Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/f6b173-912c-4151-bac5-4c8883327a2a/1/9ThyNspone07qgBbXpvSDr7xERU.roa
File: 9ThyNspone07qgBbXpvSDr7xERU.roa (raw, json)
Hash identifier: gNKLn/A8Yku6uwy/OZGAHbRT0eqHu/q/ZYde7U+ICDM=
Subject key identifier: F5:38:72:36:CA:68:9D:ED:3B:AA:00:5B:5E:9B:D2:0E:BE:F1:11:15
Certificate issuer: /CN=07e5c4e4be3b8cbde0eae9460a11032d6a64ab71
Certificate serial: 0185CF89E0DEE661613A133051061231498D
Authority key identifier: 07:E5:C4:E4:BE:3B:8C:BD:E0:EA:E9:46:0A:11:03:2D:6A:64:AB:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B-XE5L47jL3g6ulGChEDLWpkq3E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/f6b173-912c-4151-bac5-4c8883327a2a/1/9ThyNspone07qgBbXpvSDr7xERU.roa
Signing time: Fri 20 Jan 2023 14:16:37 +0000
ROA not before: Fri 20 Jan 2023 14:16:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56611
IP address blocks: 185.173.232.0/24 maxlen: 24
185.173.233.0/24 maxlen: 24
185.173.234.0/24 maxlen: 24
80.82.71.0/24 maxlen: 24
80.82.75.0/24 maxlen: 24
80.82.72.0/24 maxlen: 24
2a02:6c8::/33 maxlen: 33
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:cf:89:e0:de:e6:61:61:3a:13:30:51:06:12:31:49:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07e5c4e4be3b8cbde0eae9460a11032d6a64ab71
Validity
Not Before: Jan 20 14:16:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f5387236ca689ded3baa005b5e9bd20ebef11115
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:d2:13:62:56:99:f3:df:6f:77:e2:4f:63:a1:
b2:fa:9f:e8:36:a2:46:3d:a5:61:e5:34:da:3f:c2:
98:74:a3:ae:5f:7b:9b:ea:00:78:9b:48:b7:d6:f1:
98:c3:2d:f5:92:eb:2c:5f:57:bf:6c:ce:ce:75:9a:
c0:cc:e9:4c:4e:de:18:06:8e:81:46:fc:29:64:54:
70:b0:a0:78:0c:bf:57:13:85:f0:96:7b:76:63:d6:
5b:84:0b:89:dc:af:f3:7d:81:aa:6c:f4:8c:77:74:
78:e8:6e:37:f7:f6:2b:ee:0f:1f:91:a0:09:0f:31:
2f:86:76:57:e9:17:a9:b6:47:41:bb:77:33:90:ad:
a5:8d:12:c0:e2:cc:19:cd:9e:97:37:e0:8c:06:ef:
cd:7e:4c:f1:99:1f:9b:39:0c:23:e6:a1:2e:75:fd:
2e:8b:fc:0b:e9:69:f4:ac:ef:ef:88:0e:72:f9:54:
67:d4:1a:34:c9:94:91:24:01:f2:21:85:58:50:05:
16:90:37:31:6f:18:6b:00:2b:31:d5:4d:37:bf:c5:
a4:c6:c3:ad:0d:ff:d7:d6:1b:de:6d:e9:c8:34:42:
17:d9:4e:d8:43:d4:54:48:52:6d:9f:e4:8d:77:63:
84:9e:60:b0:6d:ed:6a:fd:c1:f7:cb:d9:ea:e5:ed:
5f:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:38:72:36:CA:68:9D:ED:3B:AA:00:5B:5E:9B:D2:0E:BE:F1:11:15
X509v3 Authority Key Identifier:
keyid:07:E5:C4:E4:BE:3B:8C:BD:E0:EA:E9:46:0A:11:03:2D:6A:64:AB:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B-XE5L47jL3g6ulGChEDLWpkq3E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/f6b173-912c-4151-bac5-4c8883327a2a/1/9ThyNspone07qgBbXpvSDr7xERU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/f6b173-912c-4151-bac5-4c8883327a2a/1/B-XE5L47jL3g6ulGChEDLWpkq3E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.82.71.0-80.82.72.255
80.82.75.0/24
185.173.232.0-185.173.234.255
IPv6:
2a02:6c8::/33
Signature Algorithm: sha256WithRSAEncryption
83:1c:d3:21:a5:33:88:e9:d1:de:4e:41:56:35:a0:54:67:3f:
1e:e6:2f:78:ff:52:9c:bb:93:08:17:74:8b:84:fd:15:0d:4f:
b2:e0:14:75:10:2d:d5:aa:de:b2:4d:4c:4c:b4:f4:2b:3a:32:
76:70:92:6a:35:f7:a7:1f:bf:6f:93:03:59:11:ea:ed:44:f9:
1e:5c:9f:d6:64:49:a9:ef:b6:fb:12:06:ea:30:3f:a5:27:c6:
b5:ba:d2:2f:78:4d:73:71:01:ef:a1:8d:c4:91:5e:45:76:0a:
7e:1b:44:c2:3d:f5:ed:06:98:62:52:0b:20:cd:7c:6f:9c:9f:
98:8d:74:d1:9f:f2:50:8d:4f:f9:04:a4:20:12:53:78:42:59:
52:d1:3f:43:ea:e9:72:70:b7:f0:d4:59:7f:ba:00:6c:39:9a:
66:1b:61:c8:ac:70:cc:e9:72:3a:3f:e9:f9:2a:3b:76:d5:12:
7b:a9:89:cc:3f:74:b9:9c:64:4b:f9:db:4b:c2:71:f6:23:b0:
a5:d3:78:e5:af:4a:18:ed:17:9c:87:d1:e3:eb:64:65:fa:41:
69:9a:26:77:3f:2f:95:c9:f5:33:de:f8:94:89:4a:48:98:fa:
39:9e:b7:9c:64:a3:fa:53:ee:8b:54:85:43:14:8a:c6:7a:6d:
a8:1e:26:f8
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYXPieDe5mFhOhMwUQYSMUmNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3ZTVjNGU0YmUzYjhjYmRlMGVhZTk0NjBhMTEwMzJkNmE2
NGFiNzEwHhcNMjMwMTIwMTQxNjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTM4NzIzNmNhNjg5ZGVkM2JhYTAwNWI1ZTliZDIwZWJlZjExMTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkNITYlaZ899vd+JPY6Gy+p/oNqJG
PaVh5TTaP8KYdKOuX3ub6gB4m0i31vGYwy31kussX1e/bM7OdZrAzOlMTt4YBo6B
RvwpZFRwsKB4DL9XE4Xwlnt2Y9ZbhAuJ3K/zfYGqbPSMd3R46G439/Yr7g8fkaAJ
DzEvhnZX6ReptkdBu3czkK2ljRLA4swZzZ6XN+CMBu/NfkzxmR+bOQwj5qEudf0u
i/wL6Wn0rO/viA5y+VRn1Bo0yZSRJAHyIYVYUAUWkDcxbxhrACsx1U03v8WkxsOt
Df/X1hvebenINEIX2U7YQ9RUSFJtn+SNd2OEnmCwbe1q/cH3y9nq5e1feQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFPU4cjbKaJ3tO6oAW16b0g6+8REVMB8GA1UdIwQY
MBaAFAflxOS+O4y94OrpRgoRAy1qZKtxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQi1YRTVMNDdqTDNnNnVsR0NoRURMV3BrcTNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9mNmIxNzMtOTEyYy00MTUxLWJhYzUt
NGM4ODgzMzI3YTJhLzEvOVRoeU5zcG9uZTA3cWdCYlhwdlNEcjd4RVJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9mNmIxNzMtOTEyYy00MTUxLWJhYzUtNGM4ODgzMzI3YTJh
LzEvQi1YRTVMNDdqTDNnNnVsR0NoRURMV3BrcTNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjAoBAIAATAiMAwDBABQUkcD
BABQUkgDBABQUkswDAMEA7mt6AMEALmt6jAOBAIAAjAIAwYHKgIGyAAwDQYJKoZI
hvcNAQELBQADggEBAIMc0yGlM4jp0d5OQVY1oFRnPx7mL3j/Upy7kwgXdIuE/RUN
T7LgFHUQLdWq3rJNTEy09Cs6MnZwkmo196cfv2+TA1kR6u1E+R5cn9ZkSanvtvsS
BuowP6UnxrW60i94TXNxAe+hjcSRXkV2Cn4bRMI99e0GmGJSCyDNfG+cn5iNdNGf
8lCNT/kEpCASU3hCWVLRP0Pq6XJwt/DUWX+6AGw5mmYbYciscMzpcjo/6fkqO3bV
Enupicw/dLmcZEv520vCcfYjsKXTeOWvShjtF5yH0ePrZGX6QWmaJnc/L5XJ9TPe
+JSJSkiY+jmet5xko/pT7otUhUMUisZ6bageJvg=
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:23:46 2024 by rpki-client on console-ams.rpki-client.org