Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/ff7d33-e4f7-43c0-924b-6b2d46924c6f/1/CdLMdr1UIEL8Q4XTCJa7xbi4Hlo.roa
File: CdLMdr1UIEL8Q4XTCJa7xbi4Hlo.roa (raw, json)
Hash identifier: XkZ79Z56+vbVon5WGsrLr5+hWWIjh1kdMcVa1P6O6PQ=
Subject key identifier: 09:D2:CC:76:BD:54:20:42:FC:43:85:D3:08:96:BB:C5:B8:B8:1E:5A
Certificate issuer: /CN=9e4b3281b08e6b5ec1fdeb0d0440528ed934dc3f
Certificate serial: 01856FDDDD1BDEE9A46D948634B85009D8D8
Authority key identifier: 9E:4B:32:81:B0:8E:6B:5E:C1:FD:EB:0D:04:40:52:8E:D9:34:DC:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nksygbCOa17B_esNBEBSjtk03D8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/ff7d33-e4f7-43c0-924b-6b2d46924c6f/1/CdLMdr1UIEL8Q4XTCJa7xbi4Hlo.roa
Signing time: Mon 02 Jan 2023 00:24:48 +0000
ROA not before: Mon 02 Jan 2023 00:24:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29447
IP address blocks: 81.56.0.0/15 maxlen: 17
2a01:e10::/30 maxlen: 30
2a01:e09::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 04 May 2023 13:57:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:dd:dd:1b:de:e9:a4:6d:94:86:34:b8:50:09:d8:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e4b3281b08e6b5ec1fdeb0d0440528ed934dc3f
Validity
Not Before: Jan 2 00:24:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=09d2cc76bd542042fc4385d30896bbc5b8b81e5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:d2:a0:6b:12:c4:a1:4d:ba:db:24:24:6c:e8:
28:65:5c:a3:1a:58:bf:52:20:24:91:55:47:ab:0b:
e4:9d:be:ff:8b:5b:a6:97:4f:b1:17:79:96:31:e9:
51:e2:99:52:5e:0f:c8:77:58:13:d1:bc:f4:f5:fc:
4e:ad:01:fe:97:d0:7a:ba:0a:e5:e4:27:20:3f:19:
91:ba:93:e0:9f:0f:23:5f:b3:6b:6d:9b:61:31:d8:
81:9f:56:cf:a7:5a:9c:ea:87:8d:f8:ed:d8:6e:a6:
18:ec:04:9f:c6:0a:fa:20:31:f4:d9:b6:da:42:33:
08:3a:19:b6:e3:2c:76:5e:1e:27:51:6a:24:7e:1b:
39:56:33:a1:a6:5a:49:cb:14:db:34:d3:2e:14:0c:
5c:1b:f3:ba:5a:e4:da:94:37:13:4c:f8:da:05:a8:
22:4c:8a:9d:44:06:d9:1d:9f:21:b8:63:b5:ec:20:
d9:48:50:37:2b:08:69:02:38:f3:fb:b0:90:91:dd:
fd:04:7d:d8:e7:86:f1:72:55:00:7d:38:4a:bb:2f:
02:cf:33:58:60:bd:e0:19:49:1a:16:3e:c3:80:ad:
33:16:7e:ff:45:dc:02:5d:63:b1:48:76:57:5b:71:
fe:f9:bc:3e:ef:06:ba:40:d7:fb:7a:44:bd:3c:ba:
89:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:D2:CC:76:BD:54:20:42:FC:43:85:D3:08:96:BB:C5:B8:B8:1E:5A
X509v3 Authority Key Identifier:
keyid:9E:4B:32:81:B0:8E:6B:5E:C1:FD:EB:0D:04:40:52:8E:D9:34:DC:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nksygbCOa17B_esNBEBSjtk03D8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/ff7d33-e4f7-43c0-924b-6b2d46924c6f/1/CdLMdr1UIEL8Q4XTCJa7xbi4Hlo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/ff7d33-e4f7-43c0-924b-6b2d46924c6f/1/nksygbCOa17B_esNBEBSjtk03D8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.56.0.0/15
IPv6:
2a01:e09::/32
2a01:e10::/30
Signature Algorithm: sha256WithRSAEncryption
7e:00:49:18:e0:56:84:74:3f:b0:7a:6f:db:77:e6:6f:e3:c3:
5f:2e:f3:dd:84:bd:ec:cd:54:16:b7:f7:be:e2:5f:8d:e4:15:
1b:63:f3:47:d1:9e:4d:15:11:57:44:3a:82:c4:ce:c6:5a:e1:
85:c5:0a:f4:29:57:23:9d:37:4e:d5:a8:95:1e:c0:d0:8f:e4:
e1:0a:a7:b4:24:20:de:7d:fe:18:b3:ad:e4:46:ce:47:fc:76:
ec:44:ba:a3:92:63:02:92:98:d6:b2:f1:4c:18:4e:be:e5:3d:
d6:be:7a:fc:b2:f4:8a:45:03:b6:e5:e8:0f:8a:9d:36:32:eb:
7d:17:85:d7:be:38:90:9c:6d:5b:c2:16:e0:57:1c:0f:39:95:
f6:17:ec:4a:ec:f2:2a:c3:b0:52:53:37:8b:7f:c1:68:b1:2a:
bd:dc:94:6e:c9:4b:ed:cd:14:df:fa:ab:f9:a3:78:8d:b9:91:
7f:39:b4:f8:1c:a8:b8:5d:95:dc:5d:2e:90:12:ea:4c:fc:22:
ef:00:09:a4:45:16:02:b3:0d:e3:9f:cb:c8:8c:9c:19:9c:38:
40:47:d0:58:d3:59:42:8e:31:fc:eb:66:d2:d9:63:c8:c7:07:
14:bd:25:7f:5f:ce:b0:0b:8b:1e:b9:d6:3b:77:35:79:53:ab:
32:46:cf:7c
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVv3d0b3umkbZSGNLhQCdjYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNGIzMjgxYjA4ZTZiNWVjMWZkZWIwZDA0NDA1MjhlZDkz
NGRjM2YwHhcNMjMwMTAyMDAyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWQyY2M3NmJkNTQyMDQyZmM0Mzg1ZDMwODk2YmJjNWI4YjgxZTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAodKgaxLEoU262yQkbOgoZVyjGli/
UiAkkVVHqwvknb7/i1uml0+xF3mWMelR4plSXg/Id1gT0bz09fxOrQH+l9B6ugrl
5CcgPxmRupPgnw8jX7NrbZthMdiBn1bPp1qc6oeN+O3YbqYY7ASfxgr6IDH02bba
QjMIOhm24yx2Xh4nUWokfhs5VjOhplpJyxTbNNMuFAxcG/O6WuTalDcTTPjaBagi
TIqdRAbZHZ8huGO17CDZSFA3KwhpAjjz+7CQkd39BH3Y54bxclUAfThKuy8CzzNY
YL3gGUkaFj7DgK0zFn7/RdwCXWOxSHZXW3H++bw+7wa6QNf7ekS9PLqJEwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFAnSzHa9VCBC/EOF0wiWu8W4uB5aMB8GA1UdIwQY
MBaAFJ5LMoGwjmtewf3rDQRAUo7ZNNw/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmtzeWdiQ09hMTdCX2VzTkJFQlNqdGswM0Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9mZjdkMzMtZTRmNy00M2MwLTkyNGIt
NmIyZDQ2OTI0YzZmLzEvQ2RMTWRyMVVJRUw4UTRYVENKYTd4Ymk0SGxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9mZjdkMzMtZTRmNy00M2MwLTkyNGItNmIyZDQ2OTI0YzZm
LzEvbmtzeWdiQ09hMTdCX2VzTkJFQlNqdGswM0Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzALBAIAATAFAwMBUTgwFAQC
AAIwDgMFACoBDgkDBQIqAQ4QMA0GCSqGSIb3DQEBCwUAA4IBAQB+AEkY4FaEdD+w
em/bd+Zv48NfLvPdhL3szVQWt/e+4l+N5BUbY/NH0Z5NFRFXRDqCxM7GWuGFxQr0
KVcjnTdO1aiVHsDQj+ThCqe0JCDeff4Ys63kRs5H/HbsRLqjkmMCkpjWsvFMGE6+
5T3Wvnr8svSKRQO25egPip02Mut9F4XXvjiQnG1bwhbgVxwPOZX2F+xK7PIqw7BS
UzeLf8FosSq93JRuyUvtzRTf+qv5o3iNuZF/ObT4HKi4XZXcXS6QEupM/CLvAAmk
RRYCsw3jn8vIjJwZnDhAR9BY01lCjjH862bS2WPIxwcUvSV/X86wC4seudY7dzV5
U6syRs98
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:31 2024 by rpki-client on console-fra.rpki-client.org