Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/24SQ6zfUb7y4NbuviPS_0aQ5i8w.roa
File: 24SQ6zfUb7y4NbuviPS_0aQ5i8w.roa (raw, json)
Hash identifier: sxtQHNyp9eGjw+ZP13BcvAIHSbwxOGyD2gcIf/vfl6k=
Subject key identifier: DB:84:90:EB:37:D4:6F:BC:B8:35:BB:AF:88:F4:BF:D1:A4:39:8B:CC
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018BD8DE7D78EC9C7647CE9B3A19F846ABDB
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/24SQ6zfUb7y4NbuviPS_0aQ5i8w.roa
Signing time: Thu 16 Nov 2023 16:02:21 +0000
ROA not before: Thu 16 Nov 2023 16:02:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198361
IP address blocks: 77.83.39.0/24 maxlen: 24
2.56.111.0/24 maxlen: 24
45.132.180.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
77.83.38.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 19 Dec 2023 10:45:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d8:de:7d:78:ec:9c:76:47:ce:9b:3a:19:f8:46:ab:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Nov 16 16:02:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=db8490eb37d46fbcb835bbaf88f4bfd1a4398bcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:b5:89:0a:17:29:ac:0d:31:51:7b:c9:30:4e:
89:0d:e1:5b:a3:d7:8c:14:5e:50:2d:f4:f9:be:ce:
b1:07:15:2b:dd:92:0a:44:40:f0:4b:ee:59:13:32:
02:26:7c:d1:b0:e7:0a:1b:13:fb:c3:c7:34:24:3c:
48:e0:5c:1f:d2:80:8b:0a:7f:10:98:c7:45:53:62:
b3:b0:d1:a6:a4:06:3c:8c:d2:18:8d:66:6c:37:0b:
d8:b6:d4:db:0a:71:40:ba:4a:af:83:0a:f1:dc:10:
7a:ee:ca:ff:02:12:bf:4e:df:4d:33:52:84:66:73:
b7:ea:13:7f:f2:9d:67:63:6d:b2:aa:75:ba:e8:0c:
6b:70:56:6b:ef:5a:46:d3:04:77:eb:e7:4a:3a:2e:
7a:91:62:15:8b:98:c1:f7:0f:b5:54:b9:4d:4f:9a:
7e:50:56:f7:fb:1a:96:69:d3:b1:66:a4:e4:af:58:
24:a5:f8:f7:f7:45:33:c5:52:69:03:c0:38:1b:cc:
25:a8:1a:91:65:14:a6:b4:b1:09:b3:1a:cc:5c:4d:
14:2c:93:94:5e:25:50:29:ab:7e:8e:a5:76:52:76:
93:67:59:c5:09:61:86:99:1c:0b:6a:52:75:3b:9b:
0f:43:23:cf:f0:38:e2:60:ea:85:f4:f0:5f:89:ab:
b2:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:84:90:EB:37:D4:6F:BC:B8:35:BB:AF:88:F4:BF:D1:A4:39:8B:CC
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/24SQ6zfUb7y4NbuviPS_0aQ5i8w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.111.0/24
45.88.138.0/24
45.132.180.0/24
77.83.38.0/23
Signature Algorithm: sha256WithRSAEncryption
58:95:cc:e7:43:2f:41:1a:86:b0:ea:7b:40:b2:5a:32:e7:e8:
51:15:b1:69:82:5d:b1:4f:dd:70:1a:48:c3:43:c3:f8:92:3a:
49:21:fa:d4:84:c8:82:84:ca:6b:ed:08:c9:a3:48:5c:77:69:
59:d5:96:7c:e0:3c:74:b1:ca:92:16:99:ab:f6:4f:95:6a:18:
e1:b3:c6:6e:dd:7a:d0:0a:8c:bc:5c:36:78:6f:8f:c3:92:21:
ea:c1:41:d0:b7:2d:6b:e7:c9:e4:46:4c:ad:15:61:c0:8f:97:
0d:fa:58:f6:80:f8:84:46:dd:e8:4f:ce:80:2d:a9:be:ca:9e:
97:63:07:36:43:67:ab:22:9d:ad:2a:4b:b4:a6:5c:d6:dc:1a:
57:7f:df:64:46:ab:a1:a2:7a:3d:07:2d:e0:e3:09:bd:d0:bb:
bd:78:ee:cd:1c:32:1b:2f:24:69:01:1c:39:08:9d:5e:a5:8c:
0a:14:8b:9f:54:17:f6:66:06:a4:2d:60:fe:bf:6a:65:57:5f:
56:95:5b:db:42:6b:6e:55:f1:e1:d1:17:b6:e1:4a:0a:81:64:
74:9b:79:ca:9f:99:9e:17:10:44:2b:1a:60:1c:85:aa:32:97:
5a:30:79:52:f6:87:f6:e6:f5:96:ca:3d:b7:1a:23:f0:80:2d:
a0:8a:d7:5e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYvY3n147Jx2R86bOhn4RqvbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMxMTE2MTYwMjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjg0OTBlYjM3ZDQ2ZmJjYjgzNWJiYWY4OGY0YmZkMWE0Mzk4YmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkbWJChcprA0xUXvJME6JDeFbo9eM
FF5QLfT5vs6xBxUr3ZIKREDwS+5ZEzICJnzRsOcKGxP7w8c0JDxI4Fwf0oCLCn8Q
mMdFU2KzsNGmpAY8jNIYjWZsNwvYttTbCnFAukqvgwrx3BB67sr/AhK/Tt9NM1KE
ZnO36hN/8p1nY22yqnW66AxrcFZr71pG0wR36+dKOi56kWIVi5jB9w+1VLlNT5p+
UFb3+xqWadOxZqTkr1gkpfj390UzxVJpA8A4G8wlqBqRZRSmtLEJsxrMXE0ULJOU
XiVQKat+jqV2UnaTZ1nFCWGGmRwLalJ1O5sPQyPP8DjiYOqF9PBfiauyJQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNuEkOs31G+8uDW7r4j0v9GkOYvMMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvMjRTUTZ6ZlViN3k0TmJ1dmlQU18wYVE1aTh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAAjhvAwQA
LViKAwQALYS0AwQBTVMmMA0GCSqGSIb3DQEBCwUAA4IBAQBYlcznQy9BGoaw6ntA
sloy5+hRFbFpgl2xT91wGkjDQ8P4kjpJIfrUhMiChMpr7QjJo0hcd2lZ1ZZ84Dx0
scqSFpmr9k+Vahjhs8Zu3XrQCoy8XDZ4b4/DkiHqwUHQty1r58nkRkytFWHAj5cN
+lj2gPiERt3oT86ALam+yp6XYwc2Q2erIp2tKku0plzW3BpXf99kRquhono9By3g
4wm90Lu9eO7NHDIbLyRpARw5CJ1epYwKFIufVBf2ZgakLWD+v2plV19WlVvbQmtu
VfHh0Re24UoKgWR0m3nKn5meFxBEKxpgHIWqMpdaMHlS9of25vWWyj23GiPwgC2g
itde
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:31 2024 by rpki-client on console-fra.rpki-client.org