Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/kthNlIi2lMtYxRwjArAFaMIUaOA.roa
File: kthNlIi2lMtYxRwjArAFaMIUaOA.roa (raw, json)
Hash identifier: LRiAqsOe7vWeXUp0ihKNouJ8NIg4v1ZOKqcGBRg9tu4=
Subject key identifier: 92:D8:4D:94:88:B6:94:CB:58:C5:1C:23:02:B0:05:68:C2:14:68:E0
Certificate issuer: /CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Certificate serial: 01856DAF6410B0B88D47EF9307745027BB09
Authority key identifier: AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/kthNlIi2lMtYxRwjArAFaMIUaOA.roa
Signing time: Sun 01 Jan 2023 14:14:48 +0000
ROA not before: Sun 01 Jan 2023 14:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60721
IP address blocks: 213.142.158.0/24 maxlen: 24
80.253.254.0/24 maxlen: 24
80.253.255.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:af:64:10:b0:b8:8d:47:ef:93:07:74:50:27:bb:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Validity
Not Before: Jan 1 14:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=92d84d9488b694cb58c51c2302b00568c21468e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:c7:4b:85:d7:e0:1e:6b:26:ff:46:be:04:37:
8e:2a:f8:41:53:b6:55:af:51:3a:29:32:b8:de:3f:
24:40:6d:0f:ff:22:af:af:d7:51:a4:c0:9b:66:57:
48:38:c9:4c:12:f9:61:b1:76:bb:47:0b:1b:2d:94:
6a:f3:66:2b:9d:95:95:d2:63:d1:4d:55:11:b8:9e:
90:5e:4c:81:c3:a7:b3:c0:62:d1:b4:c2:f5:ca:5d:
33:8d:f4:60:83:9e:51:01:20:a3:0d:43:04:d9:38:
11:b1:bc:98:e3:a5:3e:2b:56:43:7e:24:e6:e2:96:
45:56:bd:0f:cf:16:fe:f1:6d:60:c5:8b:ae:d3:dc:
78:6a:e5:f1:89:31:fc:8c:3f:f6:78:d6:f5:e4:2b:
2d:ff:f9:b4:fc:4a:0f:65:97:df:2d:95:2f:43:73:
00:71:30:d4:b4:86:8a:90:7c:9f:03:94:00:1c:97:
2d:2a:4f:38:31:45:12:21:95:1b:a9:1b:61:2a:f3:
e0:24:68:c5:73:0d:3f:0f:c7:7d:d1:ca:50:96:6b:
90:3d:3e:fb:84:eb:34:f4:a0:34:10:5a:92:4e:b8:
a1:42:21:3e:df:0a:a0:4e:20:0b:0f:73:6a:17:87:
6e:72:43:d8:fe:3d:6c:12:35:6c:41:b4:a8:e5:f4:
d8:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:D8:4D:94:88:B6:94:CB:58:C5:1C:23:02:B0:05:68:C2:14:68:E0
X509v3 Authority Key Identifier:
keyid:AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/kthNlIi2lMtYxRwjArAFaMIUaOA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/q3HpsT9cM5pYaS7qvnLqpAa7vX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.253.254.0/23
213.142.158.0/24
Signature Algorithm: sha256WithRSAEncryption
63:06:01:e9:7e:46:c3:f7:81:06:eb:dd:b9:6e:39:cb:84:33:
3b:b5:32:da:d9:ac:42:53:77:d0:cb:87:e7:19:ba:1e:aa:73:
ca:f2:53:64:08:3c:86:9e:00:f5:b3:12:61:09:75:17:4a:af:
88:2a:ae:fc:ce:1b:0e:d4:11:a8:ee:0d:7e:87:a6:4f:9c:06:
23:b7:2d:69:4c:93:90:03:70:4e:4d:b4:fb:fa:e2:29:0c:21:
4f:c1:3b:e7:63:36:f5:1b:98:91:b2:c0:a3:2f:7a:82:c3:a8:
2c:01:40:31:1f:a4:bb:6d:24:20:10:05:5b:24:ec:09:c0:6c:
8b:e8:01:81:5e:44:f5:43:0b:cc:b7:49:1b:26:cd:35:04:d3:
8c:5c:59:fe:0c:a0:52:1e:be:52:61:6f:cc:08:4c:3f:00:8c:
40:38:40:fa:18:da:b7:9b:c6:23:ff:f8:e4:db:71:85:12:2f:
91:94:71:08:1f:f0:b6:b9:0e:f4:32:45:ad:70:88:36:c2:48:
dd:d5:ea:4f:eb:b1:d1:c5:17:4e:07:47:27:b2:c9:91:43:84:
9d:80:3e:aa:49:1e:28:11:65:25:c4:75:3e:14:36:67:c6:b8:
25:de:1c:d1:9e:24:18:e6:48:49:b5:11:e8:1d:70:1b:00:6c:
01:fa:8f:63
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtr2QQsLiNR++TB3RQJ7sJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiNzFlOWIxM2Y1YzMzOWE1ODY5MmVlYWJlNzJlYWE0MDZi
YmJkN2QwHhcNMjMwMTAxMTQxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmQ4NGQ5NDg4YjY5NGNiNThjNTFjMjMwMmIwMDU2OGMyMTQ2OGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmsdLhdfgHmsm/0a+BDeOKvhBU7ZV
r1E6KTK43j8kQG0P/yKvr9dRpMCbZldIOMlMEvlhsXa7RwsbLZRq82YrnZWV0mPR
TVURuJ6QXkyBw6ezwGLRtML1yl0zjfRgg55RASCjDUME2TgRsbyY46U+K1ZDfiTm
4pZFVr0Pzxb+8W1gxYuu09x4auXxiTH8jD/2eNb15Cst//m0/EoPZZffLZUvQ3MA
cTDUtIaKkHyfA5QAHJctKk84MUUSIZUbqRthKvPgJGjFcw0/D8d90cpQlmuQPT77
hOs09KA0EFqSTrihQiE+3wqgTiALD3NqF4duckPY/j1sEjVsQbSo5fTYZwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJLYTZSItpTLWMUcIwKwBWjCFGjgMB8GA1UdIwQY
MBaAFKtx6bE/XDOaWGku6r5y6qQGu719MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmIt
Y2Y0YjkwMDk5N2EwLzEva3RoTmxJaTJsTXRZeFJ3akFyQUZhTUlVYU9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmItY2Y0YjkwMDk5N2Ew
LzEvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBUP3+AwQA
1Y6eMA0GCSqGSIb3DQEBCwUAA4IBAQBjBgHpfkbD94EG6925bjnLhDM7tTLa2axC
U3fQy4fnGboeqnPK8lNkCDyGngD1sxJhCXUXSq+IKq78zhsO1BGo7g1+h6ZPnAYj
ty1pTJOQA3BOTbT7+uIpDCFPwTvnYzb1G5iRssCjL3qCw6gsAUAxH6S7bSQgEAVb
JOwJwGyL6AGBXkT1QwvMt0kbJs01BNOMXFn+DKBSHr5SYW/MCEw/AIxAOED6GNq3
m8Yj//jk23GFEi+RlHEIH/C2uQ70MkWtcIg2wkjd1epP67HRxRdOB0cnssmRQ4Sd
gD6qSR4oEWUlxHU+FDZnxrgl3hzRniQY5khJtRHoHXAbAGwB+o9j
-----END CERTIFICATE-----
Generated at Thu Nov 2 14:44:48 2023 by rpki-client on console-fra.rpki-client.org