Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/X6VawC4yOTd2bBI2Sva37L41Ag0.roa
File: X6VawC4yOTd2bBI2Sva37L41Ag0.roa (raw, json)
Hash identifier: 3/ZHhkdN3TkX5L/LBE2OR80LVI5ieMRk+HWqh79FioM=
Subject key identifier: 5F:A5:5A:C0:2E:32:39:37:76:6C:12:36:4A:F6:B7:EC:BE:35:02:0D
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 019115400C59CF4B87144219FA48312BDFCC
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/X6VawC4yOTd2bBI2Sva37L41Ag0.roa
Signing time: Fri 02 Aug 2024 22:40:04 +0000
ROA not before: Fri 02 Aug 2024 22:40:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205463
IP address blocks: 2.56.108.0/24 maxlen: 24
2.56.109.0/24 maxlen: 24
45.81.113.0/24 maxlen: 24
45.81.115.0/24 maxlen: 24
45.88.139.0/24 maxlen: 24
45.132.181.0/24 maxlen: 24
85.209.120.0/24 maxlen: 24
194.15.52.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 20 Aug 2024 19:31:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:15:40:0c:59:cf:4b:87:14:42:19:fa:48:31:2b:df:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Aug 2 22:40:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5fa55ac02e323937766c12364af6b7ecbe35020d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:dc:97:f7:e3:9f:f3:8b:ac:ef:67:18:21:c8:
6f:75:6a:e5:e7:44:ca:16:2e:60:fb:e3:8f:5d:0c:
57:82:f6:10:9f:d6:16:68:4c:c9:59:b2:d7:a3:6a:
5c:7c:01:85:21:68:7a:51:73:78:d5:d0:83:f6:08:
d6:74:6a:f8:40:11:27:44:65:a5:ab:50:e3:88:bd:
bc:80:01:33:98:72:67:36:f8:bc:17:b7:9d:f5:4d:
de:60:ad:05:d8:d0:c3:84:26:14:fd:c3:dd:fa:5b:
1a:3c:a4:6e:b2:71:ae:d6:87:0b:b3:2e:36:55:13:
9c:30:d7:d7:43:d5:c1:a2:d6:82:3d:3d:a8:84:66:
d0:e6:d7:31:45:db:f3:a1:e8:aa:91:29:c5:59:ef:
52:2d:a9:c1:a9:8b:34:e1:21:17:fb:df:be:9b:ef:
8a:19:b7:53:62:a9:24:b6:b3:6e:83:f0:76:cf:28:
cc:f1:5d:af:3c:66:74:30:ea:41:16:d5:56:c8:ad:
c3:88:27:a3:c2:c2:53:b5:98:13:26:62:d9:b3:6d:
ed:21:ab:96:87:c8:0a:ad:76:43:24:17:cf:25:50:
18:c0:7a:1a:1f:cb:67:0e:dc:bd:c0:ce:81:dd:c4:
70:b3:07:f6:9b:ed:a3:ac:5c:db:01:59:91:33:9c:
f8:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:A5:5A:C0:2E:32:39:37:76:6C:12:36:4A:F6:B7:EC:BE:35:02:0D
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/X6VawC4yOTd2bBI2Sva37L41Ag0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.108.0/23
45.81.113.0/24
45.81.115.0/24
45.88.139.0/24
45.132.181.0/24
85.209.120.0/24
194.15.52.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:23:6e:96:7d:fe:8e:cc:08:de:ab:fc:d5:1d:1a:58:93:01:
59:df:fc:42:6f:d7:41:a6:35:45:78:16:d5:eb:0e:f5:dd:5d:
ad:94:05:f7:cf:05:50:4f:b2:4f:90:cf:c9:e6:90:a3:83:d8:
6b:d2:be:8b:35:80:88:38:4d:a0:a5:2a:11:5c:72:87:06:62:
be:29:23:c6:98:40:9d:c6:5f:1e:73:04:c9:6c:6d:ae:82:a2:
b7:17:1a:05:6d:9f:ea:f0:04:8b:27:83:ee:ec:1e:d5:68:8a:
45:46:26:b3:09:60:05:8f:5b:ae:a8:5f:45:ac:88:da:91:10:
54:d8:9d:f3:e1:a9:b5:72:7b:b3:17:fd:ad:10:98:44:64:56:
91:5f:21:e3:25:47:1a:8d:81:27:12:3e:db:2e:6b:40:fe:f9:
36:8e:db:0c:71:7c:76:ab:83:8e:a7:f1:bc:2e:63:58:67:4f:
d5:02:52:5c:94:19:81:01:1a:8a:3e:4c:d0:f3:98:62:4a:4b:
b8:b3:25:49:4e:eb:bb:81:11:18:a2:63:05:1d:22:49:5a:e8:
1d:35:69:d7:3d:e8:e5:0b:d7:66:b2:3a:85:aa:7d:7a:8a:34:
37:8e:63:f5:cb:11:1b:0c:d5:ab:5a:ed:b4:0d:2b:be:a0:45:
fd:65:90:25
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZEVQAxZz0uHFEIZ+kgxK9/MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwODAyMjI0MDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmE1NWFjMDJlMzIzOTM3NzY2YzEyMzY0YWY2YjdlY2JlMzUwMjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotyX9+Of84us72cYIchvdWrl50TK
Fi5g++OPXQxXgvYQn9YWaEzJWbLXo2pcfAGFIWh6UXN41dCD9gjWdGr4QBEnRGWl
q1DjiL28gAEzmHJnNvi8F7ed9U3eYK0F2NDDhCYU/cPd+lsaPKRusnGu1ocLsy42
VROcMNfXQ9XBotaCPT2ohGbQ5tcxRdvzoeiqkSnFWe9SLanBqYs04SEX+9++m++K
GbdTYqkktrNug/B2zyjM8V2vPGZ0MOpBFtVWyK3DiCejwsJTtZgTJmLZs23tIauW
h8gKrXZDJBfPJVAYwHoaH8tnDty9wM6B3cRwswf2m+2jrFzbAVmRM5z4ywIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFF+lWsAuMjk3dmwSNkr2t+y+NQINMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvWDZWYXdDNHlPVGQyYkJJMlN2YTM3TDQxQWcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBAjhsAwQA
LVFxAwQALVFzAwQALViLAwQALYS1AwQAVdF4AwQAwg80MA0GCSqGSIb3DQEBCwUA
A4IBAQCnI26Wff6OzAjeq/zVHRpYkwFZ3/xCb9dBpjVFeBbV6w713V2tlAX3zwVQ
T7JPkM/J5pCjg9hr0r6LNYCIOE2gpSoRXHKHBmK+KSPGmECdxl8ecwTJbG2ugqK3
FxoFbZ/q8ASLJ4Pu7B7VaIpFRiazCWAFj1uuqF9FrIjakRBU2J3z4am1cnuzF/2t
EJhEZFaRXyHjJUcajYEnEj7bLmtA/vk2jtsMcXx2q4OOp/G8LmNYZ0/VAlJclBmB
ARqKPkzQ85hiSku4syVJTuu7gREYomMFHSJJWugdNWnXPejlC9dmsjqFqn16ijQ3
jmP1yxEbDNWrWu20DSu+oEX9ZZAl
-----END CERTIFICATE-----
Generated at Tue Aug 20 21:53:29 2024 by rpki-client on console-fra.rpki-client.org