Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/501e8f-c7e1-4aa4-8583-66d74e73f254/1/lUkPh_e7Ip9DVSMzFawGPNF2FnE.roa
File: lUkPh_e7Ip9DVSMzFawGPNF2FnE.roa (raw, json)
Hash identifier: BkeoLNHbFlxb5x+CtAgLiqZMa+1ajAo/+a8DzBzQSO8=
Subject key identifier: 95:49:0F:87:F7:BB:22:9F:43:55:23:33:15:AC:06:3C:D1:76:16:71
Certificate issuer: /CN=93c244be6b3affb6d4e547f2e1e3c5eac1b26ab2
Certificate serial: 018BA8F6EC1E50B88F130A6DFC62F61F1639
Authority key identifier: 93:C2:44:BE:6B:3A:FF:B6:D4:E5:47:F2:E1:E3:C5:EA:C1:B2:6A:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k8JEvms6_7bU5Ufy4ePF6sGyarI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/501e8f-c7e1-4aa4-8583-66d74e73f254/1/lUkPh_e7Ip9DVSMzFawGPNF2FnE.roa
Signing time: Tue 07 Nov 2023 08:47:16 +0000
ROA not before: Tue 07 Nov 2023 08:47:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24585
IP address blocks: 80.255.96.0/20 maxlen: 20
80.255.96.0/22 maxlen: 22
2a0a:d000::/32 maxlen: 32
2a0a:d000::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a8:f6:ec:1e:50:b8:8f:13:0a:6d:fc:62:f6:1f:16:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93c244be6b3affb6d4e547f2e1e3c5eac1b26ab2
Validity
Not Before: Nov 7 08:47:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=95490f87f7bb229f4355233315ac063cd1761671
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:55:4e:eb:a3:b2:17:52:31:2e:27:14:18:9b:
4f:55:bd:3f:73:a4:6e:81:1c:2c:85:53:b7:05:5c:
0a:3a:90:b0:f7:01:17:36:d6:c4:1e:e2:e5:6b:e4:
cb:83:38:54:db:af:1e:7b:fe:82:6a:36:7b:aa:f8:
ae:22:21:41:da:8c:7c:2a:87:03:5e:75:f2:72:fc:
a1:05:f6:8d:50:81:34:b5:13:92:13:26:47:18:d5:
5b:a0:cf:59:01:66:d2:fc:5c:21:39:19:e3:df:7f:
a3:04:b2:dc:87:76:23:f6:51:57:0b:17:6b:d7:27:
9d:1d:27:91:71:d2:d6:d7:74:52:e4:e2:5d:ce:4f:
44:cf:eb:36:ff:0e:e9:c8:16:44:88:44:12:6b:fa:
b2:58:93:12:a2:d1:7f:c4:97:34:50:82:aa:6c:c0:
f6:36:c4:f6:0b:de:ff:be:c3:b4:29:f5:7b:29:46:
54:75:df:ad:56:d2:9e:0b:cb:44:d3:7e:4e:4d:dc:
aa:9b:9d:09:ed:d9:78:d0:d9:f4:3c:d3:01:08:cd:
e8:29:2c:a7:02:6b:95:ac:a4:48:73:f7:7a:2a:c4:
10:bc:ef:d6:f7:ef:b7:ab:67:49:a5:da:45:e8:f1:
42:1e:d5:bf:c7:51:ae:3f:c1:88:6e:1d:d8:4d:6a:
cf:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:49:0F:87:F7:BB:22:9F:43:55:23:33:15:AC:06:3C:D1:76:16:71
X509v3 Authority Key Identifier:
keyid:93:C2:44:BE:6B:3A:FF:B6:D4:E5:47:F2:E1:E3:C5:EA:C1:B2:6A:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k8JEvms6_7bU5Ufy4ePF6sGyarI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/501e8f-c7e1-4aa4-8583-66d74e73f254/1/lUkPh_e7Ip9DVSMzFawGPNF2FnE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/501e8f-c7e1-4aa4-8583-66d74e73f254/1/k8JEvms6_7bU5Ufy4ePF6sGyarI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.255.96.0/20
IPv6:
2a0a:d000::/29
Signature Algorithm: sha256WithRSAEncryption
44:c3:b7:d1:e9:b3:9c:60:bb:56:c8:81:8a:21:a0:c4:e3:a7:
67:c0:20:9d:90:ab:fb:44:e1:7b:3c:54:bc:a6:8c:48:82:02:
4c:4d:c4:df:45:17:fa:7a:89:a7:cc:58:ee:36:af:32:97:42:
3f:c1:c1:f7:ac:9d:21:01:1a:cc:2c:5d:41:e2:fd:6c:64:f5:
1c:f5:7b:c8:7a:1d:1a:75:ae:c9:11:ea:a1:8b:43:da:df:56:
ff:48:49:b2:2d:3a:89:db:3a:58:1f:f3:a3:27:77:99:e0:cd:
67:c8:f3:34:7d:56:32:3a:f5:73:ce:25:0d:e5:01:e9:1d:5f:
d7:b6:6c:86:fb:64:e3:92:8e:3f:07:8e:5a:f9:ab:f7:4e:32:
f6:f1:33:17:1f:90:3d:ed:5c:a5:a9:5c:99:1a:ea:b4:fc:d1:
72:3a:9a:bc:04:37:d2:23:ee:ba:3b:f9:65:54:b8:78:16:26:
d8:b7:70:77:bf:be:51:5f:8a:25:ae:8a:92:d6:6a:2e:11:58:
a1:6f:90:14:21:5d:10:47:e5:d6:26:97:47:7f:be:91:b9:07:
d0:de:f5:af:74:ee:0f:a8:31:26:50:a5:32:f8:a0:46:e3:1e:
ef:f6:b2:7c:76:b6:b1:6c:63:dc:62:4f:a1:a6:0a:f1:49:e5:
3a:e2:da:09
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYuo9uweULiPEwpt/GL2HxY5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzYzI0NGJlNmIzYWZmYjZkNGU1NDdmMmUxZTNjNWVhYzFi
MjZhYjIwHhcNMjMxMTA3MDg0NzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTQ5MGY4N2Y3YmIyMjlmNDM1NTIzMzMxNWFjMDYzY2QxNzYxNjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp1VO66OyF1IxLicUGJtPVb0/c6Ru
gRwshVO3BVwKOpCw9wEXNtbEHuLla+TLgzhU268ee/6CajZ7qviuIiFB2ox8KocD
XnXycvyhBfaNUIE0tROSEyZHGNVboM9ZAWbS/FwhORnj33+jBLLch3Yj9lFXCxdr
1yedHSeRcdLW13RS5OJdzk9Ez+s2/w7pyBZEiEQSa/qyWJMSotF/xJc0UIKqbMD2
NsT2C97/vsO0KfV7KUZUdd+tVtKeC8tE035OTdyqm50J7dl40Nn0PNMBCM3oKSyn
AmuVrKRIc/d6KsQQvO/W9++3q2dJpdpF6PFCHtW/x1GuP8GIbh3YTWrPwQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJVJD4f3uyKfQ1UjMxWsBjzRdhZxMB8GA1UdIwQY
MBaAFJPCRL5rOv+21OVH8uHjxerBsmqyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazhKRXZtczZfN2JVNVVmeTRlUEY2c0d5YXJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS81MDFlOGYtYzdlMS00YWE0LTg1ODMt
NjZkNzRlNzNmMjU0LzEvbFVrUGhfZTdJcDlEVlNNekZhd0dQTkYyRm5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS81MDFlOGYtYzdlMS00YWE0LTg1ODMtNjZkNzRlNzNmMjU0
LzEvazhKRXZtczZfN2JVNVVmeTRlUEY2c0d5YXJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQEUP9gMA0E
AgACMAcDBQMqCtAAMA0GCSqGSIb3DQEBCwUAA4IBAQBEw7fR6bOcYLtWyIGKIaDE
46dnwCCdkKv7ROF7PFS8poxIggJMTcTfRRf6eomnzFjuNq8yl0I/wcH3rJ0hARrM
LF1B4v1sZPUc9XvIeh0ada7JEeqhi0Pa31b/SEmyLTqJ2zpYH/OjJ3eZ4M1nyPM0
fVYyOvVzziUN5QHpHV/XtmyG+2Tjko4/B45a+av3TjL28TMXH5A97VylqVyZGuq0
/NFyOpq8BDfSI+66O/llVLh4FibYt3B3v75RX4olroqS1mouEVihb5AUIV0QR+XW
JpdHf76RuQfQ3vWvdO4PqDEmUKUy+KBG4x7v9rJ8draxbGPcYk+hpgrxSeU64toJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:02 2024 by rpki-client on console-ams.rpki-client.org