Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/MEhWwQ-zhsmaQRctrdSfPyvdI4M.roa
File: MEhWwQ-zhsmaQRctrdSfPyvdI4M.roa (raw, json)
Hash identifier: tQVffliHt1FfZ1cSdkRrMTFd3++/phAhVqHoG33p9wk=
Subject key identifier: 30:48:56:C1:0F:B3:86:C9:9A:41:17:2D:AD:D4:9F:3F:2B:DD:23:83
Certificate issuer: /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial: 01872D6F1C86C895CF0C5766D9E049540F7B
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/MEhWwQ-zhsmaQRctrdSfPyvdI4M.roa
Signing time: Wed 29 Mar 2023 12:54:29 +0000
ROA not before: Wed 29 Mar 2023 12:54:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 40676
IP address blocks: 80.71.231.0/24 maxlen: 24
80.71.233.0/24 maxlen: 24
80.71.236.0/24 maxlen: 24
80.71.234.0/24 maxlen: 24
81.29.157.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 29 Mar 2023 14:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:2d:6f:1c:86:c8:95:cf:0c:57:66:d9:e0:49:54:0f:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Validity
Not Before: Mar 29 12:54:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=304856c10fb386c99a41172dadd49f3f2bdd2383
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:ae:68:8b:5f:83:58:83:90:c7:22:67:e9:18:
5f:d6:c2:5e:c7:83:ab:7a:6e:d4:01:4a:13:a4:a1:
4f:64:13:ad:cd:ca:a8:a9:be:ea:e7:f5:d4:96:64:
ea:ea:c6:29:8f:46:57:17:b8:69:f9:fe:4f:50:34:
7a:bf:7d:dd:9b:1c:20:3e:89:db:4c:7e:ed:4d:93:
25:56:2b:77:08:0d:f1:dc:e6:93:35:d7:8d:c3:5c:
3e:cf:d4:9a:da:2f:e0:24:b3:df:5c:e8:8c:2c:45:
21:50:95:e5:e4:cb:ae:25:92:4d:83:25:72:50:89:
9d:5e:b5:3b:0d:75:df:f3:ee:7d:09:d9:29:ef:fb:
9d:a0:1a:2e:a5:65:c8:37:f4:3b:de:c5:1b:4d:21:
16:86:9d:5a:3e:47:b7:aa:e6:0d:8e:0f:67:2a:3f:
48:41:02:28:e6:14:a7:43:49:3d:74:80:07:a4:e5:
2b:7d:2b:bb:f3:a1:e8:83:6d:8c:2a:92:d0:60:0f:
90:b1:1f:f5:b5:70:f0:bb:cb:65:19:3e:85:25:f0:
55:d3:e5:e0:38:a9:ae:77:ec:f5:f3:cf:c6:6f:fd:
01:1e:5d:4d:e1:45:76:fd:3d:a1:d8:2b:35:b0:af:
a5:ca:82:7b:17:3a:5e:f7:0a:ad:b9:94:53:79:85:
5d:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:48:56:C1:0F:B3:86:C9:9A:41:17:2D:AD:D4:9F:3F:2B:DD:23:83
X509v3 Authority Key Identifier:
keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/MEhWwQ-zhsmaQRctrdSfPyvdI4M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.71.231.0/24
80.71.233.0-80.71.234.255
80.71.236.0/24
81.29.157.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:83:93:b7:c5:54:ff:b1:a7:30:55:ed:ad:3c:bf:c0:0f:62:
dd:1e:27:5b:12:cd:91:77:21:29:93:cb:ae:a4:99:6c:1f:8a:
ef:13:57:d3:95:66:3c:93:3c:5c:6e:12:67:35:24:b4:8c:3c:
a5:ac:c5:18:71:d3:b0:02:d1:31:2a:07:8e:39:37:de:9a:9c:
a0:e4:a1:a2:90:fd:99:95:10:82:73:83:b8:7b:bf:86:14:31:
80:7c:67:e1:62:2f:e9:48:a6:d7:0d:77:6f:23:80:f4:a2:95:
8b:6b:b7:95:76:3e:a0:95:8f:56:22:6a:20:b5:69:59:b0:5c:
68:b2:22:df:d1:aa:b6:d5:d6:13:e2:cc:bb:0c:a8:ce:e7:f9:
a3:3b:9c:b8:d4:67:7c:cf:b7:70:c3:73:f2:8f:6a:05:e2:be:
b6:a1:30:f1:74:f0:5d:91:82:f8:bd:9b:8b:64:bb:8d:cc:31:
8c:e2:4c:5a:8a:48:52:ab:e8:9b:e9:19:3d:8b:d2:2e:54:1e:
42:05:9b:a0:a7:dc:7a:0f:f9:d7:ad:2a:dd:72:f5:2d:9f:88:
2c:aa:bb:79:68:31:ea:a7:ec:40:79:65:e8:e1:d2:c6:fd:70:
e8:e2:87:7f:29:ff:40:ea:8e:88:8c:29:b5:0d:79:7f:da:04:
77:71:ef:60
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYctbxyGyJXPDFdm2eBJVA97MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjMwMzI5MTI1NDI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDQ4NTZjMTBmYjM4NmM5OWE0MTE3MmRhZGQ0OWYzZjJiZGQyMzgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1K5oi1+DWIOQxyJn6Rhf1sJex4Or
em7UAUoTpKFPZBOtzcqoqb7q5/XUlmTq6sYpj0ZXF7hp+f5PUDR6v33dmxwgPonb
TH7tTZMlVit3CA3x3OaTNdeNw1w+z9Sa2i/gJLPfXOiMLEUhUJXl5MuuJZJNgyVy
UImdXrU7DXXf8+59Cdkp7/udoBoupWXIN/Q73sUbTSEWhp1aPke3quYNjg9nKj9I
QQIo5hSnQ0k9dIAHpOUrfSu786Hog22MKpLQYA+QsR/1tXDwu8tlGT6FJfBV0+Xg
OKmud+z188/Gb/0BHl1N4UV2/T2h2Cs1sK+lyoJ7Fzpe9wqtuZRTeYVdaQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFDBIVsEPs4bJmkEXLa3Unz8r3SODMB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvTUVoV3dRLXpoc21hUVJjdHJkU2ZQeXZkSTRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAUEfnMAwD
BABQR+kDBABQR+oDBABQR+wDBABRHZ0wDQYJKoZIhvcNAQELBQADggEBAA2Dk7fF
VP+xpzBV7a08v8APYt0eJ1sSzZF3ISmTy66kmWwfiu8TV9OVZjyTPFxuEmc1JLSM
PKWsxRhx07AC0TEqB445N96anKDkoaKQ/ZmVEIJzg7h7v4YUMYB8Z+FiL+lIptcN
d28jgPSilYtrt5V2PqCVj1YiaiC1aVmwXGiyIt/RqrbV1hPizLsMqM7n+aM7nLjU
Z3zPt3DDc/KPagXivrahMPF08F2Rgvi9m4tku43MMYziTFqKSFKr6JvpGT2L0i5U
HkIFm6Cn3HoP+detKt1y9S2fiCyqu3loMeqn7EB5Zejh0sb9cOjih38p/0DqjoiM
KbUNeX/aBHdx72A=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:35 2024 by rpki-client on console-ams.rpki-client.org