Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/ac6c7b-d059-4014-a968-e46d8d16a15f/1/2Cm8YHocSCQ72HIMKNL5pVfCJB8.roa
File: 2Cm8YHocSCQ72HIMKNL5pVfCJB8.roa (raw, json)
Hash identifier: Kyz0byosMIBD9n6CCMQSVGyzQOSKCryZDDHLv25QWTM=
Subject key identifier: D8:29:BC:60:7A:1C:48:24:3B:D8:72:0C:28:D2:F9:A5:57:C2:24:1F
Certificate issuer: /CN=3e20c700d98d76a9c640173889f9367da9de8997
Certificate serial: 01856DE6430EBDFC8EC62A7906DFDD37D047
Authority key identifier: 3E:20:C7:00:D9:8D:76:A9:C6:40:17:38:89:F9:36:7D:A9:DE:89:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PiDHANmNdqnGQBc4ifk2faneiZc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/ac6c7b-d059-4014-a968-e46d8d16a15f/1/2Cm8YHocSCQ72HIMKNL5pVfCJB8.roa
Signing time: Sun 01 Jan 2023 15:14:45 +0000
ROA not before: Sun 01 Jan 2023 15:14:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35432
IP address blocks: 176.56.168.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:e6:43:0e:bd:fc:8e:c6:2a:79:06:df:dd:37:d0:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e20c700d98d76a9c640173889f9367da9de8997
Validity
Not Before: Jan 1 15:14:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d829bc607a1c48243bd8720c28d2f9a557c2241f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:4e:5d:77:ce:f3:4f:80:68:2d:34:11:e5:78:
b7:09:65:10:2d:b5:14:9a:69:6a:4e:4c:40:e4:4c:
24:88:81:66:14:a0:37:73:48:3d:c7:92:94:a2:e6:
3b:8a:9b:47:b1:7e:49:a5:31:79:76:ac:be:e9:cc:
f2:45:2b:b6:56:ef:b9:cc:86:7a:cb:df:36:8a:7d:
5a:b2:a0:8f:4f:8e:a9:13:0b:fc:15:1a:1c:d8:e0:
62:0f:73:6d:01:97:77:23:40:20:47:d1:b4:bc:fe:
18:a1:4f:4b:07:d7:c6:40:9c:cf:69:9d:00:09:b1:
66:0e:eb:8d:95:66:e6:49:d3:15:85:55:24:4d:1a:
40:a4:eb:0d:b0:3b:4b:0e:b4:56:68:33:7d:ea:fd:
70:b7:28:74:75:77:c5:22:ed:d7:31:35:5e:7e:3e:
14:ce:e4:d6:e6:4c:ef:c8:71:4a:67:a2:47:7e:76:
53:0b:ae:e5:6a:b8:17:36:24:55:b7:56:3d:71:e2:
2b:ef:40:5d:46:69:8b:eb:1f:b8:e1:e0:35:4c:9b:
2c:1a:69:8d:6d:ef:4e:62:3d:c2:39:b0:64:04:0d:
34:5a:98:16:9c:91:2d:34:12:51:e3:0c:d5:d5:31:
87:8f:f5:00:b4:71:3e:16:97:3f:f3:62:48:19:48:
d8:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:29:BC:60:7A:1C:48:24:3B:D8:72:0C:28:D2:F9:A5:57:C2:24:1F
X509v3 Authority Key Identifier:
keyid:3E:20:C7:00:D9:8D:76:A9:C6:40:17:38:89:F9:36:7D:A9:DE:89:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PiDHANmNdqnGQBc4ifk2faneiZc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ac6c7b-d059-4014-a968-e46d8d16a15f/1/2Cm8YHocSCQ72HIMKNL5pVfCJB8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ac6c7b-d059-4014-a968-e46d8d16a15f/1/PiDHANmNdqnGQBc4ifk2faneiZc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.56.168.0/24
Signature Algorithm: sha256WithRSAEncryption
82:08:72:5c:e6:92:65:69:85:e3:50:f2:23:4f:01:37:40:c3:
61:cd:88:14:29:f6:5c:9b:63:58:b5:8c:e7:86:75:8e:ee:c0:
86:7e:a4:94:27:d5:f1:30:99:e9:6d:01:ca:fb:55:74:66:fc:
b2:a8:4f:33:34:37:66:94:31:65:b3:90:0c:a3:57:72:b6:2d:
d6:4c:10:56:aa:ff:7e:6b:60:f1:b1:0d:36:ba:9f:01:68:bd:
bb:8a:b1:1b:a8:dc:2c:17:e8:fe:ec:1d:7b:95:ad:cc:cf:6e:
33:fe:b7:de:1b:aa:4e:97:f8:f2:c6:cf:77:35:d2:03:48:30:
e4:44:9d:7b:35:55:37:66:1f:9d:7d:79:78:8b:90:83:5d:38:
49:6d:a0:7e:18:56:dc:af:e2:db:4e:66:bd:be:5f:a8:b0:2a:
b8:6b:0d:16:dd:2c:90:61:a9:de:35:9e:30:ac:04:ba:af:48:
61:b4:9c:a9:f9:c7:43:c7:dc:80:4c:32:bd:7d:cf:ea:0b:24:
e2:87:4d:72:44:de:15:5c:99:7f:26:14:7f:86:18:a6:1a:c9:
ec:e2:0a:4f:96:ea:cd:d9:0d:ba:15:63:6e:59:02:53:f2:22:
f5:f8:82:19:28:26:6d:ff:02:db:15:60:e7:52:c8:6f:c4:79:
26:c1:a5:f8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVt5kMOvfyOxip5Bt/dN9BHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMjBjNzAwZDk4ZDc2YTljNjQwMTczODg5ZjkzNjdkYTlk
ZTg5OTcwHhcNMjMwMTAxMTUxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODI5YmM2MDdhMWM0ODI0M2JkODcyMGMyOGQyZjlhNTU3YzIyNDFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq05dd87zT4BoLTQR5Xi3CWUQLbUU
mmlqTkxA5EwkiIFmFKA3c0g9x5KUouY7iptHsX5JpTF5dqy+6czyRSu2Vu+5zIZ6
y982in1asqCPT46pEwv8FRoc2OBiD3NtAZd3I0AgR9G0vP4YoU9LB9fGQJzPaZ0A
CbFmDuuNlWbmSdMVhVUkTRpApOsNsDtLDrRWaDN96v1wtyh0dXfFIu3XMTVefj4U
zuTW5kzvyHFKZ6JHfnZTC67largXNiRVt1Y9ceIr70BdRmmL6x+44eA1TJssGmmN
be9OYj3CObBkBA00WpgWnJEtNBJR4wzV1TGHj/UAtHE+Fpc/82JIGUjYGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNgpvGB6HEgkO9hyDCjS+aVXwiQfMB8GA1UdIwQY
MBaAFD4gxwDZjXapxkAXOIn5Nn2p3omXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGlESEFObU5kcW5HUUJjNGlmazJmYW5laVpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9hYzZjN2ItZDA1OS00MDE0LWE5Njgt
ZTQ2ZDhkMTZhMTVmLzEvMkNtOFlIb2NTQ1E3MkhJTUtOTDVwVmZDSkI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9hYzZjN2ItZDA1OS00MDE0LWE5NjgtZTQ2ZDhkMTZhMTVm
LzEvUGlESEFObU5kcW5HUUJjNGlmazJmYW5laVpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsDioMA0G
CSqGSIb3DQEBCwUAA4IBAQCCCHJc5pJlaYXjUPIjTwE3QMNhzYgUKfZcm2NYtYzn
hnWO7sCGfqSUJ9XxMJnpbQHK+1V0ZvyyqE8zNDdmlDFls5AMo1dyti3WTBBWqv9+
a2DxsQ02up8BaL27irEbqNwsF+j+7B17la3Mz24z/rfeG6pOl/jyxs93NdIDSDDk
RJ17NVU3Zh+dfXl4i5CDXThJbaB+GFbcr+LbTma9vl+osCq4aw0W3SyQYaneNZ4w
rAS6r0hhtJyp+cdDx9yATDK9fc/qCyTih01yRN4VXJl/JhR/hhimGsns4gpPlurN
2Q26FWNuWQJT8iL1+IIZKCZt/wLbFWDnUshvxHkmwaX4
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:32 2024 by rpki-client on console-ams.rpki-client.org