Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/ie3rT1j2pY4EjoGCN_8uP4chn38.roa
File: ie3rT1j2pY4EjoGCN_8uP4chn38.roa (raw, json)
Hash identifier: TaKmadIjAwC2mW5oil0jqePM8nDfZ8ZzTlmpeRyUEMM=
Subject key identifier: 89:ED:EB:4F:58:F6:A5:8E:04:8E:81:82:37:FF:2E:3F:87:21:9F:7F
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018E5329B38A9D9E4AF186B1BF78CD031827
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/ie3rT1j2pY4EjoGCN_8uP4chn38.roa
Signing time: Mon 18 Mar 2024 20:03:45 +0000
ROA not before: Mon 18 Mar 2024 20:03:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215761
IP address blocks: 2.56.108.0/24 maxlen: 24
45.138.183.0/24 maxlen: 24
45.144.214.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 17 Apr 2024 22:26:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:53:29:b3:8a:9d:9e:4a:f1:86:b1:bf:78:cd:03:18:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Mar 18 20:03:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=89edeb4f58f6a58e048e818237ff2e3f87219f7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:e6:d5:61:45:cb:2c:00:58:c5:db:66:24:bf:
28:38:73:b4:43:92:47:fc:3f:0e:58:93:bd:c3:48:
f6:71:7b:d9:cf:8d:6c:c0:40:bc:89:b3:ed:20:e3:
02:1a:e9:1c:cd:fa:6d:5e:dd:30:88:08:be:d2:02:
82:ad:88:3c:1e:2b:c0:47:56:16:0d:c2:5a:0a:83:
3f:08:30:2c:c6:af:27:a4:21:1f:c9:e8:51:f9:59:
76:a9:c0:06:3d:bf:9b:c2:e1:d6:f0:28:6a:98:24:
71:ce:1e:32:fb:04:92:4f:80:f4:fe:8d:4c:38:91:
54:58:f5:21:6f:47:59:e6:c3:da:22:4b:d0:07:5b:
e7:14:47:36:c0:52:10:7d:d5:6f:dd:15:68:fb:e6:
76:45:44:75:a0:c7:66:fb:b2:64:b7:84:a2:ba:50:
d0:d0:1e:25:c1:22:3b:b7:0e:91:16:87:c7:1c:70:
09:18:e9:14:c0:a4:3f:00:e2:7d:d1:a1:5b:2a:65:
de:5f:25:12:9c:a9:2b:8a:b4:15:16:cb:81:97:39:
c2:81:2c:20:a1:fc:5e:fb:7c:51:b3:87:37:26:03:
d0:70:42:69:61:09:8d:f9:1c:1c:f8:11:bd:8c:d3:
43:1f:3e:57:97:af:a5:84:4a:cd:a7:08:98:f0:4f:
f4:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:ED:EB:4F:58:F6:A5:8E:04:8E:81:82:37:FF:2E:3F:87:21:9F:7F
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/ie3rT1j2pY4EjoGCN_8uP4chn38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.108.0/24
45.138.183.0/24
45.144.214.0/24
Signature Algorithm: sha256WithRSAEncryption
81:cc:da:0a:1e:ff:da:14:87:b1:43:a9:7d:ff:48:e6:10:58:
6f:cf:33:e2:ff:18:7d:08:4f:10:ef:b3:76:3a:86:41:59:f6:
c9:dd:d3:fc:7c:45:64:b8:04:9e:50:1e:0f:0d:31:08:9a:29:
a5:b4:64:9b:a9:03:bd:ee:0e:79:28:ff:ff:c2:a0:20:20:b2:
78:9c:ec:b2:d8:b9:c7:f5:29:57:ad:c9:02:98:ed:28:3a:53:
01:b7:ff:a5:c5:a0:b6:bc:1e:a5:7c:d0:75:b7:16:10:7e:12:
99:c0:a1:f6:1b:07:f3:35:9f:44:53:78:db:2b:8e:a9:0f:68:
bf:22:dc:2f:25:0e:6c:41:e9:4a:f3:dc:3b:43:f3:c4:fa:95:
bc:69:7b:96:38:03:8f:0a:90:32:47:09:5f:55:a6:d2:97:dc:
05:51:92:28:55:8c:4f:15:68:50:fa:7c:8b:a5:98:5a:f9:fd:
6c:2e:6e:39:25:ce:56:fe:ef:74:9f:26:56:25:d8:3a:24:00:
2a:bb:3b:0c:0f:a1:f7:4e:c3:f9:51:26:84:a9:a8:f2:f2:30:
cf:6e:7e:f4:97:92:1b:6d:10:83:6e:76:b6:d7:1d:dc:cd:98:
af:08:d8:fd:76:55:cb:f7:64:6d:c7:29:af:2e:77:1b:b4:08:
e7:b6:9c:8e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY5TKbOKnZ5K8Yaxv3jNAxgnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwMzE4MjAwMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWVkZWI0ZjU4ZjZhNThlMDQ4ZTgxODIzN2ZmMmUzZjg3MjE5ZjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl+bVYUXLLABYxdtmJL8oOHO0Q5JH
/D8OWJO9w0j2cXvZz41swEC8ibPtIOMCGukczfptXt0wiAi+0gKCrYg8HivAR1YW
DcJaCoM/CDAsxq8npCEfyehR+Vl2qcAGPb+bwuHW8ChqmCRxzh4y+wSST4D0/o1M
OJFUWPUhb0dZ5sPaIkvQB1vnFEc2wFIQfdVv3RVo++Z2RUR1oMdm+7Jkt4SiulDQ
0B4lwSI7tw6RFofHHHAJGOkUwKQ/AOJ90aFbKmXeXyUSnKkrirQVFsuBlznCgSwg
ofxe+3xRs4c3JgPQcEJpYQmN+Rwc+BG9jNNDHz5Xl6+lhErNpwiY8E/0MQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFInt609Y9qWOBI6Bgjf/Lj+HIZ9/MB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvaWUzclQxajJwWTRFam9HQ05fOHVQNGNobjM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAAjhsAwQA
LYq3AwQALZDWMA0GCSqGSIb3DQEBCwUAA4IBAQCBzNoKHv/aFIexQ6l9/0jmEFhv
zzPi/xh9CE8Q77N2OoZBWfbJ3dP8fEVkuASeUB4PDTEImimltGSbqQO97g55KP//
wqAgILJ4nOyy2LnH9SlXrckCmO0oOlMBt/+lxaC2vB6lfNB1txYQfhKZwKH2Gwfz
NZ9EU3jbK46pD2i/ItwvJQ5sQelK89w7Q/PE+pW8aXuWOAOPCpAyRwlfVabSl9wF
UZIoVYxPFWhQ+nyLpZha+f1sLm45Jc5W/u90nyZWJdg6JAAquzsMD6H3TsP5USaE
qajy8jDPbn70l5IbbRCDbna21x3czZivCNj9dlXL92RtxymvLncbtAjntpyO
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:19 2024 by rpki-client on console-ams.rpki-client.org