Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/ibtEfpFTnrUf5x1ywDfGrIwH_tc.roa
File: ibtEfpFTnrUf5x1ywDfGrIwH_tc.roa (raw, json)
Hash identifier: UUe3mDOLAzPURq5PUHmxPkKYLnRltiQypvwlvNxfzDE=
Subject key identifier: 89:BB:44:7E:91:53:9E:B5:1F:E7:1D:72:C0:37:C6:AC:8C:07:FE:D7
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018CC86F42CF388F65D4A1E5C2B5CE5C9895
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/ibtEfpFTnrUf5x1ywDfGrIwH_tc.roa
Signing time: Tue 02 Jan 2024 04:29:43 +0000
ROA not before: Tue 02 Jan 2024 04:29:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 2.56.108.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 17 Feb 2024 00:01:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:42:cf:38:8f:65:d4:a1:e5:c2:b5:ce:5c:98:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jan 2 04:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=89bb447e91539eb51fe71d72c037c6ac8c07fed7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:7f:80:dd:ab:27:54:11:6c:1f:ec:e2:12:6a:
5e:ba:4f:03:d2:8a:11:70:f0:3c:2d:fc:e5:fc:93:
29:6a:0f:c9:a0:91:9c:95:7b:ac:58:c3:d4:8a:a1:
2c:71:9c:2f:2b:b6:a0:6e:84:38:af:a7:aa:d4:19:
0e:8e:4d:27:d1:75:27:95:46:f7:ff:aa:16:8d:31:
fa:2d:8e:90:3e:5f:95:f9:b5:5e:52:ea:7e:79:1a:
fd:58:9f:49:ea:e7:3c:82:9f:cf:cd:07:f2:ac:17:
46:6d:84:04:f5:10:ef:87:58:f9:5e:1f:d5:09:53:
74:11:4c:5e:2e:c7:24:f0:1d:64:f9:25:70:b3:54:
20:6e:fa:e3:ec:ab:21:cd:61:de:2f:4f:c8:ae:b3:
f9:6f:bb:c0:83:40:c5:11:13:bb:ec:31:82:57:07:
fa:09:2f:e3:3e:e9:b4:24:1d:71:35:c9:6f:9c:fc:
4b:db:b7:56:70:9b:56:78:9d:ed:72:38:75:a1:0f:
c9:94:62:f2:25:f3:4e:00:6f:b4:41:48:96:16:de:
8e:42:46:9e:2d:d8:df:d3:44:75:96:55:9e:7b:e3:
56:ee:01:8f:a3:a4:cf:15:ee:7e:87:f7:c1:f6:14:
03:69:87:22:3d:9c:1c:0d:e2:46:c3:66:74:b1:a6:
9b:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:BB:44:7E:91:53:9E:B5:1F:E7:1D:72:C0:37:C6:AC:8C:07:FE:D7
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/ibtEfpFTnrUf5x1ywDfGrIwH_tc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.108.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:59:88:20:fd:bb:9a:bc:4d:3f:45:e7:77:98:8c:df:39:06:
90:33:64:53:cb:a9:35:b6:f7:33:87:22:27:ba:59:63:fb:91:
8f:8e:18:24:99:f6:2d:d1:64:31:9a:a5:fc:f8:c2:2b:8f:e8:
1d:c9:c4:db:93:a0:b0:38:9a:65:ca:d7:bf:7b:e3:26:f2:97:
72:9e:34:18:b4:c0:dd:08:13:bc:9d:70:8d:02:93:9d:7c:12:
47:09:9f:4c:dc:40:1e:ef:ad:b6:7a:0d:95:dc:21:f8:62:da:
77:2c:90:17:5d:c3:67:63:c6:f2:ad:2e:97:20:ac:95:94:ff:
38:e8:91:25:f7:b9:93:f3:18:c5:4c:3b:7e:ac:95:08:ed:1e:
35:db:bd:2d:d0:76:67:43:20:43:31:94:de:ca:d0:6f:0c:66:
da:02:f3:5c:15:a5:6a:82:ad:b8:5b:85:9d:23:c3:9b:08:c9:
de:d3:ca:4e:52:44:47:f0:a5:40:54:c4:9d:2d:22:fe:6f:72:
6c:d1:c7:8e:6f:26:10:1a:f9:94:ee:32:6b:4a:60:23:14:2a:
9a:dc:82:e5:95:74:0e:cd:3a:79:c3:74:a1:a0:b0:c9:60:34:
4a:a5:89:81:60:2d:5d:82:bc:1a:63:36:79:6b:35:ff:16:e7:
45:3c:10:13
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIb0LPOI9l1KHlwrXOXJiVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwMTAyMDQyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWJiNDQ3ZTkxNTM5ZWI1MWZlNzFkNzJjMDM3YzZhYzhjMDdmZWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj3+A3asnVBFsH+ziEmpeuk8D0ooR
cPA8Lfzl/JMpag/JoJGclXusWMPUiqEscZwvK7agboQ4r6eq1BkOjk0n0XUnlUb3
/6oWjTH6LY6QPl+V+bVeUup+eRr9WJ9J6uc8gp/PzQfyrBdGbYQE9RDvh1j5Xh/V
CVN0EUxeLsck8B1k+SVws1Qgbvrj7KshzWHeL0/IrrP5b7vAg0DFERO77DGCVwf6
CS/jPum0JB1xNclvnPxL27dWcJtWeJ3tcjh1oQ/JlGLyJfNOAG+0QUiWFt6OQkae
Ldjf00R1llWee+NW7gGPo6TPFe5+h/fB9hQDaYciPZwcDeJGw2Z0saabbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIm7RH6RU561H+cdcsA3xqyMB/7XMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvaWJ0RWZwRlRuclVmNXgxeXdEZkdySXdIX3RjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAjhsMA0G
CSqGSIb3DQEBCwUAA4IBAQBMWYgg/buavE0/Red3mIzfOQaQM2RTy6k1tvczhyIn
ullj+5GPjhgkmfYt0WQxmqX8+MIrj+gdycTbk6CwOJplyte/e+Mm8pdynjQYtMDd
CBO8nXCNApOdfBJHCZ9M3EAe7622eg2V3CH4Ytp3LJAXXcNnY8byrS6XIKyVlP84
6JEl97mT8xjFTDt+rJUI7R41270t0HZnQyBDMZTeytBvDGbaAvNcFaVqgq24W4Wd
I8ObCMne08pOUkRH8KVAVMSdLSL+b3Js0ceObyYQGvmU7jJrSmAjFCqa3ILllXQO
zTp5w3ShoLDJYDRKpYmBYC1dgrwaYzZ5azX/FudFPBAT
-----END CERTIFICATE-----
Generated at Sat Feb 17 01:11:10 2024 by rpki-client on console-ams.rpki-client.org