Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/3ea1ae-1f87-4cfb-9412-df542cdc3976/1/zxEFu4glAL19EEBNFTh4JRJ7h2A.roa
File: zxEFu4glAL19EEBNFTh4JRJ7h2A.roa (raw, json)
Hash identifier: UoVOI0P7i3eesJmWd4xAy7Q+Z9vUX1zOqO5PlkmbSXk=
Subject key identifier: CF:11:05:BB:88:25:00:BD:7D:10:40:4D:15:38:78:25:12:7B:87:60
Certificate issuer: /CN=083332d2f60784f12bb2d210aec80ab41bbf1159
Certificate serial: 01856B255AFBB9C5ECD6A4FE4698364CCD49
Authority key identifier: 08:33:32:D2:F6:07:84:F1:2B:B2:D2:10:AE:C8:0A:B4:1B:BF:11:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CDMy0vYHhPErstIQrsgKtBu_EVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/3ea1ae-1f87-4cfb-9412-df542cdc3976/1/zxEFu4glAL19EEBNFTh4JRJ7h2A.roa
Signing time: Sun 01 Jan 2023 02:24:48 +0000
ROA not before: Sun 01 Jan 2023 02:24:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59441
IP address blocks: 80.91.208.0/24 maxlen: 24
2a09:5880::/29 maxlen: 128
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:31:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:25:5a:fb:b9:c5:ec:d6:a4:fe:46:98:36:4c:cd:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=083332d2f60784f12bb2d210aec80ab41bbf1159
Validity
Not Before: Jan 1 02:24:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cf1105bb882500bd7d10404d15387825127b8760
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:14:ab:52:71:c1:ce:2a:19:bf:00:f0:b5:90:
e9:88:d0:d7:3a:07:08:d7:57:69:67:fa:79:f5:8f:
dd:04:71:49:7e:6c:2a:90:d2:31:df:82:34:1b:69:
45:d1:2f:a6:ed:73:96:f9:36:3a:0c:68:42:f4:5f:
83:de:e4:c1:ab:da:86:eb:71:08:43:7f:47:c1:ff:
36:d5:2e:df:16:16:6c:48:82:0d:6c:35:bc:1a:7a:
38:5a:48:7d:5c:23:87:fd:97:b8:de:a2:a2:af:e9:
c5:05:5b:22:cf:8c:ed:f1:46:d2:1c:f0:06:44:fd:
d5:4f:2a:39:c2:ba:65:71:d0:b0:4a:99:63:ee:d4:
22:eb:f6:d7:d1:2c:18:fa:19:10:32:b7:3d:4c:82:
60:3b:71:85:9a:b4:65:66:d1:a4:30:79:64:e9:c6:
63:d9:51:6a:5b:2c:57:30:f9:9e:1c:78:31:be:7f:
b1:9c:1c:45:22:d8:18:b8:44:eb:67:05:14:47:df:
ef:d6:c9:7a:9b:4b:32:4f:63:ae:2f:55:64:73:01:
30:b4:53:e3:ec:b0:a6:e5:ff:f9:0b:04:c0:f7:da:
ee:37:88:92:39:52:bb:5e:ca:b8:06:b5:d9:f2:41:
ce:09:1d:aa:c1:3c:fd:07:22:72:22:fe:46:c6:dc:
ae:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:11:05:BB:88:25:00:BD:7D:10:40:4D:15:38:78:25:12:7B:87:60
X509v3 Authority Key Identifier:
keyid:08:33:32:D2:F6:07:84:F1:2B:B2:D2:10:AE:C8:0A:B4:1B:BF:11:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CDMy0vYHhPErstIQrsgKtBu_EVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/3ea1ae-1f87-4cfb-9412-df542cdc3976/1/zxEFu4glAL19EEBNFTh4JRJ7h2A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/3ea1ae-1f87-4cfb-9412-df542cdc3976/1/CDMy0vYHhPErstIQrsgKtBu_EVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.91.208.0/24
IPv6:
2a09:5880::/29
Signature Algorithm: sha256WithRSAEncryption
1a:04:f8:47:ca:ad:b4:84:17:29:32:eb:e0:65:c7:f3:4d:fd:
12:6c:d1:5c:04:b9:99:c0:53:0b:f0:b8:bc:d7:dd:4b:07:62:
40:1a:9a:eb:83:97:2a:bf:02:2e:e5:7d:84:38:1e:cd:03:30:
13:d9:97:9e:08:2e:26:d4:34:63:5d:79:c1:2d:6b:e3:b9:36:
d7:bd:b6:bf:ee:dc:d7:9a:e3:80:ce:18:42:d5:6a:8a:cf:67:
39:fc:dd:a7:a9:68:6f:5b:dc:c4:31:d3:75:bc:f0:26:d9:e1:
71:c8:8e:1d:66:93:5e:db:f3:3a:9f:cb:f8:2f:91:ae:ce:8f:
a6:a0:c3:7c:d0:f8:ba:80:7c:66:2f:33:e5:19:00:a0:a9:af:
17:19:aa:ba:e7:2c:13:1b:19:31:5f:c9:89:eb:32:df:81:80:
43:ce:cb:e6:cf:87:59:28:5b:9b:50:fb:8c:19:27:53:42:97:
56:0f:1b:7c:fd:ff:f0:19:b8:4f:90:fd:c4:c1:f2:4f:27:d7:
07:4a:a4:22:6a:49:40:bb:7f:fc:6c:24:e7:83:42:4b:4b:bc:
2b:a8:43:66:9f:26:44:a3:69:7b:ab:2f:54:2c:e3:24:86:b8:
d7:c2:0d:3d:cc:c2:6d:07:8a:b2:5a:4c:c0:65:9b:4e:7d:82:
f7:cf:ea:3b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVrJVr7ucXs1qT+Rpg2TM1JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MzMzMmQyZjYwNzg0ZjEyYmIyZDIxMGFlYzgwYWI0MWJi
ZjExNTkwHhcNMjMwMTAxMDIyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjExMDViYjg4MjUwMGJkN2QxMDQwNGQxNTM4NzgyNTEyN2I4NzYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAghSrUnHBzioZvwDwtZDpiNDXOgcI
11dpZ/p59Y/dBHFJfmwqkNIx34I0G2lF0S+m7XOW+TY6DGhC9F+D3uTBq9qG63EI
Q39Hwf821S7fFhZsSIINbDW8Gno4Wkh9XCOH/Ze43qKir+nFBVsiz4zt8UbSHPAG
RP3VTyo5wrplcdCwSplj7tQi6/bX0SwY+hkQMrc9TIJgO3GFmrRlZtGkMHlk6cZj
2VFqWyxXMPmeHHgxvn+xnBxFItgYuETrZwUUR9/v1sl6m0syT2OuL1VkcwEwtFPj
7LCm5f/5CwTA99ruN4iSOVK7Xsq4BrXZ8kHOCR2qwTz9ByJyIv5GxtyuxQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFM8RBbuIJQC9fRBATRU4eCUSe4dgMB8GA1UdIwQY
MBaAFAgzMtL2B4TxK7LSEK7ICrQbvxFZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0RNeTB2WUhoUEVyc3RJUXJzZ0t0QnVfRVZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8zZWExYWUtMWY4Ny00Y2ZiLTk0MTIt
ZGY1NDJjZGMzOTc2LzEvenhFRnU0Z2xBTDE5RUVCTkZUaDRKUko3aDJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8zZWExYWUtMWY4Ny00Y2ZiLTk0MTItZGY1NDJjZGMzOTc2
LzEvQ0RNeTB2WUhoUEVyc3RJUXJzZ0t0QnVfRVZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAUFvQMA0E
AgACMAcDBQMqCViAMA0GCSqGSIb3DQEBCwUAA4IBAQAaBPhHyq20hBcpMuvgZcfz
Tf0SbNFcBLmZwFML8Li8191LB2JAGprrg5cqvwIu5X2EOB7NAzAT2ZeeCC4m1DRj
XXnBLWvjuTbXvba/7tzXmuOAzhhC1WqKz2c5/N2nqWhvW9zEMdN1vPAm2eFxyI4d
ZpNe2/M6n8v4L5Guzo+moMN80Pi6gHxmLzPlGQCgqa8XGaq65ywTGxkxX8mJ6zLf
gYBDzsvmz4dZKFubUPuMGSdTQpdWDxt8/f/wGbhPkP3EwfJPJ9cHSqQiaklAu3/8
bCTng0JLS7wrqENmnyZEo2l7qy9ULOMkhrjXwg09zMJtB4qyWkzAZZtOfYL3z+o7
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:45 2024 by rpki-client on console-ams.rpki-client.org