Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/RflYqacpvkCdZhfNP2B0FhBVetU.roa
File: RflYqacpvkCdZhfNP2B0FhBVetU.roa (raw, json)
Hash identifier: ymmfxi64E4rN4LEa4HnMoapSRwpVbltE4D0PI9TrMXk=
Subject key identifier: 45:F9:58:A9:A7:29:BE:40:9D:66:17:CD:3F:60:74:16:10:55:7A:D5
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018B81064FE15922A331EADF74FD977CB3F5
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/RflYqacpvkCdZhfNP2B0FhBVetU.roa
Signing time: Mon 30 Oct 2023 14:39:16 +0000
ROA not before: Mon 30 Oct 2023 14:39:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202972
IP address blocks: 91.223.110.0/24 maxlen: 24
2.56.109.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:81:06:4f:e1:59:22:a3:31:ea:df:74:fd:97:7c:b3:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Oct 30 14:39:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=45f958a9a729be409d6617cd3f60741610557ad5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:61:02:30:1d:23:85:bc:c4:34:66:e7:b5:9a:
3e:5c:22:11:e8:25:ec:37:3f:9f:d6:8d:d9:44:80:
20:09:0c:ba:70:6e:03:f0:28:c6:94:d8:66:52:44:
cd:59:b7:78:8a:d0:99:62:36:fb:59:29:d6:8f:27:
28:5b:45:fd:82:84:b4:a4:ec:16:e1:08:e3:ff:4d:
6a:d3:0a:80:0b:e4:6c:a8:05:2a:8d:37:8b:46:02:
84:70:45:f1:75:d4:7c:e9:d7:87:56:4c:0f:29:9b:
0b:c0:6e:5e:cf:ed:19:47:3d:c6:96:fb:20:66:80:
a9:8c:48:0d:47:02:0c:5c:82:aa:3b:2d:58:5d:9b:
35:7c:b4:db:87:9f:2e:eb:0a:0d:7e:27:45:65:8f:
87:d2:42:5e:e6:89:c0:95:8b:31:61:d4:d1:ed:b3:
a0:12:67:92:92:74:e3:d8:bd:27:79:15:06:01:51:
c5:10:91:15:a0:cf:42:ba:88:c3:03:4c:f6:94:c7:
02:fe:83:76:fc:3d:c5:1d:56:29:7c:df:55:ca:fa:
cf:42:d9:87:9a:0a:27:24:06:ee:da:0c:ab:6a:f8:
4e:3b:a9:0f:84:03:a3:69:22:3f:14:f5:87:43:42:
28:5a:b2:26:d9:8e:8c:66:10:21:fb:10:49:b0:30:
44:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:F9:58:A9:A7:29:BE:40:9D:66:17:CD:3F:60:74:16:10:55:7A:D5
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/RflYqacpvkCdZhfNP2B0FhBVetU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.109.0/24
91.223.110.0/24
Signature Algorithm: sha256WithRSAEncryption
63:b8:5d:e0:ff:e9:6a:16:b2:08:b9:43:ff:22:02:dc:05:2b:
32:7d:80:24:47:32:1a:dc:16:aa:c1:ce:bc:6b:36:af:70:62:
c0:ec:3e:32:88:a5:24:ff:5c:e2:2b:4c:56:58:04:49:b2:76:
b1:89:33:03:b0:84:44:8b:69:49:62:ed:e1:b0:a3:b2:34:b4:
8b:d8:71:27:2c:f0:60:e6:5a:9b:24:08:b6:2a:78:12:4f:9b:
ce:58:50:bd:71:66:8a:0b:f8:fa:96:22:c3:45:1e:02:ef:9b:
bf:98:39:79:c9:ac:6b:54:8f:ec:1c:df:bc:3c:60:25:da:00:
bc:d2:25:ad:cd:5c:71:b5:7f:db:fa:33:b9:00:7b:e1:80:d1:
02:d5:04:e5:9b:6c:52:34:c1:b5:3f:d7:5d:98:3e:9c:1c:23:
4c:e2:a6:48:9f:a0:a9:13:b4:e4:9d:91:ad:4c:c0:e6:c9:dc:
0d:2e:69:9f:cc:68:1e:97:19:cc:21:f5:6e:b1:e8:b1:e0:c3:
3a:2c:1b:2a:69:9e:c1:bd:69:65:3a:37:e3:4f:b8:52:04:04:
3b:6d:0f:a1:a3:66:8c:11:d6:73:09:ed:39:c5:1d:6a:cc:5d:
d5:49:ac:b1:53:eb:a5:0a:f3:5a:6d:8e:aa:87:a3:ad:b8:a5:
a3:38:c8:79
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYuBBk/hWSKjMerfdP2XfLP1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMxMDMwMTQzOTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWY5NThhOWE3MjliZTQwOWQ2NjE3Y2QzZjYwNzQxNjEwNTU3YWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgmECMB0jhbzENGbntZo+XCIR6CXs
Nz+f1o3ZRIAgCQy6cG4D8CjGlNhmUkTNWbd4itCZYjb7WSnWjycoW0X9goS0pOwW
4Qjj/01q0wqAC+RsqAUqjTeLRgKEcEXxddR86deHVkwPKZsLwG5ez+0ZRz3Glvsg
ZoCpjEgNRwIMXIKqOy1YXZs1fLTbh58u6woNfidFZY+H0kJe5onAlYsxYdTR7bOg
EmeSknTj2L0neRUGAVHFEJEVoM9CuojDA0z2lMcC/oN2/D3FHVYpfN9VyvrPQtmH
mgonJAbu2gyravhOO6kPhAOjaSI/FPWHQ0IoWrIm2Y6MZhAh+xBJsDBEMwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEX5WKmnKb5AnWYXzT9gdBYQVXrVMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvUmZsWXFhY3B2a0NkWmhmTlAyQjBGaEJWZXRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAAjhtAwQA
W99uMA0GCSqGSIb3DQEBCwUAA4IBAQBjuF3g/+lqFrIIuUP/IgLcBSsyfYAkRzIa
3Baqwc68azavcGLA7D4yiKUk/1ziK0xWWARJsnaxiTMDsIREi2lJYu3hsKOyNLSL
2HEnLPBg5lqbJAi2KngST5vOWFC9cWaKC/j6liLDRR4C75u/mDl5yaxrVI/sHN+8
PGAl2gC80iWtzVxxtX/b+jO5AHvhgNEC1QTlm2xSNMG1P9ddmD6cHCNM4qZIn6Cp
E7TknZGtTMDmydwNLmmfzGgelxnMIfVuseix4MM6LBsqaZ7BvWllOjfjT7hSBAQ7
bQ+ho2aMEdZzCe05xR1qzF3VSayxU+ulCvNabY6qh6OtuKWjOMh5
-----END CERTIFICATE-----
Generated at Mon Oct 30 18:43:28 2023 by rpki-client on console-ams.rpki-client.org