Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/ar27az7r-zf5NUubZwTP96OtI0E.roa
File: ar27az7r-zf5NUubZwTP96OtI0E.roa (raw, json)
Hash identifier: qDAEH2RjjH+tGCu/Q78xgpAPh+Fpet73WUGRiwGg2Zs=
Subject key identifier: 6A:BD:BB:6B:3E:EB:FB:37:F9:35:4B:9B:67:04:CF:F7:A3:AD:23:41
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018B207E1578E43197FA9E003B7A50229704
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/ar27az7r-zf5NUubZwTP96OtI0E.roa
Signing time: Wed 11 Oct 2023 20:46:55 +0000
ROA not before: Wed 11 Oct 2023 20:46:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 45.94.171.0/24 maxlen: 24
2.56.109.0/24 maxlen: 24
2.56.108.0/24 maxlen: 24
2.56.110.0/24 maxlen: 24
45.88.139.0/24 maxlen: 24
77.83.39.0/24 maxlen: 24
85.209.120.0/23 maxlen: 24
45.144.213.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
45.138.183.0/24 maxlen: 24
45.81.114.0/24 maxlen: 24
195.62.24.0/24 maxlen: 24
45.81.113.0/24 maxlen: 24
45.81.115.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:20:7e:15:78:e4:31:97:fa:9e:00:3b:7a:50:22:97:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Oct 11 20:46:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6abdbb6b3eebfb37f9354b9b6704cff7a3ad2341
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:b2:e6:cd:ae:b9:c9:e9:b5:9e:59:f2:fa:d3:
b7:9d:33:06:3e:53:42:52:30:8e:54:f8:49:1a:53:
f4:74:74:f4:2b:8d:7c:6d:0f:41:e8:6e:d9:15:a8:
13:f0:a7:63:2d:ad:11:42:38:a2:13:2f:20:ba:ad:
21:e2:22:25:a5:7c:66:fe:25:6e:e8:ca:64:44:7d:
2b:22:ea:6d:bc:b1:99:28:78:76:78:be:38:b5:55:
c6:28:fe:4f:d9:ef:c6:0e:9d:92:94:77:d1:69:eb:
e2:ba:db:2a:4a:55:6f:82:dd:ee:c8:41:b5:5f:9d:
b2:1f:6d:f2:0a:63:32:9e:d5:86:62:4b:be:ef:dd:
4b:8e:0d:f9:cf:c2:e2:59:fd:ad:bc:99:25:2f:41:
6a:5b:b7:87:64:d1:45:18:fa:19:32:7f:37:02:0c:
c9:c6:0e:70:46:7b:e0:91:da:04:b3:99:89:24:61:
0b:b4:ab:c7:4c:10:92:90:bc:cd:4c:85:ab:83:6d:
3a:c9:da:1c:3f:01:76:12:25:56:04:a8:ae:f1:66:
67:3c:81:cd:58:22:13:3d:5e:b8:3f:88:71:07:61:
7e:67:0b:0a:9a:79:90:32:93:06:b4:19:08:ff:b6:
a1:43:87:f8:bb:91:df:56:a3:0c:12:71:1b:1b:cb:
7a:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:BD:BB:6B:3E:EB:FB:37:F9:35:4B:9B:67:04:CF:F7:A3:AD:23:41
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/ar27az7r-zf5NUubZwTP96OtI0E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.108.0-2.56.110.255
45.81.113.0-45.81.115.255
45.88.139.0/24
45.94.171.0/24
45.138.183.0/24
45.144.213.0/24
77.83.39.0/24
85.209.120.0/23
195.62.24.0/24
195.177.95.0/24
Signature Algorithm: sha256WithRSAEncryption
30:1f:30:0c:aa:0a:2d:c5:b2:b6:ba:b0:6d:9a:52:8e:0c:30:
86:02:4f:36:fd:9c:5a:51:3e:7b:76:d0:8e:e3:18:94:a6:c0:
cb:f0:b6:fb:18:6f:ce:1c:47:31:e7:e8:14:fa:53:ef:01:0a:
dd:4f:b0:4b:52:b0:8d:47:18:d9:7c:5c:b4:4a:b2:79:19:82:
9c:bf:d3:7f:74:f2:9b:73:64:81:43:3b:12:9f:4c:11:7e:3e:
b6:03:eb:9a:84:15:e5:93:54:e9:05:72:2e:26:db:88:1a:22:
61:58:01:70:15:d8:19:d2:35:e1:aa:01:9d:bb:16:55:71:84:
d1:a3:a3:0a:56:8f:bd:1b:19:27:9e:17:79:73:81:1f:88:d0:
de:c5:b5:70:64:75:4f:20:8e:36:14:9d:7d:09:e0:e0:39:ff:
1e:0b:54:75:10:86:74:92:7d:c7:0e:d0:d9:00:fb:8c:de:8c:
c3:a2:0f:5c:b0:56:f6:a1:24:2d:e3:c0:62:34:e3:e1:24:5d:
f8:5c:7a:e4:50:ee:17:61:79:0c:b2:d1:4d:5d:2b:38:38:15:
ff:0d:07:89:bb:e9:1a:7e:16:5f:e0:19:86:fb:8e:61:b3:bc:
99:06:ba:a6:e7:e0:03:ec:dc:08:5f:47:99:8a:0e:a9:e2:f5:
ff:69:f4:cf
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAYsgfhV45DGX+p4AO3pQIpcEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMxMDExMjA0NjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWJkYmI2YjNlZWJmYjM3ZjkzNTRiOWI2NzA0Y2ZmN2EzYWQyMzQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7Lmza65yem1nlny+tO3nTMGPlNC
UjCOVPhJGlP0dHT0K418bQ9B6G7ZFagT8KdjLa0RQjiiEy8guq0h4iIlpXxm/iVu
6MpkRH0rIuptvLGZKHh2eL44tVXGKP5P2e/GDp2SlHfRaeviutsqSlVvgt3uyEG1
X52yH23yCmMyntWGYku+791Ljg35z8LiWf2tvJklL0FqW7eHZNFFGPoZMn83AgzJ
xg5wRnvgkdoEs5mJJGELtKvHTBCSkLzNTIWrg206ydocPwF2EiVWBKiu8WZnPIHN
WCITPV64P4hxB2F+ZwsKmnmQMpMGtBkI/7ahQ4f4u5HfVqMMEnEbG8t6VQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFGq9u2s+6/s3+TVLm2cEz/ejrSNBMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvYXIyN2F6N3ItemY1TlV1Ylp3VFA5Nk90STBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMMAwDBAICOGwD
BAACOG4wDAMEAC1RcQMEAi1RcAMEAC1YiwMEAC1eqwMEAC2KtwMEAC2Q1QMEAE1T
JwMEAVXReAMEAMM+GAMEAMOxXzANBgkqhkiG9w0BAQsFAAOCAQEAMB8wDKoKLcWy
trqwbZpSjgwwhgJPNv2cWlE+e3bQjuMYlKbAy/C2+xhvzhxHMefoFPpT7wEK3U+w
S1KwjUcY2XxctEqyeRmCnL/Tf3Tym3NkgUM7Ep9MEX4+tgPrmoQV5ZNU6QVyLibb
iBoiYVgBcBXYGdI14aoBnbsWVXGE0aOjClaPvRsZJ54XeXOBH4jQ3sW1cGR1TyCO
NhSdfQng4Dn/HgtUdRCGdJJ9xw7Q2QD7jN6Mw6IPXLBW9qEkLePAYjTj4SRd+Fx6
5FDuF2F5DLLRTV0rODgV/w0HibvpGn4WX+AZhvuOYbO8mQa6pufgA+zcCF9HmYoO
qeL1/2n0zw==
-----END CERTIFICATE-----
Generated at Tue Oct 17 08:42:59 2023 by rpki-client on console-fra.rpki-client.org