Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/80xUIO8XSF_EbuwMOQpmftVwTdA.roa
File: 80xUIO8XSF_EbuwMOQpmftVwTdA.roa (raw, json)
Hash identifier: vwzG4AaqLI0B2+oSwDTQ2QUuhM89MJ2uoHYJuWAc8V0=
Subject key identifier: F3:4C:54:20:EF:17:48:5F:C4:6E:EC:0C:39:0A:66:7E:D5:70:4D:D0
Certificate issuer: /CN=8bdf76c54b9e6935c30a9b4c9ba9309ac470ec02
Certificate serial: 018B8A64FDD56D12CA709167A3FCD04F8FFD
Authority key identifier: 8B:DF:76:C5:4B:9E:69:35:C3:0A:9B:4C:9B:A9:30:9A:C4:70:EC:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i992xUueaTXDCptMm6kwmsRw7AI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/80xUIO8XSF_EbuwMOQpmftVwTdA.roa
Signing time: Wed 01 Nov 2023 10:19:16 +0000
ROA not before: Wed 01 Nov 2023 10:19:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39130
IP address blocks: 195.5.124.0/24 maxlen: 24
195.5.124.0/23 maxlen: 24
2a10:d80::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 06 Nov 2023 20:22:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8a:64:fd:d5:6d:12:ca:70:91:67:a3:fc:d0:4f:8f:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bdf76c54b9e6935c30a9b4c9ba9309ac470ec02
Validity
Not Before: Nov 1 10:19:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f34c5420ef17485fc46eec0c390a667ed5704dd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:35:17:26:3d:73:fa:ba:c4:e4:9f:ae:60:dc:
6e:d2:13:a0:36:fc:cd:79:b3:85:5d:2d:e2:d7:ea:
c4:5f:c7:0b:4c:ca:ea:bb:f5:3b:fe:6c:5e:f3:74:
13:f4:e7:15:4f:16:75:19:2b:14:64:29:16:1e:db:
89:ee:76:88:be:3f:1c:34:37:19:a8:71:55:f6:c3:
56:f2:a1:42:f7:67:89:37:66:65:df:47:28:c8:6c:
0f:84:54:f2:59:c3:c2:5d:ea:7f:2b:dc:41:9e:db:
f2:1f:f8:ef:44:23:bb:64:22:4e:f1:fc:45:0c:77:
1a:0a:8a:cf:d2:23:0c:2c:ed:e7:15:fa:70:4f:d2:
98:31:48:ea:af:ab:f8:63:0b:da:8c:4d:45:6f:19:
78:73:40:3f:a3:8d:f7:d0:66:4c:a5:76:69:61:8d:
d5:dc:a0:46:66:e3:78:4d:68:fe:74:8e:9b:6d:52:
96:b1:80:64:87:c1:dd:db:27:70:e4:4f:0a:f7:7f:
2e:50:ce:ea:50:a3:d9:93:cc:a6:18:da:e7:33:e3:
9c:de:9a:b8:3f:65:ab:68:f6:52:c1:bc:04:a3:79:
27:0c:1a:10:ba:4b:28:ab:0b:a9:43:81:03:9a:f3:
cc:6f:07:d8:17:bc:25:55:f6:e7:f2:2e:d2:6e:4c:
50:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:4C:54:20:EF:17:48:5F:C4:6E:EC:0C:39:0A:66:7E:D5:70:4D:D0
X509v3 Authority Key Identifier:
keyid:8B:DF:76:C5:4B:9E:69:35:C3:0A:9B:4C:9B:A9:30:9A:C4:70:EC:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i992xUueaTXDCptMm6kwmsRw7AI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/80xUIO8XSF_EbuwMOQpmftVwTdA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/i992xUueaTXDCptMm6kwmsRw7AI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.5.124.0/23
IPv6:
2a10:d80::/29
Signature Algorithm: sha256WithRSAEncryption
38:a1:a5:40:14:ba:5a:f2:f8:3d:1a:3b:8b:cd:a9:a1:4e:8d:
15:ff:97:d6:e5:c8:2e:dd:e8:f3:c5:fe:ec:c6:48:d7:0c:a7:
8a:6e:69:f8:63:8d:88:f2:21:3a:f4:5d:1c:51:e7:70:d0:5d:
6c:18:29:38:8e:77:94:56:9c:5c:4b:35:6f:30:83:65:d0:d8:
1f:3e:2b:c5:e6:2c:a7:d0:4e:79:97:08:af:d8:87:24:9c:18:
90:96:78:55:a7:ea:e8:a0:e8:9a:41:5e:06:5a:0f:18:2c:31:
9b:91:b6:f2:b0:c3:18:7e:51:aa:80:b3:5e:89:6e:01:67:44:
3b:7c:22:e0:5b:a1:4b:ff:c0:39:26:42:d4:e0:b8:2a:82:59:
15:2f:5d:0f:ed:4b:bd:3d:b4:5c:89:0e:2b:47:68:26:74:0c:
df:e9:88:0e:45:47:54:48:f9:38:90:56:9e:96:5b:30:67:9f:
f6:bf:23:3b:38:26:d4:9a:31:ae:63:3f:e3:90:23:8f:36:e1:
29:05:f7:6f:83:66:f0:fc:5e:5c:89:be:7a:b5:85:4f:06:f7:
df:59:04:df:93:d6:39:df:f3:d8:de:53:71:14:06:c0:d3:b1:
b3:5c:de:a5:39:2c:61:26:ea:66:8b:1c:67:05:4c:0b:bf:d4:
5e:42:fd:bb
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYuKZP3VbRLKcJFno/zQT4/9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiZGY3NmM1NGI5ZTY5MzVjMzBhOWI0YzliYTkzMDlhYzQ3
MGVjMDIwHhcNMjMxMTAxMTAxOTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzRjNTQyMGVmMTc0ODVmYzQ2ZWVjMGMzOTBhNjY3ZWQ1NzA0ZGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhTUXJj1z+rrE5J+uYNxu0hOgNvzN
ebOFXS3i1+rEX8cLTMrqu/U7/mxe83QT9OcVTxZ1GSsUZCkWHtuJ7naIvj8cNDcZ
qHFV9sNW8qFC92eJN2Zl30coyGwPhFTyWcPCXep/K9xBntvyH/jvRCO7ZCJO8fxF
DHcaCorP0iMMLO3nFfpwT9KYMUjqr6v4YwvajE1Fbxl4c0A/o4330GZMpXZpYY3V
3KBGZuN4TWj+dI6bbVKWsYBkh8Hd2ydw5E8K938uUM7qUKPZk8ymGNrnM+Oc3pq4
P2WraPZSwbwEo3knDBoQuksoqwupQ4EDmvPMbwfYF7wlVfbn8i7SbkxQLQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPNMVCDvF0hfxG7sDDkKZn7VcE3QMB8GA1UdIwQY
MBaAFIvfdsVLnmk1wwqbTJupMJrEcOwCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTk5MnhVdWVhVFhEQ3B0TW02a3dtc1J3N0FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS8yMTUxOWUtYjhkYy00MjQwLWFhNzgt
OGQyMTg2NjUwMjdkLzEvODB4VUlPOFhTRl9FYnV3TU9RcG1mdFZ3VGRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS8yMTUxOWUtYjhkYy00MjQwLWFhNzgtOGQyMTg2NjUwMjdk
LzEvaTk5MnhVdWVhVFhEQ3B0TW02a3dtc1J3N0FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBwwV8MA0E
AgACMAcDBQMqEA2AMA0GCSqGSIb3DQEBCwUAA4IBAQA4oaVAFLpa8vg9GjuLzamh
To0V/5fW5cgu3ejzxf7sxkjXDKeKbmn4Y42I8iE69F0cUedw0F1sGCk4jneUVpxc
SzVvMINl0NgfPivF5iyn0E55lwiv2IcknBiQlnhVp+rooOiaQV4GWg8YLDGbkbby
sMMYflGqgLNeiW4BZ0Q7fCLgW6FL/8A5JkLU4LgqglkVL10P7Uu9PbRciQ4rR2gm
dAzf6YgORUdUSPk4kFaellswZ5/2vyM7OCbUmjGuYz/jkCOPNuEpBfdvg2bw/F5c
ib56tYVPBvffWQTfk9Y53/PY3lNxFAbA07GzXN6lOSxhJupmixxnBUwLv9ReQv27
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:06 2024 by rpki-client on console-ams.rpki-client.org