Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/41HNNv7QEbAxl2ja-1KQfb3Cv-Y.roa
File: 41HNNv7QEbAxl2ja-1KQfb3Cv-Y.roa (raw, json)
Hash identifier: shTYH846G60jVLABedxLtnCmHU+UWF+IJWYxHyNwiKY=
Subject key identifier: E3:51:CD:36:FE:D0:11:B0:31:97:68:DA:FB:52:90:7D:BD:C2:BF:E6
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018D692B0B37AE38D825D337408E78F0CAC7
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/41HNNv7QEbAxl2ja-1KQfb3Cv-Y.roa
Signing time: Fri 02 Feb 2024 09:34:05 +0000
ROA not before: Fri 02 Feb 2024 09:34:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58061
IP address blocks: 2.56.112.0/24 maxlen: 24
2.56.113.0/24 maxlen: 24
5.183.128.0/24 maxlen: 24
185.218.1.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 05 Feb 2024 18:41:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:69:2b:0b:37:ae:38:d8:25:d3:37:40:8e:78:f0:ca:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Feb 2 09:34:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e351cd36fed011b0319768dafb52907dbdc2bfe6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:e9:ae:4e:73:5f:6d:67:8e:88:c6:b0:14:13:
2c:9d:b3:9c:af:84:cb:7a:cd:b3:86:04:f6:ea:45:
75:a0:aa:78:2e:94:66:92:b6:c1:c6:f2:74:54:da:
94:41:da:d0:1f:f3:41:75:8b:77:12:c6:a4:87:3a:
c9:27:f7:c9:25:63:46:6f:40:59:c7:76:3b:e7:4d:
5b:84:a8:4c:ff:bb:f4:5c:b9:13:f5:01:3f:b1:ea:
d8:c6:f1:ab:be:2b:28:11:5b:5d:f8:ae:ac:6f:db:
23:8f:7f:1a:d2:87:01:62:d1:ae:1f:fe:a8:ad:25:
e1:7d:b1:6d:69:10:a4:6b:e1:31:81:10:08:5e:5d:
2e:be:8e:03:4d:e8:03:8e:d7:47:31:b4:35:ce:3a:
ff:c9:0a:43:79:cd:db:dd:6e:ac:e7:d7:d5:a4:19:
b3:9b:d2:0a:b1:ca:01:b8:7f:cb:39:ca:5d:b8:19:
c9:b3:c5:fd:82:46:9a:23:4c:91:56:ba:02:93:2c:
de:5b:6f:a1:0e:00:f9:26:83:80:0d:1a:87:d9:6b:
c5:78:c7:8d:06:93:a9:01:a3:4d:0e:e2:e0:ef:0f:
b2:a9:81:2a:b7:cc:dc:9b:a7:95:6e:78:a3:08:26:
3c:32:18:01:aa:dc:51:c4:9a:be:b3:cc:2d:07:ef:
66:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:51:CD:36:FE:D0:11:B0:31:97:68:DA:FB:52:90:7D:BD:C2:BF:E6
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/41HNNv7QEbAxl2ja-1KQfb3Cv-Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.112.0/23
5.183.128.0/24
185.218.1.0/24
Signature Algorithm: sha256WithRSAEncryption
63:ea:a2:32:3a:8c:1e:00:11:cd:8b:a8:8f:31:5a:5d:55:0f:
a8:68:57:c4:6e:90:ec:af:cc:82:4b:9f:31:98:11:6d:b1:32:
77:d4:a7:64:bc:b5:f4:eb:17:9e:99:dd:6f:b0:9d:8c:44:53:
fc:38:cc:8e:c5:b3:a3:24:45:1d:12:4d:be:83:99:64:ba:75:
c6:28:82:02:fc:fd:a9:5f:6c:7a:3b:e7:97:93:c7:d6:a7:58:
df:f7:c7:56:34:90:41:85:f0:58:8e:e8:d2:f6:2a:af:f8:e8:
f9:76:9f:c6:b6:ec:17:90:99:84:0e:cd:15:73:4b:10:6a:33:
67:c9:9b:e8:d1:df:5e:77:a5:73:cb:81:b3:be:4e:73:b4:73:
0f:02:53:c0:5d:b1:ce:7a:48:d1:eb:11:6a:d0:59:a3:57:bb:
4e:f9:e7:27:73:3a:ef:0d:46:fa:b7:99:3e:35:cc:63:57:fa:
2f:bb:85:cf:78:45:f3:6a:72:cf:5e:2f:60:e0:ae:3a:01:eb:
25:38:3b:72:43:d3:e1:46:f8:fe:da:1e:88:e4:3f:19:8a:d5:
b2:ff:0e:78:eb:d2:8d:2a:e9:19:3f:34:91:a0:98:0f:be:f2:
e9:26:80:d0:43:39:c6:db:f9:db:f6:55:b6:e1:19:61:98:40:
af:6c:5d:c5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY1pKws3rjjYJdM3QI548MrHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwMjAyMDkzNDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzUxY2QzNmZlZDAxMWIwMzE5NzY4ZGFmYjUyOTA3ZGJkYzJiZmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyemuTnNfbWeOiMawFBMsnbOcr4TL
es2zhgT26kV1oKp4LpRmkrbBxvJ0VNqUQdrQH/NBdYt3EsakhzrJJ/fJJWNGb0BZ
x3Y7501bhKhM/7v0XLkT9QE/serYxvGrvisoEVtd+K6sb9sjj38a0ocBYtGuH/6o
rSXhfbFtaRCka+ExgRAIXl0uvo4DTegDjtdHMbQ1zjr/yQpDec3b3W6s59fVpBmz
m9IKscoBuH/LOcpduBnJs8X9gkaaI0yRVroCkyzeW2+hDgD5JoOADRqH2WvFeMeN
BpOpAaNNDuLg7w+yqYEqt8zcm6eVbnijCCY8MhgBqtxRxJq+s8wtB+9mdQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFONRzTb+0BGwMZdo2vtSkH29wr/mMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvNDFITk52N1FFYkF4bDJqYS0xS1FmYjNDdi1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBAjhwAwQA
BbeAAwQAudoBMA0GCSqGSIb3DQEBCwUAA4IBAQBj6qIyOoweABHNi6iPMVpdVQ+o
aFfEbpDsr8yCS58xmBFtsTJ31KdkvLX06xeemd1vsJ2MRFP8OMyOxbOjJEUdEk2+
g5lkunXGKIIC/P2pX2x6O+eXk8fWp1jf98dWNJBBhfBYjujS9iqv+Oj5dp/GtuwX
kJmEDs0Vc0sQajNnyZvo0d9ed6Vzy4Gzvk5ztHMPAlPAXbHOekjR6xFq0FmjV7tO
+ecnczrvDUb6t5k+NcxjV/ovu4XPeEXzanLPXi9g4K46AeslODtyQ9PhRvj+2h6I
5D8ZitWy/w5469KNKukZPzSRoJgPvvLpJoDQQznG2/nb9lW24RlhmECvbF3F
-----END CERTIFICATE-----
Generated at Tue Feb 6 01:26:44 2024 by rpki-client on console-ams.rpki-client.org