Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/LAUylNC4VjY4orI-ss8iVB26r38.roa
File: LAUylNC4VjY4orI-ss8iVB26r38.roa (raw, json)
Hash identifier: PfdqjT4Vr9L/2BO6dYL+ZaubqRMo6X2PszYIyM3zlic=
Subject key identifier: 2C:05:32:94:D0:B8:56:36:38:A2:B2:3E:B2:CF:22:54:1D:BA:AF:7F
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018A180F87E4044CA3239BAC82CC244470E2
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/LAUylNC4VjY4orI-ss8iVB26r38.roa
Signing time: Mon 21 Aug 2023 12:26:25 +0000
ROA not before: Mon 21 Aug 2023 12:26:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 45.144.213.0/24 maxlen: 24
2.56.109.0/24 maxlen: 24
2.56.111.0/24 maxlen: 24
77.83.37.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:18:0f:87:e4:04:4c:a3:23:9b:ac:82:cc:24:44:70:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Aug 21 12:26:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2c053294d0b8563638a2b23eb2cf22541dbaaf7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:b6:2e:ea:0f:6a:c0:a9:fe:53:ef:bc:32:ac:
81:8a:fd:ce:d0:f6:6f:eb:c3:ca:f5:6c:d5:2b:f4:
69:2e:35:ba:15:9c:f3:ef:f9:cb:7c:65:a6:8c:45:
d4:92:3c:37:52:a3:7c:78:28:02:e8:68:d1:7e:2a:
0c:97:a1:76:ce:aa:90:67:46:2d:2d:8c:94:72:0d:
b3:e9:37:51:7f:98:38:72:7f:60:d2:4a:f1:ba:ec:
be:45:15:b7:9a:07:ea:e3:1a:3f:81:42:9e:dd:83:
4a:73:2f:6f:c1:a8:b0:bf:c9:29:98:ea:0f:ce:cb:
9f:94:41:64:56:46:5b:43:9e:e8:a8:b6:a8:a7:c5:
c3:33:eb:57:97:5d:46:30:c9:ac:93:97:de:ec:33:
2d:37:a6:ba:9d:9b:2d:8f:60:05:66:af:64:fb:5c:
47:3a:c5:78:ca:5e:37:4d:29:e6:d9:22:ae:0e:ba:
5e:8a:ff:d7:98:fa:0b:82:82:bc:4b:8e:ae:99:a2:
24:cf:ea:2e:8b:40:9d:dd:ed:20:e9:b2:fc:7a:85:
83:26:3a:90:cb:17:d1:ee:f2:28:e7:fc:d1:de:02:
56:45:55:06:9e:6f:c7:65:d0:eb:dd:7d:14:48:78:
29:f7:c9:87:ea:ee:65:3a:35:3b:66:bd:c5:ad:da:
07:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:05:32:94:D0:B8:56:36:38:A2:B2:3E:B2:CF:22:54:1D:BA:AF:7F
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/LAUylNC4VjY4orI-ss8iVB26r38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.109.0/24
2.56.111.0/24
45.144.213.0/24
77.83.37.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:52:10:e0:bd:39:89:4a:7f:73:23:3b:8d:a7:fd:35:32:bd:
c1:71:68:11:38:6c:dc:01:e7:f6:2d:98:e3:9c:4d:7f:37:4d:
a0:41:03:e5:9e:a9:08:a5:cd:25:50:dd:94:31:4b:38:4d:58:
61:11:15:64:47:d4:74:c7:28:18:11:51:d1:39:f8:e4:74:ab:
69:a1:43:08:53:7f:c5:78:2a:71:0c:93:86:de:7b:b3:81:40:
df:b4:c5:1b:9c:4c:ba:86:2b:d2:36:5f:2c:92:a2:d6:ec:ea:
87:90:9c:d0:d5:7f:56:50:1a:38:9d:71:82:58:1c:8a:c2:11:
58:2a:9d:69:f8:23:04:de:a8:60:c2:e8:72:d9:67:7d:44:f6:
cc:cb:59:90:f1:fa:cb:1d:24:50:b3:7f:8c:31:11:4e:4a:ae:
58:19:c3:21:0c:7e:ef:fd:e1:7d:6d:fb:93:44:1b:8a:b3:2b:
37:75:97:c4:98:59:4b:fc:f8:3a:c6:6b:7f:88:8e:51:0d:18:
0e:e3:45:06:72:ea:a1:52:a7:ad:09:b2:07:ea:be:d8:46:ad:
44:9b:d3:0c:50:60:86:17:e4:63:e9:05:24:b3:b1:a2:3e:f0:
a6:53:36:0f:b6:94:f9:58:4a:5e:2a:dc:79:01:10:77:f3:87:
71:51:a5:3a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYoYD4fkBEyjI5usgswkRHDiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwODIxMTIyNjI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzA1MzI5NGQwYjg1NjM2MzhhMmIyM2ViMmNmMjI1NDFkYmFhZjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtbYu6g9qwKn+U++8MqyBiv3O0PZv
68PK9WzVK/RpLjW6FZzz7/nLfGWmjEXUkjw3UqN8eCgC6GjRfioMl6F2zqqQZ0Yt
LYyUcg2z6TdRf5g4cn9g0krxuuy+RRW3mgfq4xo/gUKe3YNKcy9vwaiwv8kpmOoP
zsuflEFkVkZbQ57oqLaop8XDM+tXl11GMMmsk5fe7DMtN6a6nZstj2AFZq9k+1xH
OsV4yl43TSnm2SKuDrpeiv/XmPoLgoK8S46umaIkz+oui0Cd3e0g6bL8eoWDJjqQ
yxfR7vIo5/zR3gJWRVUGnm/HZdDr3X0USHgp98mH6u5lOjU7Zr3FrdoHWQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCwFMpTQuFY2OKKyPrLPIlQduq9/MB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvTEFVeWxOQzRWalk0b3JJLXNzOGlWQjI2cjM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAAjhtAwQA
AjhvAwQALZDVAwQATVMlMA0GCSqGSIb3DQEBCwUAA4IBAQA+UhDgvTmJSn9zIzuN
p/01Mr3BcWgROGzcAef2LZjjnE1/N02gQQPlnqkIpc0lUN2UMUs4TVhhERVkR9R0
xygYEVHROfjkdKtpoUMIU3/FeCpxDJOG3nuzgUDftMUbnEy6hivSNl8skqLW7OqH
kJzQ1X9WUBo4nXGCWByKwhFYKp1p+CME3qhgwuhy2Wd9RPbMy1mQ8frLHSRQs3+M
MRFOSq5YGcMhDH7v/eF9bfuTRBuKsys3dZfEmFlL/Pg6xmt/iI5RDRgO40UGcuqh
UqetCbIH6r7YRq1Em9MMUGCGF+Rj6QUks7GiPvCmUzYPtpT5WEpeKtx5ARB384dx
UaU6
-----END CERTIFICATE-----
Generated at Thu Aug 24 10:08:14 2023 by rpki-client on console-ams.rpki-client.org