Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/3xMJs86r7zToqtIEcMx5wHRVUvU.roa
File: 3xMJs86r7zToqtIEcMx5wHRVUvU.roa (raw, json)
Hash identifier: /4gSYQlIa/uxBVRLtKvVQx8NOCxRj5TZ/Zxk1dpl3bY=
Subject key identifier: DF:13:09:B3:CE:AB:EF:34:E8:AA:D2:04:70:CC:79:C0:74:55:52:F5
Certificate issuer: /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial: 018AB6327F59246C68481D57B3B138950C68
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/3xMJs86r7zToqtIEcMx5wHRVUvU.roa
Signing time: Thu 21 Sep 2023 05:24:37 +0000
ROA not before: Thu 21 Sep 2023 05:24:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198883
IP address blocks: 80.71.239.0/24 maxlen: 24
80.71.237.0/24 maxlen: 24
80.71.234.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b6:32:7f:59:24:6c:68:48:1d:57:b3:b1:38:95:0c:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Validity
Not Before: Sep 21 05:24:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=df1309b3ceabef34e8aad20470cc79c0745552f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:9f:5f:2a:71:3d:12:1f:d1:fa:a5:3e:eb:05:
09:53:91:26:fb:82:e8:8d:66:95:e7:c1:7b:83:7a:
dd:a7:04:7c:23:1c:3e:7f:15:ef:04:0a:c6:e6:07:
c3:fb:a1:b0:08:be:e9:41:94:0c:72:ba:1c:6d:e2:
33:d4:92:b5:8e:58:e1:6f:61:f5:90:69:7b:10:f4:
66:04:fa:b7:9f:55:f6:2b:4d:23:a0:7d:09:7a:83:
ee:f2:79:9f:1a:3f:d6:a3:c7:ec:2e:6a:e5:e4:a0:
92:4d:d9:e5:9c:22:53:9c:f4:7d:20:5b:3c:d4:97:
10:74:f8:55:90:1f:d7:58:38:74:35:ca:f4:ce:5b:
df:fa:b7:c1:97:db:90:ef:a0:7e:73:82:61:b9:f9:
c4:8b:75:6b:69:f0:4b:56:b2:c3:c1:67:6f:99:65:
e8:fd:06:6b:29:67:70:d2:09:25:e5:e7:f7:76:0e:
3f:b4:0a:43:f2:21:1b:1a:54:b0:ab:ea:5a:ec:ba:
7f:46:1d:ec:9e:0a:f2:1c:1e:4e:b7:bd:b0:25:95:
6d:8a:35:e4:59:2d:1c:c1:1a:6c:69:2e:3d:79:ac:
85:fb:82:9b:d8:1e:e7:45:5a:19:6b:c5:b7:f8:68:
3e:f7:ca:6e:5c:eb:17:9f:c1:71:9b:27:8b:f4:5d:
56:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:13:09:B3:CE:AB:EF:34:E8:AA:D2:04:70:CC:79:C0:74:55:52:F5
X509v3 Authority Key Identifier:
keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/3xMJs86r7zToqtIEcMx5wHRVUvU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.71.234.0/24
80.71.237.0/24
80.71.239.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:5d:d1:6d:fe:3b:e6:45:e5:4e:9c:9a:eb:96:4f:10:57:6b:
68:97:52:07:84:ff:e4:b3:b0:3f:7f:91:39:6e:88:39:19:fe:
aa:62:d7:2f:68:0d:44:93:ad:9b:5e:46:35:91:b1:b5:24:c6:
3e:4b:3e:60:44:1d:56:7e:82:0e:4c:77:7c:74:70:5f:30:ad:
0f:14:c1:92:18:26:13:35:c9:5e:4c:df:eb:29:87:90:11:4b:
18:68:22:3b:ec:3f:e4:a1:5a:3f:25:1a:d1:17:69:a5:4a:17:
75:aa:76:dd:6d:81:6a:95:51:70:39:9a:d9:01:3f:16:86:37:
4b:08:54:8e:c0:e9:98:17:6b:f0:de:22:2e:54:5f:00:63:30:
d7:c4:46:c0:6d:83:bf:1d:34:75:2f:d6:aa:dd:5b:e3:2b:b7:
74:82:51:ef:f9:f3:80:aa:47:f1:7f:11:ce:97:6f:c1:24:88:
1b:98:94:23:40:d5:48:b1:af:e3:ee:bb:f3:0b:c2:f7:b6:b5:
cf:c3:60:51:7a:2e:33:43:99:82:a0:2a:19:5f:3f:5c:fd:c9:
18:40:ce:82:45:7a:13:ab:3a:8e:85:a6:8b:f4:84:f8:37:ff:
f1:dd:44:a3:46:40:3e:36:41:94:64:76:76:b6:1c:9b:d9:df:
a7:a5:e0:bb
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYq2Mn9ZJGxoSB1Xs7E4lQxoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjMwOTIxMDUyNDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjEzMDliM2NlYWJlZjM0ZThhYWQyMDQ3MGNjNzljMDc0NTU1MmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu59fKnE9Eh/R+qU+6wUJU5Em+4Lo
jWaV58F7g3rdpwR8Ixw+fxXvBArG5gfD+6GwCL7pQZQMcrocbeIz1JK1jljhb2H1
kGl7EPRmBPq3n1X2K00joH0JeoPu8nmfGj/Wo8fsLmrl5KCSTdnlnCJTnPR9IFs8
1JcQdPhVkB/XWDh0Ncr0zlvf+rfBl9uQ76B+c4JhufnEi3VrafBLVrLDwWdvmWXo
/QZrKWdw0gkl5ef3dg4/tApD8iEbGlSwq+pa7Lp/Rh3sngryHB5Ot72wJZVtijXk
WS0cwRpsaS49eayF+4Kb2B7nRVoZa8W3+Gg+98puXOsXn8FxmyeL9F1WUwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFN8TCbPOq+806KrSBHDMecB0VVL1MB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvM3hNSnM4NnI3elRvcXRJRWNNeDV3SFJWVXZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUEfqAwQA
UEftAwQAUEfvMA0GCSqGSIb3DQEBCwUAA4IBAQArXdFt/jvmReVOnJrrlk8QV2to
l1IHhP/ks7A/f5E5bog5Gf6qYtcvaA1Ek62bXkY1kbG1JMY+Sz5gRB1WfoIOTHd8
dHBfMK0PFMGSGCYTNcleTN/rKYeQEUsYaCI77D/koVo/JRrRF2mlShd1qnbdbYFq
lVFwOZrZAT8WhjdLCFSOwOmYF2vw3iIuVF8AYzDXxEbAbYO/HTR1L9aq3VvjK7d0
glHv+fOAqkfxfxHOl2/BJIgbmJQjQNVIsa/j7rvzC8L3trXPw2BRei4zQ5mCoCoZ
Xz9c/ckYQM6CRXoTqzqOhaaL9IT4N//x3USjRkA+NkGUZHZ2thyb2d+npeC7
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:21:43 2024 by rpki-client on console-ams.rpki-client.org