Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/ob1xUubqMPvsV_7M2Myizkhn2Kw.roa
File: ob1xUubqMPvsV_7M2Myizkhn2Kw.roa (raw, json)
Hash identifier: GzfCQKAAB2ydFH0ECP8y4ZhESFmLRUUmeLPHjAhpQ3k=
Subject key identifier: A1:BD:71:52:E6:EA:30:FB:EC:57:FE:CC:D8:CC:A2:CE:48:67:D8:AC
Certificate issuer: /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial: 0187568E0CB3B97637F82BF83CE02FC63DF4
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/ob1xUubqMPvsV_7M2Myizkhn2Kw.roa
Signing time: Thu 06 Apr 2023 12:32:42 +0000
ROA not before: Thu 06 Apr 2023 12:32:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209408
IP address blocks: 80.71.225.0/24 maxlen: 24
80.71.228.0/24 maxlen: 24
45.66.224.0/22 maxlen: 22
81.29.145.0/24 maxlen: 24
81.29.146.0/24 maxlen: 24
81.29.149.0/24 maxlen: 24
81.29.148.0/24 maxlen: 24
81.29.147.0/24 maxlen: 24
81.29.156.0/24 maxlen: 24
81.29.158.0/24 maxlen: 24
2a09:6c40::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 12 Apr 2023 12:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:56:8e:0c:b3:b9:76:37:f8:2b:f8:3c:e0:2f:c6:3d:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Validity
Not Before: Apr 6 12:32:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a1bd7152e6ea30fbec57feccd8cca2ce4867d8ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:35:e1:53:ec:8d:3f:fa:76:81:6f:b5:96:a0:
65:a5:93:9d:ef:62:c3:3d:31:b7:68:c3:cb:c5:d0:
92:c3:3e:b1:a9:4e:a8:6f:f7:a6:f7:b7:78:b5:32:
64:ac:7b:df:e1:39:c7:6b:f1:07:38:14:1a:76:41:
3f:14:7c:9d:c1:1d:19:70:10:db:d5:96:4c:c6:73:
a3:40:bd:46:39:c0:85:24:93:83:b7:e2:e3:47:c8:
f0:fc:55:7f:77:6a:f1:9a:bf:94:29:b5:2c:98:97:
69:a9:b2:21:20:a0:7f:58:ac:18:b6:00:67:c8:7d:
66:29:00:ad:0b:9c:b8:89:97:0a:16:41:5b:17:86:
a6:e7:7c:9d:e5:92:8f:38:c5:25:4d:b2:c6:49:93:
a9:c6:58:4e:ae:1e:56:ea:db:ae:b5:76:62:2b:4a:
b0:ad:4d:a5:f0:c8:a0:a0:8d:e8:9f:44:0e:24:e6:
57:b1:31:2e:86:8a:16:c0:13:39:0b:65:e0:1a:55:
f6:9e:fb:ab:89:66:67:78:d7:ac:7e:61:29:e3:71:
e3:8f:6f:8c:1e:29:e8:f7:86:06:58:d6:49:c3:db:
4c:e6:c4:ef:8e:ab:ab:80:cd:8d:61:5c:96:96:96:
fd:77:61:47:e0:24:28:39:8a:23:b4:66:20:0e:36:
e6:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:BD:71:52:E6:EA:30:FB:EC:57:FE:CC:D8:CC:A2:CE:48:67:D8:AC
X509v3 Authority Key Identifier:
keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/ob1xUubqMPvsV_7M2Myizkhn2Kw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.224.0/22
80.71.225.0/24
80.71.228.0/24
81.29.145.0-81.29.149.255
81.29.156.0/24
81.29.158.0/24
IPv6:
2a09:6c40::/29
Signature Algorithm: sha256WithRSAEncryption
70:49:14:cf:d8:73:a2:64:1c:92:30:08:8c:4d:fa:7a:6c:9e:
e7:ab:13:1f:5f:d6:14:ff:c6:b1:d7:a2:0b:19:52:db:b3:9c:
43:3f:be:dd:59:4c:61:78:81:8e:56:aa:01:69:b7:65:c3:29:
bd:f2:3b:3a:03:63:a6:e9:f3:c9:fd:c0:cb:29:6b:79:7a:89:
cf:be:e1:6a:e8:f9:cd:32:d6:d8:99:75:68:d4:a8:c8:98:67:
0a:a5:da:5d:7d:be:02:94:40:d8:c3:ea:2a:92:1f:3c:01:dd:
c3:a3:ff:07:c7:36:77:0a:06:17:b7:82:7e:a6:b3:71:03:c1:
af:47:56:a5:3f:f4:7a:51:41:15:a9:31:39:4c:1e:d7:4a:03:
23:52:36:0f:32:9e:07:57:b9:dc:e1:a6:be:8a:8f:78:db:66:
d3:7d:88:43:5f:8c:7c:e3:72:09:77:56:b6:0b:bb:b5:fc:c1:
d9:da:47:cc:b2:1e:fb:ab:d6:67:da:84:86:2c:20:1a:5a:3b:
15:78:56:56:71:c6:c3:f0:bf:b9:a8:d7:9b:44:09:c9:38:60:
28:27:0f:08:c7:e3:56:ff:24:02:0d:d8:9c:20:52:be:63:4b:
a3:c6:49:73:e6:82:2b:27:e7:c8:58:42:3e:5b:e1:ac:0b:ca:
32:b1:08:1f
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAYdWjgyzuXY3+Cv4POAvxj30MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjMwNDA2MTIzMjQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWJkNzE1MmU2ZWEzMGZiZWM1N2ZlY2NkOGNjYTJjZTQ4NjdkOGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApDXhU+yNP/p2gW+1lqBlpZOd72LD
PTG3aMPLxdCSwz6xqU6ob/em97d4tTJkrHvf4TnHa/EHOBQadkE/FHydwR0ZcBDb
1ZZMxnOjQL1GOcCFJJODt+LjR8jw/FV/d2rxmr+UKbUsmJdpqbIhIKB/WKwYtgBn
yH1mKQCtC5y4iZcKFkFbF4am53yd5ZKPOMUlTbLGSZOpxlhOrh5W6tuutXZiK0qw
rU2l8MigoI3on0QOJOZXsTEuhooWwBM5C2XgGlX2nvuriWZneNesfmEp43Hjj2+M
Hino94YGWNZJw9tM5sTvjqurgM2NYVyWlpb9d2FH4CQoOYojtGYgDjbm3wIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFKG9cVLm6jD77Ff+zNjMos5IZ9isMB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvb2IxeFV1YnFNUHZzVl83TTJNeWl6a2huMkt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAyBAIAATAsAwQCLULgAwQA
UEfhAwQAUEfkMAwDBABRHZEDBAFRHZQDBABRHZwDBABRHZ4wDQQCAAIwBwMFAyoJ
bEAwDQYJKoZIhvcNAQELBQADggEBAHBJFM/Yc6JkHJIwCIxN+npsnuerEx9f1hT/
xrHXogsZUtuznEM/vt1ZTGF4gY5WqgFpt2XDKb3yOzoDY6bp88n9wMspa3l6ic++
4Wro+c0y1tiZdWjUqMiYZwql2l19vgKUQNjD6iqSHzwB3cOj/wfHNncKBhe3gn6m
s3EDwa9HVqU/9HpRQRWpMTlMHtdKAyNSNg8yngdXudzhpr6Kj3jbZtN9iENfjHzj
cgl3VrYLu7X8wdnaR8yyHvur1mfahIYsIBpaOxV4VlZxxsPwv7mo15tECck4YCgn
DwjH41b/JAIN2JwgUr5jS6PGSXPmgisn58hYQj5b4awLyjKxCB8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:36 2024 by rpki-client on console-ams.rpki-client.org