Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/giCCbrIeNKzID6tY05kU8kzEwck.roa
File: giCCbrIeNKzID6tY05kU8kzEwck.roa (raw, json)
Hash identifier: KyAd49rzu69zE6fqDP3ameyxhh4Rp4GI7rfXzl71cQ0=
Subject key identifier: 82:20:82:6E:B2:1E:34:AC:C8:0F:AB:58:D3:99:14:F2:4C:C4:C1:C9
Certificate issuer: /CN=073b4c1248c4bcf22b0577dfca9b14d9063c28c0
Certificate serial: 018CB0454283A377435F36088BFE1B0B692E
Authority key identifier: 07:3B:4C:12:48:C4:BC:F2:2B:05:77:DF:CA:9B:14:D9:06:3C:28:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/giCCbrIeNKzID6tY05kU8kzEwck.roa
Signing time: Thu 28 Dec 2023 11:52:58 +0000
ROA not before: Thu 28 Dec 2023 11:52:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207883
IP address blocks: 87.251.70.0/23 maxlen: 24
80.66.68.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b0:45:42:83:a3:77:43:5f:36:08:8b:fe:1b:0b:69:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=073b4c1248c4bcf22b0577dfca9b14d9063c28c0
Validity
Not Before: Dec 28 11:52:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8220826eb21e34acc80fab58d39914f24cc4c1c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:8c:06:4a:cd:53:e6:b7:ae:16:24:6e:84:9a:
72:7a:19:10:65:43:ad:7e:11:d4:3f:2e:0e:11:3f:
03:64:d6:eb:c2:d4:c6:00:bf:99:07:6f:96:c8:37:
9f:52:51:ec:f9:30:de:cf:20:f1:73:7b:ef:9e:cd:
c7:f9:27:50:ff:11:39:d3:e4:af:f7:f0:5e:c3:0b:
a1:cb:fc:58:d4:62:0d:d8:da:40:3e:5f:4c:ce:1a:
25:03:eb:5d:c7:cc:4a:1e:e6:69:4f:36:db:27:e5:
2b:2c:44:1d:5b:7d:6e:7d:32:27:13:bf:6e:61:84:
a5:4b:62:79:24:e1:3d:ba:ff:78:64:aa:6e:a2:e7:
c6:06:99:97:ee:f4:23:48:2d:05:ea:9e:fd:23:0b:
c4:11:dd:4b:14:c5:c5:23:b0:34:57:5d:14:7f:44:
e0:da:2d:3e:74:45:34:e4:e6:08:23:63:ca:50:37:
76:2a:cd:44:05:98:df:96:c9:cf:c9:42:06:6a:03:
49:a7:82:d8:31:2b:6a:60:dc:64:2e:d7:c4:ac:65:
b7:7a:c1:ff:eb:03:ed:b4:95:f4:70:54:d0:e0:19:
f9:a3:27:88:b9:60:52:91:0b:16:b2:d4:e9:d6:3d:
79:7f:f5:8f:85:e8:6e:00:f4:aa:50:0b:dc:9f:17:
18:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:20:82:6E:B2:1E:34:AC:C8:0F:AB:58:D3:99:14:F2:4C:C4:C1:C9
X509v3 Authority Key Identifier:
keyid:07:3B:4C:12:48:C4:BC:F2:2B:05:77:DF:CA:9B:14:D9:06:3C:28:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/giCCbrIeNKzID6tY05kU8kzEwck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/BztMEkjEvPIrBXffypsU2QY8KMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.66.68.0/24
87.251.70.0/23
Signature Algorithm: sha256WithRSAEncryption
19:94:88:43:d3:93:d2:04:c7:a1:1f:67:26:a3:77:36:56:a7:
d0:55:86:cd:da:34:34:47:91:1e:11:b6:bd:60:3a:c4:c4:cc:
db:0e:0b:e2:7a:9f:7a:d4:ca:32:ae:89:24:8e:14:ba:3d:3b:
9a:9a:d1:ec:ea:d6:7c:ca:58:c9:06:2e:e1:69:0f:f6:3b:a3:
21:f4:db:4a:c4:54:ba:a2:5f:47:96:a4:e7:f3:ce:71:b3:29:
b8:0f:f8:69:a6:2c:19:5c:f0:d6:d1:04:b0:4a:c4:03:74:40:
41:a9:ea:34:e7:2c:dc:50:8e:eb:16:03:fb:bb:47:38:55:aa:
ef:f1:dc:df:88:57:25:3b:69:32:12:53:07:72:70:90:45:c9:
00:30:e3:34:93:05:46:9f:fd:7e:61:af:c8:3e:d4:fe:c1:89:
ba:4e:d2:12:3b:5c:9a:62:65:2c:f3:7f:27:f6:4e:43:42:37:
a4:aa:36:d0:ee:03:05:8e:5d:0f:17:24:e2:04:12:b1:9a:34:
38:62:e8:4b:59:e8:89:c2:fc:a7:bd:a9:9a:1a:31:bd:65:9d:
29:3e:ad:80:b7:9a:45:91:92:e2:78:b1:cf:c5:24:6b:fb:4d:
8f:60:c2:f5:9e:0f:ca:d0:95:77:6b:a0:8a:42:5a:b5:70:47:
26:27:6e:3f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYywRUKDo3dDXzYIi/4bC2kuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3M2I0YzEyNDhjNGJjZjIyYjA1NzdkZmNhOWIxNGQ5MDYz
YzI4YzAwHhcNMjMxMjI4MTE1MjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjIwODI2ZWIyMWUzNGFjYzgwZmFiNThkMzk5MTRmMjRjYzRjMWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmIwGSs1T5reuFiRuhJpyehkQZUOt
fhHUPy4OET8DZNbrwtTGAL+ZB2+WyDefUlHs+TDezyDxc3vvns3H+SdQ/xE50+Sv
9/Bewwuhy/xY1GIN2NpAPl9MzholA+tdx8xKHuZpTzbbJ+UrLEQdW31ufTInE79u
YYSlS2J5JOE9uv94ZKpuoufGBpmX7vQjSC0F6p79IwvEEd1LFMXFI7A0V10Uf0Tg
2i0+dEU05OYII2PKUDd2Ks1EBZjflsnPyUIGagNJp4LYMStqYNxkLtfErGW3esH/
6wPttJX0cFTQ4Bn5oyeIuWBSkQsWstTp1j15f/WPhehuAPSqUAvcnxcYKwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIIggm6yHjSsyA+rWNOZFPJMxMHJMB8GA1UdIwQY
MBaAFAc7TBJIxLzyKwV338qbFNkGPCjAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnp0TUVrakV2UElyQlhmZnlwc1UyUVk4S01BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy82M2RiZTUtNWFhMy00ZjE5LThkYTQt
YThkMzYxY2U2NGFhLzEvZ2lDQ2JySWVOS3pJRDZ0WTA1a1U4a3pFd2NrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy82M2RiZTUtNWFhMy00ZjE5LThkYTQtYThkMzYxY2U2NGFh
LzEvQnp0TUVrakV2UElyQlhmZnlwc1UyUVk4S01BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUEJEAwQB
V/tGMA0GCSqGSIb3DQEBCwUAA4IBAQAZlIhD05PSBMehH2cmo3c2VqfQVYbN2jQ0
R5EeEba9YDrExMzbDgviep961MoyrokkjhS6PTuamtHs6tZ8yljJBi7haQ/2O6Mh
9NtKxFS6ol9HlqTn885xsym4D/hppiwZXPDW0QSwSsQDdEBBqeo05yzcUI7rFgP7
u0c4Varv8dzfiFclO2kyElMHcnCQRckAMOM0kwVGn/1+Ya/IPtT+wYm6TtISO1ya
YmUs838n9k5DQjekqjbQ7gMFjl0PFyTiBBKxmjQ4YuhLWeiJwvynvamaGjG9ZZ0p
Pq2At5pFkZLieLHPxSRr+02PYML1ng/K0JV3a6CKQlq1cEcmJ24/
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:00:25 2024 by rpki-client on console-ams.rpki-client.org