Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/a11567-259e-4d1b-bfcb-281fade2834b/1/xAFDGIQVegqv7sputT3zYyc5UkM.roa
File: xAFDGIQVegqv7sputT3zYyc5UkM.roa (raw, json)
Hash identifier: SdrjGsfy17q//1T28ktuLHJonz3gcHdGbS5JZOj3QaE=
Subject key identifier: C4:01:43:18:84:15:7A:0A:AF:EE:CA:6E:B5:3D:F3:63:27:39:52:43
Certificate issuer: /CN=d03febfd537e320cbbec2b4e22677b9ae66f604e
Certificate serial: 018CC9BBBAE8A9351C6597399FAEF7E8912D
Authority key identifier: D0:3F:EB:FD:53:7E:32:0C:BB:EC:2B:4E:22:67:7B:9A:E6:6F:60:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0D_r_VN-Mgy77CtOImd7muZvYE4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/a11567-259e-4d1b-bfcb-281fade2834b/1/xAFDGIQVegqv7sputT3zYyc5UkM.roa
Signing time: Tue 02 Jan 2024 10:32:52 +0000
ROA not before: Tue 02 Jan 2024 10:32:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58061
IP address blocks: 80.91.210.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 Jan 2024 19:55:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:ba:e8:a9:35:1c:65:97:39:9f:ae:f7:e8:91:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d03febfd537e320cbbec2b4e22677b9ae66f604e
Validity
Not Before: Jan 2 10:32:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c401431884157a0aafeeca6eb53df36327395243
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:7c:96:36:a7:18:78:54:7b:1b:07:9d:e1:29:
12:2b:71:7d:02:3b:63:7c:0f:31:0b:ab:76:9a:a4:
d3:ed:03:78:c2:49:39:7e:d6:67:42:94:35:c6:2b:
d5:05:39:a2:57:ae:07:c7:8e:36:f9:39:22:89:cc:
48:8a:93:2f:a8:42:89:61:0e:f9:e6:b7:3b:f3:1b:
eb:2d:07:3c:7b:bd:fe:46:9d:38:2a:df:e6:fd:98:
c3:f7:04:84:67:5f:a2:8f:04:07:a6:9a:01:14:7d:
b2:f8:db:f1:b4:fa:0c:b9:d5:d2:df:d5:ca:c4:22:
e7:c9:ce:86:6c:af:ab:dc:10:ce:ee:9d:cd:3f:90:
d4:6e:12:8f:5a:de:af:82:b3:7b:86:0b:84:3b:9c:
1d:37:d5:ad:4b:97:7f:1b:d3:93:a4:b6:f8:1c:ef:
59:21:33:01:9c:41:c9:9f:e6:8e:67:7e:83:71:a5:
ee:cb:0d:4d:7a:d3:6f:c3:0f:bf:28:b7:84:3f:36:
ca:05:25:ec:f9:f4:e0:3f:72:d2:25:d0:8d:4f:c6:
bf:48:97:d7:7a:fb:2a:38:c8:d6:dc:81:88:36:81:
3a:0d:83:13:f5:64:19:56:5c:1d:ca:8f:08:35:16:
97:de:7c:5d:cb:25:ef:0e:7e:e3:9f:96:2d:e0:39:
18:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:01:43:18:84:15:7A:0A:AF:EE:CA:6E:B5:3D:F3:63:27:39:52:43
X509v3 Authority Key Identifier:
keyid:D0:3F:EB:FD:53:7E:32:0C:BB:EC:2B:4E:22:67:7B:9A:E6:6F:60:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0D_r_VN-Mgy77CtOImd7muZvYE4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a11567-259e-4d1b-bfcb-281fade2834b/1/xAFDGIQVegqv7sputT3zYyc5UkM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a11567-259e-4d1b-bfcb-281fade2834b/1/0D_r_VN-Mgy77CtOImd7muZvYE4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.91.210.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:ae:dc:dc:6e:b4:f0:67:64:bf:25:d3:bb:66:dd:90:12:e2:
99:6f:c9:30:d7:f3:93:fe:37:f5:96:22:c4:72:24:ad:23:16:
d0:d0:e2:66:76:a6:d0:ae:3a:66:81:06:e9:61:e3:18:d5:5b:
5e:83:dd:d4:8d:fa:e6:cf:57:7d:a4:3a:b6:3e:6b:30:d9:1d:
35:91:6e:cd:cc:79:fc:fd:e7:49:24:46:3a:31:0f:11:80:02:
08:96:57:b6:24:1c:63:12:7d:11:70:4a:7c:26:ae:d0:d6:c1:
56:14:ec:5d:9b:53:f7:a2:97:f3:31:d9:05:11:b5:c2:4c:c4:
af:97:26:85:bb:b3:ac:88:56:a4:6a:91:0f:92:93:af:1e:94:
71:08:8c:d0:6a:98:03:a1:2e:86:1c:7b:8c:ac:a8:1c:df:32:
43:eb:2f:a8:dc:97:73:b9:1c:8d:85:4f:ad:98:ad:fe:45:b4:
a1:f9:e0:de:f7:9c:27:c1:63:f8:7f:77:e7:a9:fa:89:42:4a:
41:49:9d:9a:55:d5:3a:fb:95:51:fe:cc:dc:8a:4d:4b:3d:d4:
00:e5:fc:82:b4:01:1d:57:13:c1:ae:a2:d8:6c:ee:2e:7c:5d:
aa:e6:60:b9:fc:f9:d2:82:2e:e2:f7:3f:ce:13:0c:79:3b:40:
a9:a5:6d:38
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJu7roqTUcZZc5n6736JEtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwM2ZlYmZkNTM3ZTMyMGNiYmVjMmI0ZTIyNjc3YjlhZTY2
ZjYwNGUwHhcNMjQwMTAyMTAzMjUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDAxNDMxODg0MTU3YTBhYWZlZWNhNmViNTNkZjM2MzI3Mzk1MjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAonyWNqcYeFR7Gwed4SkSK3F9Ajtj
fA8xC6t2mqTT7QN4wkk5ftZnQpQ1xivVBTmiV64Hx442+TkiicxIipMvqEKJYQ75
5rc78xvrLQc8e73+Rp04Kt/m/ZjD9wSEZ1+ijwQHppoBFH2y+NvxtPoMudXS39XK
xCLnyc6GbK+r3BDO7p3NP5DUbhKPWt6vgrN7hguEO5wdN9WtS5d/G9OTpLb4HO9Z
ITMBnEHJn+aOZ36DcaXuyw1NetNvww+/KLeEPzbKBSXs+fTgP3LSJdCNT8a/SJfX
evsqOMjW3IGINoE6DYMT9WQZVlwdyo8INRaX3nxdyyXvDn7jn5Yt4DkYXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMQBQxiEFXoKr+7KbrU982MnOVJDMB8GA1UdIwQY
MBaAFNA/6/1TfjIMu+wrTiJne5rmb2BOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMERfcl9WTi1NZ3k3N0N0T0ltZDdtdVp2WUU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9hMTE1NjctMjU5ZS00ZDFiLWJmY2It
MjgxZmFkZTI4MzRiLzEveEFGREdJUVZlZ3F2N3NwdXRUM3pZeWM1VWtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9hMTE1NjctMjU5ZS00ZDFiLWJmY2ItMjgxZmFkZTI4MzRi
LzEvMERfcl9WTi1NZ3k3N0N0T0ltZDdtdVp2WUU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUFvSMA0G
CSqGSIb3DQEBCwUAA4IBAQBcrtzcbrTwZ2S/JdO7Zt2QEuKZb8kw1/OT/jf1liLE
ciStIxbQ0OJmdqbQrjpmgQbpYeMY1Vteg93Ujfrmz1d9pDq2Pmsw2R01kW7NzHn8
/edJJEY6MQ8RgAIIlle2JBxjEn0RcEp8Jq7Q1sFWFOxdm1P3opfzMdkFEbXCTMSv
lyaFu7OsiFakapEPkpOvHpRxCIzQapgDoS6GHHuMrKgc3zJD6y+o3JdzuRyNhU+t
mK3+RbSh+eDe95wnwWP4f3fnqfqJQkpBSZ2aVdU6+5VR/szcik1LPdQA5fyCtAEd
VxPBrqLYbO4ufF2q5mC5/PnSgi7i9z/OEwx5O0CppW04
-----END CERTIFICATE-----
Generated at Wed Jan 17 01:10:48 2024 by rpki-client on console-fra.rpki-client.org