Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/ifTTW1MwI6ouREgkrt3BpwpSGsQ.roa
File: ifTTW1MwI6ouREgkrt3BpwpSGsQ.roa (raw, json)
Hash identifier: S8j3SkvoImko+1aOZXDwa0P1LdQsjDlrOUnF6OCYGnE=
Subject key identifier: 89:F4:D3:5B:53:30:23:AA:2E:44:48:24:AE:DD:C1:A7:0A:52:1A:C4
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018965843AA8ABA509601F10C7441A446460
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/ifTTW1MwI6ouREgkrt3BpwpSGsQ.roa
Signing time: Mon 17 Jul 2023 20:21:51 +0000
ROA not before: Mon 17 Jul 2023 20:21:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50225
IP address blocks: 91.223.110.0/24 maxlen: 24
2.56.108.0/24 maxlen: 24
2.56.109.0/24 maxlen: 24
2.56.110.0/24 maxlen: 24
2.56.111.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:65:84:3a:a8:ab:a5:09:60:1f:10:c7:44:1a:44:64:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jul 17 20:21:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=89f4d35b533023aa2e444824aeddc1a70a521ac4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:83:b9:07:e5:0c:a7:fb:bc:41:3a:5e:1f:02:
80:19:e8:fd:58:f1:f6:40:4c:e8:4d:05:74:5d:2b:
5a:7b:fb:44:b4:c1:03:72:fe:77:ef:cc:d4:29:28:
a7:59:e4:ea:7e:41:d5:25:9a:ca:d9:95:96:53:d0:
e6:3c:04:4c:ed:60:a8:5d:64:6b:6a:54:79:f0:c5:
cc:9d:d2:f5:17:4b:10:40:6c:ca:b1:6f:57:7a:6b:
cf:88:70:c0:54:09:f1:6b:49:6d:55:f5:6c:db:ca:
8d:e6:82:bc:60:f2:18:7f:28:c9:22:c1:44:59:66:
9d:4e:1b:19:7e:34:b5:7b:a8:24:19:4f:0f:3f:d0:
e8:ce:00:b5:8d:0b:ea:ed:73:be:a4:a5:de:87:5e:
9a:5a:7d:2d:c5:ab:0f:ec:bd:31:df:3d:46:49:5e:
88:0f:ac:01:56:40:e5:8c:d7:6c:d5:97:fa:b5:27:
f6:2d:11:9b:76:32:b4:25:0f:0d:83:02:7a:84:58:
eb:eb:32:18:bf:aa:be:ae:e1:f5:a1:68:6d:b2:e6:
3b:1c:ab:e1:8d:17:3d:90:e0:b7:71:c4:28:d4:32:
0f:aa:cc:23:74:2c:7c:58:9a:53:d4:08:ef:cf:d7:
38:1d:14:17:39:2a:74:d0:36:eb:4e:e8:b4:09:7a:
9e:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:F4:D3:5B:53:30:23:AA:2E:44:48:24:AE:DD:C1:A7:0A:52:1A:C4
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/ifTTW1MwI6ouREgkrt3BpwpSGsQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.108.0/22
91.223.110.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:26:74:62:9b:f0:0e:d6:57:bd:18:02:33:76:45:d5:0c:08:
25:cd:d3:19:77:9a:63:0d:52:22:81:9d:71:65:58:c2:3a:bb:
35:90:4f:9c:54:9c:bc:73:82:61:50:2f:30:a3:5d:18:f9:65:
19:b2:ab:49:2b:1e:a6:6e:8c:60:f4:9b:92:8c:d9:09:34:8c:
84:3c:21:6f:8b:25:6e:cb:35:00:47:cf:00:be:ae:b4:5b:36:
e1:a1:dc:9d:b7:d7:10:d6:16:56:4c:6b:4c:e4:b0:81:4c:97:
a7:0f:61:cd:e6:b6:1e:8a:13:73:5c:1b:1a:2d:f7:cb:0b:0b:
24:4d:10:a9:0f:9c:62:83:b2:fc:d9:4e:e7:f1:33:5f:de:03:
09:84:1c:f7:ac:a4:fe:82:cd:bc:68:f2:27:6f:10:8b:02:0e:
93:9d:d7:df:b6:79:a0:fe:36:4e:f1:fd:41:df:59:d0:8c:79:
2c:f5:75:c8:1e:80:87:1c:d2:46:ba:ab:ff:69:59:7b:25:d9:
d1:7f:09:49:13:89:a0:cc:20:34:bb:a3:92:28:81:1c:57:af:
29:8a:e3:9b:74:40:55:33:8e:91:64:92:9b:52:31:08:38:b0:
d3:87:78:ee:61:00:1b:dc:05:13:90:98:b6:8a:df:09:43:41:
50:9a:56:6e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYllhDqoq6UJYB8Qx0QaRGRgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwNzE3MjAyMTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWY0ZDM1YjUzMzAyM2FhMmU0NDQ4MjRhZWRkYzFhNzBhNTIxYWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsYO5B+UMp/u8QTpeHwKAGej9WPH2
QEzoTQV0XStae/tEtMEDcv5378zUKSinWeTqfkHVJZrK2ZWWU9DmPARM7WCoXWRr
alR58MXMndL1F0sQQGzKsW9XemvPiHDAVAnxa0ltVfVs28qN5oK8YPIYfyjJIsFE
WWadThsZfjS1e6gkGU8PP9DozgC1jQvq7XO+pKXeh16aWn0txasP7L0x3z1GSV6I
D6wBVkDljNds1Zf6tSf2LRGbdjK0JQ8NgwJ6hFjr6zIYv6q+ruH1oWhtsuY7HKvh
jRc9kOC3ccQo1DIPqswjdCx8WJpT1Ajvz9c4HRQXOSp00DbrTui0CXqeQwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIn001tTMCOqLkRIJK7dwacKUhrEMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvaWZUVFcxTXdJNm91UkVna3J0M0Jwd3BTR3NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCAjhsAwQA
W99uMA0GCSqGSIb3DQEBCwUAA4IBAQC4JnRim/AO1le9GAIzdkXVDAglzdMZd5pj
DVIigZ1xZVjCOrs1kE+cVJy8c4JhUC8wo10Y+WUZsqtJKx6mboxg9JuSjNkJNIyE
PCFviyVuyzUAR88Avq60Wzbhodydt9cQ1hZWTGtM5LCBTJenD2HN5rYeihNzXBsa
LffLCwskTRCpD5xig7L82U7n8TNf3gMJhBz3rKT+gs28aPInbxCLAg6Tndfftnmg
/jZO8f1B31nQjHks9XXIHoCHHNJGuqv/aVl7JdnRfwlJE4mgzCA0u6OSKIEcV68p
iuObdEBVM46RZJKbUjEIOLDTh3juYQAb3AUTkJi2it8JQ0FQmlZu
-----END CERTIFICATE-----
Generated at Sun Aug 13 07:55:17 2023 by rpki-client on console-fra.rpki-client.org