Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/S-H1g8u9zrEfQDszab_xR9r1ssQ.roa
File: S-H1g8u9zrEfQDszab_xR9r1ssQ.roa (raw, json)
Hash identifier: bYMs9DWY3FufbkZ5sZooLAtsd1m1Vmqw3Zft6EzbScM=
Subject key identifier: 4B:E1:F5:83:CB:BD:CE:B1:1F:40:3B:33:69:BF:F1:47:DA:F5:B2:C4
Certificate issuer: /CN=e3be07cb1fd4f1e3c922303b670a881b82e61491
Certificate serial: 018CB0D246A7DA16EC03AE9A8E9BCADF6FDA
Authority key identifier: E3:BE:07:CB:1F:D4:F1:E3:C9:22:30:3B:67:0A:88:1B:82:E6:14:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/474Hyx_U8ePJIjA7ZwqIG4LmFJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/S-H1g8u9zrEfQDszab_xR9r1ssQ.roa
Signing time: Thu 28 Dec 2023 14:26:59 +0000
ROA not before: Thu 28 Dec 2023 14:26:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197616
IP address blocks: 80.233.240.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b0:d2:46:a7:da:16:ec:03:ae:9a:8e:9b:ca:df:6f:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3be07cb1fd4f1e3c922303b670a881b82e61491
Validity
Not Before: Dec 28 14:26:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4be1f583cbbdceb11f403b3369bff147daf5b2c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:bf:bd:f4:be:73:71:da:6f:20:30:68:65:a8:
01:16:2a:d8:0b:7b:61:72:97:42:9e:cb:ee:cd:ac:
ca:3f:ad:3c:39:bf:ab:b7:52:da:79:06:7e:b1:1e:
bd:5a:f2:01:14:12:9e:8e:83:d6:df:6b:07:b2:d3:
26:f3:35:8d:ff:38:3f:6e:ae:16:e5:5b:9e:3a:a5:
9e:6a:84:10:3b:f4:3f:e8:3c:56:79:0f:3e:db:0b:
49:48:4b:f2:b0:a2:75:b8:00:55:3f:d3:8f:77:13:
23:7b:38:b2:f7:4e:a8:d3:9f:30:33:ed:44:78:0f:
eb:6b:de:46:fd:49:31:dd:c7:d4:86:9e:e0:65:ee:
b9:dd:43:1f:99:97:1c:eb:15:f2:b3:7b:8e:55:a1:
8f:af:2a:9f:44:30:7d:6d:f8:17:8c:32:13:07:77:
fe:1a:30:aa:6e:43:7e:fb:15:37:74:d0:24:92:8b:
3d:c3:28:82:c1:35:5f:ef:c3:b9:7e:ae:76:0f:75:
7d:aa:fd:ad:08:80:4f:75:46:a4:68:aa:1e:b5:5c:
0f:df:14:e4:6e:78:f4:89:db:11:1c:6a:ca:1e:cc:
53:6f:97:b9:cd:8a:37:88:b8:5a:29:71:11:8a:ac:
f8:0a:ab:87:f6:3a:92:25:82:74:b0:b6:f6:e1:0d:
cc:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:E1:F5:83:CB:BD:CE:B1:1F:40:3B:33:69:BF:F1:47:DA:F5:B2:C4
X509v3 Authority Key Identifier:
keyid:E3:BE:07:CB:1F:D4:F1:E3:C9:22:30:3B:67:0A:88:1B:82:E6:14:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/474Hyx_U8ePJIjA7ZwqIG4LmFJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/S-H1g8u9zrEfQDszab_xR9r1ssQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/474Hyx_U8ePJIjA7ZwqIG4LmFJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.233.240.0/22
Signature Algorithm: sha256WithRSAEncryption
8e:9b:47:7e:59:c9:e1:89:3b:7e:1e:38:9d:b3:4d:16:7a:65:
3e:28:86:44:33:59:0f:c2:65:ad:0a:98:ef:8e:0b:1e:13:8c:
bf:bc:6c:fb:0d:e0:d7:65:ac:f1:0e:cc:8a:8d:60:b1:1f:3f:
32:af:3f:b7:8f:33:48:49:cb:5e:a8:22:9a:1b:85:1f:93:50:
ea:95:74:1c:81:aa:62:70:70:07:48:ff:02:03:9c:cb:c0:55:
82:17:b7:44:69:28:51:c4:86:3c:ee:06:32:96:b6:f5:b1:23:
47:26:9c:97:63:65:b5:53:b1:cd:a1:2a:df:a5:dc:64:19:ab:
95:26:3c:75:71:55:31:7b:04:ae:fa:89:da:2e:29:a0:14:4f:
b9:3b:45:38:35:0b:90:ae:57:a4:44:f0:27:ca:1e:d1:14:c0:
fd:2b:f3:f4:c5:b8:d2:42:ef:9f:0e:39:be:04:e8:4c:3e:26:
49:27:8c:52:ba:6c:df:04:2d:60:59:fd:e1:af:41:88:3f:51:
04:30:1e:0e:d0:dd:16:9e:2b:e7:2d:0c:70:f8:cb:3d:82:63:
50:64:6d:0c:28:c5:b7:e9:30:01:1d:d0:6b:94:18:ec:b0:91:
02:c5:e8:59:59:e0:57:8b:56:8b:c4:d2:ba:e6:4b:34:7a:c6:
9a:e2:cc:43
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYyw0kan2hbsA66ajpvK32/aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzYmUwN2NiMWZkNGYxZTNjOTIyMzAzYjY3MGE4ODFiODJl
NjE0OTEwHhcNMjMxMjI4MTQyNjU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmUxZjU4M2NiYmRjZWIxMWY0MDNiMzM2OWJmZjE0N2RhZjViMmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoL+99L5zcdpvIDBoZagBFirYC3th
cpdCnsvuzazKP608Ob+rt1LaeQZ+sR69WvIBFBKejoPW32sHstMm8zWN/zg/bq4W
5VueOqWeaoQQO/Q/6DxWeQ8+2wtJSEvysKJ1uABVP9OPdxMjeziy906o058wM+1E
eA/ra95G/Ukx3cfUhp7gZe653UMfmZcc6xXys3uOVaGPryqfRDB9bfgXjDITB3f+
GjCqbkN++xU3dNAkkos9wyiCwTVf78O5fq52D3V9qv2tCIBPdUakaKoetVwP3xTk
bnj0idsRHGrKHsxTb5e5zYo3iLhaKXERiqz4CquH9jqSJYJ0sLb24Q3MfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEvh9YPLvc6xH0A7M2m/8Ufa9bLEMB8GA1UdIwQY
MBaAFOO+B8sf1PHjySIwO2cKiBuC5hSRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDc0SHl4X1U4ZVBKSWpBN1p3cUlHNExtRkpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS84ZjVmYWUtZGE5MC00MzE0LWJmZmMt
ZDRlZTFkMzg5ZTBkLzEvUy1IMWc4dTl6ckVmUURzemFiX3hSOXIxc3NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS84ZjVmYWUtZGE5MC00MzE0LWJmZmMtZDRlZTFkMzg5ZTBk
LzEvNDc0SHl4X1U4ZVBKSWpBN1p3cUlHNExtRkpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCUOnwMA0G
CSqGSIb3DQEBCwUAA4IBAQCOm0d+WcnhiTt+Hjids00WemU+KIZEM1kPwmWtCpjv
jgseE4y/vGz7DeDXZazxDsyKjWCxHz8yrz+3jzNIScteqCKaG4Ufk1DqlXQcgapi
cHAHSP8CA5zLwFWCF7dEaShRxIY87gYylrb1sSNHJpyXY2W1U7HNoSrfpdxkGauV
Jjx1cVUxewSu+onaLimgFE+5O0U4NQuQrlekRPAnyh7RFMD9K/P0xbjSQu+fDjm+
BOhMPiZJJ4xSumzfBC1gWf3hr0GIP1EEMB4O0N0WnivnLQxw+Ms9gmNQZG0MKMW3
6TABHdBrlBjssJECxehZWeBXi1aLxNK65ks0esaa4sxD
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:02:12 2024 by rpki-client on console-ams.rpki-client.org