Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/c6f0a8-98f2-49fb-8506-42ad3b4c8d0c/1/XE9RtlYr2Smxae0PkYpQuii0Kts.roa
File: XE9RtlYr2Smxae0PkYpQuii0Kts.roa (raw, json)
Hash identifier: mtfLjjNKFJNuNoHICKi9ZtJ2+h8UxiCNt0HCSUXJRqc=
Subject key identifier: 5C:4F:51:B6:56:2B:D9:29:B1:69:ED:0F:91:8A:50:BA:28:B4:2A:DB
Certificate issuer: /CN=198204d1c25a011236bea0741e4c60139d349b10
Certificate serial: 01856C413C237392423E0291CD655ABB1E5C
Authority key identifier: 19:82:04:D1:C2:5A:01:12:36:BE:A0:74:1E:4C:60:13:9D:34:9B:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GYIE0cJaARI2vqB0HkxgE500mxA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/c6f0a8-98f2-49fb-8506-42ad3b4c8d0c/1/XE9RtlYr2Smxae0PkYpQuii0Kts.roa
Signing time: Sun 01 Jan 2023 07:34:52 +0000
ROA not before: Sun 01 Jan 2023 07:34:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34790
IP address blocks: 80.74.16.0/20 maxlen: 20
195.162.20.0/23 maxlen: 23
185.2.236.0/22 maxlen: 22
185.188.172.0/22 maxlen: 22
217.72.112.0/20 maxlen: 20
85.234.64.0/19 maxlen: 19
2a00:df00::/29 maxlen: 29
2a00:d000::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:41:3c:23:73:92:42:3e:02:91:cd:65:5a:bb:1e:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=198204d1c25a011236bea0741e4c60139d349b10
Validity
Not Before: Jan 1 07:34:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c4f51b6562bd929b169ed0f918a50ba28b42adb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:d9:d7:b7:5f:79:62:f0:c2:42:29:8e:8f:1e:
2a:61:f5:f1:ea:9f:60:c7:c1:3b:ac:5f:05:10:08:
52:03:2f:71:7e:03:68:a9:21:73:e9:22:9e:9f:b2:
9a:47:37:93:30:39:af:47:88:6f:b5:df:7c:6b:5c:
65:a4:96:11:5a:05:d4:18:e7:32:e5:ad:21:7d:d0:
dd:02:bb:c7:eb:07:fe:a0:83:5b:ee:18:5d:60:ab:
54:22:dc:e1:14:25:bc:92:4c:a0:bb:15:02:d5:6d:
ec:90:3c:f4:79:b5:65:12:6f:82:80:19:6d:4e:01:
5d:b3:b3:3f:2c:76:0b:31:10:25:1a:87:d2:74:c8:
b8:33:c4:dd:01:38:68:07:1a:6e:e0:f5:6f:52:92:
32:e7:c9:54:e7:7c:9f:ca:28:8c:79:69:77:25:5c:
b5:0f:9d:b2:98:3e:4e:39:d4:3b:1a:e1:7e:88:ef:
4b:dd:85:cd:4c:ef:09:07:1a:0e:fd:5b:a1:6c:75:
cf:1b:a1:9d:51:e2:5a:dd:0d:3f:7e:d9:bd:7b:9b:
4b:d9:25:50:70:7d:31:ef:5f:28:7b:7a:25:87:74:
a2:6b:68:e4:5e:c5:84:55:b8:2b:85:5d:3c:5a:cc:
6b:5b:a0:a6:e2:e0:86:38:9d:f8:dc:a4:c4:0a:3a:
4f:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:4F:51:B6:56:2B:D9:29:B1:69:ED:0F:91:8A:50:BA:28:B4:2A:DB
X509v3 Authority Key Identifier:
keyid:19:82:04:D1:C2:5A:01:12:36:BE:A0:74:1E:4C:60:13:9D:34:9B:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GYIE0cJaARI2vqB0HkxgE500mxA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/c6f0a8-98f2-49fb-8506-42ad3b4c8d0c/1/XE9RtlYr2Smxae0PkYpQuii0Kts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/c6f0a8-98f2-49fb-8506-42ad3b4c8d0c/1/GYIE0cJaARI2vqB0HkxgE500mxA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.74.16.0/20
85.234.64.0/19
185.2.236.0/22
185.188.172.0/22
195.162.20.0/23
217.72.112.0/20
IPv6:
2a00:d000::/29
2a00:df00::/29
Signature Algorithm: sha256WithRSAEncryption
3b:9b:f9:29:2f:53:b5:dc:76:ee:62:29:df:bb:e5:a6:b6:d5:
f2:d8:e0:d6:e7:ee:a5:d6:0c:90:1a:c4:0f:ba:46:07:60:36:
15:01:ca:55:15:2c:36:99:90:b2:c5:a6:ff:11:84:5d:cc:43:
45:bb:2a:b1:4e:d6:ab:46:1c:8d:37:47:87:ef:d8:09:93:52:
f0:e1:05:00:7c:f6:72:1f:51:83:00:92:a7:fc:fb:3e:d4:94:
53:eb:66:e0:0e:7a:bb:bb:9b:6e:1c:38:8f:61:46:7b:f8:cb:
fb:f7:c5:45:40:30:9c:4d:30:ad:e6:42:16:0f:89:0b:82:16:
88:47:27:0b:6f:77:d7:fb:5e:d2:6a:2c:b8:ab:11:00:2d:85:
b8:59:6f:75:6d:03:af:f7:c5:4e:d9:be:20:34:b0:03:6c:49:
14:54:13:ba:f1:69:6a:39:a2:0e:78:52:be:83:21:cc:2a:59:
5d:32:5d:74:9e:f3:01:43:a3:c9:8f:e0:80:34:d5:c7:90:2a:
8c:30:3e:40:0d:ba:3b:b8:a2:0d:19:61:d5:e5:e1:6b:f4:5d:
12:ae:e2:ef:65:6b:43:8a:1a:db:00:51:c9:b6:54:fe:35:71:
a4:bd:47:f7:4f:19:fe:5e:58:a9:7a:59:fd:fb:41:70:fe:7c:
23:f1:d4:dc
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYVsQTwjc5JCPgKRzWVaux5cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5ODIwNGQxYzI1YTAxMTIzNmJlYTA3NDFlNGM2MDEzOWQz
NDliMTAwHhcNMjMwMTAxMDczNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzRmNTFiNjU2MmJkOTI5YjE2OWVkMGY5MThhNTBiYTI4YjQyYWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotnXt195YvDCQimOjx4qYfXx6p9g
x8E7rF8FEAhSAy9xfgNoqSFz6SKen7KaRzeTMDmvR4hvtd98a1xlpJYRWgXUGOcy
5a0hfdDdArvH6wf+oINb7hhdYKtUItzhFCW8kkyguxUC1W3skDz0ebVlEm+CgBlt
TgFds7M/LHYLMRAlGofSdMi4M8TdAThoBxpu4PVvUpIy58lU53yfyiiMeWl3JVy1
D52ymD5OOdQ7GuF+iO9L3YXNTO8JBxoO/VuhbHXPG6GdUeJa3Q0/ftm9e5tL2SVQ
cH0x718oe3olh3Sia2jkXsWEVbgrhV08WsxrW6Cm4uCGOJ343KTECjpPJQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFFxPUbZWK9kpsWntD5GKULootCrbMB8GA1UdIwQY
MBaAFBmCBNHCWgESNr6gdB5MYBOdNJsQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1lJRTBjSmFBUkkydnFCMEhreGdFNTAwbXhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9jNmYwYTgtOThmMi00OWZiLTg1MDYt
NDJhZDNiNGM4ZDBjLzEvWEU5UnRsWXIyU214YWUwUGtZcFF1aWkwS3RzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9jNmYwYTgtOThmMi00OWZiLTg1MDYtNDJhZDNiNGM4ZDBj
LzEvR1lJRTBjSmFBUkkydnFCMEhreGdFNTAwbXhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQEUEoQAwQF
VepAAwQCuQLsAwQCubysAwQBw6IUAwQE2UhwMBQEAgACMA4DBQMqANAAAwUDKgDf
ADANBgkqhkiG9w0BAQsFAAOCAQEAO5v5KS9Ttdx27mIp37vlprbV8tjg1ufupdYM
kBrED7pGB2A2FQHKVRUsNpmQssWm/xGEXcxDRbsqsU7Wq0YcjTdHh+/YCZNS8OEF
AHz2ch9RgwCSp/z7PtSUU+tm4A56u7ubbhw4j2FGe/jL+/fFRUAwnE0wreZCFg+J
C4IWiEcnC2931/te0mosuKsRAC2FuFlvdW0Dr/fFTtm+IDSwA2xJFFQTuvFpajmi
DnhSvoMhzCpZXTJddJ7zAUOjyY/ggDTVx5AqjDA+QA26O7iiDRlh1eXha/RdEq7i
72VrQ4oa2wBRybZU/jVxpL1H908Z/l5YqXpZ/ftBcP58I/HU3A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:29 2024 by rpki-client on console-ams.rpki-client.org