Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/1yt0IWWmNFCHrreTRSk4sZ_0Weo.roa
File: 1yt0IWWmNFCHrreTRSk4sZ_0Weo.roa (raw, json)
Hash identifier: RzzP3NP/HzcEhL5cUoHxJC56yc2TQL3wTKxLWpDN5C0=
Subject key identifier: D7:2B:74:21:65:A6:34:50:87:AE:B7:93:45:29:38:B1:9F:F4:59:EA
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 01894DFC0D1CEB632FE2C8901214E1238F31
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/1yt0IWWmNFCHrreTRSk4sZ_0Weo.roa
Signing time: Thu 13 Jul 2023 06:41:51 +0000
ROA not before: Thu 13 Jul 2023 06:41:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 328126
IP address blocks: 80.15.255.0/24 maxlen: 32
80.15.254.0/24 maxlen: 32
90.84.148.0/24 maxlen: 24
90.84.153.0/24 maxlen: 32
80.15.243.0/24 maxlen: 32
80.15.244.0/24 maxlen: 32
80.15.245.0/24 maxlen: 32
80.15.246.0/24 maxlen: 32
80.15.242.0/24 maxlen: 32
80.15.247.0/24 maxlen: 32
80.15.251.0/24 maxlen: 32
80.15.248.0/24 maxlen: 32
80.15.252.0/24 maxlen: 32
80.15.249.0/24 maxlen: 32
80.15.253.0/24 maxlen: 32
80.15.250.0/24 maxlen: 32
2a01:c9c0:c008::/48 maxlen: 128
2a01:c9c0:c01e::/48 maxlen: 128
2a01:c9c0:c01c::/48 maxlen: 128
2a01:c9c0:c012::/48 maxlen: 128
2a01:c9c0:c000::/48 maxlen: 128
2a01:c9c0:c016::/48 maxlen: 128
2a01:c9c0:c014::/48 maxlen: 128
2a01:c9c0:c00a::/48 maxlen: 128
2a01:c9c0:c018::/48 maxlen: 128
2a01:c9c0:c00c::/48 maxlen: 128
2a01:c9c0:c002::/48 maxlen: 128
2a01:c9c0:c010::/48 maxlen: 128
2a01:c9c0:c006::/48 maxlen: 128
2a01:c9c0:c004::/48 maxlen: 128
2a01:c9c0:c01a::/48 maxlen: 128
Validation: Failed, certificate revoked on Wed 15 Nov 2023 10:36:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:4d:fc:0d:1c:eb:63:2f:e2:c8:90:12:14:e1:23:8f:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jul 13 06:41:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d72b742165a6345087aeb793452938b19ff459ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:11:db:45:a6:83:ea:d4:6c:e2:16:56:3f:9d:
75:ce:4d:a7:ce:54:5e:ad:fc:36:f6:be:0a:13:63:
ea:8e:3c:e0:92:bc:ba:af:01:8c:85:61:78:ca:f4:
11:89:b7:ea:79:13:88:61:77:22:fe:b8:e6:c7:b2:
d4:e8:60:ce:f4:f1:bd:dc:4a:f6:87:8c:46:f6:d1:
9c:8d:69:b2:2a:34:cd:89:52:72:91:30:4b:9a:a0:
b3:48:9b:4f:43:f2:89:df:14:02:47:c8:7f:0d:77:
e3:b8:a1:45:40:cd:a8:70:e3:a1:ff:dd:4f:03:31:
61:b3:cf:41:b4:32:66:fe:2c:6f:b3:08:ee:7a:ba:
d9:b3:7e:af:3b:5e:08:21:fa:ca:73:48:03:03:be:
f5:4e:81:27:36:e0:d9:74:e0:9d:de:74:5a:0b:84:
3a:e0:b8:d6:71:54:b7:0f:02:ac:43:7a:3e:3a:e9:
d4:6b:5e:44:85:8c:d9:35:3d:84:d6:86:22:bd:90:
01:7c:81:5d:0f:20:a3:fd:41:c3:83:bc:9c:a9:f1:
7c:2c:7c:5f:44:e0:e3:ad:cb:1c:67:16:17:94:d6:
d7:42:b4:a3:ce:d4:b2:37:97:8f:57:99:e2:dc:61:
ad:27:38:41:03:81:67:d0:97:81:5e:10:32:07:19:
d1:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:2B:74:21:65:A6:34:50:87:AE:B7:93:45:29:38:B1:9F:F4:59:EA
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/1yt0IWWmNFCHrreTRSk4sZ_0Weo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.15.242.0-80.15.255.255
90.84.148.0/24
90.84.153.0/24
IPv6:
2a01:c9c0:c000::/48
2a01:c9c0:c002::/48
2a01:c9c0:c004::/48
2a01:c9c0:c006::/48
2a01:c9c0:c008::/48
2a01:c9c0:c00a::/48
2a01:c9c0:c00c::/48
2a01:c9c0:c010::/48
2a01:c9c0:c012::/48
2a01:c9c0:c014::/48
2a01:c9c0:c016::/48
2a01:c9c0:c018::/48
2a01:c9c0:c01a::/48
2a01:c9c0:c01c::/48
2a01:c9c0:c01e::/48
Signature Algorithm: sha256WithRSAEncryption
08:82:5e:8b:bf:b1:ae:8f:9a:c7:75:5d:00:bb:e0:23:49:5d:
6e:a1:27:00:58:d9:90:1d:03:62:4e:43:d2:cd:11:8f:60:34:
9c:52:ab:7f:0c:87:6a:41:03:b8:df:06:d8:e5:fd:10:59:27:
3c:25:2d:3c:46:7d:50:92:51:f8:f7:fa:8a:e2:f3:a7:03:18:
7a:07:a2:91:ca:bc:89:9b:80:dc:73:34:d2:f3:f2:2f:36:a3:
ce:72:30:a8:f1:26:d7:cd:d6:58:c0:a8:0b:d7:a0:a9:0e:5f:
fe:84:ad:26:fa:a6:74:86:d5:91:dd:4b:97:41:30:54:8d:10:
0a:6a:fe:10:a6:21:c3:f1:7e:74:f8:f0:98:3f:bf:6a:25:c0:
f0:a1:a3:87:a9:2d:c6:4f:d7:36:5d:4b:0f:c2:08:81:68:c1:
6d:9c:a2:ca:c2:59:8b:8a:72:41:fd:db:0f:80:a5:ce:ad:02:
66:a0:86:94:21:5f:9b:6b:b5:44:21:03:3f:1f:3b:d4:fc:06:
dc:c2:5c:42:e9:52:62:7a:8b:f1:20:a5:09:bb:4f:cd:33:b5:
ae:92:24:9e:40:27:27:df:8a:16:0f:9b:7a:bb:0e:3d:eb:e3:
1a:1b:ac:f7:df:c8:b8:ad:bb:e8:fc:94:03:d0:c3:e1:3e:5e:
2a:60:bb:d3
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgISAYlN/A0c62Mv4siQEhThI48xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjMwNzEzMDY0MTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzJiNzQyMTY1YTYzNDUwODdhZWI3OTM0NTI5MzhiMTlmZjQ1OWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgxHbRaaD6tRs4hZWP511zk2nzlRe
rfw29r4KE2Pqjjzgkry6rwGMhWF4yvQRibfqeROIYXci/rjmx7LU6GDO9PG93Er2
h4xG9tGcjWmyKjTNiVJykTBLmqCzSJtPQ/KJ3xQCR8h/DXfjuKFFQM2ocOOh/91P
AzFhs89BtDJm/ixvswjuerrZs36vO14IIfrKc0gDA771ToEnNuDZdOCd3nRaC4Q6
4LjWcVS3DwKsQ3o+OunUa15EhYzZNT2E1oYivZABfIFdDyCj/UHDg7ycqfF8LHxf
RODjrcscZxYXlNbXQrSjztSyN5ePV5ni3GGtJzhBA4Fn0JeBXhAyBxnRVQIDAQAB
o4ICsDCCAqwwHQYDVR0OBBYEFNcrdCFlpjRQh663k0UpOLGf9FnqMB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvMXl0MElXV21ORkNIcnJlVFJTazRzWl8wV2VvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHFBggrBgEFBQcBBwEB/wSBtTCBsjAfBAIAATAZMAsDBAFQ
D/IDAwRQAAMEAFpUlAMEAFpUmTCBjgQCAAIwgYcDBwAqAcnAwAADBwAqAcnAwAID
BwAqAcnAwAQDBwAqAcnAwAYDBwAqAcnAwAgDBwAqAcnAwAoDBwAqAcnAwAwDBwAq
AcnAwBADBwAqAcnAwBIDBwAqAcnAwBQDBwAqAcnAwBYDBwAqAcnAwBgDBwAqAcnA
wBoDBwAqAcnAwBwDBwAqAcnAwB4wDQYJKoZIhvcNAQELBQADggEBAAiCXou/sa6P
msd1XQC74CNJXW6hJwBY2ZAdA2JOQ9LNEY9gNJxSq38Mh2pBA7jfBtjl/RBZJzwl
LTxGfVCSUfj3+ori86cDGHoHopHKvImbgNxzNNLz8i82o85yMKjxJtfN1ljAqAvX
oKkOX/6ErSb6pnSG1ZHdS5dBMFSNEApq/hCmIcPxfnT48Jg/v2olwPCho4epLcZP
1zZdSw/CCIFowW2cosrCWYuKckH92w+Apc6tAmaghpQhX5trtUQhAz8fO9T8BtzC
XELpUmJ6i/EgpQm7T80zta6SJJ5AJyffihYPm3q7Dj3r4xobrPffyLitu+j8lAPQ
w+E+Xipgu9M=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:51 2024 by rpki-client on console-fra.rpki-client.org