Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/c2a48a-3a89-46b5-ae62-abeed70fabd1/1/NM8qeOC1g198WgmVpNlFZ1KqqaI.roa
File: NM8qeOC1g198WgmVpNlFZ1KqqaI.roa (raw, json)
Hash identifier: LJG0m8RLOvHz12BMd24q/OCtf+ovAVlukr3MJKFzl20=
Subject key identifier: 34:CF:2A:78:E0:B5:83:5F:7C:5A:09:95:A4:D9:45:67:52:AA:A9:A2
Certificate issuer: /CN=2fd971a27c6fc2c662f065dd8bfa8b8a132c1eae
Certificate serial: 01856F9DC92B78F608E74E0D50A66D667F8F
Authority key identifier: 2F:D9:71:A2:7C:6F:C2:C6:62:F0:65:DD:8B:FA:8B:8A:13:2C:1E:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L9lxonxvwsZi8GXdi_qLihMsHq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/c2a48a-3a89-46b5-ae62-abeed70fabd1/1/NM8qeOC1g198WgmVpNlFZ1KqqaI.roa
Signing time: Sun 01 Jan 2023 23:14:49 +0000
ROA not before: Sun 01 Jan 2023 23:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44592
IP address blocks: 80.91.223.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:9d:c9:2b:78:f6:08:e7:4e:0d:50:a6:6d:66:7f:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fd971a27c6fc2c662f065dd8bfa8b8a132c1eae
Validity
Not Before: Jan 1 23:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=34cf2a78e0b5835f7c5a0995a4d9456752aaa9a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:aa:d8:02:cd:8a:c1:6f:cb:28:a5:34:59:80:
d0:3d:2b:01:71:a8:e4:5f:51:aa:53:e4:c2:97:64:
74:fa:80:5c:e2:3b:ed:71:04:aa:a8:9d:28:76:ea:
c8:e0:a8:06:45:ae:d2:9b:91:40:ce:63:19:d4:00:
8e:ee:33:20:56:da:3e:b8:a6:80:48:df:58:b7:1b:
b2:7c:05:04:22:94:f1:55:29:4a:66:45:4b:48:0f:
01:6d:32:1b:f3:4a:27:90:8f:df:9c:48:2c:e6:32:
66:e7:48:ed:57:14:c9:60:1d:5d:3c:39:68:c3:b5:
be:22:2d:5f:ed:06:2b:43:28:1a:a8:a1:3a:16:f8:
cd:12:ec:44:b0:a5:63:c2:79:c5:0d:50:6a:fe:37:
20:b5:ed:98:56:f9:2a:3a:08:80:76:97:33:ad:f5:
38:51:1e:7f:ce:cf:38:6f:0f:16:d7:94:f0:fe:98:
7b:17:14:dd:8e:18:92:f2:86:fb:ee:0c:4e:dc:80:
c3:8f:9f:3a:02:de:be:30:94:8b:aa:87:5d:66:6a:
12:44:17:a3:5f:7c:bb:79:28:09:36:b7:57:83:d3:
bf:c9:18:8a:55:cc:08:89:f3:4c:a3:1c:61:cc:50:
90:a9:c4:e2:e8:58:15:39:e9:25:4c:d7:08:cf:51:
99:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:CF:2A:78:E0:B5:83:5F:7C:5A:09:95:A4:D9:45:67:52:AA:A9:A2
X509v3 Authority Key Identifier:
keyid:2F:D9:71:A2:7C:6F:C2:C6:62:F0:65:DD:8B:FA:8B:8A:13:2C:1E:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L9lxonxvwsZi8GXdi_qLihMsHq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/c2a48a-3a89-46b5-ae62-abeed70fabd1/1/NM8qeOC1g198WgmVpNlFZ1KqqaI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/c2a48a-3a89-46b5-ae62-abeed70fabd1/1/L9lxonxvwsZi8GXdi_qLihMsHq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.91.223.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:ef:33:d3:a9:f0:cd:92:a1:ea:77:20:47:16:eb:2f:87:6f:
4d:a3:55:2e:23:f1:6e:98:4e:d9:cd:4a:79:ce:41:32:df:3a:
8c:63:d6:46:c4:83:c2:32:73:00:3e:cb:72:b6:f6:39:9a:83:
cb:b3:1f:7f:15:2e:d3:dc:33:0f:57:b4:f9:96:2e:ba:43:12:
b2:79:07:32:a0:9c:6c:29:35:72:b0:df:09:a2:48:2b:3c:64:
e9:d2:4f:be:42:56:f9:88:dd:ed:ec:38:70:28:29:3e:6e:43:
2d:d9:15:23:03:6c:fe:7c:63:ce:7e:0b:d3:c9:c3:33:d2:81:
78:04:0c:50:d6:9b:5c:33:c0:a4:91:9d:5e:5c:f6:68:49:4b:
fc:a3:b0:80:e0:81:df:50:61:0d:44:07:6f:0c:d9:95:96:1f:
3c:7f:6a:d8:e8:78:b1:ef:51:fa:66:a9:b6:4f:7c:ae:a4:3e:
ac:04:6b:cc:ba:54:88:ba:bc:69:9c:11:c0:dd:6c:17:56:28:
36:0a:7f:3f:84:0a:10:92:fd:c7:bf:40:d8:6b:f7:16:20:9b:
ca:13:4e:27:f6:ba:80:cf:f0:8e:6c:33:4b:14:1e:4c:2c:24:
30:71:e2:2e:90:ca:7a:bc:6a:8f:58:59:70:cf:ac:7a:54:47:
86:2d:37:ab
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvnckrePYI504NUKZtZn+PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmZDk3MWEyN2M2ZmMyYzY2MmYwNjVkZDhiZmE4YjhhMTMy
YzFlYWUwHhcNMjMwMTAxMjMxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGNmMmE3OGUwYjU4MzVmN2M1YTA5OTVhNGQ5NDU2NzUyYWFhOWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA16rYAs2KwW/LKKU0WYDQPSsBcajk
X1GqU+TCl2R0+oBc4jvtcQSqqJ0odurI4KgGRa7Sm5FAzmMZ1ACO7jMgVto+uKaA
SN9YtxuyfAUEIpTxVSlKZkVLSA8BbTIb80onkI/fnEgs5jJm50jtVxTJYB1dPDlo
w7W+Ii1f7QYrQygaqKE6FvjNEuxEsKVjwnnFDVBq/jcgte2YVvkqOgiAdpczrfU4
UR5/zs84bw8W15Tw/ph7FxTdjhiS8ob77gxO3IDDj586At6+MJSLqoddZmoSRBej
X3y7eSgJNrdXg9O/yRiKVcwIifNMoxxhzFCQqcTi6FgVOeklTNcIz1GZhwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDTPKnjgtYNffFoJlaTZRWdSqqmiMB8GA1UdIwQY
MBaAFC/ZcaJ8b8LGYvBl3Yv6i4oTLB6uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDlseG9ueHZ3c1ppOEdYZGlfcUxpaE1zSHE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9jMmE0OGEtM2E4OS00NmI1LWFlNjIt
YWJlZWQ3MGZhYmQxLzEvTk04cWVPQzFnMTk4V2dtVnBObEZaMUtxcWFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi9jMmE0OGEtM2E4OS00NmI1LWFlNjItYWJlZWQ3MGZhYmQx
LzEvTDlseG9ueHZ3c1ppOEdYZGlfcUxpaE1zSHE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUFvfMA0G
CSqGSIb3DQEBCwUAA4IBAQCl7zPTqfDNkqHqdyBHFusvh29No1UuI/FumE7ZzUp5
zkEy3zqMY9ZGxIPCMnMAPstytvY5moPLsx9/FS7T3DMPV7T5li66QxKyeQcyoJxs
KTVysN8JokgrPGTp0k++Qlb5iN3t7DhwKCk+bkMt2RUjA2z+fGPOfgvTycMz0oF4
BAxQ1ptcM8CkkZ1eXPZoSUv8o7CA4IHfUGENRAdvDNmVlh88f2rY6Hix71H6Zqm2
T3yupD6sBGvMulSIurxpnBHA3WwXVig2Cn8/hAoQkv3Hv0DYa/cWIJvKE04n9rqA
z/CObDNLFB5MLCQwceIukMp6vGqPWFlwz6x6VEeGLTer
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:14:25 2024 by rpki-client on console.sobornost.net