Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/d8c85e-4198-4869-b9cd-e280b6501704/1/cKf8P31Isf9vI-hmN2g_rjCLecY.roa
File: cKf8P31Isf9vI-hmN2g_rjCLecY.roa (raw, json)
Hash identifier: 4oFFzcuJSyaApwTOu+N+Vqb7Sm4UB0nHKxP/HpEeq3I=
Subject key identifier: 70:A7:FC:3F:7D:48:B1:FF:6F:23:E8:66:37:68:3F:AE:30:8B:79:C6
Certificate issuer: /CN=52702cdee043094ac2f33170125f94f7034da8f0
Certificate serial: 01867E07F98BAEBFE0874A613DDAC35A52A5
Authority key identifier: 52:70:2C:DE:E0:43:09:4A:C2:F3:31:70:12:5F:94:F7:03:4D:A8:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UnAs3uBDCUrC8zFwEl-U9wNNqPA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/d8c85e-4198-4869-b9cd-e280b6501704/1/cKf8P31Isf9vI-hmN2g_rjCLecY.roa
Signing time: Thu 23 Feb 2023 11:28:17 +0000
ROA not before: Thu 23 Feb 2023 11:28:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59521
IP address blocks: 185.171.128.0/22 maxlen: 24
45.80.38.0/23 maxlen: 24
2a0a:f700::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:7e:07:f9:8b:ae:bf:e0:87:4a:61:3d:da:c3:5a:52:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52702cdee043094ac2f33170125f94f7034da8f0
Validity
Not Before: Feb 23 11:28:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=70a7fc3f7d48b1ff6f23e86637683fae308b79c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:b6:39:67:47:06:01:99:25:2e:2c:fc:43:20:
17:2e:46:24:18:36:6b:0f:41:da:c4:5c:cb:2f:9c:
05:e7:d8:c0:93:73:ea:6d:04:62:1c:b9:5d:4a:6a:
f9:b7:6d:8e:b2:7a:11:f2:52:29:4e:da:0e:86:7a:
bf:66:90:92:50:e5:08:89:33:14:3b:23:b8:0f:f0:
66:b0:b7:55:f4:29:00:ab:0f:11:34:3c:e6:ce:0e:
55:53:df:cf:70:5f:e5:81:8a:49:6b:66:28:30:1f:
4e:20:53:51:51:dd:77:d6:22:82:23:10:f8:60:ef:
91:22:43:c9:2d:7b:3b:35:11:23:b3:0a:84:45:d8:
e8:f3:99:f6:16:42:08:2a:5b:91:26:28:08:86:ac:
82:d8:17:ca:df:61:e9:51:21:33:fc:77:d7:19:12:
71:84:2c:1a:04:14:d9:07:c4:5d:34:4a:58:35:39:
0b:91:4a:97:d8:51:11:4d:f4:02:d3:0e:84:f8:fa:
85:bc:0a:14:06:99:25:c5:fd:76:e5:be:6f:42:0c:
d5:59:93:64:cb:e7:ee:8a:94:82:2f:37:36:99:b9:
d1:ee:03:4d:da:78:e4:19:c3:95:ee:68:a9:56:02:
b0:f2:88:c1:73:f1:ec:9d:40:fa:b4:06:b0:f5:bd:
aa:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:A7:FC:3F:7D:48:B1:FF:6F:23:E8:66:37:68:3F:AE:30:8B:79:C6
X509v3 Authority Key Identifier:
keyid:52:70:2C:DE:E0:43:09:4A:C2:F3:31:70:12:5F:94:F7:03:4D:A8:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UnAs3uBDCUrC8zFwEl-U9wNNqPA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/d8c85e-4198-4869-b9cd-e280b6501704/1/cKf8P31Isf9vI-hmN2g_rjCLecY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/d8c85e-4198-4869-b9cd-e280b6501704/1/UnAs3uBDCUrC8zFwEl-U9wNNqPA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.80.38.0/23
185.171.128.0/22
IPv6:
2a0a:f700::/29
Signature Algorithm: sha256WithRSAEncryption
0a:11:7c:e7:3d:4d:e4:f3:b0:df:32:7d:57:1c:7c:06:22:85:
83:55:b7:94:c7:c9:69:f1:73:41:2d:b9:8f:8f:cc:d1:3e:ec:
1b:be:7c:69:f2:02:01:87:e3:77:a0:c9:1a:44:71:bb:5f:55:
9a:67:ac:4a:31:97:18:08:0c:48:ac:54:92:60:85:c4:6f:fc:
36:43:f9:77:2e:bd:f3:7b:21:24:91:bc:d9:de:72:ee:3f:7e:
17:c7:a7:dc:dd:00:55:d8:fe:13:3c:0b:7b:ba:e6:7b:e5:1b:
87:71:c8:49:77:75:70:03:28:22:31:a1:c6:6e:a6:f0:16:10:
5d:18:0c:44:a3:55:ca:f3:d6:dd:11:bf:0a:fe:50:7f:f2:57:
5d:7c:8f:b8:f8:d4:75:11:3c:00:2c:ad:10:34:4b:b3:2c:eb:
ce:e1:6d:b0:09:c6:4e:c3:3a:b1:5c:68:ad:d1:fc:ce:c1:a2:
cb:40:71:2c:58:d9:67:87:ec:20:8f:e3:14:11:62:ee:1e:40:
4e:cf:96:6c:da:19:f6:86:f2:a2:1f:e8:7e:71:96:be:fc:01:
5f:de:90:ee:46:23:47:d8:80:ab:54:c3:9d:ba:9a:a9:eb:72:
b3:e0:3f:33:f6:22:a9:7d:bc:ba:d8:f0:0c:56:73:97:67:ba:
d3:2a:26:43
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYZ+B/mLrr/gh0phPdrDWlKlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNzAyY2RlZTA0MzA5NGFjMmYzMzE3MDEyNWY5NGY3MDM0
ZGE4ZjAwHhcNMjMwMjIzMTEyODE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGE3ZmMzZjdkNDhiMWZmNmYyM2U4NjYzNzY4M2ZhZTMwOGI3OWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLY5Z0cGAZklLiz8QyAXLkYkGDZr
D0HaxFzLL5wF59jAk3PqbQRiHLldSmr5t22OsnoR8lIpTtoOhnq/ZpCSUOUIiTMU
OyO4D/BmsLdV9CkAqw8RNDzmzg5VU9/PcF/lgYpJa2YoMB9OIFNRUd131iKCIxD4
YO+RIkPJLXs7NREjswqERdjo85n2FkIIKluRJigIhqyC2BfK32HpUSEz/HfXGRJx
hCwaBBTZB8RdNEpYNTkLkUqX2FERTfQC0w6E+PqFvAoUBpklxf125b5vQgzVWZNk
y+fuipSCLzc2mbnR7gNN2njkGcOV7mipVgKw8ojBc/HsnUD6tAaw9b2qcQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHCn/D99SLH/byPoZjdoP64wi3nGMB8GA1UdIwQY
MBaAFFJwLN7gQwlKwvMxcBJflPcDTajwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW5BczN1QkRDVXJDOHpGd0VsLVU5d05OcVBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9kOGM4NWUtNDE5OC00ODY5LWI5Y2Qt
ZTI4MGI2NTAxNzA0LzEvY0tmOFAzMUlzZjl2SS1obU4yZ19yakNMZWNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9kOGM4NWUtNDE5OC00ODY5LWI5Y2QtZTI4MGI2NTAxNzA0
LzEvVW5BczN1QkRDVXJDOHpGd0VsLVU5d05OcVBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBLVAmAwQC
uauAMA0EAgACMAcDBQMqCvcAMA0GCSqGSIb3DQEBCwUAA4IBAQAKEXznPU3k87Df
Mn1XHHwGIoWDVbeUx8lp8XNBLbmPj8zRPuwbvnxp8gIBh+N3oMkaRHG7X1WaZ6xK
MZcYCAxIrFSSYIXEb/w2Q/l3Lr3zeyEkkbzZ3nLuP34Xx6fc3QBV2P4TPAt7uuZ7
5RuHcchJd3VwAygiMaHGbqbwFhBdGAxEo1XK89bdEb8K/lB/8lddfI+4+NR1ETwA
LK0QNEuzLOvO4W2wCcZOwzqxXGit0fzOwaLLQHEsWNlnh+wgj+MUEWLuHkBOz5Zs
2hn2hvKiH+h+cZa+/AFf3pDuRiNH2ICrVMOdupqp63Kz4D8z9iKpfby62PAMVnOX
Z7rTKiZD
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:25 2024 by rpki-client on console-fra.rpki-client.org