Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/D5vbi12gFuq5bSAj-n3p3Ua2JFc.roa
File: D5vbi12gFuq5bSAj-n3p3Ua2JFc.roa (raw, json)
Hash identifier: EtClAQTlQEM60OLjmQugrz4t9X4RM+R73YWW6EU/EyM=
Subject key identifier: 0F:9B:DB:8B:5D:A0:16:EA:B9:6D:20:23:FA:7D:E9:DD:46:B6:24:57
Certificate issuer: /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial: 018832893ADBA4BBDFC05E6E2AB66EC91828
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/D5vbi12gFuq5bSAj-n3p3Ua2JFc.roa
Signing time: Fri 19 May 2023 05:43:54 +0000
ROA not before: Fri 19 May 2023 05:43:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209408
IP address blocks: 45.66.224.0/22 maxlen: 22
80.71.236.0/24 maxlen: 24
2a09:6c40::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 22 May 2023 14:11:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:32:89:3a:db:a4:bb:df:c0:5e:6e:2a:b6:6e:c9:18:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Validity
Not Before: May 19 05:43:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0f9bdb8b5da016eab96d2023fa7de9dd46b62457
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:3e:5c:fe:4d:eb:ad:b8:c7:33:30:87:c4:74:
d4:eb:50:6e:1e:a0:a7:0a:29:3d:eb:84:ba:e0:75:
5e:55:87:1b:e4:b9:fe:ae:77:30:1a:90:71:20:da:
e2:1e:77:0c:d7:00:86:11:f5:32:e2:ac:51:10:1e:
a2:bc:28:ca:7c:70:d8:fe:74:5d:ec:a6:e2:52:23:
be:26:77:d8:03:31:18:ba:8e:54:04:8c:8b:32:ff:
06:bc:cb:11:53:89:d2:01:c0:ce:10:31:af:7f:ab:
1c:d8:a4:cb:c9:50:d3:71:bb:0a:bc:01:c2:17:cd:
5c:2e:fb:ff:50:75:ff:de:44:e9:61:f4:33:b3:5f:
74:47:73:29:bc:b0:37:23:36:11:f9:38:e3:b0:db:
ed:4c:37:89:85:f3:ef:50:ae:d9:aa:64:98:56:8b:
45:79:68:a7:a8:fd:64:71:ea:e1:8e:e4:46:c8:3f:
32:77:a9:8e:51:40:5e:c2:4b:e6:d4:4f:04:af:07:
79:4f:ed:01:44:b6:2c:94:5e:0d:b7:9e:ce:b2:37:
98:53:8c:de:e5:a2:0d:98:12:40:f7:9f:6d:eb:a5:
af:ac:34:29:71:df:29:a6:d4:34:2a:eb:ae:d7:45:
fb:ee:98:81:a1:49:51:2f:88:71:2b:27:48:b7:86:
e8:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:9B:DB:8B:5D:A0:16:EA:B9:6D:20:23:FA:7D:E9:DD:46:B6:24:57
X509v3 Authority Key Identifier:
keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/D5vbi12gFuq5bSAj-n3p3Ua2JFc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.224.0/22
80.71.236.0/24
IPv6:
2a09:6c40::/29
Signature Algorithm: sha256WithRSAEncryption
5b:08:fe:a7:0c:71:df:06:37:da:bf:89:07:47:ee:ef:c7:e0:
8b:f7:9b:7d:8d:31:a6:ff:6c:d0:89:07:36:7d:8c:40:e4:38:
3d:ee:02:24:ab:64:21:c8:f5:76:a9:c5:ab:ff:76:0b:4c:5e:
fc:aa:08:2f:4c:c7:4f:42:7c:87:c6:55:26:32:c4:8c:5d:51:
d4:16:07:d1:23:ed:7b:05:3e:7b:7a:1f:ff:66:59:7a:16:74:
b2:80:8e:20:f9:b1:29:40:ae:67:22:0e:2b:34:ab:08:a5:c0:
4a:b8:e6:11:5b:7a:d8:c9:c4:d7:bb:b6:76:15:1a:f1:7a:3d:
53:a2:f5:53:33:68:2b:42:a2:45:71:09:4b:89:3c:8f:65:b1:
66:a2:45:20:5b:59:be:f3:d2:24:a3:b9:4b:8e:04:9c:e6:18:
ab:32:ac:f8:da:f7:a3:7b:7d:41:45:4e:3a:e9:35:1a:7a:09:
65:ad:93:f0:1f:22:ab:b1:3f:70:21:c5:87:d2:84:97:71:3f:
f3:a9:a0:aa:4c:99:c3:48:e7:ad:85:63:92:be:c5:67:f9:55:
cb:4c:b0:6c:61:3c:a2:70:3c:3f:57:1a:c6:cc:f6:67:07:ad:
38:24:3d:54:6b:f8:50:e5:d1:be:79:38:ec:9f:ee:de:62:60:
92:2f:85:57
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYgyiTrbpLvfwF5uKrZuyRgoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjMwNTE5MDU0MzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjliZGI4YjVkYTAxNmVhYjk2ZDIwMjNmYTdkZTlkZDQ2YjYyNDU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwT5c/k3rrbjHMzCHxHTU61BuHqCn
Cik964S64HVeVYcb5Ln+rncwGpBxINriHncM1wCGEfUy4qxREB6ivCjKfHDY/nRd
7KbiUiO+JnfYAzEYuo5UBIyLMv8GvMsRU4nSAcDOEDGvf6sc2KTLyVDTcbsKvAHC
F81cLvv/UHX/3kTpYfQzs190R3MpvLA3IzYR+TjjsNvtTDeJhfPvUK7ZqmSYVotF
eWinqP1kcerhjuRGyD8yd6mOUUBewkvm1E8Erwd5T+0BRLYslF4Nt57OsjeYU4ze
5aINmBJA959t66WvrDQpcd8pptQ0Kuuu10X77piBoUlRL4hxKydIt4boewIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFA+b24tdoBbquW0gI/p96d1GtiRXMB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvRDV2YmkxMmdGdXE1YlNBai1uM3AzVWEySkZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLULgAwQA
UEfsMA0EAgACMAcDBQMqCWxAMA0GCSqGSIb3DQEBCwUAA4IBAQBbCP6nDHHfBjfa
v4kHR+7vx+CL95t9jTGm/2zQiQc2fYxA5Dg97gIkq2QhyPV2qcWr/3YLTF78qggv
TMdPQnyHxlUmMsSMXVHUFgfRI+17BT57eh//Zll6FnSygI4g+bEpQK5nIg4rNKsI
pcBKuOYRW3rYycTXu7Z2FRrxej1TovVTM2grQqJFcQlLiTyPZbFmokUgW1m+89Ik
o7lLjgSc5hirMqz42veje31BRU466TUaegllrZPwHyKrsT9wIcWH0oSXcT/zqaCq
TJnDSOethWOSvsVn+VXLTLBsYTyicDw/VxrGzPZnB604JD1Ua/hQ5dG+eTjsn+7e
YmCSL4VX
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:35 2024 by rpki-client on console-ams.rpki-client.org