Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/Y1qxHhKGdH7xrsOislwA5ZVsgts.roa
File: Y1qxHhKGdH7xrsOislwA5ZVsgts.roa (raw, json)
Hash identifier: UvHHkFfphcWPu4kgbfN6gCR5qBL1r1+FUWf6nNik8Ak=
Subject key identifier: 63:5A:B1:1E:12:86:74:7E:F1:AE:C3:A2:B2:5C:00:E5:95:6C:82:DB
Certificate issuer: /CN=53b46ab79b9fc58f5dc4cf29d72dc5267ec3edde
Certificate serial: 018A039C88B5F1D92C9B1CADC567DBD6CD93
Authority key identifier: 53:B4:6A:B7:9B:9F:C5:8F:5D:C4:CF:29:D7:2D:C5:26:7E:C3:ED:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/Y1qxHhKGdH7xrsOislwA5ZVsgts.roa
Signing time: Thu 17 Aug 2023 13:08:24 +0000
ROA not before: Thu 17 Aug 2023 13:08:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42695
IP address blocks: 80.254.229.0/24 maxlen: 24
80.254.228.0/23 maxlen: 24
80.254.230.0/23 maxlen: 23
2a13:5243::/32 maxlen: 48
Validation: Failed, certificate revoked on Fri 25 Aug 2023 10:06:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:03:9c:88:b5:f1:d9:2c:9b:1c:ad:c5:67:db:d6:cd:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53b46ab79b9fc58f5dc4cf29d72dc5267ec3edde
Validity
Not Before: Aug 17 13:08:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=635ab11e1286747ef1aec3a2b25c00e5956c82db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:0c:43:99:f5:b1:8c:39:c5:f8:9f:89:76:2d:
d0:76:06:09:07:05:47:09:02:21:47:47:72:0a:b5:
98:52:ef:dd:54:10:b2:43:93:b0:73:e1:d8:f3:c1:
0a:c9:19:cb:b6:79:59:3a:5c:f2:f1:d1:33:e4:15:
ab:32:f7:11:7e:3c:fc:4b:63:f3:ff:f5:09:c7:01:
e1:58:6d:ea:97:f5:2e:cd:ab:31:93:d5:a5:24:06:
61:0d:de:ca:33:00:a2:48:bf:16:d9:b6:f1:d7:65:
ad:66:bf:57:6f:8a:8f:b9:1d:0c:3e:68:07:36:29:
47:77:77:2f:58:8a:f1:af:a3:db:63:28:ea:41:16:
ad:59:a6:a6:62:b1:75:02:5d:44:5e:6d:11:3a:3d:
99:e6:95:31:f3:47:93:35:79:7a:0f:34:e1:5c:2a:
7b:e1:7e:b8:2a:e7:12:a4:a0:5d:24:1d:75:68:5a:
1e:77:2d:37:d1:d9:6b:f6:ed:40:96:62:a5:e5:5e:
c1:fd:e1:41:c5:86:d6:7e:20:bf:53:5e:79:85:8a:
64:18:ad:34:6b:32:2c:b0:58:e6:99:81:55:20:ed:
3a:fd:1b:4b:37:5c:33:2f:8e:b4:2d:28:2f:90:19:
7d:38:f4:7c:c2:61:01:39:0f:ba:70:48:63:81:b1:
35:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:5A:B1:1E:12:86:74:7E:F1:AE:C3:A2:B2:5C:00:E5:95:6C:82:DB
X509v3 Authority Key Identifier:
keyid:53:B4:6A:B7:9B:9F:C5:8F:5D:C4:CF:29:D7:2D:C5:26:7E:C3:ED:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/Y1qxHhKGdH7xrsOislwA5ZVsgts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.254.228.0/22
IPv6:
2a13:5243::/32
Signature Algorithm: sha256WithRSAEncryption
12:8f:f1:d2:e5:86:b1:e6:40:93:0b:cd:1c:6f:bb:83:35:c5:
b4:fa:d1:6d:f1:8c:38:6d:61:11:92:2c:e8:83:c5:84:df:87:
5b:20:bf:64:56:cd:a9:7c:61:c8:96:a3:74:f3:ed:f1:b8:b1:
b2:f7:26:db:24:c8:3c:dc:7a:31:9a:c5:6d:df:54:3a:5d:ad:
6f:2f:0f:fe:2d:00:ec:eb:5d:6a:9c:c5:5b:49:33:e4:2e:ad:
33:63:d8:fc:7d:0c:bc:a9:69:b4:b5:e6:50:b3:39:50:ff:55:
37:a1:0a:af:ee:81:47:56:4f:0b:a5:59:af:98:f8:35:16:62:
5e:b3:20:8e:d4:2d:8d:a1:5e:4a:b0:8c:f8:10:21:d1:2e:2b:
07:88:36:a2:3d:37:37:bc:dc:ce:51:81:b4:98:9c:ee:94:c6:
67:a6:9f:02:42:b2:67:b4:4b:aa:c5:a1:7d:70:91:20:0c:4e:
84:23:b8:0c:5b:a6:09:66:5a:34:c3:49:2d:b2:52:92:33:8a:
fe:b7:5d:f6:ff:ab:e9:60:e2:04:7d:47:64:8b:e9:61:57:a9:
b7:3f:f4:9a:66:3f:bb:8f:d7:47:f7:ae:88:b9:0e:1d:7c:65:
33:5e:0f:e9:09:01:68:f8:56:60:48:00:2d:12:39:78:27:2a:
49:a8:3d:9f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYoDnIi18dksmxytxWfb1s2TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzYjQ2YWI3OWI5ZmM1OGY1ZGM0Y2YyOWQ3MmRjNTI2N2Vj
M2VkZGUwHhcNMjMwODE3MTMwODI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzVhYjExZTEyODY3NDdlZjFhZWMzYTJiMjVjMDBlNTk1NmM4MmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAngxDmfWxjDnF+J+Jdi3QdgYJBwVH
CQIhR0dyCrWYUu/dVBCyQ5Owc+HY88EKyRnLtnlZOlzy8dEz5BWrMvcRfjz8S2Pz
//UJxwHhWG3ql/Uuzasxk9WlJAZhDd7KMwCiSL8W2bbx12WtZr9Xb4qPuR0MPmgH
NilHd3cvWIrxr6PbYyjqQRatWaamYrF1Al1EXm0ROj2Z5pUx80eTNXl6DzThXCp7
4X64KucSpKBdJB11aFoedy030dlr9u1AlmKl5V7B/eFBxYbWfiC/U155hYpkGK00
azIssFjmmYFVIO06/RtLN1wzL460LSgvkBl9OPR8wmEBOQ+6cEhjgbE1IQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGNasR4ShnR+8a7DorJcAOWVbILbMB8GA1UdIwQY
MBaAFFO0arebn8WPXcTPKdctxSZ+w+3eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTdScXQ1dWZ4WTlkeE04cDF5M0ZKbjdEN2Q0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9hYzlhZjYtN2ZjMy00ZDEzLWE1OTQt
MDYwYTQ3MzgwOTFkLzEvWTFxeEhoS0dkSDd4cnNPaXNsd0E1WlZzZ3RzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9hYzlhZjYtN2ZjMy00ZDEzLWE1OTQtMDYwYTQ3MzgwOTFk
LzEvVTdScXQ1dWZ4WTlkeE04cDF5M0ZKbjdEN2Q0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCUP7kMA0E
AgACMAcDBQAqE1JDMA0GCSqGSIb3DQEBCwUAA4IBAQASj/HS5Yax5kCTC80cb7uD
NcW0+tFt8Yw4bWERkizog8WE34dbIL9kVs2pfGHIlqN08+3xuLGy9ybbJMg83Hox
msVt31Q6Xa1vLw/+LQDs611qnMVbSTPkLq0zY9j8fQy8qWm0teZQszlQ/1U3oQqv
7oFHVk8LpVmvmPg1FmJesyCO1C2NoV5KsIz4ECHRLisHiDaiPTc3vNzOUYG0mJzu
lMZnpp8CQrJntEuqxaF9cJEgDE6EI7gMW6YJZlo0w0ktslKSM4r+t132/6vpYOIE
fUdki+lhV6m3P/SaZj+7j9dH966IuQ4dfGUzXg/pCQFo+FZgSAAtEjl4JypJqD2f
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:34 2024 by rpki-client on console-fra.rpki-client.org