Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/2IAJeqFmTCXBpJfBuYi6_EeR34M.roa
File: 2IAJeqFmTCXBpJfBuYi6_EeR34M.roa (raw, json)
Hash identifier: eV7B61bM4uZrbNODNCQuieJvct/fcoKljTXEZZjHGRA=
Subject key identifier: D8:80:09:7A:A1:66:4C:25:C1:A4:97:C1:B9:88:BA:FC:47:91:DF:83
Certificate issuer: /CN=073b4c1248c4bcf22b0577dfca9b14d9063c28c0
Certificate serial: 018CB04542E18E48EB2CD4C6446DBEBDF711
Authority key identifier: 07:3B:4C:12:48:C4:BC:F2:2B:05:77:DF:CA:9B:14:D9:06:3C:28:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/2IAJeqFmTCXBpJfBuYi6_EeR34M.roa
Signing time: Thu 28 Dec 2023 11:52:58 +0000
ROA not before: Thu 28 Dec 2023 11:52:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212461
IP address blocks: 194.113.235.0/24 maxlen: 24
87.251.85.0/24 maxlen: 24
87.251.84.0/24 maxlen: 24
80.66.65.0/24 maxlen: 24
80.66.78.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b0:45:42:e1:8e:48:eb:2c:d4:c6:44:6d:be:bd:f7:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=073b4c1248c4bcf22b0577dfca9b14d9063c28c0
Validity
Not Before: Dec 28 11:52:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d880097aa1664c25c1a497c1b988bafc4791df83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:a5:5e:ca:96:5b:e1:19:5e:3b:8b:1c:48:82:
35:88:fe:41:e6:78:c0:10:63:03:8a:fb:9b:0a:2d:
da:a1:c6:1d:22:3c:fc:6c:0c:24:16:94:de:79:70:
27:67:e5:4a:88:f1:60:40:60:b3:0a:f6:b5:e0:5f:
23:14:9d:57:92:76:1f:7a:5a:c7:32:e4:86:27:ff:
19:93:92:8d:a3:ec:ce:09:3b:99:50:4e:c6:ca:8e:
e6:e0:81:1f:b3:97:b7:78:91:81:30:f5:db:ce:e4:
be:33:c8:31:eb:49:19:03:40:ac:f9:93:89:2f:f6:
fc:c2:3b:db:4c:2d:f9:7f:99:3f:ca:81:8b:4a:c5:
bb:99:cf:d5:5b:e8:8b:ab:c7:cd:d5:66:f3:9c:49:
dc:84:3e:98:2b:d7:9d:84:d7:06:5c:ff:d6:ff:2c:
f6:91:a2:de:b1:0a:ef:94:7a:c1:3a:3f:58:54:38:
4b:f4:b3:80:a3:5b:e0:80:f4:b4:c5:33:63:3f:26:
21:df:86:46:0a:94:6b:3b:67:87:23:1a:51:79:ca:
5e:ad:01:77:0d:67:96:2d:13:38:75:e7:94:30:1d:
a3:21:80:29:30:ef:68:be:8d:4e:20:b7:32:92:c6:
8a:0b:d0:9d:25:2e:fc:d1:4c:9b:1b:a6:19:7a:4f:
e4:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:80:09:7A:A1:66:4C:25:C1:A4:97:C1:B9:88:BA:FC:47:91:DF:83
X509v3 Authority Key Identifier:
keyid:07:3B:4C:12:48:C4:BC:F2:2B:05:77:DF:CA:9B:14:D9:06:3C:28:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/2IAJeqFmTCXBpJfBuYi6_EeR34M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/BztMEkjEvPIrBXffypsU2QY8KMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.66.65.0/24
80.66.78.0/24
87.251.84.0/23
194.113.235.0/24
Signature Algorithm: sha256WithRSAEncryption
84:38:df:c0:9b:f1:c6:93:4d:38:8f:11:73:60:18:f9:cf:91:
0d:81:0e:3f:10:3c:dc:de:e2:80:88:14:6d:ce:5a:67:ba:a4:
22:cf:d6:ba:e9:98:5c:b1:bf:8e:47:52:c4:40:65:04:58:90:
e3:1e:3c:b9:5b:b7:15:12:a7:2b:3d:47:d5:04:28:8d:86:7f:
29:56:50:92:39:8d:b5:6d:99:ef:5c:91:13:ff:fe:f5:5b:fa:
4f:7f:66:a2:fd:b0:6e:26:a4:c0:f7:cc:e2:6b:bb:c8:a2:41:
ab:67:ce:8d:ae:06:73:79:d3:35:e0:95:d3:82:bf:3d:d8:49:
71:d5:ab:3a:05:5f:93:d8:f6:b5:54:ea:df:6a:d3:7a:14:da:
6e:e7:65:8d:39:14:34:17:e1:98:06:20:9f:9f:21:ca:ed:30:
e7:72:d5:8b:31:30:9b:c4:6b:29:69:cf:9d:bb:7e:c2:4a:fa:
86:bb:a3:38:fc:c0:13:25:54:cf:51:cc:a7:16:00:5f:05:15:
28:7b:7a:a8:67:d2:f6:f7:b0:1f:0a:17:03:5f:96:5e:f9:df:
13:ee:2e:c2:d3:c0:8a:b1:b1:b3:83:72:b9:5f:9e:3f:cb:8a:
29:34:85:8e:a3:78:8d:80:79:65:86:fc:e8:f2:0f:ad:b2:1c:
b4:cf:5a:6d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYywRULhjkjrLNTGRG2+vfcRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3M2I0YzEyNDhjNGJjZjIyYjA1NzdkZmNhOWIxNGQ5MDYz
YzI4YzAwHhcNMjMxMjI4MTE1MjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODgwMDk3YWExNjY0YzI1YzFhNDk3YzFiOTg4YmFmYzQ3OTFkZjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu6VeypZb4RleO4scSII1iP5B5njA
EGMDivubCi3aocYdIjz8bAwkFpTeeXAnZ+VKiPFgQGCzCva14F8jFJ1XknYfelrH
MuSGJ/8Zk5KNo+zOCTuZUE7Gyo7m4IEfs5e3eJGBMPXbzuS+M8gx60kZA0Cs+ZOJ
L/b8wjvbTC35f5k/yoGLSsW7mc/VW+iLq8fN1WbznEnchD6YK9edhNcGXP/W/yz2
kaLesQrvlHrBOj9YVDhL9LOAo1vggPS0xTNjPyYh34ZGCpRrO2eHIxpRecperQF3
DWeWLRM4deeUMB2jIYApMO9ovo1OILcyksaKC9CdJS780UybG6YZek/kiQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNiACXqhZkwlwaSXwbmIuvxHkd+DMB8GA1UdIwQY
MBaAFAc7TBJIxLzyKwV338qbFNkGPCjAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnp0TUVrakV2UElyQlhmZnlwc1UyUVk4S01BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy82M2RiZTUtNWFhMy00ZjE5LThkYTQt
YThkMzYxY2U2NGFhLzEvMklBSmVxRm1UQ1hCcEpmQnVZaTZfRWVSMzRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy82M2RiZTUtNWFhMy00ZjE5LThkYTQtYThkMzYxY2U2NGFh
LzEvQnp0TUVrakV2UElyQlhmZnlwc1UyUVk4S01BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUEJBAwQA
UEJOAwQBV/tUAwQAwnHrMA0GCSqGSIb3DQEBCwUAA4IBAQCEON/Am/HGk004jxFz
YBj5z5ENgQ4/EDzc3uKAiBRtzlpnuqQiz9a66Zhcsb+OR1LEQGUEWJDjHjy5W7cV
EqcrPUfVBCiNhn8pVlCSOY21bZnvXJET//71W/pPf2ai/bBuJqTA98zia7vIokGr
Z86NrgZzedM14JXTgr892Elx1as6BV+T2Pa1VOrfatN6FNpu52WNORQ0F+GYBiCf
nyHK7TDnctWLMTCbxGspac+du37CSvqGu6M4/MATJVTPUcynFgBfBRUoe3qoZ9L2
97AfChcDX5Ze+d8T7i7C08CKsbGzg3K5X54/y4opNIWOo3iNgHllhvzo8g+tshy0
z1pt
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:50:37 2024 by rpki-client on console-fra.rpki-client.org