Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/c2a48a-3a89-46b5-ae62-abeed70fabd1/1/XQwTT4NpSRflTglrbaY_BmNL82U.roa
File: XQwTT4NpSRflTglrbaY_BmNL82U.roa (raw, json)
Hash identifier: e8g5Yxmoy9wCfW7BHkBpStpWIjfmX1aJgCeAa08oaRA=
Subject key identifier: 5D:0C:13:4F:83:69:49:17:E5:4E:09:6B:6D:A6:3F:06:63:4B:F3:65
Certificate issuer: /CN=2fd971a27c6fc2c662f065dd8bfa8b8a132c1eae
Certificate serial: 01856F9DCAA98530CC03FE7993E83D69AD41
Authority key identifier: 2F:D9:71:A2:7C:6F:C2:C6:62:F0:65:DD:8B:FA:8B:8A:13:2C:1E:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L9lxonxvwsZi8GXdi_qLihMsHq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/c2a48a-3a89-46b5-ae62-abeed70fabd1/1/XQwTT4NpSRflTglrbaY_BmNL82U.roa
Signing time: Sun 01 Jan 2023 23:14:49 +0000
ROA not before: Sun 01 Jan 2023 23:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49581
IP address blocks: 80.91.223.0/24 maxlen: 24
2a12:b180::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:9d:ca:a9:85:30:cc:03:fe:79:93:e8:3d:69:ad:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fd971a27c6fc2c662f065dd8bfa8b8a132c1eae
Validity
Not Before: Jan 1 23:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d0c134f83694917e54e096b6da63f06634bf365
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:76:b9:e3:74:ee:a3:e0:f7:6f:c2:94:0a:78:
a1:c2:d8:42:40:e8:db:1e:66:b6:66:93:28:44:12:
5d:3d:38:8b:f0:e3:8a:7d:59:c9:5d:32:78:15:85:
96:41:b6:35:cd:54:98:6d:9b:28:9b:73:6e:7c:40:
85:29:47:1a:c3:83:d8:9a:8d:df:07:3b:9b:50:98:
14:3e:a4:3f:a3:87:15:16:b1:6b:86:0c:34:af:d8:
5f:42:5b:fd:28:3b:7a:82:e8:22:55:29:0a:04:a3:
4a:40:2b:56:d6:51:10:27:16:9e:9e:20:48:48:1f:
10:e0:ad:7a:c5:27:b3:4a:28:75:c1:4a:24:46:72:
33:40:a9:6e:0b:57:cb:21:56:87:1e:ef:c8:67:06:
f2:96:49:9d:30:6b:4e:32:05:6e:9e:3f:2d:5b:a1:
fa:79:04:0d:ff:1d:f3:42:90:df:fb:da:88:65:b1:
d6:ac:90:d9:e7:73:93:b4:fa:4a:00:00:ad:9d:17:
e1:cb:84:a5:a7:e3:74:8d:7c:7d:51:8d:3e:23:1a:
fd:8e:e7:2f:23:f4:7b:b2:28:8c:34:9f:b2:be:28:
ab:17:a1:25:b3:f9:a0:5e:1c:df:86:4f:c8:3c:ca:
60:c5:c7:e1:ae:5d:52:39:14:da:0e:63:c5:aa:4d:
aa:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:0C:13:4F:83:69:49:17:E5:4E:09:6B:6D:A6:3F:06:63:4B:F3:65
X509v3 Authority Key Identifier:
keyid:2F:D9:71:A2:7C:6F:C2:C6:62:F0:65:DD:8B:FA:8B:8A:13:2C:1E:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L9lxonxvwsZi8GXdi_qLihMsHq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/c2a48a-3a89-46b5-ae62-abeed70fabd1/1/XQwTT4NpSRflTglrbaY_BmNL82U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/c2a48a-3a89-46b5-ae62-abeed70fabd1/1/L9lxonxvwsZi8GXdi_qLihMsHq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.91.223.0/24
IPv6:
2a12:b180::/29
Signature Algorithm: sha256WithRSAEncryption
7d:98:e0:9b:80:62:cc:43:8e:58:30:9c:62:a8:4b:eb:aa:6a:
12:3b:01:80:c8:74:b5:3b:f7:1b:3e:04:74:cc:fa:83:5c:7a:
16:50:8b:1f:e4:38:3b:89:9d:0e:56:28:16:ce:aa:bf:4b:1d:
98:dc:b0:b6:7b:45:e4:46:81:47:28:77:db:c2:60:58:e8:47:
b9:49:cc:42:c4:95:cf:17:bb:29:56:06:77:3a:10:d8:8e:bb:
af:dc:b9:8e:54:b2:01:4b:30:f2:7e:c6:53:42:cb:91:0e:b4:
a1:ae:41:1b:6c:04:a7:ca:79:a7:41:83:83:1d:7b:8a:f1:fc:
37:54:0f:8f:45:49:b8:17:d9:2b:49:7c:9f:cc:53:38:64:39:
8b:52:de:c2:74:8b:04:41:fb:d4:e0:57:eb:52:0c:a4:31:88:
48:98:96:52:39:44:77:23:3a:8f:cf:4c:eb:9d:0e:ec:9b:9a:
f9:2c:bf:d8:36:42:dc:35:1e:8f:78:30:37:54:6f:a2:65:25:
cb:41:57:4b:15:db:2a:23:36:f6:cc:e0:ed:a1:0e:f0:00:b2:
44:1e:25:00:79:6f:87:bc:bb:4b:6e:3b:a1:7b:ef:4d:50:94:
70:e3:aa:34:27:99:7e:dc:11:00:7c:d9:99:a6:b1:ab:ce:34:
81:b0:32:63
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvncqphTDMA/55k+g9aa1BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmZDk3MWEyN2M2ZmMyYzY2MmYwNjVkZDhiZmE4YjhhMTMy
YzFlYWUwHhcNMjMwMTAxMjMxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDBjMTM0ZjgzNjk0OTE3ZTU0ZTA5NmI2ZGE2M2YwNjYzNGJmMzY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnXa543Tuo+D3b8KUCnihwthCQOjb
Hma2ZpMoRBJdPTiL8OOKfVnJXTJ4FYWWQbY1zVSYbZsom3NufECFKUcaw4PYmo3f
BzubUJgUPqQ/o4cVFrFrhgw0r9hfQlv9KDt6gugiVSkKBKNKQCtW1lEQJxaeniBI
SB8Q4K16xSezSih1wUokRnIzQKluC1fLIVaHHu/IZwbylkmdMGtOMgVunj8tW6H6
eQQN/x3zQpDf+9qIZbHWrJDZ53OTtPpKAACtnRfhy4Slp+N0jXx9UY0+Ixr9jucv
I/R7siiMNJ+yviirF6Els/mgXhzfhk/IPMpgxcfhrl1SORTaDmPFqk2qwwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFF0ME0+DaUkX5U4Ja22mPwZjS/NlMB8GA1UdIwQY
MBaAFC/ZcaJ8b8LGYvBl3Yv6i4oTLB6uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDlseG9ueHZ3c1ppOEdYZGlfcUxpaE1zSHE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9jMmE0OGEtM2E4OS00NmI1LWFlNjIt
YWJlZWQ3MGZhYmQxLzEvWFF3VFQ0TnBTUmZsVGdscmJhWV9CbU5MODJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi9jMmE0OGEtM2E4OS00NmI1LWFlNjItYWJlZWQ3MGZhYmQx
LzEvTDlseG9ueHZ3c1ppOEdYZGlfcUxpaE1zSHE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAUFvfMA0E
AgACMAcDBQMqErGAMA0GCSqGSIb3DQEBCwUAA4IBAQB9mOCbgGLMQ45YMJxiqEvr
qmoSOwGAyHS1O/cbPgR0zPqDXHoWUIsf5Dg7iZ0OVigWzqq/Sx2Y3LC2e0XkRoFH
KHfbwmBY6Ee5ScxCxJXPF7spVgZ3OhDYjruv3LmOVLIBSzDyfsZTQsuRDrShrkEb
bASnynmnQYODHXuK8fw3VA+PRUm4F9krSXyfzFM4ZDmLUt7CdIsEQfvU4FfrUgyk
MYhImJZSOUR3IzqPz0zrnQ7sm5r5LL/YNkLcNR6PeDA3VG+iZSXLQVdLFdsqIzb2
zODtoQ7wALJEHiUAeW+HvLtLbjuhe+9NUJRw46o0J5l+3BEAfNmZprGrzjSBsDJj
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:14:25 2024 by rpki-client on console.sobornost.net