Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/ApsxxTVSVf1lQ-FdV8l5al70d4c.roa
File: ApsxxTVSVf1lQ-FdV8l5al70d4c.roa (raw, json)
Hash identifier: F+O/rW0YFmLzFkwSTl1yBBFSWChkXm/LLgczrdGXKcY=
Subject key identifier: 02:9B:31:C5:35:52:55:FD:65:43:E1:5D:57:C9:79:6A:5E:F4:77:87
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 01856CC17C3C40FBF4AE408980C286B5190D
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/ApsxxTVSVf1lQ-FdV8l5al70d4c.roa
Signing time: Sun 01 Jan 2023 09:54:57 +0000
ROA not before: Sun 01 Jan 2023 09:54:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35994
IP address blocks: 80.67.67.0/24 maxlen: 24
80.67.75.0/24 maxlen: 24
80.67.80.0/24 maxlen: 24
193.108.155.0/24 maxlen: 24
195.245.124.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:c1:7c:3c:40:fb:f4:ae:40:89:80:c2:86:b5:19:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: Jan 1 09:54:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=029b31c5355255fd6543e15d57c9796a5ef47787
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:e3:4d:53:17:f6:a8:39:7f:24:30:30:d2:03:
bb:30:be:93:d9:25:1d:ef:c9:3d:77:81:4b:d5:61:
d1:bb:00:fa:af:67:3b:d0:97:54:a9:04:0f:0e:d4:
11:98:1b:ba:c9:26:83:e3:0a:f8:27:24:df:ca:a1:
c9:f4:c0:e5:69:88:42:d7:d1:c8:50:cc:68:2b:0f:
36:7c:f2:56:ba:fd:c6:da:ca:c2:de:9b:d3:cc:5e:
de:75:34:b8:2f:c4:bd:3a:5b:52:e1:0d:cf:95:6a:
e9:d3:b9:05:b0:e9:5e:8b:73:f1:89:29:36:f8:fb:
e5:7a:a0:ed:cf:1d:f8:dc:1b:8e:77:2d:ff:54:d2:
9e:e9:c9:52:5d:16:47:e9:ea:f7:0d:14:72:95:f0:
06:25:5f:d1:10:13:94:79:17:ca:e1:0b:1c:48:02:
0d:56:27:49:12:15:76:83:c4:4b:29:83:da:1b:0a:
09:48:ba:e6:c6:56:95:04:bf:2a:3f:2e:82:5b:f3:
2c:48:76:77:40:89:0f:60:b8:1e:85:fe:80:b7:de:
a7:d7:72:58:97:24:60:df:f2:46:c6:3d:57:c3:2e:
79:9c:d0:22:11:39:23:ae:b6:57:e5:0d:f8:08:d1:
28:ea:38:c4:00:b9:d9:0d:a7:be:15:f2:8d:22:c1:
e2:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:9B:31:C5:35:52:55:FD:65:43:E1:5D:57:C9:79:6A:5E:F4:77:87
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/ApsxxTVSVf1lQ-FdV8l5al70d4c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.67.67.0/24
80.67.75.0/24
80.67.80.0/24
193.108.155.0/24
195.245.124.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:f7:59:fe:c3:54:f0:e3:40:25:e9:43:82:9e:1b:96:4e:0f:
3e:c4:3d:82:5c:86:b9:55:33:e0:18:0d:60:78:c6:d4:30:24:
f8:97:1d:5a:62:6f:bb:77:cf:33:c0:9a:7e:ea:38:da:1b:74:
87:e9:2c:ca:7c:bb:5c:1e:7e:18:78:42:1a:1f:0f:db:1b:f6:
bf:86:74:91:14:78:d2:cf:3c:b1:8a:0a:61:c2:0e:73:35:40:
f9:db:33:bc:1e:eb:58:84:ee:9b:81:d4:fd:67:06:16:1e:ab:
28:e1:c7:05:7b:ca:b7:d3:d1:cc:b2:6f:8b:07:fd:07:5b:68:
1e:00:b8:56:92:3b:50:3b:8d:7e:61:61:32:22:23:23:e6:e6:
cd:ca:7a:5a:de:ea:f5:9b:b4:8c:9e:32:43:d1:28:35:13:a5:
7c:6b:1d:ca:2b:1f:c8:c9:83:b2:f2:88:4a:90:04:54:f6:02:
e9:21:4c:b2:a6:ca:c3:02:9f:f1:96:6b:27:72:d9:e6:c5:d2:
eb:c3:3c:14:56:30:06:7f:39:a1:b1:39:21:5b:14:f6:9b:1f:
74:a9:e3:93:e5:5c:a3:b6:4d:d2:4a:f7:3f:f9:ce:e6:51:9e:
39:30:e0:d8:1f:ca:58:09:48:3a:bf:60:3b:e0:f0:18:5b:06:
34:91:a9:a9
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVswXw8QPv0rkCJgMKGtRkNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjMwMTAxMDk1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjliMzFjNTM1NTI1NWZkNjU0M2UxNWQ1N2M5Nzk2YTVlZjQ3Nzg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwONNUxf2qDl/JDAw0gO7ML6T2SUd
78k9d4FL1WHRuwD6r2c70JdUqQQPDtQRmBu6ySaD4wr4JyTfyqHJ9MDlaYhC19HI
UMxoKw82fPJWuv3G2srC3pvTzF7edTS4L8S9OltS4Q3PlWrp07kFsOlei3PxiSk2
+PvleqDtzx343BuOdy3/VNKe6clSXRZH6er3DRRylfAGJV/REBOUeRfK4QscSAIN
VidJEhV2g8RLKYPaGwoJSLrmxlaVBL8qPy6CW/MsSHZ3QIkPYLgehf6At96n13JY
lyRg3/JGxj1Xwy55nNAiETkjrrZX5Q34CNEo6jjEALnZDae+FfKNIsHiTwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAKbMcU1UlX9ZUPhXVfJeWpe9HeHMB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvQXBzeHhUVlNWZjFsUS1GZFY4bDVhbDcwZDRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAUENDAwQA
UENLAwQAUENQAwQAwWybAwQAw/V8MA0GCSqGSIb3DQEBCwUAA4IBAQBv91n+w1Tw
40Al6UOCnhuWTg8+xD2CXIa5VTPgGA1geMbUMCT4lx1aYm+7d88zwJp+6jjaG3SH
6SzKfLtcHn4YeEIaHw/bG/a/hnSRFHjSzzyxigphwg5zNUD52zO8HutYhO6bgdT9
ZwYWHqso4ccFe8q309HMsm+LB/0HW2geALhWkjtQO41+YWEyIiMj5ubNynpa3ur1
m7SMnjJD0Sg1E6V8ax3KKx/IyYOy8ohKkARU9gLpIUyypsrDAp/xlmsnctnmxdLr
wzwUVjAGfzmhsTkhWxT2mx90qeOT5Vyjtk3SSvc/+c7mUZ45MODYH8pYCUg6v2A7
4PAYWwY0kamp
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:40:22 2024 by rpki-client on console-ams.rpki-client.org