Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/cbacce-efbf-4f32-8d88-4e85dabd6474/1/cauIaJcPjEhIrBIQnfifwb6-bQM.roa
File: cauIaJcPjEhIrBIQnfifwb6-bQM.roa (raw, json)
Hash identifier: foiQwmRdH/+pImUSoYOyzWXzuiAXrBKzOktOURiYMEs=
Subject key identifier: 71:AB:88:68:97:0F:8C:48:48:AC:12:10:9D:F8:9F:C1:BE:BE:6D:03
Certificate issuer: /CN=ded353e2f5d318c348772a8ff105aa70719e4135
Certificate serial: 01856D01B555913E7485EC494B6B64CF10D2
Authority key identifier: DE:D3:53:E2:F5:D3:18:C3:48:77:2A:8F:F1:05:AA:70:71:9E:41:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3tNT4vXTGMNIdyqP8QWqcHGeQTU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/cbacce-efbf-4f32-8d88-4e85dabd6474/1/cauIaJcPjEhIrBIQnfifwb6-bQM.roa
Signing time: Sun 01 Jan 2023 11:05:06 +0000
ROA not before: Sun 01 Jan 2023 11:05:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25627
IP address blocks: 79.170.64.0/23 maxlen: 23
79.170.64.0/22 maxlen: 22
79.170.70.0/23 maxlen: 23
79.170.68.0/22 maxlen: 22
79.170.68.0/23 maxlen: 23
79.170.66.0/23 maxlen: 23
87.237.81.0/24 maxlen: 24
87.237.82.0/24 maxlen: 24
87.237.82.0/23 maxlen: 23
87.237.80.0/23 maxlen: 23
87.237.80.0/24 maxlen: 24
87.237.84.0/22 maxlen: 22
87.237.83.0/24 maxlen: 24
87.237.84.0/24 maxlen: 24
87.237.86.0/24 maxlen: 24
87.237.87.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:01:b5:55:91:3e:74:85:ec:49:4b:6b:64:cf:10:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ded353e2f5d318c348772a8ff105aa70719e4135
Validity
Not Before: Jan 1 11:05:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=71ab8868970f8c4848ac12109df89fc1bebe6d03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:a7:f8:a3:fa:e0:15:b0:8d:d1:f0:18:50:b5:
c3:18:15:cf:64:be:71:de:78:e1:1b:7d:4c:8d:02:
eb:d0:ea:95:a4:16:c8:2b:33:ee:8f:9c:e7:fb:24:
7a:2a:ae:19:98:de:99:69:3d:c4:35:1c:37:53:a0:
ea:f7:16:90:f3:a2:0b:8e:a7:11:4b:3b:dd:47:10:
ae:01:48:fd:e9:e5:b6:ae:37:6b:2a:81:6a:68:a1:
91:fd:bc:ab:5f:7e:cb:49:60:8b:d1:17:ee:c0:b7:
4a:32:a5:77:a6:91:15:46:e6:d4:4c:2c:56:f9:23:
89:14:85:b5:a2:5e:db:75:f7:be:24:16:48:b5:12:
91:80:b9:b4:97:0e:b7:94:4e:74:60:b6:cf:a5:51:
a2:cf:2d:bd:31:71:af:86:52:1c:18:48:d5:10:30:
82:7d:9e:04:62:b8:cd:8f:ae:6d:9f:96:fb:fa:c0:
05:c4:50:75:3a:f0:b3:73:9f:8c:31:7a:04:3a:02:
07:25:b8:5d:4f:0e:19:df:66:95:58:1e:93:8e:e9:
b8:25:97:e3:ec:74:e3:80:a5:f0:04:c4:d5:33:e4:
0c:6c:fe:a5:9b:0e:03:e6:e5:97:88:63:0b:2e:c4:
ed:3f:7b:a4:b2:87:00:ad:32:ac:5a:3e:5d:f8:3d:
ad:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:AB:88:68:97:0F:8C:48:48:AC:12:10:9D:F8:9F:C1:BE:BE:6D:03
X509v3 Authority Key Identifier:
keyid:DE:D3:53:E2:F5:D3:18:C3:48:77:2A:8F:F1:05:AA:70:71:9E:41:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3tNT4vXTGMNIdyqP8QWqcHGeQTU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/cbacce-efbf-4f32-8d88-4e85dabd6474/1/cauIaJcPjEhIrBIQnfifwb6-bQM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/cbacce-efbf-4f32-8d88-4e85dabd6474/1/3tNT4vXTGMNIdyqP8QWqcHGeQTU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.170.64.0/21
87.237.80.0/21
Signature Algorithm: sha256WithRSAEncryption
87:fb:c5:1e:31:23:51:7b:9a:49:e7:59:65:df:ac:1e:aa:e3:
f3:17:5c:e9:18:e0:4e:d5:dc:b9:39:12:b0:17:97:5b:e3:a2:
1b:57:ca:20:dd:56:d5:d2:15:9d:11:32:7c:55:88:07:7b:4c:
3f:3f:93:7a:2c:19:9f:ab:8a:51:7e:06:d2:d2:22:91:15:9b:
7e:c0:cf:ea:b3:03:1b:63:6d:ce:ad:02:b4:ed:8f:bc:70:53:
da:82:fc:22:2b:8d:0e:25:67:53:43:7a:a2:12:fa:6b:a1:e2:
b8:68:31:5b:d4:57:d9:65:54:cd:dd:b4:f7:46:de:cd:f5:8f:
a7:1c:49:f4:9b:39:70:04:06:f1:35:18:c3:22:97:fb:06:fe:
c6:92:9b:ea:77:2b:71:8a:b7:49:09:08:fe:64:f3:1c:d4:21:
dd:30:dc:54:4b:b4:cb:37:07:70:da:cf:3b:0e:3e:9a:01:82:
a9:c5:02:d3:77:b0:f8:fe:8d:25:9e:62:0a:ea:c9:9d:c9:1b:
2a:33:5c:e2:29:c2:81:64:fd:aa:48:64:c0:7d:43:b5:25:fe:
5c:fe:c3:d4:01:bc:c3:8a:29:a3:3c:64:94:91:c9:ea:a3:8e:
0d:2d:a4:7e:7d:de:e4:fd:ab:7a:6c:67:5c:42:b8:74:50:69:
af:80:56:01
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtAbVVkT50hexJS2tkzxDSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlZDM1M2UyZjVkMzE4YzM0ODc3MmE4ZmYxMDVhYTcwNzE5
ZTQxMzUwHhcNMjMwMTAxMTEwNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWFiODg2ODk3MGY4YzQ4NDhhYzEyMTA5ZGY4OWZjMWJlYmU2ZDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjaf4o/rgFbCN0fAYULXDGBXPZL5x
3njhG31MjQLr0OqVpBbIKzPuj5zn+yR6Kq4ZmN6ZaT3ENRw3U6Dq9xaQ86ILjqcR
SzvdRxCuAUj96eW2rjdrKoFqaKGR/byrX37LSWCL0RfuwLdKMqV3ppEVRubUTCxW
+SOJFIW1ol7bdfe+JBZItRKRgLm0lw63lE50YLbPpVGizy29MXGvhlIcGEjVEDCC
fZ4EYrjNj65tn5b7+sAFxFB1OvCzc5+MMXoEOgIHJbhdTw4Z32aVWB6Tjum4JZfj
7HTjgKXwBMTVM+QMbP6lmw4D5uWXiGMLLsTtP3uksocArTKsWj5d+D2tOwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHGriGiXD4xISKwSEJ34n8G+vm0DMB8GA1UdIwQY
MBaAFN7TU+L10xjDSHcqj/EFqnBxnkE1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3ROVDR2WFRHTU5JZHlxUDhRV3FjSEdlUVRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9jYmFjY2UtZWZiZi00ZjMyLThkODgt
NGU4NWRhYmQ2NDc0LzEvY2F1SWFKY1BqRWhJckJJUW5maWZ3YjYtYlFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9jYmFjY2UtZWZiZi00ZjMyLThkODgtNGU4NWRhYmQ2NDc0
LzEvM3ROVDR2WFRHTU5JZHlxUDhRV3FjSEdlUVRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDT6pAAwQD
V+1QMA0GCSqGSIb3DQEBCwUAA4IBAQCH+8UeMSNRe5pJ51ll36wequPzF1zpGOBO
1dy5ORKwF5db46IbV8og3VbV0hWdETJ8VYgHe0w/P5N6LBmfq4pRfgbS0iKRFZt+
wM/qswMbY23OrQK07Y+8cFPagvwiK40OJWdTQ3qiEvproeK4aDFb1FfZZVTN3bT3
Rt7N9Y+nHEn0mzlwBAbxNRjDIpf7Bv7GkpvqdytxirdJCQj+ZPMc1CHdMNxUS7TL
Nwdw2s87Dj6aAYKpxQLTd7D4/o0lnmIK6smdyRsqM1ziKcKBZP2qSGTAfUO1Jf5c
/sPUAbzDiimjPGSUkcnqo44NLaR+fd7k/at6bGdcQrh0UGmvgFYB
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:31:25 2024 by rpki-client on console-fra.rpki-client.org