Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/h7ioTzWYMJ1mdA0cx5tg_ZeB9SU.roa
File: h7ioTzWYMJ1mdA0cx5tg_ZeB9SU.roa (raw, json)
Hash identifier: dwwhA/cyFb2nVcKOxdYCV0gIz6Effag3DlnaYhp1tu8=
Subject key identifier: 87:B8:A8:4F:35:98:30:9D:66:74:0D:1C:C7:9B:60:FD:97:81:F5:25
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 0191487CBC80AD799EE2A6B704EA8B93BF63
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/h7ioTzWYMJ1mdA0cx5tg_ZeB9SU.roa
Signing time: Mon 12 Aug 2024 21:26:59 +0000
ROA not before: Mon 12 Aug 2024 21:26:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 996
IP address blocks: 80.71.152.0/24 maxlen: 24
80.71.159.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 21 Aug 2024 18:11:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:48:7c:bc:80:ad:79:9e:e2:a6:b7:04:ea:8b:93:bf:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Aug 12 21:26:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=87b8a84f3598309d66740d1cc79b60fd9781f525
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:c6:4c:50:26:15:bc:3c:b2:a3:4d:92:d2:92:
cd:0d:7c:13:87:73:43:2b:d2:b6:d0:03:91:b6:35:
57:cd:df:a5:d3:d6:55:fd:63:3b:47:08:8c:92:0f:
dd:ff:18:e6:97:6f:02:f8:32:00:9e:98:7e:95:51:
73:2e:ae:bd:ac:3f:a5:76:01:c6:53:02:8e:c8:f9:
3d:ff:37:34:20:df:59:8c:b5:ce:00:59:26:2d:7d:
99:a0:9d:62:2e:aa:6f:ac:08:e1:06:16:c7:93:73:
2f:15:c3:15:26:a4:83:40:0e:3f:7d:cb:18:51:af:
35:74:80:b0:c7:b0:6f:e8:78:0d:e4:08:91:5e:80:
ce:e7:e0:aa:95:05:24:ab:cf:e5:3e:fb:af:11:7b:
03:23:6c:03:dc:7e:7c:bd:30:09:d2:56:60:75:39:
df:1a:d4:ea:14:cc:7e:c5:18:86:6f:67:fa:d8:98:
47:dd:ae:11:ac:32:0a:7c:0c:1f:8e:c3:bc:bd:0b:
f5:64:ac:f4:29:4b:10:c2:23:9f:6b:61:c4:5e:35:
f9:18:59:cb:e3:80:4c:1a:9d:1e:a7:92:22:4c:88:
51:13:5e:cb:40:3e:6e:bd:2b:c1:6b:19:73:bd:16:
bc:77:c6:ca:af:d1:ab:53:e0:9b:b4:5b:87:63:36:
f8:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:B8:A8:4F:35:98:30:9D:66:74:0D:1C:C7:9B:60:FD:97:81:F5:25
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/h7ioTzWYMJ1mdA0cx5tg_ZeB9SU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.71.152.0/24
80.71.159.0/24
Signature Algorithm: sha256WithRSAEncryption
18:19:91:3f:64:3d:a0:54:97:c9:db:cb:2d:1f:4a:49:e4:67:
47:f4:1e:da:cf:90:d8:53:d8:9c:8d:5d:5e:cb:ac:85:07:d1:
c3:fa:9c:2f:d5:27:99:6d:84:40:70:8a:41:84:d8:6a:8b:4c:
e3:8a:31:30:16:89:f2:31:6b:88:a4:8f:85:d0:d4:a1:3a:48:
50:19:52:0e:a4:2f:8a:39:fb:1d:8e:96:e6:39:d5:7f:c0:61:
06:41:34:fb:81:5a:4f:98:30:7f:9e:28:a6:ab:3d:37:af:f0:
1d:58:1c:94:28:92:91:8f:4e:ea:ca:db:a0:87:cf:81:8b:5e:
9c:fc:b8:0e:50:c2:6a:5f:bf:66:b0:78:53:fc:3a:87:00:fc:
dc:0d:51:da:b0:18:fd:b0:0b:f9:4c:98:91:b3:47:f0:95:4e:
e8:1b:fc:51:58:04:cf:d8:71:cf:72:da:e5:c0:38:88:ab:17:
c1:de:bb:af:ca:da:57:8c:ea:9d:fd:e2:23:22:78:da:97:6f:
57:ad:69:e2:c6:b7:32:39:23:77:c2:6d:86:b5:35:62:b2:e9:
e9:e5:96:0a:a2:58:1a:ad:d5:e7:ec:84:d8:c4:16:70:fa:63:
0b:dd:c3:d5:17:4c:d1:f3:03:ab:25:70:43:30:f9:20:ed:fd:
a0:bb:39:91
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZFIfLyArXme4qa3BOqLk79jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwODEyMjEyNjU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2I4YTg0ZjM1OTgzMDlkNjY3NDBkMWNjNzliNjBmZDk3ODFmNTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwsZMUCYVvDyyo02S0pLNDXwTh3ND
K9K20AORtjVXzd+l09ZV/WM7RwiMkg/d/xjml28C+DIAnph+lVFzLq69rD+ldgHG
UwKOyPk9/zc0IN9ZjLXOAFkmLX2ZoJ1iLqpvrAjhBhbHk3MvFcMVJqSDQA4/fcsY
Ua81dICwx7Bv6HgN5AiRXoDO5+CqlQUkq8/lPvuvEXsDI2wD3H58vTAJ0lZgdTnf
GtTqFMx+xRiGb2f62JhH3a4RrDIKfAwfjsO8vQv1ZKz0KUsQwiOfa2HEXjX5GFnL
44BMGp0ep5IiTIhRE17LQD5uvSvBaxlzvRa8d8bKr9GrU+CbtFuHYzb4aQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIe4qE81mDCdZnQNHMebYP2XgfUlMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvaDdpb1R6V1lNSjFtZEEwY3g1dGdfWmVCOVNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUEeYAwQA
UEefMA0GCSqGSIb3DQEBCwUAA4IBAQAYGZE/ZD2gVJfJ28stH0pJ5GdH9B7az5DY
U9icjV1ey6yFB9HD+pwv1SeZbYRAcIpBhNhqi0zjijEwFonyMWuIpI+F0NShOkhQ
GVIOpC+KOfsdjpbmOdV/wGEGQTT7gVpPmDB/niimqz03r/AdWByUKJKRj07qytug
h8+Bi16c/LgOUMJqX79msHhT/DqHAPzcDVHasBj9sAv5TJiRs0fwlU7oG/xRWATP
2HHPctrlwDiIqxfB3ruvytpXjOqd/eIjInjal29XrWnixrcyOSN3wm2GtTVisunp
5ZYKolgardXn7ITYxBZw+mML3cPVF0zR8wOrJXBDMPkg7f2guzmR
-----END CERTIFICATE-----
Generated at Wed Aug 21 22:37:05 2024 by rpki-client on console-fra.rpki-client.org