Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/y85syehDG0Vaf7odBME20FKSSTg.roa
File: y85syehDG0Vaf7odBME20FKSSTg.roa (raw, json)
Hash identifier: W07VNfFQie7kcATTuYVXXrg1aNuF8Afhobxx51gyxCM=
Subject key identifier: CB:CE:6C:C9:E8:43:1B:45:5A:7F:BA:1D:04:C1:36:D0:52:92:49:38
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018A26D9C32D147E9C28C686EE4E7C50D3BD
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/y85syehDG0Vaf7odBME20FKSSTg.roa
Signing time: Thu 24 Aug 2023 09:21:59 +0000
ROA not before: Thu 24 Aug 2023 09:21:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 2.56.109.0/24 maxlen: 24
2.56.111.0/24 maxlen: 24
77.83.37.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:26:d9:c3:2d:14:7e:9c:28:c6:86:ee:4e:7c:50:d3:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Aug 24 09:21:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cbce6cc9e8431b455a7fba1d04c136d052924938
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:67:16:76:41:2e:88:eb:46:07:dd:35:25:e8:
3f:dd:e9:2d:dc:22:81:15:c7:cf:bf:c7:9e:30:47:
7d:a4:18:11:f1:62:02:dd:f7:3f:17:c2:2a:ad:f4:
22:6e:f9:56:d3:ac:a7:c6:1a:b3:53:ce:d5:90:0c:
7a:3e:9d:75:4d:9f:07:9b:a0:f6:3a:6f:c3:23:57:
19:81:fd:b0:8e:5b:46:02:b7:ec:49:fd:39:dd:ab:
9b:e5:19:95:2c:a8:68:82:33:b4:a5:b0:c6:4f:05:
e0:f3:74:10:62:0b:80:99:c4:76:2d:42:85:2a:02:
39:e5:9f:6e:64:80:10:9f:9b:42:ec:91:1f:68:8e:
51:d9:e1:c2:21:14:ef:68:b7:6e:bb:c8:cc:2f:79:
92:58:ac:be:91:c6:0e:ac:e2:f6:3a:d0:3f:91:eb:
7d:02:88:f1:f7:17:56:61:1b:af:e6:86:49:6e:b0:
ce:6c:0a:82:ee:15:f1:6f:28:47:82:30:d0:8a:8b:
26:c0:13:15:74:db:4c:5a:bd:3a:79:27:70:ae:9a:
a0:b6:e0:64:76:26:27:82:f5:d9:58:f0:39:cf:61:
40:52:7f:dd:bb:76:90:18:3b:b9:e9:2f:ca:bd:ab:
c9:a8:4b:a7:a0:69:d4:4b:db:bd:9d:af:84:a9:e0:
56:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:CE:6C:C9:E8:43:1B:45:5A:7F:BA:1D:04:C1:36:D0:52:92:49:38
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/y85syehDG0Vaf7odBME20FKSSTg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.109.0/24
2.56.111.0/24
77.83.37.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:d8:c2:06:8c:0d:22:7d:4b:af:3a:d0:e6:8d:84:1d:59:fc:
0e:5f:50:e3:38:3d:50:c4:0d:4e:31:11:b3:b4:a6:77:5b:89:
99:33:d1:54:e2:58:cb:e1:51:4b:ae:41:f6:fc:90:3b:c3:09:
50:57:77:7b:d2:61:6a:1d:34:85:a8:ab:be:16:ab:1d:ed:bb:
d8:66:19:85:0d:98:a2:9c:2f:02:98:7b:90:9c:81:9b:a5:14:
e9:8f:b1:93:33:0f:fc:e6:6b:9b:2b:74:f0:f9:0c:4f:70:ca:
08:87:d6:68:8f:e8:b4:82:25:69:3a:46:29:0e:82:f7:2f:b1:
ce:81:af:3c:f1:e5:2d:c0:42:8c:0e:55:3f:b0:e9:03:b5:88:
03:7d:3a:d8:b6:9b:03:df:65:59:3f:9f:48:4c:e0:5a:6b:92:
64:7e:db:44:a3:17:d4:64:95:86:f1:a5:de:66:1f:6d:29:0c:
69:a9:41:26:5b:7a:d0:89:64:18:e1:03:9b:1d:cd:1f:87:09:
81:6b:3c:99:6c:27:02:dc:05:1b:ec:03:30:36:a1:78:aa:f0:
48:58:ea:6b:04:6e:6f:4f:c2:07:27:fc:36:a7:13:c5:3e:42:
fb:5a:f3:dc:1e:df:8e:f9:15:22:82:28:d1:48:7e:57:09:b9:
fb:dc:fe:31
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYom2cMtFH6cKMaG7k58UNO9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwODI0MDkyMTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmNlNmNjOWU4NDMxYjQ1NWE3ZmJhMWQwNGMxMzZkMDUyOTI0OTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiGcWdkEuiOtGB901Jeg/3ekt3CKB
FcfPv8eeMEd9pBgR8WIC3fc/F8IqrfQibvlW06ynxhqzU87VkAx6Pp11TZ8Hm6D2
Om/DI1cZgf2wjltGArfsSf053aub5RmVLKhogjO0pbDGTwXg83QQYguAmcR2LUKF
KgI55Z9uZIAQn5tC7JEfaI5R2eHCIRTvaLduu8jML3mSWKy+kcYOrOL2OtA/ket9
Aojx9xdWYRuv5oZJbrDObAqC7hXxbyhHgjDQiosmwBMVdNtMWr06eSdwrpqgtuBk
diYngvXZWPA5z2FAUn/du3aQGDu56S/KvavJqEunoGnUS9u9na+EqeBWMQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMvObMnoQxtFWn+6HQTBNtBSkkk4MB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEveTg1c3llaERHMFZhZjdvZEJNRTIwRktTU1RnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAAjhtAwQA
AjhvAwQATVMlMA0GCSqGSIb3DQEBCwUAA4IBAQBs2MIGjA0ifUuvOtDmjYQdWfwO
X1DjOD1QxA1OMRGztKZ3W4mZM9FU4ljL4VFLrkH2/JA7wwlQV3d70mFqHTSFqKu+
Fqsd7bvYZhmFDZiinC8CmHuQnIGbpRTpj7GTMw/85mubK3Tw+QxPcMoIh9Zoj+i0
giVpOkYpDoL3L7HOga888eUtwEKMDlU/sOkDtYgDfTrYtpsD32VZP59ITOBaa5Jk
fttEoxfUZJWG8aXeZh9tKQxpqUEmW3rQiWQY4QObHc0fhwmBazyZbCcC3AUb7AMw
NqF4qvBIWOprBG5vT8IHJ/w2pxPFPkL7WvPcHt+O+RUigijRSH5XCbn73P4x
-----END CERTIFICATE-----
Generated at Fri Aug 25 10:33:11 2023 by rpki-client on console-ams.rpki-client.org