Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/VzenXz7pdnWTyEXhLDIihKrETpc.roa
File: VzenXz7pdnWTyEXhLDIihKrETpc.roa (raw, json)
Hash identifier: nTu3jrH8MEOPWCtcwE/oCWNPU0EYbNbnnoaDGCzM2HQ=
Subject key identifier: 57:37:A7:5F:3E:E9:76:75:93:C8:45:E1:2C:32:22:84:AA:C4:4E:97
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018CA055AC9CB33AC23E72499883C64D7FB0
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/VzenXz7pdnWTyEXhLDIihKrETpc.roa
Signing time: Mon 25 Dec 2023 09:36:58 +0000
ROA not before: Mon 25 Dec 2023 09:36:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198361
IP address blocks: 2.56.111.0/24 maxlen: 24
45.144.215.0/24 maxlen: 24
45.132.180.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
77.83.38.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:a0:55:ac:9c:b3:3a:c2:3e:72:49:98:83:c6:4d:7f:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Dec 25 09:36:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5737a75f3ee9767593c845e12c322284aac44e97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:49:6b:d6:63:1d:e2:c1:46:52:65:c3:53:0b:
8f:56:07:9b:ec:ec:2e:7d:7f:7f:62:37:c9:0a:c2:
67:ce:90:4f:96:f4:de:13:71:66:fb:85:a9:cc:d1:
f0:af:80:b0:9d:11:af:b5:52:2e:92:b7:b1:8f:d4:
e8:f6:38:b3:88:de:a5:ca:d8:85:96:21:44:9a:6c:
c8:bc:34:e5:3c:3a:41:61:5e:01:db:3c:f5:4b:71:
a2:e1:05:28:38:49:90:7d:f4:cd:82:27:48:16:ba:
e3:fa:f1:73:88:50:3e:05:0e:b1:b1:d2:f9:29:c1:
42:e0:29:c6:6f:3d:f5:c1:c4:fd:d1:df:25:b4:31:
01:31:d7:32:f6:ee:a0:81:65:3d:41:b0:c3:7a:f8:
78:86:08:4a:c8:02:cc:0d:f0:22:d0:9e:07:33:7a:
fe:0f:7b:96:e8:10:e1:60:78:71:84:2b:16:b5:6c:
4a:7e:8f:26:30:15:5c:96:7b:cd:b7:92:0e:2c:69:
0a:95:2d:af:33:bf:0f:a0:50:d8:68:bc:a0:a6:d7:
6f:82:5d:a2:ea:c9:5e:bf:aa:39:50:b9:4b:56:47:
6c:56:7e:6a:6c:4c:30:89:69:a9:7c:f4:63:0c:20:
fc:e4:ad:27:74:5b:0e:62:81:ae:3d:0f:a1:df:42:
2f:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:37:A7:5F:3E:E9:76:75:93:C8:45:E1:2C:32:22:84:AA:C4:4E:97
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/VzenXz7pdnWTyEXhLDIihKrETpc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.111.0/24
45.88.138.0/24
45.132.180.0/24
45.144.215.0/24
77.83.38.0/24
Signature Algorithm: sha256WithRSAEncryption
58:37:dc:6b:a9:31:33:36:38:cb:04:a5:29:38:a7:a3:22:2f:
d6:58:74:6d:ad:d4:d4:a7:45:72:3c:87:59:43:c6:c2:33:1e:
cd:44:d8:d4:f2:3e:52:b8:c5:30:ca:ed:82:0a:35:60:6b:3c:
80:c7:67:9e:2c:54:07:31:ab:29:64:73:cf:c9:16:ef:e8:8f:
7a:50:45:c5:05:c6:3c:52:70:76:8d:8a:39:c9:65:a0:e6:97:
2c:b7:bb:57:92:4c:21:ba:56:c8:2c:a2:92:35:17:1e:f2:1a:
d8:50:ed:d1:e6:49:e6:72:88:8c:0f:87:ea:b4:12:f5:64:d3:
a5:fa:ee:d0:26:65:75:84:f0:e6:9e:5a:25:ab:15:2d:25:19:
ba:7c:ea:d5:6b:fe:2e:d8:2f:b5:5a:61:ab:3a:f8:6f:7b:d4:
33:12:60:cf:51:2f:aa:ee:f8:85:ea:db:6d:8e:e6:21:cf:82:
68:4d:b0:65:2b:5f:80:b7:b9:4a:15:41:5b:01:98:d6:c4:22:
9a:d0:47:ba:a4:fd:a6:aa:f1:d4:4d:a7:18:c7:4e:d8:89:9c:
57:fa:5e:25:ec:a3:36:15:fa:64:a5:46:1c:87:16:97:0c:52:
10:7d:04:b6:05:6f:9b:b1:c2:d5:30:aa:57:a9:1b:16:c1:b6:
2b:95:ea:4c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYygVaycszrCPnJJmIPGTX+wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMxMjI1MDkzNjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzM3YTc1ZjNlZTk3Njc1OTNjODQ1ZTEyYzMyMjI4NGFhYzQ0ZTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0lr1mMd4sFGUmXDUwuPVgeb7Owu
fX9/YjfJCsJnzpBPlvTeE3Fm+4WpzNHwr4CwnRGvtVIukrexj9To9jiziN6lytiF
liFEmmzIvDTlPDpBYV4B2zz1S3Gi4QUoOEmQffTNgidIFrrj+vFziFA+BQ6xsdL5
KcFC4CnGbz31wcT90d8ltDEBMdcy9u6ggWU9QbDDevh4hghKyALMDfAi0J4HM3r+
D3uW6BDhYHhxhCsWtWxKfo8mMBVclnvNt5IOLGkKlS2vM78PoFDYaLygptdvgl2i
6slev6o5ULlLVkdsVn5qbEwwiWmpfPRjDCD85K0ndFsOYoGuPQ+h30IvDwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFFc3p18+6XZ1k8hF4SwyIoSqxE6XMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvVnplblh6N3BkbldUeUVYaExESWloS3JFVHBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAAjhvAwQA
LViKAwQALYS0AwQALZDXAwQATVMmMA0GCSqGSIb3DQEBCwUAA4IBAQBYN9xrqTEz
NjjLBKUpOKejIi/WWHRtrdTUp0VyPIdZQ8bCMx7NRNjU8j5SuMUwyu2CCjVgazyA
x2eeLFQHMaspZHPPyRbv6I96UEXFBcY8UnB2jYo5yWWg5pcst7tXkkwhulbILKKS
NRce8hrYUO3R5knmcoiMD4fqtBL1ZNOl+u7QJmV1hPDmnlolqxUtJRm6fOrVa/4u
2C+1WmGrOvhve9QzEmDPUS+q7viF6tttjuYhz4JoTbBlK1+At7lKFUFbAZjWxCKa
0Ee6pP2mqvHUTacYx07YiZxX+l4l7KM2FfpkpUYchxaXDFIQfQS2BW+bscLVMKpX
qRsWwbYrlepM
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:49:45 2024 by rpki-client on console-fra.rpki-client.org