Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/pD0gOgf_o3D_A9kNR5Flc_JtBT4.roa
File: pD0gOgf_o3D_A9kNR5Flc_JtBT4.roa (raw, json)
Hash identifier: bvzRQv2fC7T3XXKbezSykz077VvdCCzDvlc++LlMFF0=
Subject key identifier: A4:3D:20:3A:07:FF:A3:70:FF:03:D9:0D:47:91:65:73:F2:6D:05:3E
Certificate issuer: /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial: 018A83410A376601A438FDE0E5163E08E4B1
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/pD0gOgf_o3D_A9kNR5Flc_JtBT4.roa
Signing time: Mon 11 Sep 2023 07:59:52 +0000
ROA not before: Mon 11 Sep 2023 07:59:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 400377
IP address blocks: 80.71.227.0/24 maxlen: 24
80.71.233.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:83:41:0a:37:66:01:a4:38:fd:e0:e5:16:3e:08:e4:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Validity
Not Before: Sep 11 07:59:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a43d203a07ffa370ff03d90d47916573f26d053e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:2e:9b:79:ab:14:47:ba:d9:bc:e8:8c:fb:d6:
2e:d1:61:da:07:9e:ac:8a:b8:9a:d1:a9:bd:3b:95:
b2:0e:80:e9:25:03:c4:e2:cd:3c:f1:b6:7f:d7:85:
1c:b5:17:8b:8d:33:7c:dd:5e:d9:c3:b6:01:ec:bb:
4e:3c:4d:67:1b:8c:94:ff:dd:c2:24:16:99:61:f9:
48:84:49:e0:b6:66:e3:66:13:09:cc:74:36:1a:ef:
00:26:05:4f:95:d3:d0:99:a1:76:c4:8e:6b:00:39:
49:67:d4:c2:d0:cb:9e:c6:06:33:10:db:1e:75:f2:
b2:dc:a0:34:70:b4:b3:4d:d6:47:e2:f6:04:f7:5b:
ad:a9:3e:80:be:6e:9e:a8:24:1b:f0:4a:7b:56:b7:
a2:53:73:75:00:d3:85:1d:4f:9c:3c:72:6b:05:9b:
ed:25:38:b3:04:cd:ab:d0:5d:22:71:4f:d0:71:bd:
89:d7:86:c0:eb:f7:29:5f:c4:05:c8:ca:02:c2:4e:
42:ce:c5:d0:81:ab:64:60:95:c4:ea:a4:34:3f:20:
78:83:16:0b:52:38:26:ce:a4:15:44:ad:71:98:82:
5c:96:f1:a9:d3:20:7a:e5:c7:ab:20:b8:c8:29:7e:
ee:eb:ea:9a:c9:f1:6e:90:65:97:fc:c9:bd:bb:0b:
0b:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:3D:20:3A:07:FF:A3:70:FF:03:D9:0D:47:91:65:73:F2:6D:05:3E
X509v3 Authority Key Identifier:
keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/pD0gOgf_o3D_A9kNR5Flc_JtBT4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.71.227.0/24
80.71.233.0/24
Signature Algorithm: sha256WithRSAEncryption
59:ef:46:5a:6f:e9:14:1c:3a:af:5e:b1:fc:fa:d9:7c:c5:65:
8f:ee:9d:f5:e2:02:56:b5:56:7a:69:7e:6f:dd:b1:c4:39:17:
b7:81:ba:80:24:32:17:3b:8c:85:60:34:12:ee:c5:46:fc:13:
b4:e5:e0:0f:02:db:fa:9f:92:a9:70:b2:26:f9:72:40:f0:bd:
3a:dd:b0:2e:3b:09:ef:af:1f:28:a8:28:a5:a2:b5:ec:be:cd:
f6:0f:01:cd:12:5c:79:85:68:d5:b7:39:dd:8f:af:99:7d:bd:
a2:ac:15:ee:84:cb:dd:b2:43:41:9e:f9:e3:62:c2:10:a9:f0:
2d:f2:4c:3a:35:a5:76:73:f4:4f:90:fb:53:94:28:d9:90:4e:
ce:59:a5:8e:6a:b7:6a:31:24:c4:e2:00:18:51:7f:e3:66:b2:
c5:f4:55:63:b9:3e:60:76:e0:f1:23:1c:50:a1:f8:d0:7b:7b:
11:2e:3e:15:8a:cc:2f:41:ca:3f:bb:df:86:f6:3a:d6:e6:b1:
10:36:58:04:7f:95:0b:cf:48:e4:a8:28:4d:c5:5c:f3:0d:5f:
89:7a:49:58:46:6d:8d:d7:6e:02:b4:20:da:8f:42:79:23:1c:
51:e9:00:8d:43:19:ac:e9:d1:8b:f5:26:7d:dd:2d:91:a5:9b:
63:a6:b3:da
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYqDQQo3ZgGkOP3g5RY+COSxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjMwOTExMDc1OTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDNkMjAzYTA3ZmZhMzcwZmYwM2Q5MGQ0NzkxNjU3M2YyNmQwNTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhi6beasUR7rZvOiM+9Yu0WHaB56s
iria0am9O5WyDoDpJQPE4s088bZ/14UctReLjTN83V7Zw7YB7LtOPE1nG4yU/93C
JBaZYflIhEngtmbjZhMJzHQ2Gu8AJgVPldPQmaF2xI5rADlJZ9TC0MuexgYzENse
dfKy3KA0cLSzTdZH4vYE91utqT6Avm6eqCQb8Ep7VreiU3N1ANOFHU+cPHJrBZvt
JTizBM2r0F0icU/Qcb2J14bA6/cpX8QFyMoCwk5CzsXQgatkYJXE6qQ0PyB4gxYL
UjgmzqQVRK1xmIJclvGp0yB65cerILjIKX7u6+qayfFukGWX/Mm9uwsLkwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKQ9IDoH/6Nw/wPZDUeRZXPybQU+MB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvcEQwZ09nZl9vM0RfQTlrTlI1RmxjX0p0QlQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUEfjAwQA
UEfpMA0GCSqGSIb3DQEBCwUAA4IBAQBZ70Zab+kUHDqvXrH8+tl8xWWP7p314gJW
tVZ6aX5v3bHEORe3gbqAJDIXO4yFYDQS7sVG/BO05eAPAtv6n5KpcLIm+XJA8L06
3bAuOwnvrx8oqCilorXsvs32DwHNElx5hWjVtzndj6+Zfb2irBXuhMvdskNBnvnj
YsIQqfAt8kw6NaV2c/RPkPtTlCjZkE7OWaWOardqMSTE4gAYUX/jZrLF9FVjuT5g
duDxIxxQofjQe3sRLj4ViswvQco/u9+G9jrW5rEQNlgEf5ULz0jkqChNxVzzDV+J
eklYRm2N124CtCDaj0J5IxxR6QCNQxms6dGL9SZ93S2RpZtjprPa
-----END CERTIFICATE-----
Generated at Wed Oct 4 13:05:49 2023 by rpki-client on console-ams.rpki-client.org