Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/_aPsBLlYhlhQ--BYIvxbcRE8QOw.roa
File: _aPsBLlYhlhQ--BYIvxbcRE8QOw.roa (raw, json)
Hash identifier: 7yyCw8p81z8s9jwoit2Yk3rRbjKmaey4spUXI9jbw6c=
Subject key identifier: FD:A3:EC:04:B9:58:86:58:50:FB:E0:58:22:FC:5B:71:11:3C:40:EC
Certificate issuer: /CN=081b7a22e51cfb9cf84205e4449998ad55d8f065
Certificate serial: 018793A5FC73A6CAB90FA44F5E7DE2E884BC
Authority key identifier: 08:1B:7A:22:E5:1C:FB:9C:F8:42:05:E4:44:99:98:AD:55:D8:F0:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CBt6IuUc-5z4QgXkRJmYrVXY8GU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/_aPsBLlYhlhQ--BYIvxbcRE8QOw.roa
Signing time: Tue 18 Apr 2023 09:15:41 +0000
ROA not before: Tue 18 Apr 2023 09:15:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209638
IP address blocks: 185.58.240.0/23 maxlen: 24
80.249.112.0/24 maxlen: 24
80.249.114.0/24 maxlen: 24
80.249.113.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 18 Apr 2023 09:17:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:93:a5:fc:73:a6:ca:b9:0f:a4:4f:5e:7d:e2:e8:84:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=081b7a22e51cfb9cf84205e4449998ad55d8f065
Validity
Not Before: Apr 18 09:15:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fda3ec04b958865850fbe05822fc5b71113c40ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:9b:e7:30:20:ec:41:7b:7e:37:6d:1b:e7:ae:
da:a0:b9:05:e9:9b:03:4f:cf:8f:9f:99:9a:05:61:
c0:b3:25:e5:dd:f3:1c:73:07:de:25:eb:92:93:be:
72:17:41:64:8e:c7:fd:68:46:13:1f:d6:68:03:55:
4f:01:5f:60:e4:59:b7:91:fe:e3:cb:c5:1c:58:a5:
15:68:57:59:30:bd:eb:41:80:4e:64:8c:8f:08:d1:
05:d2:13:e3:33:e1:53:72:1c:1b:c0:0c:c2:ce:1e:
f7:8e:0f:73:de:8a:2d:01:f1:f1:3f:ac:f4:ad:3d:
cf:3b:7f:e0:7b:66:f2:98:b1:49:3a:5b:d5:7f:70:
e3:ba:eb:44:fa:22:71:51:33:7c:e0:2d:8c:c0:ce:
a6:33:4e:b3:c3:ed:d8:c6:81:df:82:fe:18:71:57:
47:bd:dd:63:06:6e:7e:50:f4:4a:bd:a7:10:97:8c:
12:61:d6:c8:62:1f:41:57:b7:47:f4:b5:de:6f:e4:
5a:2b:7e:56:a7:38:b8:3f:17:2f:2d:86:89:6a:b1:
90:21:8d:37:3a:8b:1c:73:04:4e:44:0c:90:a4:82:
f2:fe:b9:22:97:a1:45:5d:7d:25:c9:cf:57:36:9f:
72:81:7f:31:f4:a8:94:fb:d2:47:ae:51:ac:76:06:
83:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:A3:EC:04:B9:58:86:58:50:FB:E0:58:22:FC:5B:71:11:3C:40:EC
X509v3 Authority Key Identifier:
keyid:08:1B:7A:22:E5:1C:FB:9C:F8:42:05:E4:44:99:98:AD:55:D8:F0:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CBt6IuUc-5z4QgXkRJmYrVXY8GU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/_aPsBLlYhlhQ--BYIvxbcRE8QOw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/CBt6IuUc-5z4QgXkRJmYrVXY8GU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.249.112.0-80.249.114.255
185.58.240.0/23
Signature Algorithm: sha256WithRSAEncryption
91:36:85:69:9a:a4:fc:1e:e0:99:6f:99:45:f7:d9:64:f2:d5:
d3:58:42:c5:d6:f4:ae:b4:ba:4e:b7:1d:e6:02:aa:52:01:57:
98:69:bf:d5:0a:b1:5a:05:11:13:f7:d6:0d:fc:40:6d:09:19:
d5:4d:b5:20:61:06:71:0e:2c:f4:9a:75:4d:4c:3c:4b:7a:21:
4a:48:a0:a3:53:40:6a:dd:79:eb:ff:25:a6:27:05:34:66:0b:
35:d6:f7:4c:23:ef:d0:59:70:97:9a:78:b8:42:d3:15:b0:ae:
fb:8a:80:59:f2:62:ec:01:3b:f0:8b:56:9c:8a:fb:5f:17:2c:
47:40:aa:7b:13:9d:d6:bc:be:92:ed:73:c1:88:6a:77:ee:f4:
74:54:8c:10:b8:7c:d8:18:63:07:78:6b:55:6c:7d:ec:99:c4:
c4:9e:a9:eb:73:67:28:9e:be:0c:d9:5d:d6:4c:5c:b7:76:8f:
f4:d4:ec:db:01:72:c5:9e:37:f3:b8:84:3c:e1:03:ee:84:74:
e2:67:3d:4b:7d:3a:65:d3:92:10:07:e9:75:54:00:ad:bc:6a:
e5:73:89:24:51:ba:31:31:42:1c:25:27:18:71:a0:52:1b:f6:
be:0d:e1:9d:1c:ea:89:23:d4:13:e3:0c:e2:9f:a6:f0:b8:86:
3c:a1:84:94
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYeTpfxzpsq5D6RPXn3i6IS8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MWI3YTIyZTUxY2ZiOWNmODQyMDVlNDQ0OTk5OGFkNTVk
OGYwNjUwHhcNMjMwNDE4MDkxNTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGEzZWMwNGI5NTg4NjU4NTBmYmUwNTgyMmZjNWI3MTExM2M0MGVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAipvnMCDsQXt+N20b567aoLkF6ZsD
T8+Pn5maBWHAsyXl3fMccwfeJeuSk75yF0Fkjsf9aEYTH9ZoA1VPAV9g5Fm3kf7j
y8UcWKUVaFdZML3rQYBOZIyPCNEF0hPjM+FTchwbwAzCzh73jg9z3ootAfHxP6z0
rT3PO3/ge2bymLFJOlvVf3DjuutE+iJxUTN84C2MwM6mM06zw+3YxoHfgv4YcVdH
vd1jBm5+UPRKvacQl4wSYdbIYh9BV7dH9LXeb+RaK35Wpzi4PxcvLYaJarGQIY03
OosccwRORAyQpILy/rkil6FFXX0lyc9XNp9ygX8x9KiU+9JHrlGsdgaDmQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFP2j7AS5WIZYUPvgWCL8W3ERPEDsMB8GA1UdIwQY
MBaAFAgbeiLlHPuc+EIF5ESZmK1V2PBlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0J0Nkl1VWMtNXo0UWdYa1JKbVlyVlhZOEdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9jNTE1YzktZGYwOC00MjZjLTgwZTYt
MDM2NzI2OGZmODcxLzEvX2FQc0JMbFlobGhRLS1CWUl2eGJjUkU4UU93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9jNTE1YzktZGYwOC00MjZjLTgwZTYtMDM2NzI2OGZmODcx
LzEvQ0J0Nkl1VWMtNXo0UWdYa1JKbVlyVlhZOEdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBARQ+XAD
BABQ+XIDBAG5OvAwDQYJKoZIhvcNAQELBQADggEBAJE2hWmapPwe4JlvmUX32WTy
1dNYQsXW9K60uk63HeYCqlIBV5hpv9UKsVoFERP31g38QG0JGdVNtSBhBnEOLPSa
dU1MPEt6IUpIoKNTQGrdeev/JaYnBTRmCzXW90wj79BZcJeaeLhC0xWwrvuKgFny
YuwBO/CLVpyK+18XLEdAqnsTnda8vpLtc8GIanfu9HRUjBC4fNgYYwd4a1VsfeyZ
xMSeqetzZyievgzZXdZMXLd2j/TU7NsBcsWeN/O4hDzhA+6EdOJnPUt9OmXTkhAH
6XVUAK28auVziSRRujExQhwlJxhxoFIb9r4N4Z0c6okj1BPjDOKfpvC4hjyhhJQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:49 2024 by rpki-client on console-ams.rpki-client.org