Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/ORCQ2lrff6II2mUJKy9zf3t1ow0.roa
File: ORCQ2lrff6II2mUJKy9zf3t1ow0.roa (raw, json)
Hash identifier: nKiKi9Q/fEHtUY67QjdxzYFpT8lrjFyKIoYCwptW/Sg=
Subject key identifier: 39:10:90:DA:5A:DF:7F:A2:08:DA:65:09:2B:2F:73:7F:7B:75:A3:0D
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018DD7E5587A209B58CCDAF69A52D1721A03
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/ORCQ2lrff6II2mUJKy9zf3t1ow0.roa
Signing time: Fri 23 Feb 2024 21:35:48 +0000
ROA not before: Fri 23 Feb 2024 21:35:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203511
IP address blocks: 2.56.108.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.94.170.0/24 maxlen: 24
45.94.171.0/24 maxlen: 24
45.151.2.0/24 maxlen: 24
77.83.37.0/24 maxlen: 24
194.15.52.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 07 Mar 2024 17:54:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d7:e5:58:7a:20:9b:58:cc:da:f6:9a:52:d1:72:1a:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Feb 23 21:35:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=391090da5adf7fa208da65092b2f737f7b75a30d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:97:37:a8:27:3e:69:53:67:13:a6:40:cb:38:
c2:db:83:4e:28:d3:6b:00:03:0c:09:63:71:01:ab:
b0:14:ae:70:a3:a0:6f:80:e0:3c:2c:f1:c3:f9:c0:
0e:02:7b:1e:d2:82:16:46:3f:9d:19:6a:26:6b:8d:
1b:f9:79:b8:5d:d4:5e:69:3a:30:b7:d8:70:ea:56:
d9:b2:35:5d:31:b4:9b:69:be:8d:a2:6f:05:33:ff:
a2:11:ef:1c:1c:8e:75:a5:df:9e:92:bc:d7:0b:86:
37:98:4d:b1:04:e4:1d:2a:f7:88:bd:d5:bc:b1:5d:
58:2c:51:1e:d4:6a:a6:fb:6e:fd:a8:27:27:c5:fc:
05:30:62:db:83:c6:1e:2d:58:19:c5:42:e8:5b:0a:
c7:19:77:e2:2b:ca:9b:3f:a5:28:2e:3b:7d:b7:6b:
34:99:68:61:5a:ee:a4:56:67:42:d3:be:10:d4:6e:
f5:6d:20:c4:ab:d3:0b:4a:84:80:49:2e:e6:41:2f:
f7:c0:80:b8:12:ae:46:ec:da:d5:26:0c:40:48:e3:
f7:43:33:a4:42:ba:ec:94:f3:05:a3:b4:b8:f8:93:
95:a5:38:2b:b2:e3:4f:49:03:74:35:3d:76:22:83:
68:26:08:be:08:22:4d:17:51:13:03:16:87:01:fd:
71:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:10:90:DA:5A:DF:7F:A2:08:DA:65:09:2B:2F:73:7F:7B:75:A3:0D
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/ORCQ2lrff6II2mUJKy9zf3t1ow0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.108.0/24
45.88.138.0/24
45.94.170.0/23
45.151.2.0/24
77.83.37.0/24
194.15.52.0/24
Signature Algorithm: sha256WithRSAEncryption
65:aa:d6:72:dc:03:39:30:b2:27:6f:75:3b:f1:29:4b:9e:e3:
05:2b:35:b9:39:71:0b:78:3d:d9:4b:d9:c8:5b:a9:ed:c0:80:
96:41:5c:00:db:e8:6b:50:89:9b:da:dd:1a:4c:a2:b8:bf:5e:
d3:6f:2b:8c:2c:54:a8:96:d2:40:f2:70:0e:87:6f:40:2e:18:
4d:af:c1:6f:c9:2d:69:97:9a:4b:7d:b3:ca:3b:6a:ae:fa:29:
a0:8e:c4:b7:5a:e8:50:0e:98:01:3b:a4:11:e4:6e:ec:e7:b8:
e4:a8:ae:4c:23:fd:b1:93:2d:fb:49:ea:01:10:f8:bd:df:9b:
93:2e:f1:84:ea:7e:ee:77:8d:b3:98:b1:b5:3c:89:6d:08:dd:
97:af:4a:23:5d:4f:91:9a:35:fd:ce:95:56:e2:79:40:fe:8d:
a8:33:d0:ed:7d:88:96:7d:02:f1:c2:21:31:a6:37:4c:a7:47:
9d:51:32:56:83:ad:cc:b8:3a:96:c7:fb:f3:31:fd:8d:66:9d:
33:cd:63:86:b8:b5:a4:8c:41:13:0c:bc:23:d5:cb:52:44:3d:
c5:08:3c:70:c5:7c:3b:7a:ab:e3:b2:d0:fc:12:f8:64:ca:ae:
de:46:c3:87:78:8a:3d:d2:f9:a9:19:92:bb:ff:ec:85:b2:84:
cc:c2:71:d1
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY3X5Vh6IJtYzNr2mlLRchoDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwMjIzMjEzNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTEwOTBkYTVhZGY3ZmEyMDhkYTY1MDkyYjJmNzM3ZjdiNzVhMzBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkZc3qCc+aVNnE6ZAyzjC24NOKNNr
AAMMCWNxAauwFK5wo6BvgOA8LPHD+cAOAnse0oIWRj+dGWoma40b+Xm4XdReaTow
t9hw6lbZsjVdMbSbab6Nom8FM/+iEe8cHI51pd+ekrzXC4Y3mE2xBOQdKveIvdW8
sV1YLFEe1Gqm+279qCcnxfwFMGLbg8YeLVgZxULoWwrHGXfiK8qbP6UoLjt9t2s0
mWhhWu6kVmdC074Q1G71bSDEq9MLSoSASS7mQS/3wIC4Eq5G7NrVJgxASOP3QzOk
QrrslPMFo7S4+JOVpTgrsuNPSQN0NT12IoNoJgi+CCJNF1ETAxaHAf1xVwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFDkQkNpa33+iCNplCSsvc397daMNMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvT1JDUTJscmZmNklJMm1VSkt5OXpmM3Qxb3cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAAjhsAwQA
LViKAwQBLV6qAwQALZcCAwQATVMlAwQAwg80MA0GCSqGSIb3DQEBCwUAA4IBAQBl
qtZy3AM5MLInb3U78SlLnuMFKzW5OXELeD3ZS9nIW6ntwICWQVwA2+hrUImb2t0a
TKK4v17TbyuMLFSoltJA8nAOh29ALhhNr8FvyS1pl5pLfbPKO2qu+imgjsS3WuhQ
DpgBO6QR5G7s57jkqK5MI/2xky37SeoBEPi935uTLvGE6n7ud42zmLG1PIltCN2X
r0ojXU+RmjX9zpVW4nlA/o2oM9DtfYiWfQLxwiExpjdMp0edUTJWg63MuDqWx/vz
Mf2NZp0zzWOGuLWkjEETDLwj1ctSRD3FCDxwxXw7eqvjstD8Evhkyq7eRsOHeIo9
0vmpGZK7/+yFsoTMwnHR
-----END CERTIFICATE-----
Generated at Thu Mar 7 22:37:30 2024 by rpki-client on console-ams.rpki-client.org