Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/2AOY35C0NCciL-2AxXau7hNfDWw.roa
File: 2AOY35C0NCciL-2AxXau7hNfDWw.roa (raw, json)
Hash identifier: L9Op0MuUHD7qHhzGelQqfdzysJZk0j8lNCHS8YPJNu4=
Subject key identifier: D8:03:98:DF:90:B4:34:27:22:2F:ED:80:C5:76:AE:EE:13:5F:0D:6C
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018F9B4162E72C771A4C62FD15E840B0D55B
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/2AOY35C0NCciL-2AxXau7hNfDWw.roa
Signing time: Tue 21 May 2024 13:05:04 +0000
ROA not before: Tue 21 May 2024 13:05:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 5.181.84.0/24 maxlen: 24
5.181.85.0/24 maxlen: 24
45.94.170.0/24 maxlen: 24
91.223.110.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 18 Jun 2024 12:35:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:9b:41:62:e7:2c:77:1a:4c:62:fd:15:e8:40:b0:d5:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: May 21 13:05:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d80398df90b43427222fed80c576aeee135f0d6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:da:2d:88:16:3c:1c:0a:81:e4:2f:81:54:e2:
fb:71:16:e1:da:18:5b:c9:f3:2f:72:a6:1e:4c:26:
3e:c4:d3:43:44:25:cf:60:73:99:e8:b6:e4:89:17:
66:5a:58:d0:5a:92:d1:77:90:bb:53:4d:be:5b:74:
af:07:dc:af:54:ef:72:93:93:c4:d7:77:a8:34:11:
e8:45:fd:3f:f4:c3:bd:c1:05:f3:3a:66:cb:0e:9e:
58:3a:7b:ad:d5:2d:4c:10:a6:ac:3c:20:93:0e:48:
50:02:8d:6d:e8:8c:c6:11:1d:bc:39:8f:db:fd:3f:
36:2c:b7:2b:17:f4:1e:02:a0:68:a7:6a:fa:1f:fa:
cd:12:32:6a:cc:23:af:67:28:28:20:3d:72:55:52:
32:95:bd:4e:dd:5e:28:ef:78:86:79:49:29:2c:7c:
7a:1a:5f:45:7c:ee:b4:03:10:8f:c2:28:a2:93:32:
57:04:8d:ea:a5:23:2e:99:7c:9e:63:9f:38:22:a8:
ce:9b:fc:43:6d:96:00:d6:59:c6:8b:55:4d:a9:0f:
76:09:b4:71:69:85:72:a6:f0:f1:08:85:6a:e9:c1:
73:23:1e:75:14:9d:de:8c:f3:d1:2a:d2:ea:31:44:
f8:5f:29:4a:36:30:89:3a:e0:85:48:62:d8:d3:35:
3b:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:03:98:DF:90:B4:34:27:22:2F:ED:80:C5:76:AE:EE:13:5F:0D:6C
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/2AOY35C0NCciL-2AxXau7hNfDWw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.84.0/23
45.94.170.0/24
91.223.110.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:45:68:18:87:1c:73:6f:d2:2c:bf:e0:52:13:f1:e8:47:a6:
74:ce:24:66:81:de:c3:65:65:06:3b:67:51:3e:cd:2d:9a:9e:
01:1f:4c:7f:c7:f1:1c:b6:2f:f2:0c:ca:34:b0:36:8a:9f:f6:
1d:35:fc:cf:0e:f6:e1:09:89:af:84:d7:f0:03:2f:1d:83:f4:
5c:e6:4e:23:c8:44:67:e7:b6:93:9c:2e:e6:44:bc:16:bb:84:
bb:bf:dc:00:60:a6:53:cc:43:d6:48:bb:33:5e:01:be:c7:96:
7a:a4:34:f4:7b:f5:64:60:17:40:8e:75:1f:65:35:3f:d1:fe:
ad:d8:0c:dc:24:94:c2:20:87:7c:ff:0d:66:dc:9c:d1:ed:8b:
44:a1:98:e3:ee:8f:fe:7e:d2:63:2f:97:9b:6c:a2:f1:87:1c:
e3:b9:0c:a5:41:23:55:91:4f:42:03:c6:46:c8:a7:a6:a8:69:
68:a6:fe:23:9d:b8:1f:6f:1c:fa:1f:bc:0b:93:69:17:22:7a:
31:95:35:62:7d:0b:d8:e5:67:f3:89:e9:55:cf:d3:a2:13:55:
e1:67:96:f8:ff:27:bd:03:e3:ae:4e:ca:e4:7e:f5:04:11:82:
3c:37:ec:46:db:84:a3:53:f6:4d:69:e1:6c:e5:75:9a:eb:16:
a2:f6:02:39
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY+bQWLnLHcaTGL9FehAsNVbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwNTIxMTMwNTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODAzOThkZjkwYjQzNDI3MjIyZmVkODBjNTc2YWVlZTEzNWYwZDZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1NotiBY8HAqB5C+BVOL7cRbh2hhb
yfMvcqYeTCY+xNNDRCXPYHOZ6LbkiRdmWljQWpLRd5C7U02+W3SvB9yvVO9yk5PE
13eoNBHoRf0/9MO9wQXzOmbLDp5YOnut1S1MEKasPCCTDkhQAo1t6IzGER28OY/b
/T82LLcrF/QeAqBop2r6H/rNEjJqzCOvZygoID1yVVIylb1O3V4o73iGeUkpLHx6
Gl9FfO60AxCPwiiikzJXBI3qpSMumXyeY584IqjOm/xDbZYA1lnGi1VNqQ92CbRx
aYVypvDxCIVq6cFzIx51FJ3ejPPRKtLqMUT4XylKNjCJOuCFSGLY0zU7IwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNgDmN+QtDQnIi/tgMV2ru4TXw1sMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvMkFPWTM1QzBOQ2NpTC0yQXhYYXU3aE5mRFd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBBbVUAwQA
LV6qAwQAW99uMA0GCSqGSIb3DQEBCwUAA4IBAQCaRWgYhxxzb9Isv+BSE/HoR6Z0
ziRmgd7DZWUGO2dRPs0tmp4BH0x/x/Ecti/yDMo0sDaKn/YdNfzPDvbhCYmvhNfw
Ay8dg/Rc5k4jyERn57aTnC7mRLwWu4S7v9wAYKZTzEPWSLszXgG+x5Z6pDT0e/Vk
YBdAjnUfZTU/0f6t2AzcJJTCIId8/w1m3JzR7YtEoZjj7o/+ftJjL5ebbKLxhxzj
uQylQSNVkU9CA8ZGyKemqGlopv4jnbgfbxz6H7wLk2kXInoxlTVifQvY5WfzielV
z9OiE1XhZ5b4/ye9A+OuTsrkfvUEEYI8N+xG24SjU/ZNaeFs5XWa6xai9gI5
-----END CERTIFICATE-----
Generated at Tue Jun 18 16:21:49 2024 by rpki-client on console-ams.rpki-client.org