Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/zHyKGwz1UsXixqHAP7eLz0a-p1Q.roa
File: zHyKGwz1UsXixqHAP7eLz0a-p1Q.roa (raw, json)
Hash identifier: gdkJfjtLbfo8tv7UNZ+YzUKTNb6f7STMot0uiBw7uDI=
Subject key identifier: CC:7C:8A:1B:0C:F5:52:C5:E2:C6:A1:C0:3F:B7:8B:CF:46:BE:A7:54
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018571A7A3F7D54BBBB466CD1665945DB70A
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/zHyKGwz1UsXixqHAP7eLz0a-p1Q.roa
Signing time: Mon 02 Jan 2023 08:44:49 +0000
ROA not before: Mon 02 Jan 2023 08:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49443
IP address blocks: 80.94.80.0/23 maxlen: 23
62.182.100.0/23 maxlen: 23
45.86.19.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:a7:a3:f7:d5:4b:bb:b4:66:cd:16:65:94:5d:b7:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jan 2 08:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cc7c8a1b0cf552c5e2c6a1c03fb78bcf46bea754
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:53:c1:3a:a6:e8:42:bc:8b:47:41:e4:3a:5b:
36:2b:78:a7:7a:5b:cb:b4:be:62:3e:1c:f4:47:c7:
1c:56:9f:e5:09:d0:5c:96:c9:ca:75:cf:58:7f:1f:
e2:4b:d7:b4:c2:48:90:ee:bf:6b:0d:6e:7b:d1:fc:
32:8d:17:32:6d:9d:79:cb:49:59:a0:6e:21:01:62:
32:87:99:be:1e:b3:28:eb:d8:d7:0c:c4:94:4d:f0:
94:04:fa:73:15:e8:f3:d0:b4:04:52:c0:4b:26:e2:
d2:af:14:75:42:b1:c1:cf:3a:58:6b:8c:2d:d8:45:
1d:d6:16:c9:46:85:01:9a:71:05:49:45:c7:92:7f:
c0:34:98:ec:e1:ac:a3:2f:b5:3d:d9:f4:1c:78:5c:
9c:64:4c:c8:51:87:16:4b:74:79:e2:a8:11:33:6c:
26:c4:7f:a8:c0:a8:25:d1:38:05:58:fe:98:9b:b9:
a4:f5:b7:39:43:8b:22:86:e7:47:87:e2:d4:e0:f8:
e7:d4:3c:a7:84:25:5d:f8:8f:0d:66:15:71:7e:9e:
84:98:9f:a8:de:9a:d5:0b:b7:f9:e4:5e:d3:ea:f4:
a2:52:2a:01:6c:14:9b:9a:2d:33:79:d6:c5:bf:39:
70:6e:3c:8f:3b:48:52:6d:ef:ec:c8:32:76:2a:5f:
91:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:7C:8A:1B:0C:F5:52:C5:E2:C6:A1:C0:3F:B7:8B:CF:46:BE:A7:54
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/zHyKGwz1UsXixqHAP7eLz0a-p1Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.19.0/24
62.182.100.0/23
80.94.80.0/23
Signature Algorithm: sha256WithRSAEncryption
1d:70:ad:06:32:4b:f0:ec:c9:8f:21:c8:30:55:99:b1:1b:01:
9d:8b:8f:80:13:cf:b7:b5:a8:52:a0:17:c1:0b:16:5f:f7:93:
ee:dd:32:a6:cc:01:7f:d0:48:c7:b4:b7:23:55:4d:fe:79:70:
28:40:9d:0b:5d:2f:78:4a:c5:c5:23:f3:0e:eb:32:9a:30:0c:
76:67:1b:46:29:13:50:d1:9e:9b:4d:35:6b:13:49:3e:44:54:
da:79:0f:21:52:09:9b:c7:4e:ba:ca:f9:1a:e9:d2:8a:96:25:
3c:a4:0f:84:97:94:90:69:9e:0e:42:48:f3:1e:85:be:2c:7a:
cd:a3:b5:df:ec:f8:a5:f2:63:16:da:9b:71:ad:a2:ab:71:8d:
fc:78:f9:65:2b:df:a1:8f:65:aa:9c:88:7c:82:82:2e:d7:b1:
d1:15:25:7b:96:50:ed:54:73:bc:5b:94:a2:77:98:ba:cb:86:
40:ec:87:31:53:a5:79:f6:69:c6:eb:e2:22:91:69:59:37:1d:
1f:a1:35:37:75:13:b8:45:ba:c7:01:51:a6:a7:37:9c:29:c5:
a1:ba:a5:df:98:09:38:73:f5:02:0c:72:cb:e3:66:c6:2c:b4:
40:0a:38:cb:4d:7b:38:1c:10:27:08:d2:24:74:ce:47:80:70:
79:2a:ec:5b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVxp6P31Uu7tGbNFmWUXbcKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMwMTAyMDg0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzdjOGExYjBjZjU1MmM1ZTJjNmExYzAzZmI3OGJjZjQ2YmVhNzU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1PBOqboQryLR0HkOls2K3inelvL
tL5iPhz0R8ccVp/lCdBclsnKdc9Yfx/iS9e0wkiQ7r9rDW570fwyjRcybZ15y0lZ
oG4hAWIyh5m+HrMo69jXDMSUTfCUBPpzFejz0LQEUsBLJuLSrxR1QrHBzzpYa4wt
2EUd1hbJRoUBmnEFSUXHkn/ANJjs4ayjL7U92fQceFycZEzIUYcWS3R54qgRM2wm
xH+owKgl0TgFWP6Ym7mk9bc5Q4sihudHh+LU4Pjn1DynhCVd+I8NZhVxfp6EmJ+o
3prVC7f55F7T6vSiUioBbBSbmi0zedbFvzlwbjyPO0hSbe/syDJ2Kl+R5wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMx8ihsM9VLF4sahwD+3i89GvqdUMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvekh5S0d3ejFVc1hpeHFIQVA3ZUx6MGEtcDFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALVYTAwQB
PrZkAwQBUF5QMA0GCSqGSIb3DQEBCwUAA4IBAQAdcK0GMkvw7MmPIcgwVZmxGwGd
i4+AE8+3tahSoBfBCxZf95Pu3TKmzAF/0EjHtLcjVU3+eXAoQJ0LXS94SsXFI/MO
6zKaMAx2ZxtGKRNQ0Z6bTTVrE0k+RFTaeQ8hUgmbx066yvka6dKKliU8pA+El5SQ
aZ4OQkjzHoW+LHrNo7Xf7Pil8mMW2ptxraKrcY38ePllK9+hj2WqnIh8goIu17HR
FSV7llDtVHO8W5Sid5i6y4ZA7IcxU6V59mnG6+IikWlZNx0foTU3dRO4RbrHAVGm
pzecKcWhuqXfmAk4c/UCDHLL42bGLLRACjjLTXs4HBAnCNIkdM5HgHB5Kuxb
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:56:21 2024 by rpki-client on console-fra.rpki-client.org