Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/aNfDw7Qx2ZVeubotnBWrrp94jlc.roa
File: aNfDw7Qx2ZVeubotnBWrrp94jlc.roa (raw, json)
Hash identifier: DMpvrtm/1acMeuuEsOuyX1GxwP/DryXePHCgKDvjJyY=
Subject key identifier: 68:D7:C3:C3:B4:31:D9:95:5E:B9:BA:2D:9C:15:AB:AE:9F:78:8E:57
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018E765069C80FE79468B0670FCA8F169432
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/aNfDw7Qx2ZVeubotnBWrrp94jlc.roa
Signing time: Mon 25 Mar 2024 15:52:45 +0000
ROA not before: Mon 25 Mar 2024 15:52:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203511
IP address blocks: 2.56.108.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.88.139.0/24 maxlen: 24
45.94.171.0/24 maxlen: 24
45.151.2.0/24 maxlen: 24
77.83.37.0/24 maxlen: 24
194.15.52.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 17 Apr 2024 14:21:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:76:50:69:c8:0f:e7:94:68:b0:67:0f:ca:8f:16:94:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Mar 25 15:52:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=68d7c3c3b431d9955eb9ba2d9c15abae9f788e57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:65:19:0a:39:6b:00:c8:dd:c7:91:cc:f7:3d:
56:d3:09:3b:6b:c9:ba:f6:82:88:0c:47:24:16:3b:
dd:42:ad:e7:65:4e:b5:57:d1:d2:e2:a4:42:8f:76:
7c:79:11:ba:65:5c:72:18:cd:05:55:20:44:f4:88:
f0:03:8e:8e:21:1d:79:1e:07:22:23:96:58:3e:80:
f8:a8:d2:77:b8:d4:6d:ce:ce:af:35:c9:d8:ef:a7:
ee:0d:e3:31:c6:ac:6a:a8:3f:fc:65:ba:e2:ed:cc:
66:33:19:8f:59:36:2b:ff:4b:66:74:0c:93:f4:26:
05:3c:a6:6e:3e:96:a0:aa:cf:cb:c4:6f:97:ac:49:
67:94:05:a9:eb:59:6c:b9:3a:d6:b7:76:2a:ed:a5:
d0:3f:37:e6:4d:12:2f:6f:31:e3:e3:46:6c:17:86:
ed:b5:62:95:df:b6:02:4f:bd:be:32:c3:c7:d5:4c:
89:da:d9:73:3b:6b:44:b2:47:e4:c2:a1:42:7b:9d:
92:6f:cd:92:46:b9:2d:70:07:4d:bb:0d:dc:9d:75:
b5:3f:2e:37:af:f5:c3:1c:cb:9e:a3:e3:4e:34:87:
a5:45:99:f4:de:db:c2:77:97:56:b9:e6:8c:20:75:
28:9c:fc:63:6e:20:4c:f9:9c:9e:f4:13:3b:02:59:
5d:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:D7:C3:C3:B4:31:D9:95:5E:B9:BA:2D:9C:15:AB:AE:9F:78:8E:57
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/aNfDw7Qx2ZVeubotnBWrrp94jlc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.108.0/24
45.88.138.0/23
45.94.171.0/24
45.151.2.0/24
77.83.37.0/24
194.15.52.0/24
Signature Algorithm: sha256WithRSAEncryption
33:15:eb:a0:a6:3e:75:55:1f:a8:89:51:d2:db:79:48:bf:9f:
cc:03:db:34:51:15:d1:e4:e8:51:34:ab:f8:6d:db:d6:2a:0b:
d2:f9:3f:d0:91:cb:30:1b:ed:86:f6:7b:44:f6:5d:43:5a:d7:
a0:b4:b9:35:f8:c6:13:9e:b9:fa:85:42:53:fd:e5:20:d5:2a:
8d:55:15:48:97:a3:a7:13:f1:02:5e:59:fd:2c:f0:f9:6a:31:
16:7a:10:45:24:93:22:81:fa:f6:ea:22:e1:ac:a7:89:e3:c5:
1d:70:7c:ae:76:5c:29:78:88:e6:ce:c1:67:d0:16:ab:3c:cf:
85:1e:98:a4:94:61:3d:4f:6a:9c:f5:5c:85:60:c0:ab:df:2f:
e3:73:4c:de:7f:a8:85:e8:db:29:79:76:02:b1:a2:f5:13:68:
9c:7a:9a:21:37:35:74:0c:4c:b0:fb:7f:39:32:93:b9:15:59:
dd:b8:3b:cb:20:96:30:3e:4f:3f:c9:d5:53:b7:25:fa:8d:81:
a1:4a:b4:1b:0c:f7:8a:00:84:43:b3:da:33:1c:67:f6:c3:b0:
2b:59:78:6f:40:09:c1:35:a6:b7:b9:c4:ae:24:87:ee:5b:48:
74:c7:d1:da:fa:b7:f3:67:e9:ea:c7:38:15:fd:15:88:f1:ac:
eb:84:8a:0b
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY52UGnID+eUaLBnD8qPFpQyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwMzI1MTU1MjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGQ3YzNjM2I0MzFkOTk1NWViOWJhMmQ5YzE1YWJhZTlmNzg4ZTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiGUZCjlrAMjdx5HM9z1W0wk7a8m6
9oKIDEckFjvdQq3nZU61V9HS4qRCj3Z8eRG6ZVxyGM0FVSBE9IjwA46OIR15Hgci
I5ZYPoD4qNJ3uNRtzs6vNcnY76fuDeMxxqxqqD/8Zbri7cxmMxmPWTYr/0tmdAyT
9CYFPKZuPpagqs/LxG+XrElnlAWp61lsuTrWt3Yq7aXQPzfmTRIvbzHj40ZsF4bt
tWKV37YCT72+MsPH1UyJ2tlzO2tEskfkwqFCe52Sb82SRrktcAdNuw3cnXW1Py43
r/XDHMueo+NONIelRZn03tvCd5dWueaMIHUonPxjbiBM+Zye9BM7AlldeQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGjXw8O0MdmVXrm6LZwVq66feI5XMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvYU5mRHc3UXgyWlZldWJvdG5CV3JycDk0amxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAAjhsAwQB
LViKAwQALV6rAwQALZcCAwQATVMlAwQAwg80MA0GCSqGSIb3DQEBCwUAA4IBAQAz
Feugpj51VR+oiVHS23lIv5/MA9s0URXR5OhRNKv4bdvWKgvS+T/QkcswG+2G9ntE
9l1DWtegtLk1+MYTnrn6hUJT/eUg1SqNVRVIl6OnE/ECXln9LPD5ajEWehBFJJMi
gfr26iLhrKeJ48UdcHyudlwpeIjmzsFn0BarPM+FHpiklGE9T2qc9VyFYMCr3y/j
c0zef6iF6NspeXYCsaL1E2icepohNzV0DEyw+385MpO5FVnduDvLIJYwPk8/ydVT
tyX6jYGhSrQbDPeKAIRDs9ozHGf2w7ArWXhvQAnBNaa3ucSuJIfuW0h0x9Ha+rfz
Z+nqxzgV/RWI8azrhIoL
-----END CERTIFICATE-----
Generated at Wed Apr 17 17:48:16 2024 by rpki-client on console-ams.rpki-client.org