Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/d62daf-b254-4ea2-87a4-1f6b0b3a7644/1/cfptfNYGZoBv36GVbTCsgTUzmtM.roa
File: cfptfNYGZoBv36GVbTCsgTUzmtM.roa (raw, json)
Hash identifier: D/DgwwZaI42dbOkpYoMOGc+PyEtPXOHLlzS4RCShIwk=
Subject key identifier: 71:FA:6D:7C:D6:06:66:80:6F:DF:A1:95:6D:30:AC:81:35:33:9A:D3
Certificate issuer: /CN=0a5bac8fb2490901fa610480a05b66358b91246c
Certificate serial: 0185720C73D4AF92D757FAA3DBEBEF8A64B9
Authority key identifier: 0A:5B:AC:8F:B2:49:09:01:FA:61:04:80:A0:5B:66:35:8B:91:24:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Clusj7JJCQH6YQSAoFtmNYuRJGw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/d62daf-b254-4ea2-87a4-1f6b0b3a7644/1/cfptfNYGZoBv36GVbTCsgTUzmtM.roa
Signing time: Mon 02 Jan 2023 10:34:56 +0000
ROA not before: Mon 02 Jan 2023 10:34:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25417
IP address blocks: 87.249.160.0/19 maxlen: 19
80.65.192.0/20 maxlen: 20
2001:1660::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:0c:73:d4:af:92:d7:57:fa:a3:db:eb:ef:8a:64:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a5bac8fb2490901fa610480a05b66358b91246c
Validity
Not Before: Jan 2 10:34:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=71fa6d7cd60666806fdfa1956d30ac8135339ad3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:37:21:4d:81:6f:86:90:08:e3:78:1d:26:74:
cd:a7:f3:01:7e:a0:66:91:7e:05:8c:d0:9e:79:5d:
29:bd:82:03:0d:9a:89:28:cb:ce:64:d7:50:a4:e6:
dd:94:c7:4d:24:60:d5:a8:e3:83:f4:16:75:b1:b1:
e6:d1:86:da:90:53:89:83:3d:b1:e3:dd:d8:4f:b8:
05:f8:35:05:4e:e6:1b:9d:cc:56:24:db:13:67:63:
70:7b:64:2a:0f:cd:06:40:e0:2e:b7:d1:83:ab:01:
4d:c6:10:d7:82:44:30:50:c8:60:c7:ad:54:e1:e8:
18:f0:28:0e:3d:37:0a:d3:c3:25:09:e1:9a:25:ec:
fc:bf:a1:29:5c:9d:4d:d1:22:d6:73:fc:ab:0b:b2:
c7:ae:9c:74:66:90:f3:0c:ea:cd:1f:61:28:d9:d3:
f5:2d:4f:c2:49:a6:ea:eb:9b:66:98:76:fd:9d:ef:
1b:0a:56:bb:3f:7a:49:d1:9b:a6:c3:45:82:d5:24:
e4:ba:0a:99:03:ea:b7:dd:0a:a1:96:25:16:de:cb:
be:b2:2f:39:a0:fc:b4:03:0c:8f:c8:0b:77:b6:54:
f4:7d:46:a5:5e:17:c9:2d:aa:7e:68:e7:5a:c1:1e:
5c:20:f5:33:07:3d:80:86:27:9d:56:c2:c3:14:fd:
65:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:FA:6D:7C:D6:06:66:80:6F:DF:A1:95:6D:30:AC:81:35:33:9A:D3
X509v3 Authority Key Identifier:
keyid:0A:5B:AC:8F:B2:49:09:01:FA:61:04:80:A0:5B:66:35:8B:91:24:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Clusj7JJCQH6YQSAoFtmNYuRJGw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/d62daf-b254-4ea2-87a4-1f6b0b3a7644/1/cfptfNYGZoBv36GVbTCsgTUzmtM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/d62daf-b254-4ea2-87a4-1f6b0b3a7644/1/Clusj7JJCQH6YQSAoFtmNYuRJGw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.65.192.0/20
87.249.160.0/19
IPv6:
2001:1660::/32
Signature Algorithm: sha256WithRSAEncryption
85:40:05:92:66:90:89:a6:ca:68:53:84:cf:38:d4:a9:fc:db:
10:7d:b7:86:5e:50:23:2e:12:a4:ac:5e:83:71:9a:24:d6:cf:
85:f4:47:3c:50:97:78:59:66:bb:29:7f:42:90:fd:02:d5:cc:
53:04:dc:b4:12:95:86:b2:6b:27:59:33:e8:ef:fe:a9:d0:4c:
48:04:78:c0:35:46:c0:0d:67:36:b8:fe:3a:08:f9:4b:6c:b0:
5c:b2:fc:ef:fe:43:6a:fa:f4:48:3d:0f:ee:10:a6:b6:6b:60:
a4:f7:f4:c4:ea:8a:fa:ef:0a:73:41:b0:d5:71:0a:83:65:96:
f2:66:c5:04:b4:ba:27:8b:52:76:be:82:af:29:db:67:f6:a1:
ae:56:eb:d9:7a:54:5c:c1:28:16:66:1a:7b:fd:59:6c:fd:23:
0d:a5:a0:3b:84:b8:2b:a3:69:8a:0c:47:e0:0b:5c:45:7d:46:
d9:63:c4:76:34:ee:98:ec:8a:9d:74:95:93:76:a7:79:09:13:
e9:04:fa:59:4e:f3:f0:ed:61:ee:84:16:19:68:94:b7:e3:ce:
ba:8e:27:00:75:87:5a:95:88:5c:d3:41:b9:8c:93:df:c6:ab:
3d:cb:9d:5c:35:46:0d:eb:ab:88:8b:57:70:f5:02:f2:7d:f2:
23:d8:63:cc
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVyDHPUr5LXV/qj2+vvimS5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhNWJhYzhmYjI0OTA5MDFmYTYxMDQ4MGEwNWI2NjM1OGI5
MTI0NmMwHhcNMjMwMTAyMTAzNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWZhNmQ3Y2Q2MDY2NjgwNmZkZmExOTU2ZDMwYWM4MTM1MzM5YWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnjchTYFvhpAI43gdJnTNp/MBfqBm
kX4FjNCeeV0pvYIDDZqJKMvOZNdQpObdlMdNJGDVqOOD9BZ1sbHm0YbakFOJgz2x
493YT7gF+DUFTuYbncxWJNsTZ2Nwe2QqD80GQOAut9GDqwFNxhDXgkQwUMhgx61U
4egY8CgOPTcK08MlCeGaJez8v6EpXJ1N0SLWc/yrC7LHrpx0ZpDzDOrNH2Eo2dP1
LU/CSabq65tmmHb9ne8bCla7P3pJ0Zumw0WC1STkugqZA+q33QqhliUW3su+si85
oPy0AwyPyAt3tlT0fUalXhfJLap+aOdawR5cIPUzBz2AhiedVsLDFP1lfQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHH6bXzWBmaAb9+hlW0wrIE1M5rTMB8GA1UdIwQY
MBaAFApbrI+ySQkB+mEEgKBbZjWLkSRsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2x1c2o3SkpDUUg2WVFTQW9GdG1OWXVSSkd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9kNjJkYWYtYjI1NC00ZWEyLTg3YTQt
MWY2YjBiM2E3NjQ0LzEvY2ZwdGZOWUdab0J2MzZHVmJUQ3NnVFV6bXRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9kNjJkYWYtYjI1NC00ZWEyLTg3YTQtMWY2YjBiM2E3NjQ0
LzEvQ2x1c2o3SkpDUUg2WVFTQW9GdG1OWXVSSkd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEUEHAAwQF
V/mgMA0EAgACMAcDBQAgARZgMA0GCSqGSIb3DQEBCwUAA4IBAQCFQAWSZpCJpspo
U4TPONSp/NsQfbeGXlAjLhKkrF6DcZok1s+F9Ec8UJd4WWa7KX9CkP0C1cxTBNy0
EpWGsmsnWTPo7/6p0ExIBHjANUbADWc2uP46CPlLbLBcsvzv/kNq+vRIPQ/uEKa2
a2Ck9/TE6or67wpzQbDVcQqDZZbyZsUEtLoni1J2voKvKdtn9qGuVuvZelRcwSgW
Zhp7/Vls/SMNpaA7hLgro2mKDEfgC1xFfUbZY8R2NO6Y7IqddJWTdqd5CRPpBPpZ
TvPw7WHuhBYZaJS34866jicAdYdalYhc00G5jJPfxqs9y51cNUYN66uIi1dw9QLy
ffIj2GPM
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:15:09 2024 by rpki-client on console.sobornost.net