Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/pGSgij5DdWcYi2VI5FU0yVxFaYs.roa
File: pGSgij5DdWcYi2VI5FU0yVxFaYs.roa (raw, json)
Hash identifier: k1JHwRZOj5v5rx8jIQUHbJb5BmGGRlziEKWgT/mdAYM=
Subject key identifier: A4:64:A0:8A:3E:43:75:67:18:8B:65:48:E4:55:34:C9:5C:45:69:8B
Certificate issuer: /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial: 01876C4176D315739640F97472074389EA10
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/pGSgij5DdWcYi2VI5FU0yVxFaYs.roa
Signing time: Mon 10 Apr 2023 17:40:42 +0000
ROA not before: Mon 10 Apr 2023 17:40:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 80.71.225.0/24 maxlen: 24
81.29.148.0/24 maxlen: 24
81.29.147.0/24 maxlen: 24
81.29.157.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:6c:41:76:d3:15:73:96:40:f9:74:72:07:43:89:ea:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Validity
Not Before: Apr 10 17:40:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a464a08a3e437567188b6548e45534c95c45698b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:ab:37:c8:d3:c8:c9:07:f1:a4:06:19:37:23:
23:c9:d5:69:ee:f0:04:96:dd:83:d1:2b:41:74:80:
db:1f:b7:1f:ba:d1:23:98:b1:d3:7b:f5:62:31:df:
7e:b1:b0:e9:d1:3d:0e:6d:b0:b9:8e:08:cc:98:78:
2a:35:c5:a5:d2:58:a3:8d:d8:3d:25:54:88:19:84:
02:3a:fc:d1:6c:b9:0c:c6:97:0b:bb:20:91:90:73:
ab:a8:54:8c:80:d2:2b:87:69:96:2b:0c:13:a9:ac:
fd:a9:90:3f:e4:ea:90:aa:93:e7:9d:7d:a3:2f:e3:
e2:e6:2c:df:f1:6d:58:b6:11:56:6e:ca:26:c8:f4:
f1:46:2a:61:68:e8:10:f7:89:52:39:c5:a9:11:16:
0f:e0:92:8f:bf:1e:fb:7f:2b:de:93:cb:46:25:f6:
ee:0c:4a:d3:da:89:88:9c:2b:67:b0:06:50:7a:b5:
8e:66:98:29:d7:42:76:4d:65:ff:fd:60:f1:33:a9:
fd:9b:67:a6:15:be:31:cc:2b:92:3f:78:13:0c:19:
3d:cc:17:4c:21:f6:7f:1f:72:78:d5:4d:d1:47:b0:
05:73:d8:ca:21:a3:78:d3:95:44:54:2f:f5:a1:ca:
18:da:b8:be:19:c9:b4:d2:c2:30:8c:9f:52:c3:e7:
68:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:64:A0:8A:3E:43:75:67:18:8B:65:48:E4:55:34:C9:5C:45:69:8B
X509v3 Authority Key Identifier:
keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/pGSgij5DdWcYi2VI5FU0yVxFaYs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.71.225.0/24
81.29.147.0-81.29.148.255
81.29.157.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:05:ac:ac:c2:f8:9d:19:26:fb:e4:13:e1:40:ea:4d:a7:b8:
9c:7d:c4:66:a8:59:a8:2f:c4:d9:17:e0:18:c8:cc:4f:82:73:
32:a9:99:2a:cb:ef:5d:13:4b:d3:82:23:c0:1b:4a:cb:a3:92:
24:f4:fc:0b:d1:8b:4d:4f:06:f2:a0:77:3b:ff:cb:c7:99:88:
5f:1d:00:04:5f:6c:a2:40:1a:0a:87:24:b5:11:8e:b2:5e:f5:
4d:f5:fa:31:41:23:1e:59:4e:02:f1:e5:19:e6:57:c6:68:8b:
4d:4e:a7:6d:24:0d:60:f4:13:15:cb:35:cf:99:9b:da:10:5a:
01:a6:49:f4:c3:53:18:1c:e9:e3:9c:b5:39:f2:3b:71:d5:e8:
b5:b6:12:df:ad:04:d5:62:c6:47:f2:15:76:f4:18:f7:b7:9f:
b1:e2:91:8e:ca:50:2e:79:30:db:72:c2:4a:f5:af:30:b6:a9:
5f:d3:0a:17:1e:28:f3:c9:cf:32:fb:44:e8:cf:3e:1a:2d:ad:
b6:1c:89:b5:17:bf:54:cc:2b:f9:b4:98:12:03:3e:f1:c2:a0:
2b:cd:dc:b5:23:41:49:cf:cd:e3:59:8d:ed:80:59:15:32:d6:
97:34:bc:b6:b6:35:3e:34:de:d8:9a:9b:ee:5e:fa:10:5f:aa:
27:1e:dd:18
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYdsQXbTFXOWQPl0cgdDieoQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjMwNDEwMTc0MDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDY0YTA4YTNlNDM3NTY3MTg4YjY1NDhlNDU1MzRjOTVjNDU2OThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgqs3yNPIyQfxpAYZNyMjydVp7vAE
lt2D0StBdIDbH7cfutEjmLHTe/ViMd9+sbDp0T0ObbC5jgjMmHgqNcWl0lijjdg9
JVSIGYQCOvzRbLkMxpcLuyCRkHOrqFSMgNIrh2mWKwwTqaz9qZA/5OqQqpPnnX2j
L+Pi5izf8W1YthFWbsomyPTxRiphaOgQ94lSOcWpERYP4JKPvx77fyvek8tGJfbu
DErT2omInCtnsAZQerWOZpgp10J2TWX//WDxM6n9m2emFb4xzCuSP3gTDBk9zBdM
IfZ/H3J41U3RR7AFc9jKIaN405VEVC/1ocoY2ri+Gcm00sIwjJ9Sw+doFQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFKRkoIo+Q3VnGItlSORVNMlcRWmLMB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvcEdTZ2lqNURkV2NZaTJWSTVGVTB5VnhGYVlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAUEfhMAwD
BABRHZMDBABRHZQDBABRHZ0wDQYJKoZIhvcNAQELBQADggEBAAsFrKzC+J0ZJvvk
E+FA6k2nuJx9xGaoWagvxNkX4BjIzE+CczKpmSrL710TS9OCI8AbSsujkiT0/AvR
i01PBvKgdzv/y8eZiF8dAARfbKJAGgqHJLURjrJe9U31+jFBIx5ZTgLx5RnmV8Zo
i01Op20kDWD0ExXLNc+Zm9oQWgGmSfTDUxgc6eOctTnyO3HV6LW2Et+tBNVixkfy
FXb0GPe3n7HikY7KUC55MNtywkr1rzC2qV/TChceKPPJzzL7ROjPPhotrbYcibUX
v1TMK/m0mBIDPvHCoCvN3LUjQUnPzeNZje2AWRUy1pc0vLa2NT403tiam+5e+hBf
qice3Rg=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:33 2023 by rpki-client on console-ams.rpki-client.org