Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/Ku4O0bA07sdzNeBTjec89d0sTcU.roa
File: Ku4O0bA07sdzNeBTjec89d0sTcU.roa (raw, json)
Hash identifier: yRG5lTF6iAhkLIdOBFBQTpbJuAofyCQ1m5hzwDErnfA=
Subject key identifier: 2A:EE:0E:D1:B0:34:EE:C7:73:35:E0:53:8D:E7:3C:F5:DD:2C:4D:C5
Certificate issuer: /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial: 0185ECF14BCE22546B883C4DA60BF3BB824B
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/Ku4O0bA07sdzNeBTjec89d0sTcU.roa
Signing time: Thu 26 Jan 2023 07:18:34 +0000
ROA not before: Thu 26 Jan 2023 07:18:34 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 80.71.229.0/24 maxlen: 24
80.71.232.0/24 maxlen: 24
81.29.153.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 26 Jun 2023 08:03:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:ec:f1:4b:ce:22:54:6b:88:3c:4d:a6:0b:f3:bb:82:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Validity
Not Before: Jan 26 07:18:34 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2aee0ed1b034eec77335e0538de73cf5dd2c4dc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:2f:49:96:b8:bf:a5:fc:ac:04:f9:3d:f4:75:
e1:78:6b:3d:aa:ba:7c:95:d5:f6:df:db:e7:d1:2e:
8a:0e:32:2f:7e:95:6a:07:3a:f7:62:79:17:a8:b9:
5e:34:aa:0d:60:ce:97:75:5e:cf:d1:ec:b7:5b:78:
02:1e:53:42:fe:91:38:f2:90:17:83:5d:ef:25:68:
b7:f6:99:20:ba:2c:0f:5b:49:82:30:f0:7e:89:43:
31:4b:b2:20:67:fc:9b:38:a5:9f:88:e4:8e:43:53:
39:ee:b2:5c:5e:17:d3:71:b8:54:19:1f:7c:08:f6:
37:00:30:9f:9e:ed:04:04:a5:14:6c:6c:cc:96:65:
ab:07:9c:f5:be:3b:72:2d:18:af:be:27:5c:cc:82:
a0:da:57:9f:89:9f:68:25:c9:02:23:35:1a:b3:19:
39:7d:47:31:e5:18:f1:99:59:a9:fd:59:c3:11:77:
bd:7a:67:72:a6:45:5f:8d:cc:85:d1:c1:12:41:e1:
59:c2:7d:67:dc:40:f9:58:2b:50:2f:68:eb:d5:e9:
59:36:f9:5a:28:0c:ab:5d:1f:ef:d1:5d:9d:9d:fe:
f6:d4:27:97:84:05:78:0d:86:6b:c0:4c:5d:85:0c:
ad:92:fb:c9:b7:25:b7:f0:55:5f:3e:9f:e8:ea:21:
66:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:EE:0E:D1:B0:34:EE:C7:73:35:E0:53:8D:E7:3C:F5:DD:2C:4D:C5
X509v3 Authority Key Identifier:
keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/Ku4O0bA07sdzNeBTjec89d0sTcU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.71.229.0/24
80.71.232.0/24
81.29.153.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:20:93:e0:d4:dc:db:f9:e0:5e:8e:76:e0:74:eb:b5:18:ca:
6b:eb:eb:db:9c:9d:61:5e:7e:43:e1:cc:d6:02:94:0a:c7:c7:
8f:cc:1a:71:c7:57:85:06:40:f1:0a:1e:f1:ee:04:b5:57:d8:
e4:da:d8:a6:32:96:f8:18:46:a6:95:48:0d:da:f2:69:71:ea:
5d:99:2c:82:b9:33:7f:cf:c6:7e:d8:fc:43:1a:ae:a8:d5:0f:
76:39:ab:6c:3e:61:49:1b:21:70:5c:8b:b6:92:9e:c6:a6:4a:
84:7a:7e:3e:f4:a6:a5:1e:90:69:3a:2f:b7:10:f0:d8:82:25:
e4:f5:c1:6f:48:a6:32:8f:34:d5:fe:8a:28:fc:b8:ae:f2:11:
1e:6a:0d:1e:85:05:49:c8:47:f3:aa:67:4a:24:be:01:6e:11:
d8:c7:b4:b0:63:a9:d6:59:8c:ad:d7:cf:dc:8f:72:c2:3c:d7:
72:14:cf:04:00:50:81:c2:b2:18:fb:55:58:90:5c:ec:1f:f2:
2d:84:75:30:39:0a:ee:3d:24:66:a7:9b:b1:97:47:ad:e4:38:
39:47:89:2b:d9:2c:e2:fa:cb:2c:d1:67:fe:11:41:29:b7:eb:
22:d1:a0:d0:cc:c3:4d:99:3f:92:99:75:e5:1c:69:66:43:91:
42:be:e6:81
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYXs8UvOIlRriDxNpgvzu4JLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjMwMTI2MDcxODM0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWVlMGVkMWIwMzRlZWM3NzMzNWUwNTM4ZGU3M2NmNWRkMmM0ZGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlC9Jlri/pfysBPk99HXheGs9qrp8
ldX239vn0S6KDjIvfpVqBzr3YnkXqLleNKoNYM6XdV7P0ey3W3gCHlNC/pE48pAX
g13vJWi39pkguiwPW0mCMPB+iUMxS7IgZ/ybOKWfiOSOQ1M57rJcXhfTcbhUGR98
CPY3ADCfnu0EBKUUbGzMlmWrB5z1vjtyLRivvidczIKg2lefiZ9oJckCIzUasxk5
fUcx5RjxmVmp/VnDEXe9emdypkVfjcyF0cESQeFZwn1n3ED5WCtQL2jr1elZNvla
KAyrXR/v0V2dnf721CeXhAV4DYZrwExdhQytkvvJtyW38FVfPp/o6iFmOQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCruDtGwNO7HczXgU43nPPXdLE3FMB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvS3U0TzBiQTA3c2R6TmVCVGplYzg5ZDBzVGNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUEflAwQA
UEfoAwQAUR2ZMA0GCSqGSIb3DQEBCwUAA4IBAQBOIJPg1Nzb+eBejnbgdOu1GMpr
6+vbnJ1hXn5D4czWApQKx8ePzBpxx1eFBkDxCh7x7gS1V9jk2timMpb4GEamlUgN
2vJpcepdmSyCuTN/z8Z+2PxDGq6o1Q92OatsPmFJGyFwXIu2kp7GpkqEen4+9Kal
HpBpOi+3EPDYgiXk9cFvSKYyjzTV/ooo/Liu8hEeag0ehQVJyEfzqmdKJL4BbhHY
x7SwY6nWWYyt18/cj3LCPNdyFM8EAFCBwrIY+1VYkFzsH/IthHUwOQruPSRmp5ux
l0et5Dg5R4kr2Szi+sss0Wf+EUEpt+si0aDQzMNNmT+SmXXlHGlmQ5FCvuaB
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:35 2024 by rpki-client on console-ams.rpki-client.org