Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/tErQZeeSES4abCVNdHTHY00yrbg.roa
File: tErQZeeSES4abCVNdHTHY00yrbg.roa (raw, json)
Hash identifier: xOm/4j8BgcyX0wuErbClZ+IrP0JGgBuWN3GkAVNrgyE=
Subject key identifier: B4:4A:D0:65:E7:92:11:2E:1A:6C:25:4D:74:74:C7:63:4D:32:AD:B8
Certificate issuer: /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial: 0189BB729DAEB79D6B41E542E0CB4121846C
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/tErQZeeSES4abCVNdHTHY00yrbg.roa
Signing time: Thu 03 Aug 2023 12:49:58 +0000
ROA not before: Thu 03 Aug 2023 12:49:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398343
IP address blocks: 80.71.236.0/24 maxlen: 24
81.29.145.0/24 maxlen: 24
81.29.155.0/24 maxlen: 24
81.29.159.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 07 Aug 2023 05:53:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:bb:72:9d:ae:b7:9d:6b:41:e5:42:e0:cb:41:21:84:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Validity
Not Before: Aug 3 12:49:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b44ad065e792112e1a6c254d7474c7634d32adb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:52:66:06:6c:1a:4c:a8:65:b1:70:af:41:72:
84:d7:67:e3:20:9b:41:8a:d9:31:3d:86:16:4c:87:
b5:b2:e7:50:51:8e:3d:90:1b:42:9f:9d:c3:05:52:
51:ae:8e:93:eb:9a:60:9f:dc:3e:29:97:29:d1:6c:
58:7a:a3:8f:28:d1:bb:13:d1:40:c4:36:79:3e:12:
91:70:a3:58:de:31:fb:8e:8a:5d:5b:65:ed:1a:e4:
ee:0d:72:52:88:ce:59:e7:f6:2a:51:40:34:f6:ad:
54:88:0b:16:7c:53:1b:f0:2b:bb:59:1a:66:70:e7:
a2:67:05:06:f7:7d:87:5c:7b:c9:c0:3a:05:f4:42:
09:cb:0d:b7:fd:94:57:e5:77:97:70:2c:a4:a1:1f:
ac:6b:c0:b6:08:a4:22:8f:41:d0:05:58:15:9e:e4:
6e:60:d4:9a:ef:b3:6c:e3:a9:ea:bf:09:e3:91:8a:
0b:6a:c9:73:40:a7:6c:d5:67:b0:17:d8:53:9c:f1:
58:9b:b9:5e:34:68:16:3c:93:39:ae:a0:bb:14:b7:
f6:b2:76:7b:b9:bc:e2:57:56:70:56:b4:ff:ec:71:
2f:ae:9d:da:88:4c:0b:46:91:31:11:08:5b:f8:54:
54:83:a6:1c:f6:84:ed:ce:eb:1b:55:3e:3c:16:cc:
6d:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:4A:D0:65:E7:92:11:2E:1A:6C:25:4D:74:74:C7:63:4D:32:AD:B8
X509v3 Authority Key Identifier:
keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/tErQZeeSES4abCVNdHTHY00yrbg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.71.236.0/24
81.29.145.0/24
81.29.155.0/24
81.29.159.0/24
Signature Algorithm: sha256WithRSAEncryption
77:6e:07:48:97:61:70:0c:d7:69:ca:01:e1:15:5c:35:60:65:
ec:51:2b:6e:48:00:fa:67:b1:b5:6b:34:9a:76:0a:54:55:b3:
8c:7f:a4:74:8d:b0:e2:ce:52:80:09:20:0e:0c:27:74:3e:a4:
64:c4:60:1b:d8:c9:a1:12:31:a1:ad:9f:39:21:c9:25:ff:f4:
df:a3:99:d1:d5:5c:e7:a0:59:f6:b3:8e:db:86:e8:6e:98:6d:
2f:73:fb:cf:ed:2d:59:ef:9f:0c:88:a9:a7:7d:80:d0:e5:82:
1f:7b:4d:66:19:1f:03:ce:d3:ca:12:61:22:20:35:b3:4b:4f:
b7:c8:7d:f2:cb:b2:76:db:d5:30:19:a7:14:c8:a0:a8:d3:8b:
cc:30:34:30:68:fa:40:14:8c:d8:c6:11:9b:ea:3c:f2:b3:4d:
21:67:9a:c4:17:f3:f3:29:25:7e:32:93:a8:7e:e5:71:fd:7d:
b6:13:6f:ce:00:cb:e3:e0:b5:84:1b:a8:0d:d0:40:26:cd:24:
24:df:37:ae:c1:e0:f2:50:6c:0d:2d:67:14:bd:9e:af:02:7e:
e3:5e:a6:43:4a:bc:6d:c1:32:b9:5d:3b:0d:b6:64:50:42:2c:
5f:c2:b9:01:72:c7:ec:17:6b:c4:a2:88:a8:2c:f6:34:c6:05:
5b:7d:53:93
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYm7cp2ut51rQeVC4MtBIYRsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjMwODAzMTI0OTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDRhZDA2NWU3OTIxMTJlMWE2YzI1NGQ3NDc0Yzc2MzRkMzJhZGI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkFJmBmwaTKhlsXCvQXKE12fjIJtB
itkxPYYWTIe1sudQUY49kBtCn53DBVJRro6T65pgn9w+KZcp0WxYeqOPKNG7E9FA
xDZ5PhKRcKNY3jH7jopdW2XtGuTuDXJSiM5Z5/YqUUA09q1UiAsWfFMb8Cu7WRpm
cOeiZwUG932HXHvJwDoF9EIJyw23/ZRX5XeXcCykoR+sa8C2CKQij0HQBVgVnuRu
YNSa77Ns46nqvwnjkYoLaslzQKds1WewF9hTnPFYm7leNGgWPJM5rqC7FLf2snZ7
ubziV1ZwVrT/7HEvrp3aiEwLRpExEQhb+FRUg6Yc9oTtzusbVT48FsxtDwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLRK0GXnkhEuGmwlTXR0x2NNMq24MB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvdEVyUVplZVNFUzRhYkNWTmRIVEhZMDB5cmJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUEfsAwQA
UR2RAwQAUR2bAwQAUR2fMA0GCSqGSIb3DQEBCwUAA4IBAQB3bgdIl2FwDNdpygHh
FVw1YGXsUStuSAD6Z7G1azSadgpUVbOMf6R0jbDizlKACSAODCd0PqRkxGAb2Mmh
EjGhrZ85Ickl//Tfo5nR1VznoFn2s47bhuhumG0vc/vP7S1Z758MiKmnfYDQ5YIf
e01mGR8DztPKEmEiIDWzS0+3yH3yy7J229UwGacUyKCo04vMMDQwaPpAFIzYxhGb
6jzys00hZ5rEF/PzKSV+MpOofuVx/X22E2/OAMvj4LWEG6gN0EAmzSQk3zeuweDy
UGwNLWcUvZ6vAn7jXqZDSrxtwTK5XTsNtmRQQixfwrkBcsfsF2vEooioLPY0xgVb
fVOT
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:36 2024 by rpki-client on console-ams.rpki-client.org