Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/pHsKGoFBiMLWNj7bVNnCoyzkojU.roa
File: pHsKGoFBiMLWNj7bVNnCoyzkojU.roa (raw, json)
Hash identifier: K8JiyjOx1cWc49RXHrnRYX/bvtSlLoIJ4O2Fs7S3mk0=
Subject key identifier: A4:7B:0A:1A:81:41:88:C2:D6:36:3E:DB:54:D9:C2:A3:2C:E4:A2:35
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018A174E582C11393092BD5F0FA6D370B719
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/pHsKGoFBiMLWNj7bVNnCoyzkojU.roa
Signing time: Mon 21 Aug 2023 08:55:24 +0000
ROA not before: Mon 21 Aug 2023 08:55:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50225
IP address blocks: 91.223.110.0/24 maxlen: 24
2.56.108.0/24 maxlen: 24
2.56.110.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 14 Sep 2023 08:39:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:17:4e:58:2c:11:39:30:92:bd:5f:0f:a6:d3:70:b7:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Aug 21 08:55:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a47b0a1a814188c2d6363edb54d9c2a32ce4a235
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:4a:9d:57:1c:da:7e:14:f7:52:46:7f:5e:bc:
49:69:c7:51:c1:24:17:24:44:e8:cc:4b:f1:64:f9:
0a:52:94:7c:73:05:a6:71:35:32:b8:34:7d:ed:d6:
d8:5e:46:79:e0:c7:34:7f:b6:d0:6f:a1:e0:07:2d:
2c:26:2b:66:aa:38:25:67:47:e5:75:f9:6e:e8:70:
f1:c6:26:d3:29:67:dc:e0:c9:7d:b3:a4:fd:8a:86:
d4:14:e8:cb:47:d8:06:a8:86:68:f8:00:1a:c3:16:
14:cb:32:9e:ec:e5:1d:47:22:49:34:4c:35:b4:f5:
a7:be:39:af:17:d4:c1:41:e2:c6:a9:1d:d9:4c:2e:
d3:da:4d:77:9e:02:5d:f3:08:b7:cf:78:99:00:d9:
de:a4:7a:9c:c6:17:13:91:50:67:99:fe:f2:52:d0:
5b:87:0b:8c:d9:44:dc:54:b4:c3:90:0f:8b:49:db:
95:c2:52:92:8f:c9:c0:d9:76:85:d9:c1:6f:13:3d:
59:f3:9b:3f:28:44:6f:b9:60:21:b3:c8:ff:4e:d9:
96:db:88:d9:18:18:6b:d9:d2:e2:60:bc:0e:c1:0f:
97:b5:89:9b:48:dd:2c:4c:3f:d4:4e:51:43:f6:55:
13:80:11:1f:be:62:ef:77:33:79:58:d1:6e:18:fe:
e2:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:7B:0A:1A:81:41:88:C2:D6:36:3E:DB:54:D9:C2:A3:2C:E4:A2:35
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/pHsKGoFBiMLWNj7bVNnCoyzkojU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.108.0/24
2.56.110.0/24
91.223.110.0/24
Signature Algorithm: sha256WithRSAEncryption
95:0f:72:f7:2f:c1:89:27:78:5d:f2:4e:e3:1d:2e:5d:6b:fe:
a0:27:e9:c3:59:6d:b1:fa:93:6b:05:be:dc:1e:6e:cf:04:89:
4e:2b:34:df:99:bb:b9:b3:7f:eb:74:19:62:50:0d:af:d3:fb:
0f:57:b9:fd:57:76:55:40:7c:9d:f2:4a:91:09:91:ed:dc:a3:
ef:53:43:fc:f3:bc:ea:dc:a1:c4:b9:73:85:44:37:74:2d:c0:
95:cf:d6:5f:2f:28:d2:f0:66:8e:e9:d4:28:79:75:95:5b:2b:
f5:98:87:8a:c1:86:76:6a:00:90:bf:ba:c5:54:d4:ab:08:79:
f7:21:37:7e:0c:c4:8e:93:6c:34:45:5d:c6:63:95:85:f8:e9:
56:19:f7:6d:bc:54:57:56:23:54:03:7d:b5:b1:b7:68:b0:af:
3e:c8:ff:0e:ce:67:e4:1b:a7:13:b1:b9:14:16:b6:91:78:58:
19:cf:0a:8f:76:34:01:9c:34:b9:71:06:57:f7:59:c5:60:59:
d0:e3:1e:c4:9e:53:61:de:66:09:8d:4b:85:e6:81:1a:03:f5:
36:74:7f:1a:28:47:84:81:4c:db:1b:f7:a1:b7:e2:f7:fc:96:
cc:83:e3:a6:4a:1a:a6:78:5d:06:28:18:8d:d1:7f:44:1a:49:
d9:e6:20:46
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYoXTlgsETkwkr1fD6bTcLcZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwODIxMDg1NTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDdiMGExYTgxNDE4OGMyZDYzNjNlZGI1NGQ5YzJhMzJjZTRhMjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlUqdVxzafhT3UkZ/XrxJacdRwSQX
JETozEvxZPkKUpR8cwWmcTUyuDR97dbYXkZ54Mc0f7bQb6HgBy0sJitmqjglZ0fl
dflu6HDxxibTKWfc4Ml9s6T9iobUFOjLR9gGqIZo+AAawxYUyzKe7OUdRyJJNEw1
tPWnvjmvF9TBQeLGqR3ZTC7T2k13ngJd8wi3z3iZANnepHqcxhcTkVBnmf7yUtBb
hwuM2UTcVLTDkA+LSduVwlKSj8nA2XaF2cFvEz1Z85s/KERvuWAhs8j/TtmW24jZ
GBhr2dLiYLwOwQ+XtYmbSN0sTD/UTlFD9lUTgBEfvmLvdzN5WNFuGP7ixQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKR7ChqBQYjC1jY+21TZwqMs5KI1MB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvcEhzS0dvRkJpTUxXTmo3YlZObkNveXprb2pVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAAjhsAwQA
AjhuAwQAW99uMA0GCSqGSIb3DQEBCwUAA4IBAQCVD3L3L8GJJ3hd8k7jHS5da/6g
J+nDWW2x+pNrBb7cHm7PBIlOKzTfmbu5s3/rdBliUA2v0/sPV7n9V3ZVQHyd8kqR
CZHt3KPvU0P887zq3KHEuXOFRDd0LcCVz9ZfLyjS8GaO6dQoeXWVWyv1mIeKwYZ2
agCQv7rFVNSrCHn3ITd+DMSOk2w0RV3GY5WF+OlWGfdtvFRXViNUA321sbdosK8+
yP8OzmfkG6cTsbkUFraReFgZzwqPdjQBnDS5cQZX91nFYFnQ4x7EnlNh3mYJjUuF
5oEaA/U2dH8aKEeEgUzbG/eht+L3/JbMg+OmShqmeF0GKBiN0X9EGknZ5iBG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:32 2024 by rpki-client on console-fra.rpki-client.org