Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/20f4ac-80d9-40e2-a9e6-1c88eebeb293/1/AY2FL8i5M-_aOQS7rNlgxt70Yqw.roa
File: AY2FL8i5M-_aOQS7rNlgxt70Yqw.roa (raw, json)
Hash identifier: jgangwt5FPiocRkIZsoNmZWCliklovMgtIxDXl7wk2I=
Subject key identifier: 01:8D:85:2F:C8:B9:33:EF:DA:39:04:BB:AC:D9:60:C6:DE:F4:62:AC
Certificate issuer: /CN=fb236b213d56493f3b077e6b41f42e4f3df8cdce
Certificate serial: 01856DEF69E8948BE0EFD91CD4C545F26DED
Authority key identifier: FB:23:6B:21:3D:56:49:3F:3B:07:7E:6B:41:F4:2E:4F:3D:F8:CD:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-yNrIT1WST87B35rQfQuTz34zc4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/20f4ac-80d9-40e2-a9e6-1c88eebeb293/1/AY2FL8i5M-_aOQS7rNlgxt70Yqw.roa
Signing time: Sun 01 Jan 2023 15:24:44 +0000
ROA not before: Sun 01 Jan 2023 15:24:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 80.210.95.0/24 maxlen: 24
85.194.254.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ef:69:e8:94:8b:e0:ef:d9:1c:d4:c5:45:f2:6d:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb236b213d56493f3b077e6b41f42e4f3df8cdce
Validity
Not Before: Jan 1 15:24:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=018d852fc8b933efda3904bbacd960c6def462ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:c3:5d:c7:a4:24:f2:09:11:37:9c:1d:7b:33:
df:b6:9c:e9:eb:a8:7f:6d:dc:2a:9e:46:d6:ba:ae:
73:99:90:d4:95:47:a9:b4:5c:af:64:f3:bd:04:1f:
c4:6a:a9:86:6f:44:c7:93:67:05:92:4e:62:e2:a7:
46:88:f8:93:b1:43:70:a7:30:b4:cc:ff:64:ec:e1:
e7:ce:1f:66:62:45:56:6b:fd:80:8a:1a:af:20:60:
73:f4:63:68:0d:2e:e3:b5:87:d7:ef:c5:89:da:9a:
04:f9:2c:43:87:d5:55:ee:91:16:04:86:51:be:4e:
e4:c6:1b:ad:41:cb:da:bb:5a:c4:a0:cf:fc:f0:51:
63:7f:84:21:b9:30:df:60:5c:e9:e1:2a:31:b8:79:
35:8e:69:24:b6:c2:3c:96:6f:91:5a:10:67:fe:20:
ae:f3:e0:b2:3d:ad:7a:9a:68:b9:25:0f:28:81:29:
78:f7:ac:fe:36:18:cf:96:08:a1:7f:a9:63:49:95:
fe:86:15:a9:23:7e:a2:8e:e6:1e:0a:98:f7:0c:a2:
a4:7b:4e:26:b4:ee:15:0d:04:98:84:d4:c7:85:3d:
77:91:b6:74:6c:18:b3:76:d6:3a:65:0d:72:60:01:
63:6f:27:8b:be:5e:05:12:8a:b6:f0:ed:29:f9:f3:
4d:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:8D:85:2F:C8:B9:33:EF:DA:39:04:BB:AC:D9:60:C6:DE:F4:62:AC
X509v3 Authority Key Identifier:
keyid:FB:23:6B:21:3D:56:49:3F:3B:07:7E:6B:41:F4:2E:4F:3D:F8:CD:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-yNrIT1WST87B35rQfQuTz34zc4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/20f4ac-80d9-40e2-a9e6-1c88eebeb293/1/AY2FL8i5M-_aOQS7rNlgxt70Yqw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/20f4ac-80d9-40e2-a9e6-1c88eebeb293/1/1-yNrIT1WST87B35rQfQuTz34zc4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.210.95.0/24
85.194.254.0/23
Signature Algorithm: sha256WithRSAEncryption
4d:f2:9f:a9:4a:66:90:df:5c:f0:31:2c:f5:3a:8e:93:bd:3b:
1c:7b:f0:6b:95:5c:2e:3f:93:ff:fc:44:82:9e:38:d5:16:b1:
8f:ab:4a:81:cd:5f:3b:21:27:a2:e9:a3:5a:aa:c0:21:a4:a7:
3e:c5:6f:23:f2:65:81:a4:2a:90:22:2e:f3:82:78:c1:e9:97:
13:a5:7d:ab:4b:e2:aa:96:4b:2c:7c:fd:12:17:12:20:58:43:
74:99:6f:66:02:20:98:ef:fc:d4:d7:ab:50:83:39:3d:44:a7:
30:95:43:11:0d:dd:44:30:13:54:3c:1d:a4:a0:9f:91:df:77:
2f:e1:dc:16:59:de:d0:79:18:9b:43:13:eb:23:ef:42:48:b4:
12:71:88:10:eb:2e:05:0a:81:c9:14:dd:c5:82:6a:5e:51:fd:
51:28:52:28:5a:0a:ab:c1:5f:28:a7:cb:c8:42:d2:af:b0:0f:
f0:39:40:7d:0c:69:4f:4d:d5:25:e4:da:59:29:c5:d1:b5:31:
2e:2a:27:16:8f:b1:7f:5a:08:fc:e6:ab:cc:d1:64:cd:90:0f:
36:4f:2f:30:44:78:d7:5d:73:64:fa:c2:18:fb:e7:81:ec:f0:
ad:4d:39:f3:5c:a0:67:75:aa:2f:2e:c7:73:b7:b9:0b:11:03:
02:d2:7f:9b
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVt72nolIvg79kc1MVF8m3tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMjM2YjIxM2Q1NjQ5M2YzYjA3N2U2YjQxZjQyZTRmM2Rm
OGNkY2UwHhcNMjMwMTAxMTUyNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMThkODUyZmM4YjkzM2VmZGEzOTA0YmJhY2Q5NjBjNmRlZjQ2MmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgcNdx6Qk8gkRN5wdezPftpzp66h/
bdwqnkbWuq5zmZDUlUeptFyvZPO9BB/EaqmGb0THk2cFkk5i4qdGiPiTsUNwpzC0
zP9k7OHnzh9mYkVWa/2AihqvIGBz9GNoDS7jtYfX78WJ2poE+SxDh9VV7pEWBIZR
vk7kxhutQcvau1rEoM/88FFjf4QhuTDfYFzp4SoxuHk1jmkktsI8lm+RWhBn/iCu
8+CyPa16mmi5JQ8ogSl496z+NhjPlgihf6ljSZX+hhWpI36ijuYeCpj3DKKke04m
tO4VDQSYhNTHhT13kbZ0bBizdtY6ZQ1yYAFjbyeLvl4FEoq28O0p+fNNDwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFAGNhS/IuTPv2jkEu6zZYMbe9GKsMB8GA1UdIwQY
MBaAFPsjayE9Vkk/Owd+a0H0Lk89+M3OMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS15TnJJVDFXU1Q4N0IzNXJRZlF1VHozNHpjNC5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODUvMjBmNGFjLTgwZDktNDBlMi1hOWU2
LTFjODhlZWJlYjI5My8xL0FZMkZMOGk1TS1fYU9RUzdyTmxneHQ3MFlxdy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvODUvMjBmNGFjLTgwZDktNDBlMi1hOWU2LTFjODhlZWJlYjI5
My8xLzEteU5ySVQxV1NUODdCMzVyUWZRdVR6MzR6YzQuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBABQ0l8D
BAFVwv4wDQYJKoZIhvcNAQELBQADggEBAE3yn6lKZpDfXPAxLPU6jpO9Oxx78GuV
XC4/k//8RIKeONUWsY+rSoHNXzshJ6Lpo1qqwCGkpz7FbyPyZYGkKpAiLvOCeMHp
lxOlfatL4qqWSyx8/RIXEiBYQ3SZb2YCIJjv/NTXq1CDOT1EpzCVQxEN3UQwE1Q8
HaSgn5Hfdy/h3BZZ3tB5GJtDE+sj70JItBJxiBDrLgUKgckU3cWCal5R/VEoUiha
CqvBXyiny8hC0q+wD/A5QH0MaU9N1SXk2lkpxdG1MS4qJxaPsX9aCPzmq8zRZM2Q
DzZPLzBEeNddc2T6whj754Hs8K1NOfNcoGd1qi8ux3O3uQsRAwLSf5s=
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:22:57 2024 by rpki-client on console-fra.rpki-client.org