Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/pa3n0_CMd6mM2KrfmViXsRMjIsU.roa
File: pa3n0_CMd6mM2KrfmViXsRMjIsU.roa (raw, json)
Hash identifier: zQ1pBGH5/V9idbLOvmze6gEDP66sb1P5mtYIWpgKDk0=
Subject key identifier: A5:AD:E7:D3:F0:8C:77:A9:8C:D8:AA:DF:99:58:97:B1:13:23:22:C5
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018DB45E1841B8B01017570D51A3130126FA
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/pa3n0_CMd6mM2KrfmViXsRMjIsU.roa
Signing time: Sat 17 Feb 2024 00:01:21 +0000
ROA not before: Sat 17 Feb 2024 00:01:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 2.56.108.0/24 maxlen: 24
45.144.215.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 19 Feb 2024 21:34:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:b4:5e:18:41:b8:b0:10:17:57:0d:51:a3:13:01:26:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Feb 17 00:01:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a5ade7d3f08c77a98cd8aadf995897b1132322c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:ac:28:a6:47:4d:a4:39:45:f9:1a:b3:3f:84:
1b:0a:2f:e0:2a:c0:36:88:65:63:d3:11:95:f2:40:
50:fa:c4:d5:e1:4d:83:d8:45:42:f3:a6:3e:61:3c:
aa:ca:b6:5b:0a:6b:b2:27:93:68:a9:21:ca:2d:20:
f3:75:4c:5c:98:3f:ae:dd:f4:de:e3:c5:53:d7:49:
af:bc:71:e5:69:81:8a:3e:f7:5f:84:bd:cc:a9:4f:
73:f5:be:10:57:8e:52:1f:a2:f5:83:64:d1:c5:3a:
90:10:28:7e:da:bd:80:b4:cf:d6:d4:f6:bb:92:71:
82:fe:f4:4b:f1:e7:e2:9c:07:7d:97:75:74:3c:a6:
0f:26:1e:56:3a:61:c7:cb:d7:8b:eb:5c:e2:43:d5:
b5:6d:44:28:72:49:43:f1:2d:ec:24:e6:da:14:5e:
d9:03:bf:b9:05:21:74:25:95:a9:c5:2e:a9:41:e8:
af:62:e6:cd:f2:dd:86:2c:a7:66:18:d3:ab:e7:c4:
a8:eb:fe:de:d0:af:35:2c:f2:a9:e1:59:6a:22:ed:
c2:98:6b:70:d0:71:5a:50:01:96:f6:02:a9:54:a9:
3b:b1:a3:52:5b:30:c5:6f:43:36:5f:62:75:e7:3d:
20:a0:04:2c:6d:08:a9:12:e6:79:72:77:44:9b:9b:
5a:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:AD:E7:D3:F0:8C:77:A9:8C:D8:AA:DF:99:58:97:B1:13:23:22:C5
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/pa3n0_CMd6mM2KrfmViXsRMjIsU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.108.0/24
45.144.215.0/24
Signature Algorithm: sha256WithRSAEncryption
75:76:5d:dd:12:2c:6e:c7:57:a4:b8:6a:7f:c3:3d:3b:6c:ba:
ad:a9:2c:76:9b:82:82:38:80:a6:b2:bd:43:0a:52:c7:d6:ed:
9c:ff:6d:34:de:6e:4c:4b:8c:ea:f9:ea:59:4a:93:be:d4:b9:
1c:37:ac:21:7c:d1:31:9f:41:36:41:67:5a:13:1f:45:ba:8c:
c1:a4:37:bd:a2:07:95:28:d3:c4:27:97:60:ab:54:3b:73:95:
a4:1b:af:62:39:df:6e:83:da:8f:01:fb:0e:41:87:69:42:1a:
3f:68:af:13:a2:b3:12:94:f9:be:98:95:3b:c0:dc:a8:1b:c7:
8a:53:c6:b5:ef:db:02:65:0b:a9:4b:4c:8c:2a:b6:3b:db:97:
b3:8a:f4:75:e9:ab:72:9a:cc:6f:ce:d8:e3:b3:b8:e9:a7:4f:
63:77:6d:f6:b0:b9:12:cc:59:6a:9c:2c:b5:a9:c0:f9:2a:0c:
33:d9:57:be:b8:27:6e:20:d2:54:32:67:24:c3:f3:7b:a8:28:
7c:a4:d9:b5:b0:ea:9d:42:bb:36:01:70:10:c3:5d:ac:fd:36:
b3:9a:d1:aa:2f:ec:88:0f:0d:45:88:ce:78:15:a2:ce:8d:1e:
fe:a3:c2:26:e2:50:62:da:12:c8:e2:73:44:46:e1:f3:77:2c:
7a:a0:8a:64
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY20XhhBuLAQF1cNUaMTASb6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwMjE3MDAwMTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWFkZTdkM2YwOGM3N2E5OGNkOGFhZGY5OTU4OTdiMTEzMjMyMmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhqwopkdNpDlF+RqzP4QbCi/gKsA2
iGVj0xGV8kBQ+sTV4U2D2EVC86Y+YTyqyrZbCmuyJ5NoqSHKLSDzdUxcmD+u3fTe
48VT10mvvHHlaYGKPvdfhL3MqU9z9b4QV45SH6L1g2TRxTqQECh+2r2AtM/W1Pa7
knGC/vRL8efinAd9l3V0PKYPJh5WOmHHy9eL61ziQ9W1bUQocklD8S3sJObaFF7Z
A7+5BSF0JZWpxS6pQeivYubN8t2GLKdmGNOr58So6/7e0K81LPKp4VlqIu3CmGtw
0HFaUAGW9gKpVKk7saNSWzDFb0M2X2J15z0goAQsbQipEuZ5cndEm5taNQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKWt59PwjHepjNiq35lYl7ETIyLFMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvcGEzbjBfQ01kNm1NMktyZm1WaVhzUk1qSXNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAAjhsAwQA
LZDXMA0GCSqGSIb3DQEBCwUAA4IBAQB1dl3dEixux1ekuGp/wz07bLqtqSx2m4KC
OICmsr1DClLH1u2c/2003m5MS4zq+epZSpO+1LkcN6whfNExn0E2QWdaEx9FuozB
pDe9ogeVKNPEJ5dgq1Q7c5WkG69iOd9ug9qPAfsOQYdpQho/aK8TorMSlPm+mJU7
wNyoG8eKU8a179sCZQupS0yMKrY725ezivR16atymsxvztjjs7jpp09jd232sLkS
zFlqnCy1qcD5Kgwz2Ve+uCduINJUMmckw/N7qCh8pNm1sOqdQrs2AXAQw12s/Taz
mtGqL+yIDw1FiM54FaLOjR7+o8Im4lBi2hLI4nNERuHzdyx6oIpk
-----END CERTIFICATE-----
Generated at Tue Feb 20 00:44:03 2024 by rpki-client on console-ams.rpki-client.org