Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/v6c0TqVcQ4ZQ38rO7zE38J5JwC4.roa
File: v6c0TqVcQ4ZQ38rO7zE38J5JwC4.roa (raw, json)
Hash identifier: XukbqfkDA/6xk0ddf5eISefWeupQ7QcHg1mL2zSYT9M=
Subject key identifier: BF:A7:34:4E:A5:5C:43:86:50:DF:CA:CE:EF:31:37:F0:9E:49:C0:2E
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 0192D3D9768FE62AAF3AE34F408CCCA0B305
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/v6c0TqVcQ4ZQ38rO7zE38J5JwC4.roa
Signing time: Mon 28 Oct 2024 15:58:17 +0000
ROA not before: Mon 28 Oct 2024 15:58:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205463
IP address blocks: 2.56.108.0/24 maxlen: 24
2.56.109.0/24 maxlen: 24
45.81.113.0/24 maxlen: 24
45.81.115.0/24 maxlen: 24
45.88.139.0/24 maxlen: 24
45.132.181.0/24 maxlen: 24
45.151.3.0/24 maxlen: 24
85.209.120.0/24 maxlen: 24
194.15.52.0/24 maxlen: 24
195.211.191.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 29 Oct 2024 20:33:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d3:d9:76:8f:e6:2a:af:3a:e3:4f:40:8c:cc:a0:b3:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Oct 28 15:58:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bfa7344ea55c438650dfcaceef3137f09e49c02e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:4d:ac:a9:e6:9b:a6:b1:2c:08:4b:24:3b:ff:
de:d6:39:51:b7:45:5a:4c:c3:34:8c:4a:7f:13:6f:
7b:02:74:39:6b:12:eb:cc:3c:d8:16:dd:aa:de:6d:
07:cf:df:8d:f8:ce:93:6d:40:83:71:85:b6:71:56:
70:5d:74:d9:b0:f0:89:55:88:bd:bf:83:c3:9a:6f:
34:53:37:90:50:4c:c6:0e:5f:1a:a5:1a:10:ac:08:
e8:ea:c4:d1:99:6f:07:9f:7d:55:12:d3:22:27:5a:
bf:9a:bf:9a:10:c9:f7:57:f3:6b:fc:90:a1:35:f2:
fa:27:38:b3:00:c7:01:13:95:1e:97:cf:55:c6:8b:
ab:f2:7a:d1:27:96:2a:6d:e6:10:a0:96:72:88:c5:
b6:8a:6f:25:b1:4a:8e:ef:2f:19:66:69:a5:6b:dd:
3a:44:39:e8:5d:bf:df:02:3d:f7:ac:c6:41:ab:2c:
18:a3:0c:4b:22:ee:ff:20:a9:9b:b0:6e:43:4c:e4:
33:b6:9d:df:d5:2e:e3:21:13:b9:2f:5e:7b:c4:91:
ca:39:7a:a1:d9:d2:ae:56:58:b4:7b:24:2a:5a:c5:
f8:e9:12:21:21:23:a7:09:dc:18:e3:ef:6b:5e:34:
18:44:8e:29:41:4c:a3:0e:3c:cf:b6:c6:df:49:5d:
db:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:A7:34:4E:A5:5C:43:86:50:DF:CA:CE:EF:31:37:F0:9E:49:C0:2E
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/v6c0TqVcQ4ZQ38rO7zE38J5JwC4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.108.0/23
45.81.113.0/24
45.81.115.0/24
45.88.139.0/24
45.132.181.0/24
45.151.3.0/24
85.209.120.0/24
194.15.52.0/24
195.211.191.0/24
Signature Algorithm: sha256WithRSAEncryption
10:1f:3c:c8:bf:d1:81:e0:a6:d9:a7:d1:20:6d:ad:e1:ba:50:
ad:d9:04:05:f4:5b:b8:96:8d:d4:b4:c2:9c:9b:e0:40:ea:01:
bf:aa:bf:6b:a6:96:53:97:c3:96:10:92:9e:3e:ee:30:05:fb:
2b:a7:cb:42:77:2a:7c:f0:91:85:7d:3b:3a:6c:be:81:7d:6d:
7c:8d:75:21:1a:24:9b:39:be:c9:1b:dd:4f:ee:f4:cc:e2:61:
ee:3f:55:09:4e:fd:31:9e:f0:4b:e2:04:c3:10:d6:8d:07:19:
3f:fc:9f:99:37:4d:0a:6c:88:e3:8b:5a:2b:6d:f8:91:25:d3:
ff:b3:24:f7:dd:2f:85:51:40:5b:d2:e2:4b:3d:60:cf:c5:17:
7e:bd:48:36:f0:30:fd:83:bc:50:cb:c8:41:6b:23:af:d6:de:
a9:d3:4b:c9:bb:2b:f8:4b:0f:f4:34:4b:9b:d5:af:9d:aa:91:
86:fc:d5:26:6f:f0:f0:c4:da:c2:3f:69:11:7d:7d:f3:68:59:
68:2f:10:12:b8:e0:f5:5e:6f:8b:52:4c:d9:8f:e8:34:14:67:
54:81:42:06:88:98:ac:67:ec:15:0e:54:b0:9e:d1:a2:07:9f:
95:af:8e:69:a4:5a:12:da:8a:9c:a8:18:4a:37:ac:f5:6a:f2:
a6:9f:49:c7
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZLT2XaP5iqvOuNPQIzMoLMFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQxMDI4MTU1ODE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmE3MzQ0ZWE1NWM0Mzg2NTBkZmNhY2VlZjMxMzdmMDllNDljMDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuE2sqeabprEsCEskO//e1jlRt0Va
TMM0jEp/E297AnQ5axLrzDzYFt2q3m0Hz9+N+M6TbUCDcYW2cVZwXXTZsPCJVYi9
v4PDmm80UzeQUEzGDl8apRoQrAjo6sTRmW8Hn31VEtMiJ1q/mr+aEMn3V/Nr/JCh
NfL6JzizAMcBE5Uel89Vxour8nrRJ5YqbeYQoJZyiMW2im8lsUqO7y8ZZmmla906
RDnoXb/fAj33rMZBqywYowxLIu7/IKmbsG5DTOQztp3f1S7jIRO5L157xJHKOXqh
2dKuVli0eyQqWsX46RIhISOnCdwY4+9rXjQYRI4pQUyjDjzPtsbfSV3b8QIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFL+nNE6lXEOGUN/Kzu8xN/CeScAuMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvdjZjMFRxVmNRNFpRMzhyTzd6RTM4SjVKd0M0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQBAjhsAwQA
LVFxAwQALVFzAwQALViLAwQALYS1AwQALZcDAwQAVdF4AwQAwg80AwQAw9O/MA0G
CSqGSIb3DQEBCwUAA4IBAQAQHzzIv9GB4KbZp9Egba3hulCt2QQF9Fu4lo3UtMKc
m+BA6gG/qr9rppZTl8OWEJKePu4wBfsrp8tCdyp88JGFfTs6bL6BfW18jXUhGiSb
Ob7JG91P7vTM4mHuP1UJTv0xnvBL4gTDENaNBxk//J+ZN00KbIjji1orbfiRJdP/
syT33S+FUUBb0uJLPWDPxRd+vUg28DD9g7xQy8hBayOv1t6p00vJuyv4Sw/0NEub
1a+dqpGG/NUmb/DwxNrCP2kRfX3zaFloLxASuOD1Xm+LUkzZj+g0FGdUgUIGiJis
Z+wVDlSwntGiB5+Vr45ppFoS2oqcqBhKN6z1avKmn0nH
-----END CERTIFICATE-----
Generated at Tue Oct 29 22:37:36 2024 by rpki-client on console-ams.rpki-client.org