Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/aFuvRheWppm79aafJN-9ejEPYK4.roa
File: aFuvRheWppm79aafJN-9ejEPYK4.roa (raw, json)
Hash identifier: T+m6vQWa/u2Afototz+TbixXXi6S584IlOtbkQcLoJY=
Subject key identifier: 68:5B:AF:46:17:96:A6:99:BB:F5:A6:9F:24:DF:BD:7A:31:0F:60:AE
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018CC86F44736DDC141555B438A3D6FD7085
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/aFuvRheWppm79aafJN-9ejEPYK4.roa
Signing time: Tue 02 Jan 2024 04:29:44 +0000
ROA not before: Tue 02 Jan 2024 04:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198361
IP address blocks: 2.56.111.0/24 maxlen: 24
45.144.215.0/24 maxlen: 24
45.132.180.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
77.83.38.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 16 Feb 2024 22:07:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:44:73:6d:dc:14:15:55:b4:38:a3:d6:fd:70:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jan 2 04:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=685baf461796a699bbf5a69f24dfbd7a310f60ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:79:1d:76:26:8a:d9:41:86:74:6f:2b:aa:a3:
12:26:93:d3:25:d4:f9:a3:77:f7:9f:b6:ba:b3:69:
5f:a9:03:5f:2a:e5:de:a2:41:03:84:5b:78:d2:7b:
36:00:10:8f:e0:32:ef:dc:17:03:0d:30:94:53:f2:
a8:48:95:e1:e3:e7:65:e7:85:ce:77:56:ef:0a:cb:
a3:f1:a7:6e:c0:36:dc:2c:ea:3d:89:b9:8d:26:cd:
0d:c3:7a:32:7b:fc:a4:09:64:6b:f7:0d:a8:3d:44:
71:43:44:85:3e:bc:df:f0:99:cb:59:25:5f:0a:ed:
63:a0:10:b7:1f:f8:d1:42:1d:73:b6:dc:bd:64:72:
84:ba:09:73:b2:fe:af:0c:ae:60:b2:23:2a:41:92:
bb:59:4c:96:db:e9:77:15:42:5b:d9:60:0d:35:e1:
79:66:ff:dc:50:2a:8e:6f:a6:a6:97:55:43:92:e5:
07:82:0b:f7:e4:14:e9:16:9b:c1:07:d1:5d:05:b2:
28:96:50:01:8c:68:70:cc:40:31:02:0a:10:84:bf:
ed:9f:49:56:54:2b:bd:bb:8f:c4:d7:0b:67:d8:4e:
5c:85:c2:59:f0:24:21:a9:6c:07:1b:de:ca:e5:ab:
99:6a:38:95:03:dc:8b:3b:58:50:e6:40:7d:8c:1e:
de:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:5B:AF:46:17:96:A6:99:BB:F5:A6:9F:24:DF:BD:7A:31:0F:60:AE
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/aFuvRheWppm79aafJN-9ejEPYK4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.111.0/24
45.88.138.0/24
45.132.180.0/24
45.144.215.0/24
77.83.38.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:ba:76:3e:15:27:73:a4:11:ab:06:ac:1a:1e:ce:68:11:74:
e8:84:bb:ea:6f:38:e4:da:c1:8e:7d:a7:0d:3c:63:52:a3:ba:
eb:1c:43:78:91:dd:ec:e6:db:48:ad:b6:05:b4:de:5b:25:57:
46:1d:b1:a3:99:d2:6f:93:79:b2:d2:51:d6:f1:3a:a7:7f:5b:
0b:af:15:a7:ab:2e:67:40:42:c2:6c:02:57:33:ee:a7:f1:eb:
2b:df:e3:9e:da:fc:ec:d0:c2:00:32:d1:ff:68:bb:26:90:70:
3a:54:d4:5d:54:78:54:08:0b:d5:3a:3a:92:07:09:e6:e3:10:
8d:fb:28:94:7a:7a:49:e6:fc:3a:c7:15:06:c0:67:ce:3a:94:
c7:51:e6:cd:df:c1:99:86:87:da:ed:05:35:75:8d:9c:56:af:
d7:66:70:d2:b0:2a:19:7a:f9:a0:c9:88:a6:3b:87:9c:d1:36:
ba:13:0c:81:c6:28:22:ce:2a:e8:4a:d1:80:4f:a1:f0:9f:56:
c3:0a:69:b5:c4:b3:6f:79:cd:05:ba:83:27:9c:f5:1a:86:86:
8f:ed:a6:c1:b8:38:15:bf:5c:96:03:5a:f4:ea:15:53:53:26:
46:37:67:ca:15:ef:5e:1b:7f:61:4b:bf:c0:8b:2f:56:d2:94:
1c:8e:76:bf
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzIb0RzbdwUFVW0OKPW/XCFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwMTAyMDQyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODViYWY0NjE3OTZhNjk5YmJmNWE2OWYyNGRmYmQ3YTMxMGY2MGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzHkddiaK2UGGdG8rqqMSJpPTJdT5
o3f3n7a6s2lfqQNfKuXeokEDhFt40ns2ABCP4DLv3BcDDTCUU/KoSJXh4+dl54XO
d1bvCsuj8aduwDbcLOo9ibmNJs0Nw3oye/ykCWRr9w2oPURxQ0SFPrzf8JnLWSVf
Cu1joBC3H/jRQh1ztty9ZHKEuglzsv6vDK5gsiMqQZK7WUyW2+l3FUJb2WANNeF5
Zv/cUCqOb6aml1VDkuUHggv35BTpFpvBB9FdBbIollABjGhwzEAxAgoQhL/tn0lW
VCu9u4/E1wtn2E5chcJZ8CQhqWwHG97K5auZajiVA9yLO1hQ5kB9jB7efQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGhbr0YXlqaZu/WmnyTfvXoxD2CuMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvYUZ1dlJoZVdwcG03OWFhZkpOLTllakVQWUs0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAAjhvAwQA
LViKAwQALYS0AwQALZDXAwQATVMmMA0GCSqGSIb3DQEBCwUAA4IBAQBfunY+FSdz
pBGrBqwaHs5oEXTohLvqbzjk2sGOfacNPGNSo7rrHEN4kd3s5ttIrbYFtN5bJVdG
HbGjmdJvk3my0lHW8Tqnf1sLrxWnqy5nQELCbAJXM+6n8esr3+Oe2vzs0MIAMtH/
aLsmkHA6VNRdVHhUCAvVOjqSBwnm4xCN+yiUenpJ5vw6xxUGwGfOOpTHUebN38GZ
hofa7QU1dY2cVq/XZnDSsCoZevmgyYimO4ec0Ta6EwyBxigiziroStGAT6Hwn1bD
Cmm1xLNvec0FuoMnnPUahoaP7abBuDgVv1yWA1r06hVTUyZGN2fKFe9eG39hS7/A
iy9W0pQcjna/
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:18 2024 by rpki-client on console-ams.rpki-client.org