Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/1-JA3bQ8rA5HNqAMJzCRYN6Ltc0g.roa
File: 1-JA3bQ8rA5HNqAMJzCRYN6Ltc0g.roa (raw, json)
Hash identifier: +e26BuvW3R/edN2g5FCWzAIbn97C4iFclVIDuAA803U=
Subject key identifier: F8:90:37:6D:0F:2B:03:91:CD:A8:03:09:CC:24:58:37:A2:ED:73:48
Certificate issuer: /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial: 018D9C0B7EC5AE2044A86CB1B9DE4114FA5A
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/1-JA3bQ8rA5HNqAMJzCRYN6Ltc0g.roa
Signing time: Mon 12 Feb 2024 06:40:15 +0000
ROA not before: Mon 12 Feb 2024 06:40:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207326
IP address blocks: 80.71.227.0/24 maxlen: 24
81.29.148.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 12 Feb 2024 08:57:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:9c:0b:7e:c5:ae:20:44:a8:6c:b1:b9:de:41:14:fa:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Validity
Not Before: Feb 12 06:40:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f890376d0f2b0391cda80309cc245837a2ed7348
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:25:65:a0:a8:61:00:85:41:37:25:26:1b:ee:
ac:33:67:e6:da:3a:48:5a:cb:47:66:c1:62:27:33:
8b:dd:cb:f5:c3:7b:13:ae:5c:7e:54:52:bf:67:d5:
65:67:49:67:50:9a:e8:e8:b0:17:82:9c:ab:37:46:
e2:72:f5:bc:1a:c5:25:e3:a6:06:53:7d:98:c3:31:
69:1b:9d:b9:6e:67:fb:5b:4e:91:0c:3c:67:3d:ef:
cf:eb:ed:4c:ee:6e:b5:71:f7:4d:90:45:97:9e:1b:
9b:8b:f2:a9:8a:38:f8:03:d0:8e:49:a3:50:14:82:
5e:26:52:b4:4d:59:f0:cd:dd:fd:27:34:2f:ad:5b:
24:60:87:47:55:8f:7a:68:95:e5:a6:a9:84:eb:31:
8b:ee:c6:67:b6:c0:be:5d:8b:98:88:8a:c4:ae:6c:
18:4e:0d:af:5a:1c:b1:b3:28:44:ef:b0:34:46:20:
65:10:c0:12:09:de:d3:e1:15:51:9d:a7:6f:7a:c4:
0f:0a:f2:26:9f:d4:d7:e9:9d:ee:dd:d0:2b:64:66:
cf:8a:78:5b:ca:a7:70:93:a2:eb:ee:07:5d:5b:d0:
95:1e:5a:21:90:8d:14:dc:c5:21:9c:f5:43:2b:75:
7d:37:0f:ec:6b:51:51:26:52:ac:b5:2f:95:1a:dc:
6c:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:90:37:6D:0F:2B:03:91:CD:A8:03:09:CC:24:58:37:A2:ED:73:48
X509v3 Authority Key Identifier:
keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/1-JA3bQ8rA5HNqAMJzCRYN6Ltc0g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.71.227.0/24
81.29.148.0/24
Signature Algorithm: sha256WithRSAEncryption
13:55:b7:99:a8:28:6c:29:6c:29:91:17:59:70:b6:43:fa:11:
cc:73:da:a6:b8:8b:67:9c:fa:71:5e:9f:44:14:63:15:0c:90:
ba:bd:19:31:d3:5c:2b:ff:66:8a:c6:d0:86:bb:5f:65:a2:76:
52:5d:39:ae:c4:3f:18:04:63:f0:3b:9b:65:34:02:5e:27:7f:
09:ac:ff:da:56:d1:10:ee:7d:05:57:50:04:a9:ef:73:44:69:
72:ea:42:cb:e6:4b:9c:d6:29:fe:49:5d:36:f3:e0:a3:aa:a4:
f7:11:b2:14:83:76:05:d8:07:4b:3c:4f:34:05:ec:e7:4d:b8:
5b:71:e3:40:8e:10:a9:64:2f:9c:2f:c7:37:1c:93:98:a0:43:
98:e2:3d:39:c7:b0:d4:5c:78:5d:eb:d6:df:3e:cc:63:07:0d:
88:3e:69:ac:e1:e6:54:66:ce:61:36:37:42:00:eb:5d:a5:76:
4d:1a:85:ff:77:a1:89:9b:f2:89:37:3a:dd:1e:91:b5:9e:f1:
3a:f7:75:66:7f:fc:7c:b3:a9:65:90:50:58:05:d5:9a:4a:2a:
82:8c:d0:3b:dc:d8:39:b3:d7:9e:e7:b0:2a:46:5a:24:7b:f1:
31:6b:b4:33:cd:a6:14:23:dd:ff:60:04:ce:cd:77:93:e3:10:
1d:8b:47:98
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAY2cC37FriBEqGyxud5BFPpaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjQwMjEyMDY0MDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODkwMzc2ZDBmMmIwMzkxY2RhODAzMDljYzI0NTgzN2EyZWQ3MzQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuCVloKhhAIVBNyUmG+6sM2fm2jpI
WstHZsFiJzOL3cv1w3sTrlx+VFK/Z9VlZ0lnUJro6LAXgpyrN0bicvW8GsUl46YG
U32YwzFpG525bmf7W06RDDxnPe/P6+1M7m61cfdNkEWXnhubi/Kpijj4A9COSaNQ
FIJeJlK0TVnwzd39JzQvrVskYIdHVY96aJXlpqmE6zGL7sZntsC+XYuYiIrErmwY
Tg2vWhyxsyhE77A0RiBlEMASCd7T4RVRnadvesQPCvImn9TX6Z3u3dArZGbPinhb
yqdwk6Lr7gddW9CVHlohkI0U3MUhnPVDK3V9Nw/sa1FRJlKstS+VGtxsoQIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPiQN20PKwORzagDCcwkWDei7XNIMB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvMS1KQTNiUThyQTVITnFBTUp6Q1JZTjZMdGMwZy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvODYvOWRiNTI1LTEwNTktNGMwNy1hNWFkLTE5MTg5YjNjOWM3
ZC8xL1NlVVdsTVRVYTBfTUF2cm5IbDI1UXFjUWprYy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFBH4wME
AFEdlDANBgkqhkiG9w0BAQsFAAOCAQEAE1W3magobClsKZEXWXC2Q/oRzHPapriL
Z5z6cV6fRBRjFQyQur0ZMdNcK/9misbQhrtfZaJ2Ul05rsQ/GARj8DubZTQCXid/
Caz/2lbREO59BVdQBKnvc0RpcupCy+ZLnNYp/kldNvPgo6qk9xGyFIN2BdgHSzxP
NAXs5024W3HjQI4QqWQvnC/HNxyTmKBDmOI9Ocew1Fx4XevW3z7MYwcNiD5prOHm
VGbOYTY3QgDrXaV2TRqF/3ehiZvyiTc63R6RtZ7xOvd1Zn/8fLOpZZBQWAXVmkoq
gozQO9zYObPXnuewKkZaJHvxMWu0M82mFCPd/2AEzs13k+MQHYtHmA==
-----END CERTIFICATE-----
Generated at Mon Feb 12 12:06:08 2024 by rpki-client on console-fra.rpki-client.org