Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/UjhoaQc8Nr3i_3C_vXf__rIct2k.roa
File: UjhoaQc8Nr3i_3C_vXf__rIct2k.roa (raw, json)
Hash identifier: 0nDNqyEK853kF/dst+PRH6cS+JQhwFvD1eDrwq0/9WM=
Subject key identifier: 52:38:68:69:07:3C:36:BD:E2:FF:70:BF:BD:77:FF:FE:B2:1C:B7:69
Certificate issuer: /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial: 018C38AEE3D20BE966B6E28792AEC15B6B23
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/UjhoaQc8Nr3i_3C_vXf__rIct2k.roa
Signing time: Tue 05 Dec 2023 06:33:54 +0000
ROA not before: Tue 05 Dec 2023 06:33:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2914
IP address blocks: 80.71.228.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:38:ae:e3:d2:0b:e9:66:b6:e2:87:92:ae:c1:5b:6b:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Validity
Not Before: Dec 5 06:33:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=52386869073c36bde2ff70bfbd77fffeb21cb769
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:c7:7c:68:71:0e:68:90:ef:36:3d:5e:8d:f7:
2e:ae:86:02:a3:d3:07:c4:ff:aa:ae:eb:6a:4a:bd:
fb:cd:e7:7d:6b:04:8e:74:ca:71:e4:db:76:5e:ad:
30:00:ce:c4:ef:a1:9a:ba:fe:63:8f:38:0c:e4:fd:
d7:ef:7e:e1:b4:80:9a:ad:3f:0f:24:aa:75:1a:3c:
bf:81:6e:c2:08:8f:e6:12:d3:5f:22:25:df:ed:05:
88:08:e7:34:ea:34:ab:ea:65:a2:74:4a:d4:ce:83:
7b:a7:ce:df:0a:cd:43:a6:32:a6:34:db:2e:78:f1:
02:b0:fd:73:bc:08:ec:85:6b:c9:1d:f5:40:07:c5:
0a:2c:a1:d8:da:48:7e:4b:f9:98:5e:c1:e7:16:6c:
23:22:d8:11:ae:5b:22:8d:69:d5:f3:b4:4d:14:bd:
c9:14:8c:b2:20:d4:30:ca:cf:b7:bf:a3:b2:af:23:
d4:59:1e:50:70:36:7e:43:bc:fa:1d:95:b8:4e:d5:
42:a5:0b:be:f9:81:3f:3a:7a:9b:38:41:dc:4a:88:
ec:ea:91:ff:71:31:3a:5c:85:a4:7c:69:dd:81:64:
0c:86:40:c9:69:83:0d:b1:58:cc:3c:6d:18:5e:86:
51:81:97:aa:c1:f7:6e:aa:79:d0:54:c4:44:73:17:
17:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:38:68:69:07:3C:36:BD:E2:FF:70:BF:BD:77:FF:FE:B2:1C:B7:69
X509v3 Authority Key Identifier:
keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/UjhoaQc8Nr3i_3C_vXf__rIct2k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.71.228.0/23
Signature Algorithm: sha256WithRSAEncryption
9c:eb:ea:7a:65:d8:73:15:8e:5e:2e:76:3d:bd:2e:a7:9c:d7:
ac:02:4d:01:23:66:7d:3d:c4:45:a0:72:0c:af:91:c7:68:0e:
17:a7:bc:e0:00:46:66:82:86:90:38:d1:19:bf:01:8c:b0:34:
f6:de:36:7a:d9:31:0d:b7:31:33:4c:8f:ab:ee:18:28:2c:6a:
68:56:f6:e8:c0:39:51:08:83:19:7a:b6:15:bf:f2:6a:5d:ca:
1b:ce:f4:7e:af:92:ba:4a:92:7c:f6:17:d6:dc:8c:20:0e:55:
ec:48:94:fd:fc:ad:09:e9:75:a8:41:e3:0b:cf:a8:ea:55:56:
c3:04:a5:01:86:3c:a8:1d:f7:e9:cb:af:3f:49:64:ac:89:12:
49:35:26:91:a7:fc:53:66:d6:7b:66:67:44:a9:4f:74:b7:3e:
8b:f2:12:5d:e8:3f:a6:78:30:f6:cc:a0:95:eb:c5:f8:00:3d:
d7:fc:e0:0e:3b:78:6b:5b:14:13:78:e6:96:8a:47:fe:7c:2e:
a0:5a:08:c0:23:3d:6f:ad:e4:72:41:06:71:0f:17:55:cb:21:
32:af:6c:7f:eb:90:15:ff:18:7a:d9:82:26:ef:b1:db:dc:69:
81:fe:6b:7b:d3:f8:e3:65:be:0c:f5:68:16:04:2c:03:20:e5:
69:27:29:92
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYw4ruPSC+lmtuKHkq7BW2sjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjMxMjA1MDYzMzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjM4Njg2OTA3M2MzNmJkZTJmZjcwYmZiZDc3ZmZmZWIyMWNiNzY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgMd8aHEOaJDvNj1ejfcuroYCo9MH
xP+qrutqSr37zed9awSOdMpx5Nt2Xq0wAM7E76Gauv5jjzgM5P3X737htICarT8P
JKp1Gjy/gW7CCI/mEtNfIiXf7QWICOc06jSr6mWidErUzoN7p87fCs1DpjKmNNsu
ePECsP1zvAjshWvJHfVAB8UKLKHY2kh+S/mYXsHnFmwjItgRrlsijWnV87RNFL3J
FIyyINQwys+3v6OyryPUWR5QcDZ+Q7z6HZW4TtVCpQu++YE/OnqbOEHcSojs6pH/
cTE6XIWkfGndgWQMhkDJaYMNsVjMPG0YXoZRgZeqwfduqnnQVMREcxcXAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFI4aGkHPDa94v9wv713//6yHLdpMB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvVWpob2FRYzhOcjNpXzNDX3ZYZl9fckljdDJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBUEfkMA0G
CSqGSIb3DQEBCwUAA4IBAQCc6+p6ZdhzFY5eLnY9vS6nnNesAk0BI2Z9PcRFoHIM
r5HHaA4Xp7zgAEZmgoaQONEZvwGMsDT23jZ62TENtzEzTI+r7hgoLGpoVvbowDlR
CIMZerYVv/JqXcobzvR+r5K6SpJ89hfW3IwgDlXsSJT9/K0J6XWoQeMLz6jqVVbD
BKUBhjyoHffpy68/SWSsiRJJNSaRp/xTZtZ7ZmdEqU90tz6L8hJd6D+meDD2zKCV
68X4AD3X/OAOO3hrWxQTeOaWikf+fC6gWgjAIz1vreRyQQZxDxdVyyEyr2x/65AV
/xh62YIm77Hb3GmB/mt70/jjZb4M9WgWBCwDIOVpJymS
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:21:43 2024 by rpki-client on console-ams.rpki-client.org