Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/f04f85-7b04-487c-a1e7-f71a22145d4e/1/kTEtP7x51VvC-EpCKLV2vzLMXZ4.roa
File: kTEtP7x51VvC-EpCKLV2vzLMXZ4.roa (raw, json)
Hash identifier: fKfvBE89Ho8C06hLlsj6xg7ikzjTSP0KJQbIZm+J9KE=
Subject key identifier: 91:31:2D:3F:BC:79:D5:5B:C2:F8:4A:42:28:B5:76:BF:32:CC:5D:9E
Certificate issuer: /CN=1dacbdc7dc874bd8be2336f5667cdf77bd980c77
Certificate serial: 018C5A79E1B8F5E57B2E30A612436D606F7B
Authority key identifier: 1D:AC:BD:C7:DC:87:4B:D8:BE:23:36:F5:66:7C:DF:77:BD:98:0C:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hay9x9yHS9i-Izb1Znzfd72YDHc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/f04f85-7b04-487c-a1e7-f71a22145d4e/1/kTEtP7x51VvC-EpCKLV2vzLMXZ4.roa
Signing time: Mon 11 Dec 2023 20:03:06 +0000
ROA not before: Mon 11 Dec 2023 20:03:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199749
IP address blocks: 185.47.81.0/24 maxlen: 24
185.47.83.0/24 maxlen: 24
185.47.80.0/24 maxlen: 24
185.47.82.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:5a:79:e1:b8:f5:e5:7b:2e:30:a6:12:43:6d:60:6f:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1dacbdc7dc874bd8be2336f5667cdf77bd980c77
Validity
Not Before: Dec 11 20:03:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=91312d3fbc79d55bc2f84a4228b576bf32cc5d9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:17:4f:dc:4b:a0:c2:f2:d1:d7:13:8e:aa:ad:
17:cd:26:35:b5:37:4b:a7:63:65:25:46:97:6d:47:
78:4b:5f:05:33:fd:59:a6:39:86:eb:13:e4:5c:9b:
e3:fa:01:f6:0f:a7:20:aa:54:64:92:65:63:d3:2b:
b6:10:24:19:30:96:d0:3d:99:be:b3:22:11:70:54:
a2:33:5c:03:bb:6d:2b:7d:76:4e:5d:3f:07:14:b8:
f5:01:7a:16:d2:f1:24:f3:9b:93:40:69:d8:bf:ea:
98:39:2c:96:0c:47:3a:b1:57:9b:ae:91:31:e2:21:
56:94:d9:a9:d1:c6:4c:56:ea:39:8d:50:41:5c:94:
38:63:cd:df:9f:06:3e:05:d8:fc:26:88:6e:8e:49:
19:9a:86:ec:02:24:a7:22:1f:fa:5d:1c:3d:fa:fe:
8f:97:5c:4d:51:92:19:fe:b1:5d:b1:50:ec:d4:75:
26:1d:15:89:39:17:13:8f:73:f6:2b:96:f4:23:d8:
70:46:53:f0:dc:fd:91:36:c8:ef:4e:4f:49:5b:4a:
f0:b1:3c:ea:c6:53:5f:2b:68:c9:cd:76:80:bf:0c:
3f:c1:59:8e:da:06:97:2c:4a:15:9d:66:f3:f2:4e:
77:62:33:35:c4:29:63:61:aa:42:d1:84:f0:e5:f7:
50:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:31:2D:3F:BC:79:D5:5B:C2:F8:4A:42:28:B5:76:BF:32:CC:5D:9E
X509v3 Authority Key Identifier:
keyid:1D:AC:BD:C7:DC:87:4B:D8:BE:23:36:F5:66:7C:DF:77:BD:98:0C:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hay9x9yHS9i-Izb1Znzfd72YDHc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/f04f85-7b04-487c-a1e7-f71a22145d4e/1/kTEtP7x51VvC-EpCKLV2vzLMXZ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/f04f85-7b04-487c-a1e7-f71a22145d4e/1/Hay9x9yHS9i-Izb1Znzfd72YDHc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.47.80.0/22
Signature Algorithm: sha256WithRSAEncryption
6d:55:f0:61:70:bc:56:01:60:97:00:a1:86:70:b4:97:92:bf:
fd:a4:f2:7d:a2:92:89:dd:93:a5:64:da:87:a5:09:f0:22:2f:
28:f9:f2:b3:2f:94:1e:82:df:6c:19:ff:1a:99:79:41:c8:68:
26:5b:03:b7:79:f0:22:52:92:13:ee:09:d0:62:57:b3:e6:0f:
3a:bb:8f:47:c2:9f:14:80:0c:44:e8:8c:79:db:86:05:b4:6a:
3b:51:4a:70:6b:2f:3e:00:66:ae:3c:08:ea:d3:94:42:6a:0e:
54:1c:d0:08:92:a6:37:c5:51:19:5f:48:5c:5f:96:e7:fa:6b:
07:bb:84:a1:f9:60:fd:4d:81:78:9e:d2:f9:29:0b:ad:18:5c:
d4:10:98:e1:9c:d5:9b:9b:c8:8b:4e:72:0f:a4:b7:c9:d2:c5:
f3:86:a2:c3:ba:67:bc:1c:1d:11:0a:bb:9b:87:0c:9d:43:b5:
d1:f2:bb:5c:a3:55:9f:87:39:be:01:c4:45:6a:e8:bd:da:40:
97:18:ea:4c:f8:9a:be:14:b0:b4:83:4f:b1:f7:5f:93:f1:e2:
19:eb:17:df:06:4e:cb:86:45:e6:6b:2e:db:b5:92:2f:60:65:
11:21:55:2e:03:de:74:71:d0:cf:56:4e:6d:ed:c4:1f:5b:f1:
b9:73:79:d5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxaeeG49eV7LjCmEkNtYG97MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkYWNiZGM3ZGM4NzRiZDhiZTIzMzZmNTY2N2NkZjc3YmQ5
ODBjNzcwHhcNMjMxMjExMjAwMzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTMxMmQzZmJjNzlkNTViYzJmODRhNDIyOGI1NzZiZjMyY2M1ZDllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwRdP3EugwvLR1xOOqq0XzSY1tTdL
p2NlJUaXbUd4S18FM/1ZpjmG6xPkXJvj+gH2D6cgqlRkkmVj0yu2ECQZMJbQPZm+
syIRcFSiM1wDu20rfXZOXT8HFLj1AXoW0vEk85uTQGnYv+qYOSyWDEc6sVebrpEx
4iFWlNmp0cZMVuo5jVBBXJQ4Y83fnwY+Bdj8JohujkkZmobsAiSnIh/6XRw9+v6P
l1xNUZIZ/rFdsVDs1HUmHRWJORcTj3P2K5b0I9hwRlPw3P2RNsjvTk9JW0rwsTzq
xlNfK2jJzXaAvww/wVmO2gaXLEoVnWbz8k53YjM1xCljYapC0YTw5fdQdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJExLT+8edVbwvhKQii1dr8yzF2eMB8GA1UdIwQY
MBaAFB2svcfch0vYviM29WZ833e9mAx3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGF5OXg5eUhTOWktSXpiMVpuemZkNzJZREhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9mMDRmODUtN2IwNC00ODdjLWExZTct
ZjcxYTIyMTQ1ZDRlLzEva1RFdFA3eDUxVnZDLUVwQ0tMVjJ2ekxNWFo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9mMDRmODUtN2IwNC00ODdjLWExZTctZjcxYTIyMTQ1ZDRl
LzEvSGF5OXg5eUhTOWktSXpiMVpuemZkNzJZREhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuS9QMA0G
CSqGSIb3DQEBCwUAA4IBAQBtVfBhcLxWAWCXAKGGcLSXkr/9pPJ9opKJ3ZOlZNqH
pQnwIi8o+fKzL5Qegt9sGf8amXlByGgmWwO3efAiUpIT7gnQYlez5g86u49Hwp8U
gAxE6Ix524YFtGo7UUpway8+AGauPAjq05RCag5UHNAIkqY3xVEZX0hcX5bn+msH
u4Sh+WD9TYF4ntL5KQutGFzUEJjhnNWbm8iLTnIPpLfJ0sXzhqLDume8HB0RCrub
hwydQ7XR8rtco1Wfhzm+AcRFaui92kCXGOpM+Jq+FLC0g0+x91+T8eIZ6xffBk7L
hkXmay7btZIvYGURIVUuA950cdDPVk5t7cQfW/G5c3nV
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:49:56 2024 by rpki-client on console-fra.rpki-client.org