Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/0e8eb9-f656-4ccf-a814-f89ab9f1286c/1/k9yARUIePq_pr1qsbngXlrU5Mzo.roa
File: k9yARUIePq_pr1qsbngXlrU5Mzo.roa (raw, json)
Hash identifier: wx4PgikKZhq9w5rfz4BWbC/EXybqZE8CvzvwY3kXT+w=
Subject key identifier: 93:DC:80:45:42:1E:3E:AF:E9:AF:5A:AC:6E:78:17:96:B5:39:33:3A
Certificate issuer: /CN=df91845e65e4f0394f1e6c3ff9e7732f6aa46fdc
Certificate serial: 01856B934E47C09DCF68A50808C0AA8289B6
Authority key identifier: DF:91:84:5E:65:E4:F0:39:4F:1E:6C:3F:F9:E7:73:2F:6A:A4:6F:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/35GEXmXk8DlPHmw_-edzL2qkb9w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/0e8eb9-f656-4ccf-a814-f89ab9f1286c/1/k9yARUIePq_pr1qsbngXlrU5Mzo.roa
Signing time: Sun 01 Jan 2023 04:24:54 +0000
ROA not before: Sun 01 Jan 2023 04:24:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203751
IP address blocks: 80.80.82.0/23 maxlen: 24
185.124.140.0/22 maxlen: 24
185.132.184.0/23 maxlen: 24
2a06:ab80::/29 maxlen: 56
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:93:4e:47:c0:9d:cf:68:a5:08:08:c0:aa:82:89:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df91845e65e4f0394f1e6c3ff9e7732f6aa46fdc
Validity
Not Before: Jan 1 04:24:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=93dc8045421e3eafe9af5aac6e781796b539333a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:0c:58:08:ca:37:b5:e1:f0:8c:ea:e2:35:db:
d1:94:69:e9:88:f6:05:d1:ad:12:25:ea:35:31:3e:
cf:81:f3:d6:09:d2:35:80:9a:00:6f:47:c6:3c:c9:
c0:c5:01:34:ff:1c:b2:25:9f:bc:ba:48:43:51:f9:
85:f0:e9:3c:00:e7:26:ae:91:77:c4:c9:da:91:da:
55:0e:df:6a:3e:e1:88:f0:87:57:5f:12:41:0c:0f:
f4:36:2e:91:6d:67:b8:05:79:58:28:ec:ab:57:79:
83:32:f4:84:81:6f:03:43:1e:aa:63:f1:99:2a:bc:
6f:39:ce:81:cd:65:85:84:a0:39:75:21:b0:cd:06:
80:17:a1:72:b7:a3:64:0f:3d:98:18:89:64:48:57:
1c:67:9f:f1:26:f0:a8:3c:0d:bd:e8:4f:a3:fb:e0:
b1:01:a1:84:d3:84:34:11:51:54:d3:38:52:6a:0d:
94:13:ca:ff:22:aa:2d:22:67:f9:27:dc:83:15:2c:
dc:4f:57:a8:12:b4:9d:85:46:10:65:0d:96:f9:ad:
64:1b:a4:2d:f0:d4:7d:fb:83:fa:f4:60:4f:45:8a:
f4:12:f4:1a:66:ec:82:17:e8:ee:d1:69:6e:ea:46:
04:39:6f:5d:e2:d9:5b:93:ce:0d:70:c6:81:09:35:
84:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:DC:80:45:42:1E:3E:AF:E9:AF:5A:AC:6E:78:17:96:B5:39:33:3A
X509v3 Authority Key Identifier:
keyid:DF:91:84:5E:65:E4:F0:39:4F:1E:6C:3F:F9:E7:73:2F:6A:A4:6F:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/35GEXmXk8DlPHmw_-edzL2qkb9w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/0e8eb9-f656-4ccf-a814-f89ab9f1286c/1/k9yARUIePq_pr1qsbngXlrU5Mzo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/0e8eb9-f656-4ccf-a814-f89ab9f1286c/1/35GEXmXk8DlPHmw_-edzL2qkb9w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.80.82.0/23
185.124.140.0/22
185.132.184.0/23
IPv6:
2a06:ab80::/29
Signature Algorithm: sha256WithRSAEncryption
5c:c2:36:9f:f6:0d:0f:02:e0:c9:69:f8:f1:29:d1:63:9b:1f:
8c:55:28:32:f4:f2:87:d7:4e:87:6e:a0:d4:19:7a:4a:5a:7b:
3d:4b:14:da:a1:b7:41:2c:71:5e:96:31:53:b8:ec:50:ae:99:
d9:ab:b4:e8:df:70:fe:02:f4:d2:cb:06:4a:e3:3a:dc:ab:78:
f8:b0:28:3b:91:36:83:61:5e:45:b8:74:6c:59:08:6b:34:47:
df:a1:d3:09:cb:6f:d2:a3:9f:07:0b:36:db:d9:b9:8f:bf:88:
e1:53:f5:c3:de:95:61:1b:6e:d3:ee:da:dd:64:17:8c:da:3a:
7e:bc:ef:74:56:1c:f4:89:4a:76:af:62:3f:60:93:ec:dd:82:
a9:1f:10:92:7a:04:c3:56:6e:b2:70:6b:91:15:73:ba:eb:51:
ed:4e:25:f9:ce:e5:3b:50:c5:cd:31:c5:0f:88:00:8f:ee:ff:
3f:14:f9:d3:dc:bc:7e:8c:d1:19:e4:a8:4b:d2:23:27:e2:5b:
d2:d2:80:c1:fb:38:a9:3f:91:af:95:49:b7:dd:72:93:91:be:
c7:b5:83:5b:60:91:ed:45:6d:58:86:a9:e1:12:ef:75:b9:8c:
63:66:07:48:53:5d:0f:a1:59:7e:2a:f4:7e:4e:7d:50:5d:25:
75:76:83:38
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVrk05HwJ3PaKUICMCqgom2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmOTE4NDVlNjVlNGYwMzk0ZjFlNmMzZmY5ZTc3MzJmNmFh
NDZmZGMwHhcNMjMwMTAxMDQyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2RjODA0NTQyMWUzZWFmZTlhZjVhYWM2ZTc4MTc5NmI1MzkzMzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvgxYCMo3teHwjOriNdvRlGnpiPYF
0a0SJeo1MT7PgfPWCdI1gJoAb0fGPMnAxQE0/xyyJZ+8ukhDUfmF8Ok8AOcmrpF3
xMnakdpVDt9qPuGI8IdXXxJBDA/0Ni6RbWe4BXlYKOyrV3mDMvSEgW8DQx6qY/GZ
KrxvOc6BzWWFhKA5dSGwzQaAF6Fyt6NkDz2YGIlkSFccZ5/xJvCoPA296E+j++Cx
AaGE04Q0EVFU0zhSag2UE8r/IqotImf5J9yDFSzcT1eoErSdhUYQZQ2W+a1kG6Qt
8NR9+4P69GBPRYr0EvQaZuyCF+ju0Wlu6kYEOW9d4tlbk84NcMaBCTWEoQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJPcgEVCHj6v6a9arG54F5a1OTM6MB8GA1UdIwQY
MBaAFN+RhF5l5PA5Tx5sP/nncy9qpG/cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzVHRVhtWGs4RGxQSG13Xy1lZHpMMnFrYjl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi8wZThlYjktZjY1Ni00Y2NmLWE4MTQt
Zjg5YWI5ZjEyODZjLzEvazl5QVJVSWVQcV9wcjFxc2JuZ1hsclU1TXpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi8wZThlYjktZjY1Ni00Y2NmLWE4MTQtZjg5YWI5ZjEyODZj
LzEvMzVHRVhtWGs4RGxQSG13Xy1lZHpMMnFrYjl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBUFBSAwQC
uXyMAwQBuYS4MA0EAgACMAcDBQMqBquAMA0GCSqGSIb3DQEBCwUAA4IBAQBcwjaf
9g0PAuDJafjxKdFjmx+MVSgy9PKH106HbqDUGXpKWns9SxTaobdBLHFeljFTuOxQ
rpnZq7To33D+AvTSywZK4zrcq3j4sCg7kTaDYV5FuHRsWQhrNEffodMJy2/So58H
Czbb2bmPv4jhU/XD3pVhG27T7trdZBeM2jp+vO90Vhz0iUp2r2I/YJPs3YKpHxCS
egTDVm6ycGuRFXO661HtTiX5zuU7UMXNMcUPiACP7v8/FPnT3Lx+jNEZ5KhL0iMn
4lvS0oDB+zipP5GvlUm33XKTkb7HtYNbYJHtRW1YhqnhEu91uYxjZgdIU10PoVl+
KvR+Tn1QXSV1doM4
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:53 2023 by rpki-client on console-fra.rpki-client.org