b:e4:84:6c:
60:2e:00:77:ae:6a:66:31:31:86:c1:a9:ab:4e:3b:
a8:e3:3f:77:72:f7:58:b6:fb:4b:1e:1e:a9:3d:4f:
20:b4:2b:5b:1b:0f:50:47:b5:66:b4:ec:f7:2a:32:
08:cf:67:09:85:d2:af:de:f2:53:16:84:aa:41:4b:
40:ce:71:66:9c:74:2c:9d:d1:62:0f:4b:4e:2d:15:
c5:c1:1c:f6:09:2f:94:7e:81:06:44:9a:3e:ef:c0:
70:43:b7:1d:fc:9e:cb:b1:08:f6:87:6c:c4:7b:5b:
48:17:ef:32:7a:f3:84:d5:6b:74:bc:16:26:ab:68:
ff:61:8d:37:21:23:db:fe:dc:77:06:b1:ee:45:5a:
64:07:21:93:06:dc:a7:f8:04:b4:65:b3:5f:84:97:
57:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:32:42:0A:96:D7:FE:8E:D9:7E:31:C2:65:A3:EA:8F:3C:0B:0F:29
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/1-zJCCpbX_o7ZfjHCZaPqjzwLDyk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.109.0/24
45.81.112.0/24
45.132.180.0/24
91.223.110.0/24
Signature Algorithm: sha256WithRSAEncryption
19:60:cb:5b:d4:14:56:20:49:65:0f:86:b9:1a:97:a8:ee:a5:
7e:e2:41:80:94:1c:0a:66:88:bc:a4:1a:1d:25:74:4e:de:0d:
4b:85:36:af:82:b2:60:d2:d0:ac:73:68:3b:32:4d:62:9e:ad:
8f:e9:dc:7f:ca:22:89:a7:42:f3:32:af:c4:38:89:c2:ab:b0:
f1:4e:86:03:27:b7:3b:6d:13:17:7d:2e:bc:6f:13:90:35:bb:
c5:20:86:4c:c0:50:19:99:b5:80:a6:9c:7a:5c:44:4c:b1:04:
d8:f5:ff:e2:82:a0:fb:ed:62:54:63:2b:a0:8e:34:38:24:a3:
02:47:26:18:ab:1f:98:08:f2:c5:fa:30:ed:95:5b:23:57:0b:
56:d3:da:65:07:2d:7f:aa:b5:73:5d:ee:59:40:c3:01:25:30:
1a:e4:01:b9:d0:0f:4a:7e:77:24:86:65:6d:2e:1d:81:09:67:
5f:3f:24:7c:54:e7:fd:a5:d8:5d:81:92:cc:d3:57:f4:28:2b:
e3:13:ca:fb:e0:78:9f:1b:29:f2:99:7d:35:06:34:ed:8e:b6:
7f:ea:09:74:b7:2b:28:18:e3:cc:ef:c4:41:6d:de:8f:e4:54:
8f:a0:10:8e:53:5c:66:56:07:6b:c6:03:96:57:20:66:cc:d9:
e3:58:6f:57
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAYuU8cwGhduGEr3YfM0SCVWMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMxMTAzMTEyOTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjMyNDIwYTk2ZDdmZThlZDk3ZTMxYzI2NWEzZWE4ZjNjMGIwZjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+TVh1QDuSzp0vIIWASyz4QioZjU
LqOW2vyTtHXHphIT19Nm3urnPdhVzrJbSWFAAih6P4pvxqap0kbAMApWExmySBPI
OFB/uFv2hKLQHQDolYvE0f1f4md5XwmvEfRu4Hb/cxvkhGxgLgB3rmpmMTGGwamr
Tjuo4z93cvdYtvtLHh6pPU8gtCtbGw9QR7VmtOz3KjIIz2cJhdKv3vJTFoSqQUtA
znFmnHQsndFiD0tOLRXFwRz2CS+UfoEGRJo+78BwQ7cd/J7LsQj2h2zEe1tIF+8y
evOE1Wt0vBYmq2j/YY03ISPb/tx3BrHuRVpkByGTBtyn+AS0ZbNfhJdXUwIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFPsyQgqW1/6O2X4xwmWj6o88Cw8pMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvMS16SkNDcGJYX283WmZqSENaYVBxanp3TER5ay5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMTYvNjYzZGY1LTU4MGMtNGYyYy1hNjZjLWVlZjM1MTFmNmM2
MC8xL25TcEhpN0N3am1ZYkN5LWZ2b2sxdkp3cUtLRS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAxBggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAAI4bQME
AC1RcAMEAC2EtAMEAFvfbjANBgkqhkiG9w0BAQsFAAOCAQEAGWDLW9QUViBJZQ+G
uRqXqO6lfuJBgJQcCmaIvKQaHSV0Tt4NS4U2r4KyYNLQrHNoOzJNYp6tj+ncf8oi
iadC8zKvxDiJwquw8U6GAye3O20TF30uvG8TkDW7xSCGTMBQGZm1gKacelxETLEE
2PX/4oKg++1iVGMroI40OCSjAkcmGKsfmAjyxfow7ZVbI1cLVtPaZQctf6q1c13u
WUDDASUwGuQBudAPSn53JIZlbS4dgQlnXz8kfFTn/aXYXYGSzNNX9Cgr4xPK++B4
nxsp8pl9NQY07Y62f+oJdLcrKBjjzO/EQW3ej+RUj6AQjlNcZlYHa8YDllcgZszZ
41hvVw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:17 2024 by rpki-client on console-ams.rpki-client.org