Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/NbwLdS2jpue1_YjQ51zV_gazGw0.roa
File: NbwLdS2jpue1_YjQ51zV_gazGw0.roa (raw, json)
Hash identifier: V35gS91Pif2U39WQoEu8ZTOJIhNtXDJKtwVPSu0BC6Q=
Subject key identifier: 35:BC:0B:75:2D:A3:A6:E7:B5:FD:88:D0:E7:5C:D5:FE:06:B3:1B:0D
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018C80B1359E872BF281870E16F6BC327E2E
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/NbwLdS2jpue1_YjQ51zV_gazGw0.roa
Signing time: Tue 19 Dec 2023 06:09:06 +0000
ROA not before: Tue 19 Dec 2023 06:09:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 2.56.108.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:80:b1:35:9e:87:2b:f2:81:87:0e:16:f6:bc:32:7e:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Dec 19 06:09:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=35bc0b752da3a6e7b5fd88d0e75cd5fe06b31b0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:0a:16:93:3a:2e:a5:9d:2c:25:c3:6f:40:74:
18:62:51:13:93:a4:99:24:73:a0:b7:91:56:d7:b2:
ea:75:33:ba:72:df:9e:a6:d2:3d:03:36:1b:28:61:
cc:dc:0d:06:ec:75:80:a3:e1:bd:93:65:a7:11:96:
a6:37:f9:06:c0:90:68:2a:1b:68:09:fe:fd:a5:f1:
c8:6a:bf:78:7d:eb:07:94:bd:e6:aa:da:9f:95:e9:
cc:21:4a:85:ec:c1:f3:66:cb:e7:eb:68:24:3a:20:
75:60:00:67:78:ef:21:cf:de:1b:ad:3a:f8:e3:50:
1b:aa:50:eb:62:97:bf:07:ac:5b:f8:5c:15:83:e5:
6e:10:20:8a:bd:27:26:01:a3:6b:32:81:4d:25:7a:
fd:6e:70:49:e9:7a:57:88:24:de:e3:88:cf:8c:50:
1d:df:24:cd:da:36:3b:95:d9:2e:f3:1c:43:c6:5a:
f9:db:4e:9e:ed:a8:19:ee:3e:ef:4c:1e:eb:8e:ca:
ad:95:43:83:2e:45:da:6b:48:2c:27:05:ec:89:3a:
2c:ef:7d:ea:fe:c4:bd:2b:a5:e0:a4:72:84:bf:15:
cb:73:00:1c:8d:24:29:9d:47:65:08:bc:8f:a3:ac:
ea:16:7c:69:d7:44:c6:e0:3f:00:52:97:23:51:e0:
9e:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:BC:0B:75:2D:A3:A6:E7:B5:FD:88:D0:E7:5C:D5:FE:06:B3:1B:0D
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/NbwLdS2jpue1_YjQ51zV_gazGw0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.108.0/24
Signature Algorithm: sha256WithRSAEncryption
39:c2:ef:2c:fe:da:bc:24:6f:07:7f:4a:8a:c4:63:40:65:39:
58:38:cd:22:24:fb:9a:74:68:3f:09:78:88:0b:9b:d5:c5:75:
7b:81:3b:f2:62:55:86:0a:0b:84:39:e1:57:7b:23:b8:3e:b6:
1a:02:52:38:68:ea:f2:f3:91:fc:50:7e:87:ea:7d:1b:3c:68:
a6:d6:67:d2:f4:b2:a9:ae:05:e0:df:42:09:31:fc:f5:46:1e:
e5:3b:41:58:f0:90:fc:e9:90:9f:44:6a:09:e7:a8:38:67:fa:
e0:92:86:49:d5:fd:e6:e6:20:41:69:ba:e6:20:99:78:1f:f5:
da:de:48:ad:2a:b1:90:78:ef:63:0a:92:8b:5d:dd:8e:6e:7f:
bd:ae:43:b4:ac:fd:34:5b:c2:7a:93:50:c9:fe:5d:d1:e6:8b:
da:95:02:71:c9:3b:8d:9f:bc:4c:8a:03:d3:84:a3:67:4a:f1:
c3:bf:b6:5f:08:80:88:0e:81:1b:14:0b:d8:31:2c:aa:28:a3:
41:e7:36:2e:bb:ac:2d:57:eb:17:b4:a0:1e:0a:0c:02:78:39:
30:39:00:c6:de:a3:5b:f5:00:8b:21:60:a4:b5:65:65:ef:84:
8f:dd:5a:59:21:7a:8b:a5:87:35:e9:d9:3d:ee:46:b1:4c:5c:
10:52:27:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYyAsTWehyvygYcOFva8Mn4uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMxMjE5MDYwOTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWJjMGI3NTJkYTNhNmU3YjVmZDg4ZDBlNzVjZDVmZTA2YjMxYjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAggoWkzoupZ0sJcNvQHQYYlETk6SZ
JHOgt5FW17LqdTO6ct+eptI9AzYbKGHM3A0G7HWAo+G9k2WnEZamN/kGwJBoKhto
Cf79pfHIar94fesHlL3mqtqflenMIUqF7MHzZsvn62gkOiB1YABneO8hz94brTr4
41AbqlDrYpe/B6xb+FwVg+VuECCKvScmAaNrMoFNJXr9bnBJ6XpXiCTe44jPjFAd
3yTN2jY7ldku8xxDxlr5206e7agZ7j7vTB7rjsqtlUODLkXaa0gsJwXsiTos733q
/sS9K6XgpHKEvxXLcwAcjSQpnUdlCLyPo6zqFnxp10TG4D8AUpcjUeCeFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDW8C3Uto6bntf2I0Odc1f4GsxsNMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvTmJ3TGRTMmpwdWUxX1lqUTUxelZfZ2F6R3cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAjhsMA0G
CSqGSIb3DQEBCwUAA4IBAQA5wu8s/tq8JG8Hf0qKxGNAZTlYOM0iJPuadGg/CXiI
C5vVxXV7gTvyYlWGCguEOeFXeyO4PrYaAlI4aOry85H8UH6H6n0bPGim1mfS9LKp
rgXg30IJMfz1Rh7lO0FY8JD86ZCfRGoJ56g4Z/rgkoZJ1f3m5iBBabrmIJl4H/Xa
3kitKrGQeO9jCpKLXd2Obn+9rkO0rP00W8J6k1DJ/l3R5ovalQJxyTuNn7xMigPT
hKNnSvHDv7ZfCICIDoEbFAvYMSyqKKNB5zYuu6wtV+sXtKAeCgwCeDkwOQDG3qNb
9QCLIWCktWVl74SP3VpZIXqLpYc16dk97kaxTFwQUic2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:31 2024 by rpki-client on console-fra.rpki-client.org