Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/R68c45PzoDhWhMude5rT9D0NmiA.roa
File: R68c45PzoDhWhMude5rT9D0NmiA.roa (raw, json)
Hash identifier: UiJLaxkic3wH1kIEhexivmBIVCqhC8TDukoEP4XJ5+I=
Subject key identifier: 47:AF:1C:E3:93:F3:A0:38:56:84:CB:9D:7B:9A:D3:F4:3D:0D:9A:20
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 0186E188D99E29A04B4ACCC1AC0A1225C6AA
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/R68c45PzoDhWhMude5rT9D0NmiA.roa
Signing time: Tue 14 Mar 2023 19:11:27 +0000
ROA not before: Tue 14 Mar 2023 19:11:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204914
IP address blocks: 2.56.165.0/24 maxlen: 24
77.83.242.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:e1:88:d9:9e:29:a0:4b:4a:cc:c1:ac:0a:12:25:c6:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Mar 14 19:11:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=47af1ce393f3a0385684cb9d7b9ad3f43d0d9a20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:e8:b5:5e:8e:cd:3a:60:49:a6:76:49:54:76:
ba:18:11:6f:ee:09:09:05:0d:63:fa:d9:d9:82:76:
81:45:3d:25:db:b3:4e:8d:68:a5:04:6b:61:6a:e5:
69:8d:21:7d:b9:66:d9:c6:19:a9:a7:da:51:93:b4:
fa:5b:ba:61:d0:f1:9f:0c:c2:9b:4b:c4:84:19:2c:
49:5d:a3:c8:fc:22:55:11:a5:6c:38:fc:f1:f9:8b:
b8:1a:fa:9b:0d:98:f1:92:cf:62:27:1a:c4:e8:75:
4b:89:7e:5f:c3:51:ea:4e:7d:e5:fd:cd:a6:fa:42:
1b:a8:2d:92:36:0b:f9:64:9b:e3:b9:db:4e:89:22:
41:3b:ba:18:c5:d7:fa:ab:00:b5:cb:4c:10:67:9b:
63:54:37:b2:74:7b:dc:cd:d5:49:40:93:9f:ee:e3:
2f:2d:91:22:4a:72:b1:c4:86:b8:32:4e:96:19:23:
55:77:fd:6e:ec:55:a9:77:53:71:e4:88:f7:bf:82:
9a:f9:b9:af:0d:0e:ce:8b:5c:d6:9a:39:3a:21:f4:
d7:2f:f9:51:12:6d:69:1a:b1:73:96:a6:3d:b6:0e:
f8:aa:28:41:cb:8a:01:f6:15:2b:6c:06:75:e1:37:
da:0f:3d:df:76:32:a5:fa:db:fa:48:0d:4a:c1:75:
f0:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:AF:1C:E3:93:F3:A0:38:56:84:CB:9D:7B:9A:D3:F4:3D:0D:9A:20
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/R68c45PzoDhWhMude5rT9D0NmiA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.165.0/24
77.83.242.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:ea:76:fb:da:74:71:aa:27:14:94:60:e5:0a:7b:3f:9c:1c:
b8:a5:32:b9:24:ab:59:6d:5a:d1:d1:d2:64:eb:fc:1b:d3:d6:
6c:55:26:8c:36:3d:13:76:d1:4d:be:28:2f:ae:8a:65:03:01:
b1:59:11:28:32:32:66:05:b9:88:b1:8f:c3:3e:c5:5b:47:a3:
e2:12:b6:03:83:e7:08:d5:45:b0:0f:99:c8:fc:bd:ef:fa:46:
5a:9e:b7:9c:48:38:51:13:68:09:07:9c:57:e5:c6:18:9a:04:
57:42:8e:3d:30:d8:81:68:ad:d4:67:1c:76:a6:d0:f9:3d:6e:
0a:54:2a:1c:0b:db:a8:80:b4:e7:6b:10:da:3a:b2:64:08:a0:
ae:05:f3:d7:b1:be:e4:92:e5:3e:53:da:8c:d5:e4:13:fc:1b:
d2:29:6f:58:33:3e:bd:68:fe:02:ca:6d:9b:34:88:10:95:39:
69:ac:14:1b:aa:e6:22:83:a7:0d:52:d5:4e:58:dc:83:63:b1:
ab:1b:6b:6d:b2:24:25:b8:7c:81:64:91:db:35:f7:f3:20:dc:
2f:75:5b:85:15:27:5a:b2:e6:06:20:67:91:cc:6c:e9:78:e4:
c0:e2:dc:1f:f6:ea:6e:b4:3e:f7:11:dd:e1:a8:0f:5e:a7:b7:
86:83:d9:2c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYbhiNmeKaBLSszBrAoSJcaqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwMzE0MTkxMTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2FmMWNlMzkzZjNhMDM4NTY4NGNiOWQ3YjlhZDNmNDNkMGQ5YTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiei1Xo7NOmBJpnZJVHa6GBFv7gkJ
BQ1j+tnZgnaBRT0l27NOjWilBGthauVpjSF9uWbZxhmpp9pRk7T6W7ph0PGfDMKb
S8SEGSxJXaPI/CJVEaVsOPzx+Yu4GvqbDZjxks9iJxrE6HVLiX5fw1HqTn3l/c2m
+kIbqC2SNgv5ZJvjudtOiSJBO7oYxdf6qwC1y0wQZ5tjVDeydHvczdVJQJOf7uMv
LZEiSnKxxIa4Mk6WGSNVd/1u7FWpd1Nx5Ij3v4Ka+bmvDQ7Oi1zWmjk6IfTXL/lR
Em1pGrFzlqY9tg74qihBy4oB9hUrbAZ14TfaDz3fdjKl+tv6SA1KwXXwkQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEevHOOT86A4VoTLnXua0/Q9DZogMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvUjY4YzQ1UHpvRGhXaE11ZGU1clQ5RDBObWlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAAjilAwQA
TVPyMA0GCSqGSIb3DQEBCwUAA4IBAQBb6nb72nRxqicUlGDlCns/nBy4pTK5JKtZ
bVrR0dJk6/wb09ZsVSaMNj0TdtFNvigvroplAwGxWREoMjJmBbmIsY/DPsVbR6Pi
ErYDg+cI1UWwD5nI/L3v+kZanrecSDhRE2gJB5xX5cYYmgRXQo49MNiBaK3UZxx2
ptD5PW4KVCocC9uogLTnaxDaOrJkCKCuBfPXsb7kkuU+U9qM1eQT/BvSKW9YMz69
aP4Cym2bNIgQlTlprBQbquYig6cNUtVOWNyDY7GrG2ttsiQluHyBZJHbNffzINwv
dVuFFSdasuYGIGeRzGzpeOTA4twf9uputD73Ed3hqA9ep7eGg9ks
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:15:34 2024 by rpki-client on console-ams.rpki-client.org