Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/egZa9iQSxb5PEJq9nlYTdL9Znas.roa
File: egZa9iQSxb5PEJq9nlYTdL9Znas.roa (raw, json)
Hash identifier: jFnE8oSyItEGG4eXBMLrBQF7w6NDNobNkZFuZ4rl72A=
Subject key identifier: 7A:06:5A:F6:24:12:C5:BE:4F:10:9A:BD:9E:56:13:74:BF:59:9D:AB
Certificate issuer: /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial: 018DF390C7A984ACDED44E235FF7BDFBE2A8
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/egZa9iQSxb5PEJq9nlYTdL9Znas.roa
Signing time: Thu 29 Feb 2024 06:32:48 +0000
ROA not before: Thu 29 Feb 2024 06:32:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198037
IP address blocks: 80.71.227.0/24 maxlen: 24
80.71.232.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 03 Mar 2024 21:36:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f3:90:c7:a9:84:ac:de:d4:4e:23:5f:f7:bd:fb:e2:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Validity
Not Before: Feb 29 06:32:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7a065af62412c5be4f109abd9e561374bf599dab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:29:fe:55:5f:4f:d4:bc:71:23:3f:22:55:35:
5a:08:0c:4a:d1:cd:0c:97:db:ed:ef:12:52:b0:08:
c3:ec:14:8d:0e:f9:48:ea:99:92:fc:51:d6:6b:c9:
0e:56:1d:18:e6:aa:2a:56:9d:1a:90:49:1a:82:e3:
3d:b2:ca:3b:68:ac:09:c8:4b:c7:d7:31:b6:0e:64:
02:eb:7d:63:0a:60:50:cb:c5:1c:80:f6:0f:32:7f:
7d:3e:01:a5:fe:d5:5e:bb:09:0b:e5:58:fe:05:79:
df:dd:60:a1:b7:94:83:2b:a5:90:6e:6f:82:ec:4a:
fe:69:63:09:d4:55:a6:28:bb:0f:8b:01:6a:89:72:
dc:23:f1:56:5c:b6:3f:74:12:0e:68:4d:10:fe:b3:
05:72:9d:a2:a1:3c:37:e6:5d:d2:3f:62:37:18:90:
2a:84:fa:09:6a:6c:1f:ab:9b:3f:c4:59:ca:87:37:
12:88:bb:31:bc:ce:4b:9d:fb:ef:cb:9d:11:fd:a4:
60:2f:a7:fc:3b:a8:df:cc:8c:a7:5a:a5:e2:c8:85:
f2:1d:84:ad:87:a6:69:b5:f8:25:e7:97:21:3a:c8:
c3:53:6a:1a:7c:93:2e:46:63:12:3a:bd:ac:1a:23:
6c:71:e9:fe:4f:42:4c:84:e3:58:2c:2c:31:4b:bd:
8f:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:06:5A:F6:24:12:C5:BE:4F:10:9A:BD:9E:56:13:74:BF:59:9D:AB
X509v3 Authority Key Identifier:
keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/egZa9iQSxb5PEJq9nlYTdL9Znas.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.71.227.0/24
80.71.232.0/24
Signature Algorithm: sha256WithRSAEncryption
68:c7:8f:33:c5:36:31:cb:b2:e6:a2:b4:75:4b:67:4c:5f:c5:
0f:a1:92:52:67:54:d1:de:97:5c:49:7b:4b:93:5a:3e:81:4a:
ca:b0:f6:b9:bc:34:65:70:eb:dd:c4:4f:b5:1e:2b:d5:c1:a2:
59:f1:9c:bb:06:13:32:f1:4c:17:a9:b9:14:4d:72:27:73:42:
76:f6:89:81:34:05:9d:17:6d:ea:ff:32:d6:d1:8f:7a:4d:81:
5d:7f:b7:7d:03:b1:ff:d4:ec:90:2d:40:ac:e2:36:a8:d6:d4:
34:61:73:4e:95:3c:6d:76:db:32:b2:26:b8:df:45:cd:cd:e2:
aa:3b:8f:b1:bc:22:93:b7:2d:39:da:e1:da:8d:b4:0e:24:20:
af:e4:65:3c:38:6c:8a:d7:11:00:79:ec:e6:2d:97:8f:49:62:
d9:b7:cf:8f:fb:14:6e:a2:5d:13:ec:86:b4:e7:43:ae:ca:6b:
e1:37:db:f5:ec:b3:7a:51:e4:ea:8d:bf:28:98:9e:6d:a3:ae:
8b:eb:e0:b8:a8:a1:85:d1:fe:f9:45:1e:d6:49:b7:fc:2d:a1:
d0:8a:c7:5f:26:f2:d7:ff:1b:9f:67:db:73:84:66:8d:ee:79:
d7:4b:9e:35:62:78:e0:66:ed:f7:64:a3:ea:46:2a:17:99:f0:
6f:b4:3c:b9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY3zkMephKze1E4jX/e9++KoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjQwMjI5MDYzMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTA2NWFmNjI0MTJjNWJlNGYxMDlhYmQ5ZTU2MTM3NGJmNTk5ZGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApSn+VV9P1LxxIz8iVTVaCAxK0c0M
l9vt7xJSsAjD7BSNDvlI6pmS/FHWa8kOVh0Y5qoqVp0akEkaguM9sso7aKwJyEvH
1zG2DmQC631jCmBQy8UcgPYPMn99PgGl/tVeuwkL5Vj+BXnf3WCht5SDK6WQbm+C
7Er+aWMJ1FWmKLsPiwFqiXLcI/FWXLY/dBIOaE0Q/rMFcp2ioTw35l3SP2I3GJAq
hPoJamwfq5s/xFnKhzcSiLsxvM5Lnfvvy50R/aRgL6f8O6jfzIynWqXiyIXyHYSt
h6Zptfgl55chOsjDU2oafJMuRmMSOr2sGiNscen+T0JMhONYLCwxS72PEwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHoGWvYkEsW+TxCavZ5WE3S/WZ2rMB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvZWdaYTlpUVN4YjVQRUpxOW5sWVRkTDlabmFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUEfjAwQA
UEfoMA0GCSqGSIb3DQEBCwUAA4IBAQBox48zxTYxy7LmorR1S2dMX8UPoZJSZ1TR
3pdcSXtLk1o+gUrKsPa5vDRlcOvdxE+1HivVwaJZ8Zy7BhMy8UwXqbkUTXInc0J2
9omBNAWdF23q/zLW0Y96TYFdf7d9A7H/1OyQLUCs4jao1tQ0YXNOlTxtdtsysia4
30XNzeKqO4+xvCKTty052uHajbQOJCCv5GU8OGyK1xEAeezmLZePSWLZt8+P+xRu
ol0T7Ia050OuymvhN9v17LN6UeTqjb8omJ5to66L6+C4qKGF0f75RR7WSbf8LaHQ
isdfJvLX/xufZ9tzhGaN7nnXS541YnjgZu33ZKPqRioXmfBvtDy5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:40 2024 by rpki-client on console-fra.rpki-client.org