Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/ba3eazJyuiWn8Q8Wl2nb4wjXZGg.roa
File: ba3eazJyuiWn8Q8Wl2nb4wjXZGg.roa (raw, json)
Hash identifier: 2krYX4SNJCRP0l6oGI/s2J9pRYvA6NwkXUJXrX1JQwU=
Subject key identifier: 6D:AD:DE:6B:32:72:BA:25:A7:F1:0F:16:97:69:DB:E3:08:D7:64:68
Certificate issuer: /CN=073b4c1248c4bcf22b0577dfca9b14d9063c28c0
Certificate serial: 018570950F22862F641E3FA1D4E27EE8C69E
Authority key identifier: 07:3B:4C:12:48:C4:BC:F2:2B:05:77:DF:CA:9B:14:D9:06:3C:28:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/ba3eazJyuiWn8Q8Wl2nb4wjXZGg.roa
Signing time: Mon 02 Jan 2023 03:44:54 +0000
ROA not before: Mon 02 Jan 2023 03:44:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208091
IP address blocks: 193.37.69.0/24 maxlen: 24
80.66.88.0/24 maxlen: 24
87.251.67.0/24 maxlen: 24
87.251.75.0/24 maxlen: 24
80.66.76.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:0f:22:86:2f:64:1e:3f:a1:d4:e2:7e:e8:c6:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=073b4c1248c4bcf22b0577dfca9b14d9063c28c0
Validity
Not Before: Jan 2 03:44:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6dadde6b3272ba25a7f10f169769dbe308d76468
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:51:f1:38:1b:c1:12:53:12:3c:e0:70:47:2f:
a6:77:b7:08:06:fd:f1:1c:35:8d:32:a8:ca:43:2d:
4e:92:07:17:61:c3:d6:90:95:22:39:89:6d:cd:d7:
32:f7:6e:66:05:9f:ad:81:e7:51:1d:42:a9:1b:d6:
cb:56:e5:9c:15:2e:3c:c1:13:a7:45:1e:8c:fa:c7:
92:91:b9:6f:96:c2:ba:27:e9:5c:31:7b:5c:4a:83:
f0:bb:4e:04:98:2f:b1:14:84:ef:b0:3b:d4:d3:f8:
d8:b9:bc:da:a4:27:42:2f:c0:2d:4c:12:cf:26:fc:
8a:f3:2d:42:c5:fe:4b:a3:51:0a:59:29:fc:57:ac:
1c:4a:03:de:3c:78:7e:27:d2:a6:8d:ca:8d:88:43:
4b:08:30:1c:64:51:a1:ed:80:cd:35:25:f7:08:32:
59:d5:fc:af:91:c8:33:a4:79:5c:95:79:42:df:25:
62:f0:7b:6d:04:69:ed:4e:e6:38:25:d5:8d:b9:c0:
d8:52:44:89:4f:85:d5:4f:40:70:bd:f0:b7:c5:73:
e8:1d:70:9c:e6:20:9b:6e:d6:20:a6:56:b1:8c:87:
3e:1d:be:21:23:8e:c9:07:16:28:7a:90:26:46:ec:
1b:2f:32:8f:bc:44:07:89:6b:14:ba:93:67:32:6a:
6c:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:AD:DE:6B:32:72:BA:25:A7:F1:0F:16:97:69:DB:E3:08:D7:64:68
X509v3 Authority Key Identifier:
keyid:07:3B:4C:12:48:C4:BC:F2:2B:05:77:DF:CA:9B:14:D9:06:3C:28:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/ba3eazJyuiWn8Q8Wl2nb4wjXZGg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/BztMEkjEvPIrBXffypsU2QY8KMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.66.76.0/24
80.66.88.0/24
87.251.67.0/24
87.251.75.0/24
193.37.69.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:9a:7a:5f:33:4b:6a:a8:f9:e2:91:f8:1d:f5:47:7d:f4:2c:
c3:6b:ec:79:88:5f:d4:f6:53:1a:93:94:85:3b:a7:f0:2e:b4:
b7:79:37:0e:75:f2:6f:a4:b6:69:82:a2:ba:4a:86:19:69:c7:
d2:52:c4:71:87:fc:ac:c7:f7:ee:f5:10:fe:4a:0b:89:f2:57:
ee:a3:5f:95:12:fa:a8:d0:34:65:48:52:11:da:32:4e:71:98:
92:6d:60:af:c5:f8:d6:11:3b:f5:af:36:47:ef:0a:ad:67:a0:
ae:3c:57:77:5a:0b:aa:d7:81:49:4a:bc:54:8e:1e:03:8d:c6:
7b:d7:4b:e9:b6:b7:01:09:0c:3c:2c:81:7b:67:30:6d:11:70:
55:57:d5:b4:e2:af:ee:20:c6:43:4a:71:29:17:b6:94:19:0f:
1c:bd:bb:ad:2b:2b:17:34:35:b3:6e:8f:32:b8:19:fc:4c:97:
62:17:71:86:d3:5c:7c:97:05:fe:9f:1d:5d:3d:c6:9e:1f:75:
15:8f:5a:66:f8:a9:ea:39:99:a1:a9:ed:cf:e0:95:cd:08:15:
ff:f3:14:e7:7c:fa:2c:7a:ea:f3:bb:b8:f6:b3:07:e9:a6:c6:
f9:43:b4:19:84:09:65:fe:e0:b8:d2:44:fb:a3:b2:68:79:d6:
ee:80:d9:38
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVwlQ8ihi9kHj+h1OJ+6MaeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3M2I0YzEyNDhjNGJjZjIyYjA1NzdkZmNhOWIxNGQ5MDYz
YzI4YzAwHhcNMjMwMTAyMDM0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGFkZGU2YjMyNzJiYTI1YTdmMTBmMTY5NzY5ZGJlMzA4ZDc2NDY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjFHxOBvBElMSPOBwRy+md7cIBv3x
HDWNMqjKQy1OkgcXYcPWkJUiOYltzdcy925mBZ+tgedRHUKpG9bLVuWcFS48wROn
RR6M+seSkblvlsK6J+lcMXtcSoPwu04EmC+xFITvsDvU0/jYubzapCdCL8AtTBLP
JvyK8y1Cxf5Lo1EKWSn8V6wcSgPePHh+J9KmjcqNiENLCDAcZFGh7YDNNSX3CDJZ
1fyvkcgzpHlclXlC3yVi8HttBGntTuY4JdWNucDYUkSJT4XVT0BwvfC3xXPoHXCc
5iCbbtYgplaxjIc+Hb4hI47JBxYoepAmRuwbLzKPvEQHiWsUupNnMmpsGQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFG2t3msycrolp/EPFpdp2+MI12RoMB8GA1UdIwQY
MBaAFAc7TBJIxLzyKwV338qbFNkGPCjAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnp0TUVrakV2UElyQlhmZnlwc1UyUVk4S01BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy82M2RiZTUtNWFhMy00ZjE5LThkYTQt
YThkMzYxY2U2NGFhLzEvYmEzZWF6Snl1aVduOFE4V2wybmI0d2pYWkdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy82M2RiZTUtNWFhMy00ZjE5LThkYTQtYThkMzYxY2U2NGFh
LzEvQnp0TUVrakV2UElyQlhmZnlwc1UyUVk4S01BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAUEJMAwQA
UEJYAwQAV/tDAwQAV/tLAwQAwSVFMA0GCSqGSIb3DQEBCwUAA4IBAQA7mnpfM0tq
qPnikfgd9Ud99CzDa+x5iF/U9lMak5SFO6fwLrS3eTcOdfJvpLZpgqK6SoYZacfS
UsRxh/ysx/fu9RD+SguJ8lfuo1+VEvqo0DRlSFIR2jJOcZiSbWCvxfjWETv1rzZH
7wqtZ6CuPFd3Wguq14FJSrxUjh4DjcZ710vptrcBCQw8LIF7ZzBtEXBVV9W04q/u
IMZDSnEpF7aUGQ8cvbutKysXNDWzbo8yuBn8TJdiF3GG01x8lwX+nx1dPcaeH3UV
j1pm+KnqOZmhqe3P4JXNCBX/8xTnfPoseurzu7j2swfppsb5Q7QZhAll/uC40kT7
o7JoedbugNk4
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:50:37 2024 by rpki-client on console-fra.rpki-client.org