Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/d6f8a9-d6c7-4d52-91cb-4caec97f7d92/1/HTxqlKNGq7UpCdIwFDBIgJJgx0M.roa
File: HTxqlKNGq7UpCdIwFDBIgJJgx0M.roa (raw, json)
Hash identifier: 8yPBb9bZvLLjXvhDOT4NS83wadC1U1h2lc4TaDqZLG4=
Subject key identifier: 1D:3C:6A:94:A3:46:AB:B5:29:09:D2:30:14:30:48:80:92:60:C7:43
Certificate issuer: /CN=325e98947fc948d5b62dfb85a7cb3a72a0672656
Certificate serial: 01856CCAE7DAFC2F360F8D043CA476C736E1
Authority key identifier: 32:5E:98:94:7F:C9:48:D5:B6:2D:FB:85:A7:CB:3A:72:A0:67:26:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ml6YlH_JSNW2LfuFp8s6cqBnJlY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/d6f8a9-d6c7-4d52-91cb-4caec97f7d92/1/HTxqlKNGq7UpCdIwFDBIgJJgx0M.roa
Signing time: Sun 01 Jan 2023 10:05:14 +0000
ROA not before: Sun 01 Jan 2023 10:05:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24978
IP address blocks: 80.79.224.0/20 maxlen: 20
80.79.232.0/22 maxlen: 22
185.133.104.0/22 maxlen: 22
2a03:89c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:32:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ca:e7:da:fc:2f:36:0f:8d:04:3c:a4:76:c7:36:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=325e98947fc948d5b62dfb85a7cb3a72a0672656
Validity
Not Before: Jan 1 10:05:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1d3c6a94a346abb52909d230143048809260c743
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:ee:a9:57:ed:a1:c6:d3:c4:17:9b:ad:d9:48:
2f:f8:19:c9:df:17:d6:6e:00:77:e3:67:38:43:ae:
b5:4b:ee:fc:73:e9:d9:e3:b3:7f:d8:84:a7:46:16:
7f:2b:17:49:0d:06:64:06:2c:3b:b5:3f:87:ef:68:
58:dd:c3:f1:51:08:b5:f7:c1:ab:30:dc:08:d6:91:
0d:ab:2e:21:f1:a9:e8:c4:7e:63:37:bb:8e:91:32:
e6:47:a3:38:f9:6e:7e:78:f7:b5:e4:72:3a:7f:5e:
87:ca:52:c1:40:87:e4:30:ea:ae:e3:96:7d:be:37:
5a:c9:69:f1:64:5d:02:5a:c7:29:1a:e1:82:5b:5d:
81:62:4e:07:be:d8:f4:ac:a7:fe:c7:cd:aa:6b:d9:
7e:a1:f6:09:02:b2:8c:a3:09:a4:ec:2f:02:1e:e9:
10:a2:c1:5c:76:97:30:9a:de:84:39:90:ea:c7:75:
60:2b:7f:2f:f8:ca:9f:b3:c7:ec:58:13:89:c3:f1:
dd:33:e5:60:20:8b:a9:c3:45:ee:e0:5f:60:c2:2e:
06:83:2f:32:8e:99:95:70:5e:ff:19:94:91:0f:f1:
33:37:b3:19:b6:67:13:1e:0c:46:3e:10:93:87:56:
fd:a8:fe:10:f7:38:80:9a:c3:79:2d:bd:9f:9f:37:
3b:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:3C:6A:94:A3:46:AB:B5:29:09:D2:30:14:30:48:80:92:60:C7:43
X509v3 Authority Key Identifier:
keyid:32:5E:98:94:7F:C9:48:D5:B6:2D:FB:85:A7:CB:3A:72:A0:67:26:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ml6YlH_JSNW2LfuFp8s6cqBnJlY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/d6f8a9-d6c7-4d52-91cb-4caec97f7d92/1/HTxqlKNGq7UpCdIwFDBIgJJgx0M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/d6f8a9-d6c7-4d52-91cb-4caec97f7d92/1/Ml6YlH_JSNW2LfuFp8s6cqBnJlY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.79.224.0/20
185.133.104.0/22
IPv6:
2a03:89c0::/32
Signature Algorithm: sha256WithRSAEncryption
8b:e2:d9:49:7a:7b:85:90:67:1f:77:93:6c:6e:9a:43:24:2c:
c0:0f:43:6f:d6:94:ec:24:fc:61:15:15:65:10:69:70:49:d1:
f7:b8:a5:3b:7a:5f:f5:7c:9c:6c:9e:c2:6e:7b:25:42:af:b8:
8d:da:7a:5d:7a:75:fa:2d:e3:cd:e3:78:f2:c2:e2:77:97:09:
46:6d:72:2e:6f:54:a8:93:53:e4:ec:4c:f2:ff:1f:c0:ba:9e:
75:f9:47:4c:53:60:14:d6:40:e5:af:82:7e:ea:de:90:96:2f:
82:3d:30:0a:df:1a:cf:62:55:37:3a:1b:45:26:b3:2d:36:cf:
73:df:ef:f8:4c:5e:5a:89:7a:02:a7:03:15:a1:9f:58:6e:1d:
31:f0:d7:28:a1:11:8c:b2:0f:45:d8:21:fc:30:f4:ed:b0:12:
62:bb:64:3f:13:db:e2:82:63:de:3a:9f:ba:69:87:47:47:eb:
fb:c4:71:73:dd:57:0f:94:e5:64:a8:cf:e8:16:22:b8:99:f9:
7d:b1:f3:8c:77:e6:ed:c5:37:51:d3:4c:9c:75:1b:20:eb:39:
17:cb:8b:54:7d:6e:ab:cc:b0:33:17:3d:b7:26:d0:72:10:84:
5b:f1:c8:4e:6c:a8:05:c9:dc:96:25:87:32:cc:81:29:73:d3:
80:55:06:1d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVsyufa/C82D40EPKR2xzbhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNWU5ODk0N2ZjOTQ4ZDViNjJkZmI4NWE3Y2IzYTcyYTA2
NzI2NTYwHhcNMjMwMTAxMTAwNTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDNjNmE5NGEzNDZhYmI1MjkwOWQyMzAxNDMwNDg4MDkyNjBjNzQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj+6pV+2hxtPEF5ut2Ugv+BnJ3xfW
bgB342c4Q661S+78c+nZ47N/2ISnRhZ/KxdJDQZkBiw7tT+H72hY3cPxUQi198Gr
MNwI1pENqy4h8anoxH5jN7uOkTLmR6M4+W5+ePe15HI6f16HylLBQIfkMOqu45Z9
vjdayWnxZF0CWscpGuGCW12BYk4Hvtj0rKf+x82qa9l+ofYJArKMowmk7C8CHukQ
osFcdpcwmt6EOZDqx3VgK38v+Mqfs8fsWBOJw/HdM+VgIIupw0Xu4F9gwi4Ggy8y
jpmVcF7/GZSRD/EzN7MZtmcTHgxGPhCTh1b9qP4Q9ziAmsN5Lb2fnzc7kwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFB08apSjRqu1KQnSMBQwSICSYMdDMB8GA1UdIwQY
MBaAFDJemJR/yUjVti37hafLOnKgZyZWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWw2WWxIX0pTTlcyTGZ1RnA4czZjcUJuSmxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9kNmY4YTktZDZjNy00ZDUyLTkxY2It
NGNhZWM5N2Y3ZDkyLzEvSFR4cWxLTkdxN1VwQ2RJd0ZEQklnSkpneDBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9kNmY4YTktZDZjNy00ZDUyLTkxY2ItNGNhZWM5N2Y3ZDky
LzEvTWw2WWxIX0pTTlcyTGZ1RnA4czZjcUJuSmxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEUE/gAwQC
uYVoMA0EAgACMAcDBQAqA4nAMA0GCSqGSIb3DQEBCwUAA4IBAQCL4tlJenuFkGcf
d5NsbppDJCzAD0Nv1pTsJPxhFRVlEGlwSdH3uKU7el/1fJxsnsJueyVCr7iN2npd
enX6LePN43jywuJ3lwlGbXIub1Sok1Pk7Ezy/x/Aup51+UdMU2AU1kDlr4J+6t6Q
li+CPTAK3xrPYlU3OhtFJrMtNs9z3+/4TF5aiXoCpwMVoZ9Ybh0x8NcooRGMsg9F
2CH8MPTtsBJiu2Q/E9vigmPeOp+6aYdHR+v7xHFz3VcPlOVkqM/oFiK4mfl9sfOM
d+btxTdR00ycdRsg6zkXy4tUfW6rzLAzFz23JtByEIRb8chObKgFydyWJYcyzIEp
c9OAVQYd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:42 2024 by rpki-client on console-fra.rpki-client.org