Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/ffe07c-16f0-4999-8894-10f0093eaae0/1/yDxpaCZRsnhuBq7xswafw58inCo.roa
File: yDxpaCZRsnhuBq7xswafw58inCo.roa (raw, json)
Hash identifier: 0rrlCcZ6sT9G+OC++2iugtDc6uwROpuFd6XIyS0Tsfo=
Subject key identifier: C8:3C:69:68:26:51:B2:78:6E:06:AE:F1:B3:06:9F:C3:9F:22:9C:2A
Certificate issuer: /CN=f753a19b5dce1d4159352229426a9fdb7d9f9a3b
Certificate serial: 018C8C419A41BBD2DD88C1FAB4BF4C9E1307
Authority key identifier: F7:53:A1:9B:5D:CE:1D:41:59:35:22:29:42:6A:9F:DB:7D:9F:9A:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/91Ohm13OHUFZNSIpQmqf232fmjs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/ffe07c-16f0-4999-8894-10f0093eaae0/1/yDxpaCZRsnhuBq7xswafw58inCo.roa
Signing time: Thu 21 Dec 2023 12:02:38 +0000
ROA not before: Thu 21 Dec 2023 12:02:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30830
IP address blocks: 80.73.130.0/23 maxlen: 24
80.73.132.0/23 maxlen: 24
80.73.128.0/23 maxlen: 24
2a01:5140::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:8c:41:9a:41:bb:d2:dd:88:c1:fa:b4:bf:4c:9e:13:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f753a19b5dce1d4159352229426a9fdb7d9f9a3b
Validity
Not Before: Dec 21 12:02:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c83c69682651b2786e06aef1b3069fc39f229c2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:2a:85:ef:43:86:54:ec:18:b6:b1:75:49:1c:
81:ae:5f:77:f4:86:f8:e7:60:06:09:a7:cd:40:76:
5f:48:35:26:bf:52:5e:19:7e:8d:3d:97:9e:d5:6d:
c3:88:5f:34:f1:49:0f:8a:59:32:4f:d7:fe:bf:9e:
0b:e3:06:eb:f7:a2:ee:08:f5:c3:43:b7:22:9a:6d:
10:d7:17:79:0a:fb:04:67:c8:3d:da:3c:fe:80:2c:
31:44:8c:fb:36:17:9b:9d:32:64:1f:30:2f:64:b8:
02:a1:99:3b:6a:2c:d9:70:89:16:30:3f:7e:b9:ec:
f3:b4:38:23:92:ba:09:02:bc:51:33:f6:12:84:a2:
0d:90:79:3d:66:d1:2f:13:fb:f2:33:5d:b3:96:1e:
c5:55:1f:b7:4a:d2:86:bf:2f:a6:79:6a:f1:0c:d5:
32:23:04:00:65:e5:b5:8e:1e:7b:c4:20:4e:21:30:
06:f3:da:3b:3e:48:82:1d:b5:fe:48:76:83:c8:a9:
c3:86:5f:73:ab:45:8e:8e:33:99:99:60:ac:30:da:
47:4a:4f:84:3a:48:06:94:14:d7:de:70:b2:3d:c9:
eb:73:f8:5f:3c:4c:88:db:86:c8:26:e6:6d:6a:6d:
3c:aa:0f:cf:70:30:3a:fb:a4:3a:eb:c8:80:64:58:
63:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:3C:69:68:26:51:B2:78:6E:06:AE:F1:B3:06:9F:C3:9F:22:9C:2A
X509v3 Authority Key Identifier:
keyid:F7:53:A1:9B:5D:CE:1D:41:59:35:22:29:42:6A:9F:DB:7D:9F:9A:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/91Ohm13OHUFZNSIpQmqf232fmjs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/ffe07c-16f0-4999-8894-10f0093eaae0/1/yDxpaCZRsnhuBq7xswafw58inCo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/ffe07c-16f0-4999-8894-10f0093eaae0/1/91Ohm13OHUFZNSIpQmqf232fmjs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.73.128.0-80.73.133.255
IPv6:
2a01:5140::/32
Signature Algorithm: sha256WithRSAEncryption
4e:55:b0:95:69:c2:1b:ec:e2:26:a9:fd:12:2a:83:7b:67:f6:
9b:55:a9:4b:23:59:bb:c1:ec:a5:d0:cd:1c:5b:6d:35:d6:ce:
22:4b:a9:3c:c0:45:3b:f9:83:4b:a5:f5:91:f3:3c:81:95:06:
76:c4:a8:03:b3:d3:af:94:70:5d:32:95:a5:f0:1a:70:5f:70:
18:f8:ce:c7:05:2f:29:3a:0d:6c:0f:e3:3d:35:3f:76:10:0a:
ad:17:80:e6:1f:23:72:64:67:35:4c:5f:c0:96:64:53:e3:4b:
34:17:90:66:99:80:2b:e9:f2:a3:a6:a1:d6:6b:bf:5d:92:5a:
12:01:94:be:3f:63:fa:b4:c5:80:f2:68:d5:b1:fc:ae:c9:41:
df:91:20:ec:bc:b1:93:4f:d8:6d:e1:71:ba:fd:5f:27:ef:ce:
03:f2:1b:31:b0:0e:3c:50:d3:a5:49:6e:b8:7a:a5:79:b4:cc:
1b:33:f4:d5:a7:2e:ae:0e:35:64:08:07:63:a4:0e:b6:b8:d9:
1a:d3:a1:3c:d0:c1:a4:6a:4e:34:82:5c:f7:74:29:54:70:74:
2b:5e:59:c9:0a:d7:2a:cf:e9:49:ce:32:70:81:5b:bd:11:5f:
1f:57:61:79:14:94:68:cb:4d:d2:c1:26:bd:09:85:c6:ce:05:
cb:25:af:aa
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYyMQZpBu9LdiMH6tL9MnhMHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NTNhMTliNWRjZTFkNDE1OTM1MjIyOTQyNmE5ZmRiN2Q5
ZjlhM2IwHhcNMjMxMjIxMTIwMjM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODNjNjk2ODI2NTFiMjc4NmUwNmFlZjFiMzA2OWZjMzlmMjI5YzJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAviqF70OGVOwYtrF1SRyBrl939Ib4
52AGCafNQHZfSDUmv1JeGX6NPZee1W3DiF808UkPilkyT9f+v54L4wbr96LuCPXD
Q7cimm0Q1xd5CvsEZ8g92jz+gCwxRIz7NhebnTJkHzAvZLgCoZk7aizZcIkWMD9+
uezztDgjkroJArxRM/YShKINkHk9ZtEvE/vyM12zlh7FVR+3StKGvy+meWrxDNUy
IwQAZeW1jh57xCBOITAG89o7PkiCHbX+SHaDyKnDhl9zq0WOjjOZmWCsMNpHSk+E
OkgGlBTX3nCyPcnrc/hfPEyI24bIJuZtam08qg/PcDA6+6Q668iAZFhjfwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFMg8aWgmUbJ4bgau8bMGn8OfIpwqMB8GA1UdIwQY
MBaAFPdToZtdzh1BWTUiKUJqn9t9n5o7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTFPaG0xM09IVUZaTlNJcFFtcWYyMzJmbWpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9mZmUwN2MtMTZmMC00OTk5LTg4OTQt
MTBmMDA5M2VhYWUwLzEveUR4cGFDWlJzbmh1QnE3eHN3YWZ3NThpbkNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9mZmUwN2MtMTZmMC00OTk5LTg4OTQtMTBmMDA5M2VhYWUw
LzEvOTFPaG0xM09IVUZaTlNJcFFtcWYyMzJmbWpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAdQSYAD
BAFQSYQwDQQCAAIwBwMFACoBUUAwDQYJKoZIhvcNAQELBQADggEBAE5VsJVpwhvs
4iap/RIqg3tn9ptVqUsjWbvB7KXQzRxbbTXWziJLqTzARTv5g0ul9ZHzPIGVBnbE
qAOz06+UcF0ylaXwGnBfcBj4zscFLyk6DWwP4z01P3YQCq0XgOYfI3JkZzVMX8CW
ZFPjSzQXkGaZgCvp8qOmodZrv12SWhIBlL4/Y/q0xYDyaNWx/K7JQd+RIOy8sZNP
2G3hcbr9XyfvzgPyGzGwDjxQ06VJbrh6pXm0zBsz9NWnLq4ONWQIB2OkDra42RrT
oTzQwaRqTjSCXPd0KVRwdCteWckK1yrP6UnOMnCBW70RXx9XYXkUlGjLTdLBJr0J
hcbOBcslr6o=
-----END CERTIFICATE-----
Generated at Mon Jan 1 14:10:40 2024 by rpki-client on console.sobornost.net