Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/baFsRZH-XVY7tjvCGp6k0I8gAxw.roa
File: baFsRZH-XVY7tjvCGp6k0I8gAxw.roa (raw, json)
Hash identifier: pObtcEXS0JMK2HqAejlpdz0tzDI/9a+mBk/JgXucQMo=
Subject key identifier: 6D:A1:6C:45:91:FE:5D:56:3B:B6:3B:C2:1A:9E:A4:D0:8F:20:03:1C
Certificate issuer: /CN=d5637692ff5c45486d1053b149dc1420026cd733
Certificate serial: 0187A2AD503FA650A7EE84BB5D984B460584
Authority key identifier: D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/baFsRZH-XVY7tjvCGp6k0I8gAxw.roa
Signing time: Fri 21 Apr 2023 07:17:59 +0000
ROA not before: Fri 21 Apr 2023 07:17:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209260
IP address blocks: 80.246.233.0/24 maxlen: 24
80.246.232.0/24 maxlen: 24
80.246.234.0/24 maxlen: 24
80.246.235.0/24 maxlen: 24
80.246.236.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:a2:ad:50:3f:a6:50:a7:ee:84:bb:5d:98:4b:46:05:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5637692ff5c45486d1053b149dc1420026cd733
Validity
Not Before: Apr 21 07:17:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6da16c4591fe5d563bb63bc21a9ea4d08f20031c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:e9:62:f5:77:70:d8:10:10:29:46:68:9b:a3:
76:66:c6:b8:eb:91:ea:ed:b1:dd:b7:4c:cb:51:10:
d3:29:bb:53:1c:51:d3:95:23:8f:5c:64:ba:aa:21:
62:2f:60:e7:3d:2d:e5:f1:ce:b4:1e:fa:2e:ae:5c:
45:a3:dc:83:8b:40:85:15:49:09:29:15:b0:2a:f2:
6b:5c:95:af:33:91:b4:df:46:7f:87:f8:9e:1c:2b:
0e:42:b9:bf:04:ec:e2:59:30:7a:d2:e0:1a:d9:10:
0f:fe:07:83:0b:69:41:27:f9:53:35:40:e8:1b:76:
4d:3c:77:8e:f4:be:86:3d:fb:b8:ba:e9:1e:0e:05:
c5:9c:13:60:da:1f:b0:d4:f2:14:8f:20:fe:8e:8b:
ee:a7:7b:dc:a4:22:98:20:18:92:5b:8f:ba:49:31:
fd:0a:59:81:74:c6:b3:66:5d:c1:87:30:50:08:f0:
8a:36:92:06:e5:44:14:0e:29:b9:4f:72:74:12:21:
29:6d:d5:4d:bb:97:00:96:48:d5:83:9b:ea:f7:0a:
ac:39:61:6f:ce:3a:fd:a4:8b:52:0b:90:87:77:fe:
9c:c9:80:5e:45:e9:d2:a7:77:d4:ed:fa:d2:01:b0:
2a:47:75:72:cf:79:6a:bb:eb:ab:b4:d4:1a:da:91:
b4:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:A1:6C:45:91:FE:5D:56:3B:B6:3B:C2:1A:9E:A4:D0:8F:20:03:1C
X509v3 Authority Key Identifier:
keyid:D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/baFsRZH-XVY7tjvCGp6k0I8gAxw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/1WN2kv9cRUhtEFOxSdwUIAJs1zM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.246.232.0-80.246.236.255
Signature Algorithm: sha256WithRSAEncryption
5b:5a:32:eb:16:fd:cb:9f:11:a7:66:42:a3:96:4d:08:22:ff:
5c:ed:71:d3:a6:86:48:bb:50:30:39:07:45:19:23:c9:60:7f:
3f:58:8c:00:c4:88:48:57:7d:c9:c0:74:73:4e:07:b7:61:95:
9e:5e:e2:96:7b:36:ca:fb:87:23:dd:0f:73:1d:42:86:f3:b6:
f0:b5:94:da:82:d1:04:e9:8f:ec:08:f2:ea:ea:6f:1e:4f:ef:
37:a3:47:4a:7b:d3:53:bc:27:50:3b:b8:16:59:da:41:13:f5:
4e:d2:5c:ef:bb:f4:bd:02:95:3f:89:02:22:ff:79:e4:99:ef:
1e:97:44:a1:f4:f8:5c:55:ba:c9:ff:0d:54:d5:97:69:75:98:
4c:32:0b:0a:a4:5f:52:dc:80:4b:b6:4c:3a:05:53:55:b3:68:
ea:4a:2f:81:76:ee:c9:bd:b6:b0:0e:57:dc:f7:26:45:9a:ce:
6a:d3:c3:ed:6e:ff:1d:f9:e3:43:6d:a9:5c:c7:4a:96:7d:ca:
9e:24:9d:31:be:01:6c:ee:1d:a1:09:82:44:aa:e3:19:05:49:
2d:25:07:e2:a6:02:75:33:13:51:d0:42:28:9e:af:50:3b:fe:
02:25:6d:ed:f2:9e:1b:a8:14:c7:41:8c:8c:ad:09:5e:3d:af:
02:d3:27:1a
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYeirVA/plCn7oS7XZhLRgWEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NjM3NjkyZmY1YzQ1NDg2ZDEwNTNiMTQ5ZGMxNDIwMDI2
Y2Q3MzMwHhcNMjMwNDIxMDcxNzU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGExNmM0NTkxZmU1ZDU2M2JiNjNiYzIxYTllYTRkMDhmMjAwMzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkeli9Xdw2BAQKUZom6N2Zsa465Hq
7bHdt0zLURDTKbtTHFHTlSOPXGS6qiFiL2DnPS3l8c60HvourlxFo9yDi0CFFUkJ
KRWwKvJrXJWvM5G030Z/h/ieHCsOQrm/BOziWTB60uAa2RAP/geDC2lBJ/lTNUDo
G3ZNPHeO9L6GPfu4uukeDgXFnBNg2h+w1PIUjyD+jovup3vcpCKYIBiSW4+6STH9
ClmBdMazZl3BhzBQCPCKNpIG5UQUDim5T3J0EiEpbdVNu5cAlkjVg5vq9wqsOWFv
zjr9pItSC5CHd/6cyYBeRenSp3fU7frSAbAqR3Vyz3lqu+urtNQa2pG0KwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFG2hbEWR/l1WO7Y7whqepNCPIAMcMB8GA1UdIwQY
MBaAFNVjdpL/XEVIbRBTsUncFCACbNczMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDkt
YWRlYWRlMjg2NWMxLzEvYmFGc1JaSC1YVlk3dGp2Q0dwNmswSThnQXh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDktYWRlYWRlMjg2NWMx
LzEvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBANQ9ugD
BABQ9uwwDQYJKoZIhvcNAQELBQADggEBAFtaMusW/cufEadmQqOWTQgi/1ztcdOm
hki7UDA5B0UZI8lgfz9YjADEiEhXfcnAdHNOB7dhlZ5e4pZ7Nsr7hyPdD3MdQobz
tvC1lNqC0QTpj+wI8urqbx5P7zejR0p701O8J1A7uBZZ2kET9U7SXO+79L0ClT+J
AiL/eeSZ7x6XRKH0+FxVusn/DVTVl2l1mEwyCwqkX1LcgEu2TDoFU1WzaOpKL4F2
7sm9trAOV9z3JkWazmrTw+1u/x3540NtqVzHSpZ9yp4knTG+AWzuHaEJgkSq4xkF
SS0lB+KmAnUzE1HQQiier1A7/gIlbe3ynhuoFMdBjIytCV49rwLTJxo=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:09 2023 by rpki-client on console-ams.rpki-client.org