Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/61f398-94f6-4468-85f3-63fcaac31ca3/1/2Vg-fH2vp-D7ckuE6V7PaBZ7o70.roa
File: 2Vg-fH2vp-D7ckuE6V7PaBZ7o70.roa (raw, json)
Hash identifier: DyWglEVnrpM8F4KNwyZkOV0Y6uTuRo6wEmkRjgJVIdU=
Subject key identifier: D9:58:3E:7C:7D:AF:A7:E0:FB:72:4B:84:E9:5E:CF:68:16:7B:A3:BD
Certificate issuer: /CN=ab53ec0e9a053cbbe0e9a071bcad9e68a99ccfa8
Certificate serial: 01942368EF624241D890381046EE87C2E6FA
Authority key identifier: AB:53:EC:0E:9A:05:3C:BB:E0:E9:A0:71:BC:AD:9E:68:A9:9C:CF:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q1PsDpoFPLvg6aBxvK2eaKmcz6g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/61f398-94f6-4468-85f3-63fcaac31ca3/1/2Vg-fH2vp-D7ckuE6V7PaBZ7o70.roa
Signing time: Wed 01 Jan 2025 19:47:46 +0000
ROA not before: Wed 01 Jan 2025 19:47:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34731
IP address blocks: 80.76.16.0/20 maxlen: 20
80.76.16.0/21 maxlen: 21
80.76.24.0/21 maxlen: 21
Validation: Failed, certificate revoked on Wed 16 Apr 2025 12:28:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:68:ef:62:42:41:d8:90:38:10:46:ee:87:c2:e6:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab53ec0e9a053cbbe0e9a071bcad9e68a99ccfa8
Validity
Not Before: Jan 1 19:47:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d9583e7c7dafa7e0fb724b84e95ecf68167ba3bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:5d:1d:73:05:3d:b2:45:cd:b5:09:33:16:e9:
76:4c:40:d1:88:4b:07:98:2b:19:1d:f4:df:73:d5:
af:83:18:6c:2b:8f:6c:c5:53:9f:a1:48:f2:52:24:
de:24:f6:5f:fb:e1:69:1b:58:46:8f:82:f3:89:3f:
ff:a4:09:c8:71:40:15:25:e0:5b:8e:b0:7e:fa:d8:
9b:06:75:7a:d7:a3:1e:9c:06:3c:a7:91:8b:66:1a:
66:73:66:67:41:1a:2f:bb:12:87:f7:ed:0b:11:a8:
cc:b6:9a:fe:91:96:4a:56:a2:42:2d:45:0f:f2:d9:
bc:3d:82:c7:90:95:26:9a:31:62:67:77:c2:c6:6e:
a0:ff:1a:fd:11:c9:7d:26:f1:4a:99:39:36:93:0d:
24:82:7f:b9:a8:c1:5c:6a:91:ac:b8:0f:f6:1e:d1:
68:0d:ee:99:42:6a:ae:ad:42:19:f9:2d:68:35:7c:
c9:f8:16:26:75:34:ed:d3:bd:3f:e7:6b:0f:26:ce:
4c:c3:36:75:57:d7:e5:00:5f:d7:f0:93:de:37:77:
f0:af:77:3e:ee:c5:e0:56:37:03:e2:71:e1:39:89:
dd:56:80:18:de:29:71:73:4d:6d:c9:ea:02:e1:c6:
c5:7f:f1:5b:3b:17:59:d9:31:09:bb:8a:2b:84:a8:
c6:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:58:3E:7C:7D:AF:A7:E0:FB:72:4B:84:E9:5E:CF:68:16:7B:A3:BD
X509v3 Authority Key Identifier:
keyid:AB:53:EC:0E:9A:05:3C:BB:E0:E9:A0:71:BC:AD:9E:68:A9:9C:CF:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q1PsDpoFPLvg6aBxvK2eaKmcz6g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/61f398-94f6-4468-85f3-63fcaac31ca3/1/2Vg-fH2vp-D7ckuE6V7PaBZ7o70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/61f398-94f6-4468-85f3-63fcaac31ca3/1/q1PsDpoFPLvg6aBxvK2eaKmcz6g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.76.16.0/20
Signature Algorithm: sha256WithRSAEncryption
4c:2e:23:b1:0f:ae:2a:4d:e1:fa:70:46:3b:29:76:7c:2e:c9:
be:4b:e4:a7:0f:d2:7c:82:f3:8f:3c:2c:ba:e4:e1:8a:c3:4a:
8b:4a:c9:a6:86:24:d8:cd:dd:03:91:31:5e:79:71:fa:d8:0b:
b3:11:bd:49:2f:f6:da:a2:a7:fb:e0:bf:7f:de:de:32:49:69:
0b:c6:90:21:82:44:97:94:a2:a2:ce:65:c1:88:d1:d9:11:79:
a5:df:2e:21:14:fa:85:74:5f:54:0c:82:7d:a9:16:0c:62:4c:
76:46:0c:45:00:e1:83:8a:f9:aa:09:30:01:de:75:29:5a:d4:
f9:42:91:7a:97:93:fc:de:cb:67:2d:50:8a:e4:29:86:ae:75:
43:9e:12:4d:7b:ee:b4:22:00:d0:23:bc:96:ca:29:30:1d:76:
73:cb:3d:13:03:21:1f:a6:4f:82:9a:ca:9c:b7:01:b1:c8:7d:
4a:56:40:c8:17:29:7a:2d:de:93:1b:22:39:98:87:77:31:47:
11:2c:44:b1:4f:16:f3:3b:fb:e2:3e:37:39:14:fd:9e:c6:eb:
31:b3:49:8d:11:e1:76:f7:26:23:10:bc:68:00:58:5d:b5:57:
5d:7d:5f:1a:4d:a6:d0:71:ce:ff:3b:56:90:0a:91:15:e0:bd:
67:c0:a4:dc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjaO9iQkHYkDgQRu6Hwub6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiNTNlYzBlOWEwNTNjYmJlMGU5YTA3MWJjYWQ5ZTY4YTk5
Y2NmYTgwHhcNMjUwMTAxMTk0NzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTU4M2U3YzdkYWZhN2UwZmI3MjRiODRlOTVlY2Y2ODE2N2JhM2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7F0dcwU9skXNtQkzFul2TEDRiEsH
mCsZHfTfc9WvgxhsK49sxVOfoUjyUiTeJPZf++FpG1hGj4LziT//pAnIcUAVJeBb
jrB++tibBnV616MenAY8p5GLZhpmc2ZnQRovuxKH9+0LEajMtpr+kZZKVqJCLUUP
8tm8PYLHkJUmmjFiZ3fCxm6g/xr9Ecl9JvFKmTk2kw0kgn+5qMFcapGsuA/2HtFo
De6ZQmqurUIZ+S1oNXzJ+BYmdTTt070/52sPJs5MwzZ1V9flAF/X8JPeN3fwr3c+
7sXgVjcD4nHhOYndVoAY3ilxc01tyeoC4cbFf/FbOxdZ2TEJu4orhKjGLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNlYPnx9r6fg+3JLhOlez2gWe6O9MB8GA1UdIwQY
MBaAFKtT7A6aBTy74OmgcbytnmipnM+oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTFQc0Rwb0ZQTHZnNmFCeHZLMmVhS21jejZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy82MWYzOTgtOTRmNi00NDY4LTg1ZjMt
NjNmY2FhYzMxY2EzLzEvMlZnLWZIMnZwLUQ3Y2t1RTZWN1BhQlo3bzcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy82MWYzOTgtOTRmNi00NDY4LTg1ZjMtNjNmY2FhYzMxY2Ez
LzEvcTFQc0Rwb0ZQTHZnNmFCeHZLMmVhS21jejZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEUEwQMA0G
CSqGSIb3DQEBCwUAA4IBAQBMLiOxD64qTeH6cEY7KXZ8Lsm+S+SnD9J8gvOPPCy6
5OGKw0qLSsmmhiTYzd0DkTFeeXH62AuzEb1JL/baoqf74L9/3t4ySWkLxpAhgkSX
lKKizmXBiNHZEXml3y4hFPqFdF9UDIJ9qRYMYkx2RgxFAOGDivmqCTAB3nUpWtT5
QpF6l5P83stnLVCK5CmGrnVDnhJNe+60IgDQI7yWyikwHXZzyz0TAyEfpk+Cmsqc
twGxyH1KVkDIFyl6Ld6TGyI5mId3MUcRLESxTxbzO/viPjc5FP2exusxs0mNEeF2
9yYjELxoAFhdtVddfV8aTabQcc7/O1aQCpEV4L1nwKTc
-----END CERTIFICATE-----
Generated at Tue Apr 22 05:31:37 2025 by rpki-client