Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/4404f5-e10c-4190-9270-ac0a84a27d53/1/nyZ2qb8S0fWtq4c8gIxTxj7egwE.roa
File: nyZ2qb8S0fWtq4c8gIxTxj7egwE.roa (raw, json)
Hash identifier: WibanVy1oAvSUj79HGuLtH7Rp5u6DdOABS3xhptSzPk=
Subject key identifier: 9F:26:76:A9:BF:12:D1:F5:AD:AB:87:3C:80:8C:53:C6:3E:DE:83:01
Certificate issuer: /CN=f806ec9cf1deabf9d6cd5f8891bb82d56f91d678
Certificate serial: 018C3F1D2DBA7961EB40EC02D6854E0FD1E9
Authority key identifier: F8:06:EC:9C:F1:DE:AB:F9:D6:CD:5F:88:91:BB:82:D5:6F:91:D6:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-AbsnPHeq_nWzV-IkbuC1W-R1ng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/4404f5-e10c-4190-9270-ac0a84a27d53/1/nyZ2qb8S0fWtq4c8gIxTxj7egwE.roa
Signing time: Wed 06 Dec 2023 12:32:05 +0000
ROA not before: Wed 06 Dec 2023 12:32:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21032
IP address blocks: 185.159.208.0/22 maxlen: 22
195.85.202.0/24 maxlen: 24
80.78.160.0/20 maxlen: 20
80.78.176.0/20 maxlen: 20
193.109.138.0/23 maxlen: 23
89.145.0.0/18 maxlen: 18
2a02:5d5::/32 maxlen: 32
2a02:5d7::/32 maxlen: 32
2a02:5d0::/29 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:34:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3f:1d:2d:ba:79:61:eb:40:ec:02:d6:85:4e:0f:d1:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f806ec9cf1deabf9d6cd5f8891bb82d56f91d678
Validity
Not Before: Dec 6 12:32:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9f2676a9bf12d1f5adab873c808c53c63ede8301
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:ef:15:3e:0d:c1:a7:6a:af:1c:48:a8:44:73:
98:79:46:17:97:97:05:60:9d:ce:aa:ff:52:bb:1a:
23:92:b2:a3:42:a9:08:12:d2:be:19:6f:6f:a9:4b:
c7:95:22:2f:4b:34:bd:4a:b9:4e:7f:d8:fe:10:59:
ed:80:da:55:dd:f4:73:db:9b:94:c9:2e:9f:ef:ec:
5f:0f:57:74:3a:b6:c7:d2:4f:7a:19:bf:3f:72:af:
bf:ab:91:3b:b3:1b:ea:0e:86:18:6e:8f:7f:95:35:
91:48:e8:a3:70:7d:d2:73:19:93:6e:19:9c:93:24:
16:79:a9:e5:88:f2:40:25:e8:40:cb:4d:26:1e:65:
11:ba:6a:c6:e6:eb:5c:15:09:08:7a:05:f0:81:1c:
c6:bf:ac:ce:a8:28:23:c8:a7:41:8e:08:e9:67:11:
5a:b4:09:af:f3:bf:f7:72:27:f0:7c:cd:e4:1b:38:
bd:c3:e7:9b:b9:2e:b4:9b:ec:30:70:ed:c9:d6:5b:
82:f9:50:05:64:4e:34:c6:95:8d:a1:b9:2f:4f:e4:
3e:e9:6e:fe:9b:46:c7:db:9e:02:51:52:d0:89:ac:
4b:13:53:17:6c:59:e4:fa:d3:d9:07:23:92:9b:91:
82:ab:56:00:bf:98:98:96:12:51:c7:08:02:58:8f:
ee:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:26:76:A9:BF:12:D1:F5:AD:AB:87:3C:80:8C:53:C6:3E:DE:83:01
X509v3 Authority Key Identifier:
keyid:F8:06:EC:9C:F1:DE:AB:F9:D6:CD:5F:88:91:BB:82:D5:6F:91:D6:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-AbsnPHeq_nWzV-IkbuC1W-R1ng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/4404f5-e10c-4190-9270-ac0a84a27d53/1/nyZ2qb8S0fWtq4c8gIxTxj7egwE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/4404f5-e10c-4190-9270-ac0a84a27d53/1/1-AbsnPHeq_nWzV-IkbuC1W-R1ng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.78.160.0/19
89.145.0.0/18
185.159.208.0/22
193.109.138.0/23
195.85.202.0/24
IPv6:
2a02:5d0::/29
Signature Algorithm: sha256WithRSAEncryption
a3:09:74:c3:f4:79:09:5f:90:36:15:7e:4c:76:fc:06:7f:85:
d2:a3:41:aa:29:02:33:d1:c7:9e:8a:3a:6f:aa:6d:b7:04:64:
44:18:49:50:65:48:9d:2e:1b:3f:e0:ef:5a:da:24:57:a4:20:
1b:94:96:2c:84:57:6e:a4:b3:2d:02:0d:4b:cb:21:9c:4c:2d:
ea:a6:15:6c:e0:b0:12:69:7d:e3:0d:7b:e9:ec:b3:7b:22:a6:
42:d8:97:b8:d7:9b:86:10:76:18:79:6b:8f:fd:e2:74:3b:41:
c5:91:f5:5f:fe:be:ac:29:68:33:05:24:8a:c0:04:df:e1:e0:
1b:e6:73:d4:23:19:cd:9f:98:26:86:3f:4a:41:9d:10:ad:ce:
62:1e:8c:7a:25:a9:d9:76:3b:8f:12:b2:1f:41:66:e4:0d:f4:
13:d2:51:77:1d:5a:6d:3b:61:f6:c5:5d:4a:6a:fa:b7:9a:15:
51:32:32:34:11:35:bf:66:48:5c:a3:02:dc:7e:15:70:19:c1:
f2:c4:bd:0a:05:83:37:bc:bb:9b:b3:02:78:e7:94:0b:43:34:
fe:64:cc:86:00:7a:1c:f2:5f:8e:69:46:17:79:58:2d:97:5b:
b7:0b:a3:cd:fc:77:c2:14:74:15:02:94:09:ec:72:e3:cd:e3:
bd:11:16:55
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYw/HS26eWHrQOwC1oVOD9HpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4MDZlYzljZjFkZWFiZjlkNmNkNWY4ODkxYmI4MmQ1NmY5
MWQ2NzgwHhcNMjMxMjA2MTIzMjA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjI2NzZhOWJmMTJkMWY1YWRhYjg3M2M4MDhjNTNjNjNlZGU4MzAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1u8VPg3Bp2qvHEioRHOYeUYXl5cF
YJ3Oqv9SuxojkrKjQqkIEtK+GW9vqUvHlSIvSzS9SrlOf9j+EFntgNpV3fRz25uU
yS6f7+xfD1d0OrbH0k96Gb8/cq+/q5E7sxvqDoYYbo9/lTWRSOijcH3ScxmTbhmc
kyQWeanliPJAJehAy00mHmURumrG5utcFQkIegXwgRzGv6zOqCgjyKdBjgjpZxFa
tAmv87/3cifwfM3kGzi9w+ebuS60m+wwcO3J1luC+VAFZE40xpWNobkvT+Q+6W7+
m0bH254CUVLQiaxLE1MXbFnk+tPZByOSm5GCq1YAv5iYlhJRxwgCWI/uZQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFJ8mdqm/EtH1rauHPICMU8Y+3oMBMB8GA1UdIwQY
MBaAFPgG7Jzx3qv51s1fiJG7gtVvkdZ4MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1BYnNuUEhlcV9uV3pWLUlrYnVDMVctUjFuZy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGEvNDQwNGY1LWUxMGMtNDE5MC05Mjcw
LWFjMGE4NGEyN2Q1My8xL255WjJxYjhTMGZXdHE0YzhnSXhUeGo3ZWd3RS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMGEvNDQwNGY1LWUxMGMtNDE5MC05MjcwLWFjMGE4NGEyN2Q1
My8xLzEtQWJzblBIZXFfbld6Vi1Ja2J1QzFXLVIxbmcuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwRgYIKwYBBQUHAQcBAf8ENzA1MCQEAgABMB4DBAVQTqAD
BAZZkQADBAK5n9ADBAHBbYoDBADDVcowDQQCAAIwBwMFAyoCBdAwDQYJKoZIhvcN
AQELBQADggEBAKMJdMP0eQlfkDYVfkx2/AZ/hdKjQaopAjPRx56KOm+qbbcEZEQY
SVBlSJ0uGz/g71raJFekIBuUliyEV26ksy0CDUvLIZxMLeqmFWzgsBJpfeMNe+ns
s3sipkLYl7jXm4YQdhh5a4/94nQ7QcWR9V/+vqwpaDMFJIrABN/h4Bvmc9QjGc2f
mCaGP0pBnRCtzmIejHolqdl2O48Ssh9BZuQN9BPSUXcdWm07YfbFXUpq+reaFVEy
MjQRNb9mSFyjAtx+FXAZwfLEvQoFgze8u5uzAnjnlAtDNP5kzIYAehzyX45pRhd5
WC2XW7cLo838d8IUdBUClAnscuPN470RFlU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:11 2024 by rpki-client on console-ams.rpki-client.org