Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/cMXMsI_YWphvhbibb5m1gOo6jws.roa
File: cMXMsI_YWphvhbibb5m1gOo6jws.roa (raw, json)
Hash identifier: 9OqEFDdR473uhB09X1vi0KNCXmVecSnyizzsCeQzatg=
Subject key identifier: 70:C5:CC:B0:8F:D8:5A:98:6F:85:B8:9B:6F:99:B5:80:EA:3A:8F:0B
Certificate issuer: /CN=b9ea8936f8e53063b4b3bdf0f3b15b2ae667ef13
Certificate serial: 01887C4A6C4631ACDB370CD554D8A163356A
Authority key identifier: B9:EA:89:36:F8:E5:30:63:B4:B3:BD:F0:F3:B1:5B:2A:E6:67:EF:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ueqJNvjlMGO0s73w87FbKuZn7xM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/cMXMsI_YWphvhbibb5m1gOo6jws.roa
Signing time: Fri 02 Jun 2023 13:27:12 +0000
ROA not before: Fri 02 Jun 2023 13:27:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48716
IP address blocks: 80.90.178.0/24 maxlen: 24
80.90.180.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:29:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:7c:4a:6c:46:31:ac:db:37:0c:d5:54:d8:a1:63:35:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9ea8936f8e53063b4b3bdf0f3b15b2ae667ef13
Validity
Not Before: Jun 2 13:27:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=70c5ccb08fd85a986f85b89b6f99b580ea3a8f0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:b4:d1:d8:7d:18:b1:71:a9:25:80:40:25:5f:
15:8f:4f:c5:33:5e:eb:7c:69:97:c7:63:56:1a:6c:
71:2c:f0:fc:56:3f:04:50:62:bf:4e:e9:13:43:0d:
d2:28:ce:a3:b3:46:14:2c:67:2f:59:9d:80:db:96:
66:bd:23:7c:fc:41:b6:14:d4:79:e3:36:be:76:a7:
9c:bb:d8:08:d8:a5:5a:52:68:fb:45:dc:2b:6d:84:
1c:1e:26:9e:a5:4a:f1:a0:be:8c:79:73:c0:9e:82:
46:15:d9:d4:91:64:0f:b5:d9:15:91:c9:6d:0e:03:
9a:87:eb:a4:c2:de:0c:79:cb:7b:f4:99:7c:f8:fd:
f2:9a:1e:eb:bb:70:50:c3:65:4a:64:2f:a3:ef:7c:
2a:84:ed:ba:dc:79:4d:d3:37:e9:23:4b:33:47:85:
f7:e6:dd:9a:a8:c7:dc:97:ab:29:1e:bb:96:14:be:
fe:f1:8a:42:85:7c:3c:c9:5c:bb:3b:c0:2a:ff:1e:
17:3e:6e:8f:c0:14:ed:af:2d:76:16:96:39:0f:28:
d1:05:55:1c:45:2c:3b:4a:00:fc:b1:cd:3d:67:73:
cd:f4:15:f5:83:e1:25:ee:ce:14:f8:04:d2:4a:c0:
4b:1a:e9:05:b8:83:a8:46:62:cb:c9:8a:c8:fc:5d:
18:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:C5:CC:B0:8F:D8:5A:98:6F:85:B8:9B:6F:99:B5:80:EA:3A:8F:0B
X509v3 Authority Key Identifier:
keyid:B9:EA:89:36:F8:E5:30:63:B4:B3:BD:F0:F3:B1:5B:2A:E6:67:EF:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ueqJNvjlMGO0s73w87FbKuZn7xM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/cMXMsI_YWphvhbibb5m1gOo6jws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/ueqJNvjlMGO0s73w87FbKuZn7xM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.90.178.0/24
80.90.180.0/22
Signature Algorithm: sha256WithRSAEncryption
02:c4:c4:87:40:a8:16:6a:6b:ad:00:ae:71:99:99:4e:fa:21:
6a:f9:21:db:9b:bc:03:e1:d4:47:de:81:e5:7a:ae:a8:ce:21:
a0:d4:99:f0:5d:b1:3f:4f:3b:e9:2b:bf:20:eb:d1:27:76:b5:
99:f6:07:2f:f6:1b:01:dc:f5:e5:d0:b9:3f:1f:94:15:ab:80:
08:12:a7:d7:41:46:cd:09:63:5a:38:90:3b:82:a0:61:1b:80:
38:1c:19:5c:5c:8b:a4:14:c6:f6:6b:02:8c:3b:81:3c:76:3a:
30:47:d3:5d:45:2b:fc:8f:43:2c:1c:51:c8:34:1e:3e:88:bd:
e7:ab:34:12:b5:a4:af:1d:27:88:3a:20:98:02:6e:71:56:de:
83:67:4e:26:90:91:80:68:5f:d9:79:d4:2f:82:38:9c:5a:e5:
f6:3e:99:b6:14:57:a5:58:9b:5b:67:0f:df:92:28:2e:84:03:
ff:6f:27:6a:3e:30:6f:1f:e0:e9:2d:b8:1b:56:a0:f9:80:b0:
58:bc:ff:47:9f:db:a3:27:63:7e:7e:4f:86:ea:5f:9d:b5:ee:
15:11:a1:f1:59:c9:a4:a7:86:d1:b1:11:96:83:40:81:27:d2:
1d:bb:ee:aa:30:0d:b1:21:ff:e0:dd:ab:e0:43:a6:16:3a:99:
f5:70:20:fa
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYh8SmxGMazbNwzVVNihYzVqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZWE4OTM2ZjhlNTMwNjNiNGIzYmRmMGYzYjE1YjJhZTY2
N2VmMTMwHhcNMjMwNjAyMTMyNzEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGM1Y2NiMDhmZDg1YTk4NmY4NWI4OWI2Zjk5YjU4MGVhM2E4ZjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6LTR2H0YsXGpJYBAJV8Vj0/FM17r
fGmXx2NWGmxxLPD8Vj8EUGK/TukTQw3SKM6js0YULGcvWZ2A25ZmvSN8/EG2FNR5
4za+dqecu9gI2KVaUmj7RdwrbYQcHiaepUrxoL6MeXPAnoJGFdnUkWQPtdkVkclt
DgOah+ukwt4Mect79Jl8+P3ymh7ru3BQw2VKZC+j73wqhO263HlN0zfpI0szR4X3
5t2aqMfcl6spHruWFL7+8YpChXw8yVy7O8Aq/x4XPm6PwBTtry12FpY5DyjRBVUc
RSw7SgD8sc09Z3PN9BX1g+El7s4U+ATSSsBLGukFuIOoRmLLyYrI/F0YywIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHDFzLCP2FqYb4W4m2+ZtYDqOo8LMB8GA1UdIwQY
MBaAFLnqiTb45TBjtLO98POxWyrmZ+8TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWVxSk52amxNR08wczczdzg3RmJLdVpuN3hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9lYzI5ZTItMzQ0MC00MDlhLTk4NmEt
YjI1MDk5N2ZjNzVkLzEvY01YTXNJX1lXcGh2aGJpYmI1bTFnT282andzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9lYzI5ZTItMzQ0MC00MDlhLTk4NmEtYjI1MDk5N2ZjNzVk
LzEvdWVxSk52amxNR08wczczdzg3RmJLdVpuN3hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUFqyAwQC
UFq0MA0GCSqGSIb3DQEBCwUAA4IBAQACxMSHQKgWamutAK5xmZlO+iFq+SHbm7wD
4dRH3oHleq6oziGg1JnwXbE/TzvpK78g69EndrWZ9gcv9hsB3PXl0Lk/H5QVq4AI
EqfXQUbNCWNaOJA7gqBhG4A4HBlcXIukFMb2awKMO4E8djowR9NdRSv8j0MsHFHI
NB4+iL3nqzQStaSvHSeIOiCYAm5xVt6DZ04mkJGAaF/ZedQvgjicWuX2Ppm2FFel
WJtbZw/fkiguhAP/bydqPjBvH+DpLbgbVqD5gLBYvP9Hn9ujJ2N+fk+G6l+dte4V
EaHxWcmkp4bRsRGWg0CBJ9Idu+6qMA2xIf/g3avgQ6YWOpn1cCD6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:15 2024 by rpki-client on console-fra.rpki-client.org