Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/A8f3LUZWC8g2fOXwrWzMyrvVLwA.roa
File: A8f3LUZWC8g2fOXwrWzMyrvVLwA.roa (raw, json)
Hash identifier: AbJGraUjawKNGcQ1kNz6EfBc9rgeZVxuWQ2ApdJzlEU=
Subject key identifier: 03:C7:F7:2D:46:56:0B:C8:36:7C:E5:F0:AD:6C:CC:CA:BB:D5:2F:00
Certificate issuer: /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial: 0185E9C35EE870899815EC25BE226BA07F2B
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/A8f3LUZWC8g2fOXwrWzMyrvVLwA.roa
Signing time: Wed 25 Jan 2023 16:29:33 +0000
ROA not before: Wed 25 Jan 2023 16:29:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209408
IP address blocks: 80.71.232.0/24 maxlen: 24
45.66.224.0/22 maxlen: 22
81.29.149.0/24 maxlen: 24
2a09:6c40::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 26 Jan 2023 07:19:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e9:c3:5e:e8:70:89:98:15:ec:25:be:22:6b:a0:7f:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Validity
Not Before: Jan 25 16:29:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=03c7f72d46560bc8367ce5f0ad6ccccabbd52f00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:d0:85:04:39:95:88:3e:34:60:f8:2e:3f:b5:
1d:5a:a3:8a:01:e5:79:d0:fc:26:58:41:79:65:0e:
a6:d2:77:b9:7d:09:86:22:eb:39:67:74:de:3c:c2:
c7:65:13:73:31:a0:0f:34:67:fd:be:61:72:ae:e5:
86:78:ab:ea:7c:bb:49:65:60:48:a1:a3:21:9d:bb:
37:5d:18:4d:ce:04:7e:cf:aa:7f:45:d6:1b:81:df:
2c:93:15:f5:4c:08:24:f7:3e:6c:76:56:94:89:78:
a9:bb:be:7b:72:fc:9e:6d:42:4d:36:6f:2c:89:3e:
b4:c6:61:d8:15:2b:8a:35:9e:77:33:13:e6:02:57:
7d:25:57:fa:fb:f9:12:d3:f8:47:89:be:eb:47:db:
7a:ab:3e:15:52:9f:11:39:70:f1:f9:4e:5f:ef:d7:
ac:34:73:4c:74:d3:16:e2:cb:0c:69:bc:1e:48:15:
6d:92:71:3a:59:ad:ec:0f:78:23:0e:58:85:23:e4:
61:b9:40:0f:55:80:5f:20:93:18:f5:13:d3:c9:3d:
70:5d:72:7b:a2:e3:1c:e4:a3:ff:4f:38:7e:0e:89:
6f:fa:e0:96:da:80:4f:18:0b:c3:37:39:9b:b3:69:
3c:90:45:9c:92:0b:b9:95:6c:2f:1c:ab:10:28:17:
19:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:C7:F7:2D:46:56:0B:C8:36:7C:E5:F0:AD:6C:CC:CA:BB:D5:2F:00
X509v3 Authority Key Identifier:
keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/A8f3LUZWC8g2fOXwrWzMyrvVLwA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.224.0/22
80.71.232.0/24
81.29.149.0/24
IPv6:
2a09:6c40::/29
Signature Algorithm: sha256WithRSAEncryption
3a:76:d8:fc:44:cb:96:b9:67:3b:ca:da:b9:bd:37:e9:37:7b:
aa:b6:5c:1e:66:9c:26:58:86:48:d8:5f:6e:b1:87:d5:e7:38:
52:c1:e7:d1:e0:18:55:43:b1:0c:1f:e2:9e:cf:0e:55:83:03:
cb:6e:89:90:47:db:7c:7d:7a:25:aa:e7:44:f1:6c:3b:89:f7:
1b:58:05:5a:52:bb:ed:4a:74:17:74:97:ae:e6:dc:2e:1d:f3:
d4:43:23:87:9a:d9:5a:09:1f:ed:96:d9:ee:61:63:ac:99:aa:
7a:ef:00:b5:76:79:f0:c9:76:8d:cf:2c:28:66:50:9e:b5:eb:
ba:c4:51:69:fe:d2:d8:93:50:bc:46:b4:47:69:a8:0d:19:c3:
8b:3d:a2:da:94:4c:4b:77:d6:19:83:c2:22:3c:08:0a:3e:01:
ba:9d:6b:fa:17:3e:ae:8c:00:83:db:e2:88:82:01:46:f2:94:
76:a0:fb:30:a9:5a:06:44:58:ef:84:32:95:fd:65:53:af:d3:
07:c2:e5:01:3a:e3:43:13:de:04:d0:6d:14:4e:90:df:1d:bc:
40:b0:fc:ad:0b:3a:09:45:51:0e:aa:a0:96:46:c2:fc:fd:e0:
7f:9e:f3:87:0e:f3:89:3e:8c:00:0f:55:b9:1e:67:74:fa:24:
81:ae:46:d5
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYXpw17ocImYFewlviJroH8rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjMwMTI1MTYyOTMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2M3ZjcyZDQ2NTYwYmM4MzY3Y2U1ZjBhZDZjY2NjYWJiZDUyZjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkdCFBDmViD40YPguP7UdWqOKAeV5
0PwmWEF5ZQ6m0ne5fQmGIus5Z3TePMLHZRNzMaAPNGf9vmFyruWGeKvqfLtJZWBI
oaMhnbs3XRhNzgR+z6p/RdYbgd8skxX1TAgk9z5sdlaUiXipu757cvyebUJNNm8s
iT60xmHYFSuKNZ53MxPmAld9JVf6+/kS0/hHib7rR9t6qz4VUp8ROXDx+U5f79es
NHNMdNMW4ssMabweSBVtknE6Wa3sD3gjDliFI+RhuUAPVYBfIJMY9RPTyT1wXXJ7
ouMc5KP/Tzh+Dolv+uCW2oBPGAvDNzmbs2k8kEWckgu5lWwvHKsQKBcZ9wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFAPH9y1GVgvINnzl8K1szMq71S8AMB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvQThmM0xVWldDOGcyZk9Yd3JXek15cnZWTHdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCLULgAwQA
UEfoAwQAUR2VMA0EAgACMAcDBQMqCWxAMA0GCSqGSIb3DQEBCwUAA4IBAQA6dtj8
RMuWuWc7ytq5vTfpN3uqtlweZpwmWIZI2F9usYfV5zhSwefR4BhVQ7EMH+Kezw5V
gwPLbomQR9t8fXolqudE8Ww7ifcbWAVaUrvtSnQXdJeu5twuHfPUQyOHmtlaCR/t
ltnuYWOsmap67wC1dnnwyXaNzywoZlCeteu6xFFp/tLYk1C8RrRHaagNGcOLPaLa
lExLd9YZg8IiPAgKPgG6nWv6Fz6ujACD2+KIggFG8pR2oPswqVoGRFjvhDKV/WVT
r9MHwuUBOuNDE94E0G0UTpDfHbxAsPytCzoJRVEOqqCWRsL8/eB/nvOHDvOJPowA
D1W5Hmd0+iSBrkbV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:39 2024 by rpki-client on console-fra.rpki-client.org