Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/1980jXYhfPJ6lt0irbxHmYk_IHU.roa
File: 1980jXYhfPJ6lt0irbxHmYk_IHU.roa (raw, json)
Hash identifier: wSueuLIVhuDbwdHT6m2cA7RoBpPaSM1QqtgFvgAyIJc=
Subject key identifier: D7:DF:34:8D:76:21:7C:F2:7A:96:DD:22:AD:BC:47:99:89:3F:20:75
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018C1A99E20C383C304CAFAE1E38C77A4E53
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/1980jXYhfPJ6lt0irbxHmYk_IHU.roa
Signing time: Wed 29 Nov 2023 10:22:21 +0000
ROA not before: Wed 29 Nov 2023 10:22:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202972
IP address blocks: 2.56.109.0/24 maxlen: 24
45.81.112.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:1a:99:e2:0c:38:3c:30:4c:af:ae:1e:38:c7:7a:4e:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Nov 29 10:22:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d7df348d76217cf27a96dd22adbc4799893f2075
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:7b:1b:7b:9c:9d:98:0f:15:0e:24:7b:0d:d6:
a2:cf:3d:f1:05:a4:b9:e6:09:a9:bb:7b:8f:a2:ff:
8d:ee:07:cd:b8:cd:7d:2a:02:d1:ce:22:73:b0:b3:
0f:0c:1a:32:ab:10:58:05:c9:c0:c3:23:18:db:8f:
c4:83:83:48:59:25:33:4b:57:2f:c0:21:7c:3c:d5:
ef:88:26:09:d3:bb:10:ba:69:88:ac:83:92:88:8c:
47:5b:03:ac:b9:0c:26:2d:08:6c:13:43:13:84:2c:
46:55:69:75:05:50:81:6a:48:f0:5d:37:bd:7a:b6:
bd:69:42:06:55:8d:1a:4e:fd:88:cb:4f:fe:77:c1:
91:8a:d5:be:7d:30:95:45:75:06:60:22:0f:43:c8:
a7:62:2a:82:34:cb:13:52:10:92:10:f0:74:cf:cd:
58:f1:00:bf:bc:2d:4f:cb:fa:0b:8a:e8:58:dd:be:
d6:7c:37:d4:14:73:1b:ba:63:de:a5:93:02:ea:61:
a9:29:2e:4b:6b:06:f3:64:97:c4:eb:c4:60:0b:ef:
79:a2:01:08:23:41:62:ad:55:f0:b3:ff:5d:9a:04:
b2:66:76:bc:8a:82:24:59:a8:b0:b2:17:42:c0:e2:
a8:29:4b:bb:09:ac:ec:5c:1d:57:ab:4a:2c:ce:55:
5f:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:DF:34:8D:76:21:7C:F2:7A:96:DD:22:AD:BC:47:99:89:3F:20:75
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/1980jXYhfPJ6lt0irbxHmYk_IHU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.109.0/24
45.81.112.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:a3:8f:7d:d6:22:b7:b6:09:2e:af:9a:66:10:47:8d:40:4b:
8e:70:71:85:01:46:ff:40:f6:83:93:66:4b:a5:0f:29:9d:5d:
05:6c:3a:f2:1e:f4:c4:42:4d:a9:98:cb:44:de:d0:d5:2c:1e:
10:84:66:58:08:ea:b0:49:02:df:fc:c2:f5:47:2b:5e:c6:23:
f5:3b:a9:60:68:a6:85:5a:b0:c5:2c:20:5c:ee:45:d5:45:60:
18:20:b8:5e:99:d4:c4:aa:16:99:05:1a:0c:78:3d:97:74:1e:
6a:67:52:46:cc:c2:5a:43:7c:4f:dc:66:f8:27:b7:bf:0a:20:
51:73:d6:d4:63:b3:1e:ca:06:b4:c9:56:fd:b3:07:c3:c5:03:
d1:5b:a5:9f:29:02:85:ea:a1:18:9c:1b:84:e0:36:2e:c2:3a:
a8:88:1d:18:40:51:11:3e:de:46:18:19:6f:6b:6a:de:a0:96:
62:83:f2:9a:05:84:81:9d:50:74:70:0f:8e:6a:e4:63:85:ac:
13:0a:8b:80:62:73:50:ba:f3:02:4a:15:fd:d6:45:2c:85:71:
29:fc:a4:3f:16:57:48:00:f5:6c:aa:1b:8f:7b:00:3a:f1:66:
47:69:2d:51:86:78:97:bd:fd:5f:f7:9e:cc:94:17:3e:8a:88:
76:d6:7b:b5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYwameIMODwwTK+uHjjHek5TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMxMTI5MTAyMjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2RmMzQ4ZDc2MjE3Y2YyN2E5NmRkMjJhZGJjNDc5OTg5M2YyMDc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi3sbe5ydmA8VDiR7Ddaizz3xBaS5
5gmpu3uPov+N7gfNuM19KgLRziJzsLMPDBoyqxBYBcnAwyMY24/Eg4NIWSUzS1cv
wCF8PNXviCYJ07sQummIrIOSiIxHWwOsuQwmLQhsE0MThCxGVWl1BVCBakjwXTe9
era9aUIGVY0aTv2Iy0/+d8GRitW+fTCVRXUGYCIPQ8inYiqCNMsTUhCSEPB0z81Y
8QC/vC1Py/oLiuhY3b7WfDfUFHMbumPepZMC6mGpKS5LawbzZJfE68RgC+95ogEI
I0FirVXws/9dmgSyZna8ioIkWaiwshdCwOKoKUu7CazsXB1Xq0oszlVfdwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNffNI12IXzyepbdIq28R5mJPyB1MB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvMTk4MGpYWWhmUEo2bHQwaXJieEhtWWtfSUhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAAjhtAwQA
LVFwMA0GCSqGSIb3DQEBCwUAA4IBAQAao4991iK3tgkur5pmEEeNQEuOcHGFAUb/
QPaDk2ZLpQ8pnV0FbDryHvTEQk2pmMtE3tDVLB4QhGZYCOqwSQLf/ML1RytexiP1
O6lgaKaFWrDFLCBc7kXVRWAYILhemdTEqhaZBRoMeD2XdB5qZ1JGzMJaQ3xP3Gb4
J7e/CiBRc9bUY7Meyga0yVb9swfDxQPRW6WfKQKF6qEYnBuE4DYuwjqoiB0YQFER
Pt5GGBlva2reoJZig/KaBYSBnVB0cA+OauRjhawTCouAYnNQuvMCShX91kUshXEp
/KQ/FldIAPVsqhuPewA68WZHaS1RhniXvf1f957MlBc+ioh21nu1
-----END CERTIFICATE-----
Generated at Wed Dec 27 23:36:36 2023 by rpki-client on console-ams.rpki-client.org