Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/epA1-XcCJy5JTUplAgcpXeO3hWg.roa
File: epA1-XcCJy5JTUplAgcpXeO3hWg.roa (raw, json)
Hash identifier: trx5R7INbc890TrBeQttvBEtqqGEpRcv2zTJhp0Mb9w=
Subject key identifier: 7A:90:35:F9:77:02:27:2E:49:4D:4A:65:02:07:29:5D:E3:B7:85:68
Certificate issuer: /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial: 01891F65C508680FBFC70CEB4B60A229C1CB
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/epA1-XcCJy5JTUplAgcpXeO3hWg.roa
Signing time: Tue 04 Jul 2023 05:35:10 +0000
ROA not before: Tue 04 Jul 2023 05:35:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209408
IP address blocks: 80.71.232.0/24 maxlen: 24
45.66.224.0/22 maxlen: 22
81.29.151.0/24 maxlen: 24
2a09:6c40::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 21 Jul 2023 11:01:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:1f:65:c5:08:68:0f:bf:c7:0c:eb:4b:60:a2:29:c1:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Validity
Not Before: Jul 4 05:35:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7a9035f97702272e494d4a650207295de3b78568
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:79:b9:d8:50:04:1a:55:6b:89:e0:85:fc:d7:
70:54:79:6e:eb:29:cd:f3:4f:28:b8:24:db:44:10:
81:b9:cb:7a:f3:0b:59:76:16:24:01:69:ab:af:c0:
7d:35:eb:26:94:87:72:78:b2:5d:bf:ee:55:cd:83:
8a:5f:62:12:af:48:48:cc:d3:11:f6:82:de:e6:38:
e9:25:76:7a:b6:b1:35:b4:ff:ea:4c:a6:25:6e:a2:
ae:c6:fb:af:26:0b:cf:00:00:ee:f1:16:04:2c:ba:
91:46:82:4b:d2:4f:b0:c7:cf:b1:c0:b6:ac:81:b0:
5d:59:92:02:0e:aa:9f:1c:8b:bb:76:80:64:85:d1:
a0:e0:7a:a5:30:f9:59:8b:0f:ea:05:47:43:26:5a:
dd:58:0d:02:31:42:9e:56:a1:c0:e5:31:c3:7b:0a:
ce:02:f5:d5:ad:f6:1f:4c:9f:a5:34:a4:30:99:d1:
29:28:62:0a:5e:f0:93:6c:8e:d7:c5:c9:ee:68:06:
b7:23:aa:68:77:c5:fa:39:69:de:9b:73:02:06:71:
9d:f6:f7:bf:89:ac:f6:47:4b:54:ab:fb:58:a7:20:
0b:6e:03:de:ca:62:29:a3:c1:83:be:67:c9:1a:8d:
2d:74:70:b6:62:1e:6f:c1:e6:20:15:3c:dc:26:fe:
e4:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:90:35:F9:77:02:27:2E:49:4D:4A:65:02:07:29:5D:E3:B7:85:68
X509v3 Authority Key Identifier:
keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/epA1-XcCJy5JTUplAgcpXeO3hWg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.224.0/22
80.71.232.0/24
81.29.151.0/24
IPv6:
2a09:6c40::/29
Signature Algorithm: sha256WithRSAEncryption
a2:60:67:7a:fe:a0:6f:ad:ab:7c:ca:01:fd:7d:56:ff:48:40:
7c:67:85:4b:5c:41:54:db:bd:14:3a:14:9a:73:7f:1e:cc:42:
c0:52:06:cb:7e:8c:8e:66:07:18:49:b4:5a:85:42:9c:d2:1d:
2a:e8:09:83:80:3b:4f:55:80:60:fb:93:ce:3b:93:db:18:1d:
5f:a5:de:fb:7d:94:23:14:d7:46:d6:3c:32:68:b2:0f:ae:03:
ea:f4:45:e8:07:7b:08:40:79:5b:41:3a:8e:15:a0:bc:67:ac:
ed:85:b0:11:76:01:42:28:31:55:cb:e9:9c:52:c7:ab:cc:26:
c5:c2:fe:61:18:67:c2:1f:ec:b9:fb:82:46:c7:85:c0:60:0e:
07:1d:c3:e5:6e:77:a7:12:a7:9a:fc:3e:22:30:6c:bf:49:a9:
6d:34:9f:bc:c5:dd:fb:27:11:51:40:5d:38:8a:2e:54:c1:af:
4e:f0:62:1e:7c:46:5b:5e:88:cb:e7:d0:12:b6:a4:eb:c4:0c:
75:b9:f3:6c:a4:f3:3e:db:bd:65:7b:2a:64:77:58:9d:10:aa:
ca:ca:5e:fb:93:90:1d:6d:93:80:de:65:55:31:1c:1a:f4:24:
9c:e5:91:d1:a5:9b:b7:dc:b4:67:47:9f:a1:ab:59:07:af:70:
d3:20:82:84
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYkfZcUIaA+/xwzrS2CiKcHLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjMwNzA0MDUzNTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTkwMzVmOTc3MDIyNzJlNDk0ZDRhNjUwMjA3Mjk1ZGUzYjc4NTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkXm52FAEGlVrieCF/NdwVHlu6ynN
808ouCTbRBCBuct68wtZdhYkAWmrr8B9NesmlIdyeLJdv+5VzYOKX2ISr0hIzNMR
9oLe5jjpJXZ6trE1tP/qTKYlbqKuxvuvJgvPAADu8RYELLqRRoJL0k+wx8+xwLas
gbBdWZICDqqfHIu7doBkhdGg4HqlMPlZiw/qBUdDJlrdWA0CMUKeVqHA5THDewrO
AvXVrfYfTJ+lNKQwmdEpKGIKXvCTbI7XxcnuaAa3I6pod8X6OWnem3MCBnGd9ve/
iaz2R0tUq/tYpyALbgPeymIpo8GDvmfJGo0tdHC2Yh5vweYgFTzcJv7kfwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFHqQNfl3AicuSU1KZQIHKV3jt4VoMB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvZXBBMS1YY0NKeTVKVFVwbEFnY3BYZU8zaFdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCLULgAwQA
UEfoAwQAUR2XMA0EAgACMAcDBQMqCWxAMA0GCSqGSIb3DQEBCwUAA4IBAQCiYGd6
/qBvrat8ygH9fVb/SEB8Z4VLXEFU270UOhSac38ezELAUgbLfoyOZgcYSbRahUKc
0h0q6AmDgDtPVYBg+5POO5PbGB1fpd77fZQjFNdG1jwyaLIPrgPq9EXoB3sIQHlb
QTqOFaC8Z6zthbARdgFCKDFVy+mcUserzCbFwv5hGGfCH+y5+4JGx4XAYA4HHcPl
bnenEqea/D4iMGy/SaltNJ+8xd37JxFRQF04ii5Uwa9O8GIefEZbXojL59AStqTr
xAx1ufNspPM+271leypkd1idEKrKyl77k5AdbZOA3mVVMRwa9CSc5ZHRpZu33LRn
R5+hq1kHr3DTIIKE
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:36 2024 by rpki-client on console-ams.rpki-client.org