Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/orsRy0UvqGse_V2s5C7jf5o1Nr8.roa
File: orsRy0UvqGse_V2s5C7jf5o1Nr8.roa (raw, json)
Hash identifier: WlEp0J1Hp3v/G5e/aPZcGEmzfziJZ7njxQTK2rqglPc=
Subject key identifier: A2:BB:11:CB:45:2F:A8:6B:1E:FD:5D:AC:E4:2E:E3:7F:9A:35:36:BF
Certificate issuer: /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial: 0186BC02B9BD225F6E8A292D7BB1BA15E9D6
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/orsRy0UvqGse_V2s5C7jf5o1Nr8.roa
Signing time: Tue 07 Mar 2023 12:19:00 +0000
ROA not before: Tue 07 Mar 2023 12:19:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 81.29.148.0/24 maxlen: 24
81.29.158.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:bc:02:b9:bd:22:5f:6e:8a:29:2d:7b:b1:ba:15:e9:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Validity
Not Before: Mar 7 12:19:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a2bb11cb452fa86b1efd5dace42ee37f9a3536bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:47:ab:6c:b3:ae:61:e5:5e:90:f2:82:5e:24:
8f:b0:3e:79:74:f7:73:16:7c:de:48:70:21:b5:c8:
53:a5:58:e2:9c:47:04:13:a0:10:bc:75:b2:0f:ef:
79:84:35:a0:fd:e1:55:55:1c:be:b7:a5:e4:85:ad:
3e:d4:28:e9:8a:c5:e0:a4:c6:44:80:d1:fb:5c:19:
02:93:4e:21:79:0b:4a:a0:98:1b:18:c0:59:98:3f:
6f:9a:53:e2:49:a5:16:ac:ea:8f:b9:b1:3c:da:40:
e8:91:c4:fa:4b:d3:6f:e2:94:7f:36:51:30:cf:64:
dc:3b:da:e2:f7:45:79:d4:5c:90:e0:64:fb:68:69:
12:0b:14:2a:e5:d9:cf:cc:87:e6:ef:d5:5b:ae:f1:
58:25:a8:dc:81:7a:a0:38:5c:f5:9b:58:36:d2:ca:
35:d6:84:03:90:ec:da:fa:20:bb:68:76:6c:e6:3a:
2f:01:8c:9f:14:ed:c0:8b:07:74:66:7c:86:b0:6f:
db:5b:9b:d1:df:fd:42:5b:4b:bc:e4:f6:d3:0b:07:
d4:b1:82:82:dd:d3:f9:52:9f:41:bd:b3:82:82:8a:
68:df:22:74:26:5c:7e:77:39:27:24:50:5e:da:eb:
73:ae:d6:62:9d:37:4b:92:12:84:9c:68:89:b1:bd:
57:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:BB:11:CB:45:2F:A8:6B:1E:FD:5D:AC:E4:2E:E3:7F:9A:35:36:BF
X509v3 Authority Key Identifier:
keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/orsRy0UvqGse_V2s5C7jf5o1Nr8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.29.148.0/24
81.29.158.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:7b:23:62:c7:b2:39:34:2f:48:52:d0:0f:48:ce:57:75:1e:
c6:81:91:47:35:0c:b4:b6:90:93:85:87:f2:6a:8a:1d:0e:01:
05:af:ba:56:08:6a:99:0f:58:06:e1:6b:34:c1:22:2b:de:d1:
80:cb:4f:fa:b3:0e:6c:69:3c:36:1c:0a:6f:07:87:a3:e9:b2:
b6:44:f2:ee:e7:93:27:47:47:e8:bc:ce:62:98:ba:d5:9b:8a:
3f:ab:23:67:ed:92:3f:96:4a:d1:27:82:9c:68:df:9a:6f:3a:
7f:9a:37:e2:87:56:63:27:23:d4:27:63:4e:b5:7e:bb:c4:7c:
b6:4d:c8:fb:8e:7b:ee:e3:35:49:6b:a4:8e:a6:fc:7d:ed:1b:
15:59:42:60:2f:58:7c:ba:ea:2b:86:2c:04:4f:c0:7c:d2:2d:
b3:09:3d:43:ab:3d:c8:5a:29:5c:96:2b:e2:9b:be:cc:d6:c2:
3f:bb:d5:d3:48:14:53:0e:a2:fe:94:09:2e:ac:33:f6:a7:48:
b6:66:cf:0e:2a:9a:38:02:d9:e9:7e:42:9d:a6:39:74:92:cb:
05:f9:64:32:b1:73:1e:27:1d:b7:2d:ba:66:99:a2:73:d8:3e:
9c:f1:25:2c:ee:37:84:d9:9b:a8:ff:47:d1:28:b0:c0:09:c7:
79:be:2f:25
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYa8Arm9Il9uiikte7G6FenWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjMwMzA3MTIxOTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmJiMTFjYjQ1MmZhODZiMWVmZDVkYWNlNDJlZTM3ZjlhMzUzNmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA60erbLOuYeVekPKCXiSPsD55dPdz
FnzeSHAhtchTpVjinEcEE6AQvHWyD+95hDWg/eFVVRy+t6Xkha0+1CjpisXgpMZE
gNH7XBkCk04heQtKoJgbGMBZmD9vmlPiSaUWrOqPubE82kDokcT6S9Nv4pR/NlEw
z2TcO9ri90V51FyQ4GT7aGkSCxQq5dnPzIfm79VbrvFYJajcgXqgOFz1m1g20so1
1oQDkOza+iC7aHZs5jovAYyfFO3Aiwd0ZnyGsG/bW5vR3/1CW0u85PbTCwfUsYKC
3dP5Up9BvbOCgopo3yJ0Jlx+dzknJFBe2utzrtZinTdLkhKEnGiJsb1XuwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKK7EctFL6hrHv1drOQu43+aNTa/MB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvb3JzUnkwVXZxR3NlX1YyczVDN2pmNW8xTnI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUR2UAwQA
UR2eMA0GCSqGSIb3DQEBCwUAA4IBAQAseyNix7I5NC9IUtAPSM5XdR7GgZFHNQy0
tpCThYfyaoodDgEFr7pWCGqZD1gG4Ws0wSIr3tGAy0/6sw5saTw2HApvB4ej6bK2
RPLu55MnR0fovM5imLrVm4o/qyNn7ZI/lkrRJ4KcaN+abzp/mjfih1ZjJyPUJ2NO
tX67xHy2Tcj7jnvu4zVJa6SOpvx97RsVWUJgL1h8uuorhiwET8B80i2zCT1Dqz3I
Wilclivim77M1sI/u9XTSBRTDqL+lAkurDP2p0i2Zs8OKpo4AtnpfkKdpjl0kssF
+WQysXMeJx23LbpmmaJz2D6c8SUs7jeE2Zuo/0fRKLDACcd5vi8l
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:56 2023 by rpki-client on console-fra.rpki-client.org