Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/LcAHLxRuIN1h7OpXd-iYxI9lQAI.roa
File: LcAHLxRuIN1h7OpXd-iYxI9lQAI.roa (raw, json)
Hash identifier: tNw28tloCgHHfM7HWB0CVtFbPBwAi//a1sdUrA4BPS0=
Subject key identifier: 2D:C0:07:2F:14:6E:20:DD:61:EC:EA:57:77:E8:98:C4:8F:65:40:02
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018E70F987B97CB678D008941DE63958CD3E
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/LcAHLxRuIN1h7OpXd-iYxI9lQAI.roa
Signing time: Sun 24 Mar 2024 14:59:45 +0000
ROA not before: Sun 24 Mar 2024 14:59:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 235312
IP address blocks: 2.56.111.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 26 Mar 2024 17:54:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:70:f9:87:b9:7c:b6:78:d0:08:94:1d:e6:39:58:cd:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Mar 24 14:59:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2dc0072f146e20dd61ecea5777e898c48f654002
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:aa:93:14:37:8e:fb:f4:c8:37:9c:da:03:e6:
40:31:8a:c4:b7:6c:8c:50:13:4c:c8:22:95:83:71:
1c:00:fe:b5:07:43:90:2a:60:a6:5b:ef:a9:76:7d:
9b:55:fc:27:4a:c1:03:87:60:25:3c:48:4c:78:a6:
5a:20:36:61:bd:70:16:5d:d6:e7:15:cb:f4:ae:6c:
ba:b8:5b:ef:a8:f1:5f:75:f5:08:4b:1b:f2:8c:0e:
67:13:86:8c:70:28:1e:a0:dc:36:e2:43:da:28:07:
65:94:6e:b6:ed:b3:1c:91:5a:16:ad:19:39:d9:ad:
ee:2a:e3:af:b5:fd:48:fe:a6:19:a7:a4:6d:0a:33:
d3:81:6c:7a:4c:49:8b:06:8b:3d:1c:89:a1:8e:79:
24:58:3b:a6:26:05:5f:55:8c:86:c7:ea:a0:03:19:
e4:a6:eb:25:b6:0b:46:a5:a9:5e:19:38:a6:b2:55:
20:fb:22:fd:76:1a:99:a4:79:f2:6a:e8:c0:19:48:
7d:96:17:3b:34:ec:45:35:8b:71:b2:6f:b4:b0:53:
66:51:d1:a5:ee:3b:b9:52:59:54:ab:63:81:e5:22:
c5:0d:8f:4a:8e:50:56:bd:63:6b:da:07:8e:56:f8:
8c:b1:2e:b9:7a:c6:ab:aa:46:2c:b3:93:c7:25:d4:
bd:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:C0:07:2F:14:6E:20:DD:61:EC:EA:57:77:E8:98:C4:8F:65:40:02
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/LcAHLxRuIN1h7OpXd-iYxI9lQAI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.111.0/24
Signature Algorithm: sha256WithRSAEncryption
bf:5c:6a:4e:8e:22:24:a8:2d:a7:64:cc:be:06:84:0e:47:d2:
5b:c4:73:81:d5:a2:31:e6:53:52:5f:c7:81:4f:de:27:54:69:
4d:59:4d:c9:1f:8e:8b:d6:82:38:42:47:82:88:dc:43:a0:8f:
ed:95:68:09:3a:a4:26:10:7c:08:a6:a8:37:3e:96:4f:a4:90:
75:98:16:19:75:da:fa:29:f2:7d:e4:2c:55:6a:9e:78:1c:ef:
88:ea:0e:e8:19:aa:4e:8c:03:3b:a7:df:72:0e:4c:15:2a:b2:
83:a3:4b:9f:c1:16:d4:be:be:7e:d0:45:08:8a:8b:38:a2:9d:
f0:69:52:79:31:f8:60:6d:44:90:94:74:f4:3d:04:ac:d1:17:
13:a9:2a:eb:47:ef:83:96:6a:fb:c5:02:1e:e2:c6:a0:63:39:
d4:40:ac:d5:d7:34:ba:01:cc:54:61:36:44:5e:12:0d:cb:83:
9f:02:82:4c:f7:09:26:d2:de:9b:4e:6d:f5:74:0f:81:b1:db:
de:94:f5:e3:4d:4a:91:5a:ae:1e:db:c9:36:89:b3:fe:4a:62:
04:ca:fd:b0:59:32:d1:18:c8:da:1f:53:ce:0d:e2:92:f9:16:
c1:12:b9:1e:7d:ed:8e:a5:c3:a8:c5:93:0e:e5:78:09:34:ed:
43:6e:91:fb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY5w+Ye5fLZ40AiUHeY5WM0+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwMzI0MTQ1OTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGMwMDcyZjE0NmUyMGRkNjFlY2VhNTc3N2U4OThjNDhmNjU0MDAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApaqTFDeO+/TIN5zaA+ZAMYrEt2yM
UBNMyCKVg3EcAP61B0OQKmCmW++pdn2bVfwnSsEDh2AlPEhMeKZaIDZhvXAWXdbn
Fcv0rmy6uFvvqPFfdfUISxvyjA5nE4aMcCgeoNw24kPaKAdllG627bMckVoWrRk5
2a3uKuOvtf1I/qYZp6RtCjPTgWx6TEmLBos9HImhjnkkWDumJgVfVYyGx+qgAxnk
pusltgtGpaleGTimslUg+yL9dhqZpHnyaujAGUh9lhc7NOxFNYtxsm+0sFNmUdGl
7ju5UllUq2OB5SLFDY9KjlBWvWNr2geOVviMsS65esarqkYss5PHJdS9zQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC3ABy8UbiDdYezqV3fomMSPZUACMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvTGNBSEx4UnVJTjFoN09wWGQtaVl4STlsUUFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAjhvMA0G
CSqGSIb3DQEBCwUAA4IBAQC/XGpOjiIkqC2nZMy+BoQOR9JbxHOB1aIx5lNSX8eB
T94nVGlNWU3JH46L1oI4QkeCiNxDoI/tlWgJOqQmEHwIpqg3PpZPpJB1mBYZddr6
KfJ95CxVap54HO+I6g7oGapOjAM7p99yDkwVKrKDo0ufwRbUvr5+0EUIios4op3w
aVJ5MfhgbUSQlHT0PQSs0RcTqSrrR++Dlmr7xQIe4sagYznUQKzV1zS6AcxUYTZE
XhINy4OfAoJM9wkm0t6bTm31dA+BsdvelPXjTUqRWq4e28k2ibP+SmIEyv2wWTLR
GMjaH1PODeKS+RbBErkefe2OpcOoxZMO5XgJNO1DbpH7
-----END CERTIFICATE-----
Generated at Tue Mar 26 20:24:52 2024 by rpki-client on console-fra.rpki-client.org