Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/BagoEnBgPyNJ7j7BVgTMfenm-Q8.roa
File: BagoEnBgPyNJ7j7BVgTMfenm-Q8.roa (raw, json)
Hash identifier: zWVSkAzBYfy9dS9WtEJl7V4HAkCAgFjY59mSuCqt7yA=
Subject key identifier: 05:A8:28:12:70:60:3F:23:49:EE:3E:C1:56:04:CC:7D:E9:E6:F9:0F
Certificate issuer: /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial: 0191FA28E14D46EA5626CC95C0560896BC5B
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/BagoEnBgPyNJ7j7BVgTMfenm-Q8.roa
Signing time: Mon 16 Sep 2024 09:27:48 +0000
ROA not before: Mon 16 Sep 2024 09:27:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 80.71.230.0/24 maxlen: 24
81.29.144.0/24 maxlen: 24
81.29.147.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 12 Nov 2024 12:38:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:fa:28:e1:4d:46:ea:56:26:cc:95:c0:56:08:96:bc:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Validity
Not Before: Sep 16 09:27:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=05a8281270603f2349ee3ec15604cc7de9e6f90f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:79:ca:af:7e:0b:cb:26:63:1b:69:70:22:8b:
a4:c8:d5:dc:c6:aa:e5:05:91:b2:20:01:ff:0a:56:
75:d7:dc:0d:8f:3b:dd:56:41:21:eb:6e:ee:6c:68:
db:71:ea:db:79:90:03:47:3d:80:6a:61:75:ad:e5:
22:b2:5a:9c:ca:66:48:17:f3:54:58:ee:5d:b5:b1:
8b:c4:88:93:f1:93:86:cd:d7:4e:aa:9c:7c:ac:1c:
57:89:84:c1:62:a7:e6:55:47:e8:6e:d8:48:2d:10:
49:dd:53:3b:fd:0c:c6:13:bd:47:bb:58:7d:78:ed:
33:1a:5c:6d:e3:b4:3b:9f:56:04:d8:51:5b:cb:8d:
d7:92:67:1e:84:b5:98:f2:da:f1:0a:a2:59:df:f7:
d2:d5:1f:df:f7:c7:97:ae:76:c2:da:1a:ae:a0:5f:
58:57:4d:df:e0:cc:d0:f5:c3:3a:38:61:d3:a1:50:
49:37:0d:0c:80:a8:c2:f9:1a:cf:87:95:cc:bc:15:
bf:fa:b6:6e:86:eb:34:29:09:a7:f7:d2:bb:a4:4d:
87:44:da:e2:e8:47:aa:85:8c:93:b4:ed:4d:2e:d7:
79:90:27:1f:1f:3c:3b:bd:e6:5f:77:01:bf:b1:60:
a4:6f:70:83:ef:ed:dc:f0:66:55:93:f3:1f:eb:ed:
27:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:A8:28:12:70:60:3F:23:49:EE:3E:C1:56:04:CC:7D:E9:E6:F9:0F
X509v3 Authority Key Identifier:
keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/BagoEnBgPyNJ7j7BVgTMfenm-Q8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.71.230.0/24
81.29.144.0/24
81.29.147.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:c1:63:9c:da:63:a4:68:39:ea:9e:83:34:3b:52:94:2f:86:
d4:88:30:cf:bc:da:62:8c:33:0c:9c:94:e3:39:d8:1a:dd:5a:
27:13:c2:5e:b4:c6:ae:be:28:8e:a0:a3:8c:23:b5:d6:a4:b5:
9b:fa:a6:4d:62:08:c8:74:c9:3c:83:b9:ad:f5:98:b8:2a:f7:
f2:cb:66:4a:f0:cb:3c:e1:9b:ad:d3:b1:43:b4:4e:90:51:8a:
9b:ad:03:d5:8d:6d:33:3a:41:41:42:ac:a5:69:62:34:e6:d9:
40:27:5b:dd:0f:53:ca:57:ae:55:ac:a2:a3:c4:58:36:8b:11:
26:10:f6:a8:e0:de:ea:39:0f:33:8b:aa:3b:d3:14:a2:76:73:
9a:53:5f:5d:6e:1c:f8:04:f3:a8:eb:c5:13:e5:a4:10:3e:b4:
b2:a1:2e:e7:f4:e7:53:19:9b:cf:bb:fc:53:77:cf:68:5b:f0:
06:b9:a0:c3:d2:8d:b3:23:be:8b:0c:47:84:21:5c:03:04:10:
e5:6b:eb:bb:1d:f4:52:30:c0:e9:ea:c8:62:f0:5e:9a:9d:03:
18:83:ab:37:8a:ad:99:3e:71:98:06:84:87:81:f3:6d:05:41:
79:41:af:f3:1e:9c:17:15:d2:4d:5a:91:0a:0c:79:8a:65:b9:
a7:4b:2c:fa
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZH6KOFNRupWJsyVwFYIlrxbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjQwOTE2MDkyNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWE4MjgxMjcwNjAzZjIzNDllZTNlYzE1NjA0Y2M3ZGU5ZTZmOTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtHnKr34LyyZjG2lwIoukyNXcxqrl
BZGyIAH/ClZ119wNjzvdVkEh627ubGjbcerbeZADRz2AamF1reUislqcymZIF/NU
WO5dtbGLxIiT8ZOGzddOqpx8rBxXiYTBYqfmVUfobthILRBJ3VM7/QzGE71Hu1h9
eO0zGlxt47Q7n1YE2FFby43XkmcehLWY8trxCqJZ3/fS1R/f98eXrnbC2hquoF9Y
V03f4MzQ9cM6OGHToVBJNw0MgKjC+RrPh5XMvBW/+rZuhus0KQmn99K7pE2HRNri
6EeqhYyTtO1NLtd5kCcfHzw7veZfdwG/sWCkb3CD7+3c8GZVk/Mf6+0nqQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAWoKBJwYD8jSe4+wVYEzH3p5vkPMB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvQmFnb0VuQmdQeU5KN2o3QlZnVE1mZW5tLVE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUEfmAwQA
UR2QAwQAUR2TMA0GCSqGSIb3DQEBCwUAA4IBAQAewWOc2mOkaDnqnoM0O1KUL4bU
iDDPvNpijDMMnJTjOdga3VonE8JetMauviiOoKOMI7XWpLWb+qZNYgjIdMk8g7mt
9Zi4Kvfyy2ZK8Ms84Zut07FDtE6QUYqbrQPVjW0zOkFBQqylaWI05tlAJ1vdD1PK
V65VrKKjxFg2ixEmEPao4N7qOQ8zi6o70xSidnOaU19dbhz4BPOo68UT5aQQPrSy
oS7n9OdTGZvPu/xTd89oW/AGuaDD0o2zI76LDEeEIVwDBBDla+u7HfRSMMDp6shi
8F6anQMYg6s3iq2ZPnGYBoSHgfNtBUF5Qa/zHpwXFdJNWpEKDHmKZbmnSyz6
-----END CERTIFICATE-----
Generated at Tue Nov 12 16:24:12 2024 by rpki-client on console-ams.rpki-client.org