Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/1ae7be-3484-4b12-8bf4-c100a986bc5c/1/4dRs6NBhZR26lNPrdsD4coV2Hak.roa
File: 4dRs6NBhZR26lNPrdsD4coV2Hak.roa (raw, json)
Hash identifier: kCX9MykfajASpZDQrH1eQR5n1EKLUdO1mcd9OmvuXdk=
Subject key identifier: E1:D4:6C:E8:D0:61:65:1D:BA:94:D3:EB:76:C0:F8:72:85:76:1D:A9
Certificate issuer: /CN=08fcbc341c87433d03e4dd615b7f3453164344b3
Certificate serial: 01857142F742B03AD07A9391681BCD3E36E7
Authority key identifier: 08:FC:BC:34:1C:87:43:3D:03:E4:DD:61:5B:7F:34:53:16:43:44:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPy8NByHQz0D5N1hW380UxZDRLM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/1ae7be-3484-4b12-8bf4-c100a986bc5c/1/4dRs6NBhZR26lNPrdsD4coV2Hak.roa
Signing time: Mon 02 Jan 2023 06:54:51 +0000
ROA not before: Mon 02 Jan 2023 06:54:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39046
IP address blocks: 80.254.48.0/20 maxlen: 20
80.254.56.0/24 maxlen: 24
80.254.52.0/24 maxlen: 24
80.254.54.0/24 maxlen: 24
80.254.58.0/24 maxlen: 24
80.254.63.0/24 maxlen: 24
80.254.61.0/24 maxlen: 24
185.77.8.0/23 maxlen: 23
185.77.10.0/24 maxlen: 24
2a03:51a0::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:42:f7:42:b0:3a:d0:7a:93:91:68:1b:cd:3e:36:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fcbc341c87433d03e4dd615b7f3453164344b3
Validity
Not Before: Jan 2 06:54:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e1d46ce8d061651dba94d3eb76c0f87285761da9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:2c:db:ce:e2:31:bf:44:b9:5e:7c:1e:2f:68:
2b:c0:02:ba:3d:4b:2c:d0:0b:ad:5b:05:91:29:77:
dc:c5:70:53:d1:28:e3:eb:87:de:81:46:f5:12:40:
dd:04:05:7c:82:a2:41:4b:5d:94:b7:32:08:2e:ed:
0e:0f:74:db:9b:2e:0c:2b:8c:a5:64:ca:8d:f1:51:
21:8c:af:0b:70:c3:3e:5a:a4:79:6a:8a:bc:fa:15:
82:d9:00:fd:d7:12:1c:70:52:38:87:7d:28:ef:d3:
d8:36:70:0d:b6:5b:26:13:32:f5:b9:d5:a8:9e:e5:
83:31:f0:c5:d9:b6:45:58:e8:b8:f0:a5:6f:59:59:
32:21:1f:52:9d:c9:27:df:22:0c:d6:08:1d:2e:52:
63:cc:fa:e2:a3:c2:e2:2d:fa:82:22:bf:26:a7:31:
28:b1:81:e9:b7:88:c6:87:27:61:5a:0e:e6:e9:0a:
26:0a:14:94:ac:ec:c5:3f:aa:7e:1d:00:fc:03:d1:
0c:10:76:13:1b:2a:04:de:64:99:42:15:87:90:31:
d1:61:d2:92:45:aa:3b:ff:58:79:4d:e1:9b:6e:bf:
13:e0:36:ee:93:be:00:f9:a7:f8:45:a7:7a:e7:09:
1e:6f:e9:52:2b:8f:25:f1:f1:45:b4:4c:e6:96:cd:
54:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:D4:6C:E8:D0:61:65:1D:BA:94:D3:EB:76:C0:F8:72:85:76:1D:A9
X509v3 Authority Key Identifier:
keyid:08:FC:BC:34:1C:87:43:3D:03:E4:DD:61:5B:7F:34:53:16:43:44:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPy8NByHQz0D5N1hW380UxZDRLM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/1ae7be-3484-4b12-8bf4-c100a986bc5c/1/4dRs6NBhZR26lNPrdsD4coV2Hak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/1ae7be-3484-4b12-8bf4-c100a986bc5c/1/CPy8NByHQz0D5N1hW380UxZDRLM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.254.48.0/20
185.77.8.0-185.77.10.255
IPv6:
2a03:51a0::/32
Signature Algorithm: sha256WithRSAEncryption
61:d5:d1:59:f1:0b:a7:1a:e5:d5:8a:16:39:b4:eb:0f:48:73:
a0:46:9b:5e:1c:9b:d8:f2:82:d9:71:81:07:4f:89:f6:40:75:
54:cc:24:e7:b7:40:94:ae:f1:44:75:99:fb:94:a7:55:ad:25:
33:54:d7:55:94:dd:ab:cc:80:ee:f5:cf:f3:34:50:55:63:67:
18:35:cf:31:5f:d7:55:b2:ec:b3:00:ba:29:f5:26:79:ee:08:
8d:6b:81:87:9b:75:e4:43:e3:26:93:f0:ff:f1:70:8c:9d:1e:
b6:2c:4e:69:84:a8:30:4b:5a:23:70:e5:97:99:a8:4d:e8:7a:
d8:ae:1f:d4:26:5b:6d:d9:94:21:9f:94:2d:82:6b:06:c5:5e:
e4:fd:2b:d0:ef:a0:56:24:b2:f6:a8:5f:98:b3:cd:9c:9c:be:
05:0a:b8:73:54:48:59:dc:1f:5d:ec:0b:d8:15:fc:df:66:87:
21:f6:cc:1a:1f:93:a9:f3:2b:83:76:d4:2d:db:17:1d:99:42:
64:2d:6b:e4:19:74:36:6c:fe:d7:e7:43:12:fe:6a:cd:ec:af:
8e:08:71:df:fd:f0:ae:70:52:8a:0b:0d:d3:f1:4c:c0:57:46:
10:51:ef:59:3e:3d:b4:88:cb:02:d0:7c:47:9e:c5:38:68:50:
d7:f0:ae:76
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYVxQvdCsDrQepORaBvNPjbnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ZmNiYzM0MWM4NzQzM2QwM2U0ZGQ2MTViN2YzNDUzMTY0
MzQ0YjMwHhcNMjMwMTAyMDY1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWQ0NmNlOGQwNjE2NTFkYmE5NGQzZWI3NmMwZjg3Mjg1NzYxZGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArCzbzuIxv0S5XnweL2grwAK6PUss
0AutWwWRKXfcxXBT0Sjj64fegUb1EkDdBAV8gqJBS12UtzIILu0OD3Tbmy4MK4yl
ZMqN8VEhjK8LcMM+WqR5aoq8+hWC2QD91xIccFI4h30o79PYNnANtlsmEzL1udWo
nuWDMfDF2bZFWOi48KVvWVkyIR9Snckn3yIM1ggdLlJjzPrio8LiLfqCIr8mpzEo
sYHpt4jGhydhWg7m6QomChSUrOzFP6p+HQD8A9EMEHYTGyoE3mSZQhWHkDHRYdKS
Rao7/1h5TeGbbr8T4Dbuk74A+af4Rad65wkeb+lSK48l8fFFtEzmls1UwQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFOHUbOjQYWUdupTT63bA+HKFdh2pMB8GA1UdIwQY
MBaAFAj8vDQch0M9A+TdYVt/NFMWQ0SzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1B5OE5CeUhRejBENU4xaFczODBVeFpEUkxNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi8xYWU3YmUtMzQ4NC00YjEyLThiZjQt
YzEwMGE5ODZiYzVjLzEvNGRSczZOQmhaUjI2bE5QcmRzRDRjb1YySGFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi8xYWU3YmUtMzQ4NC00YjEyLThiZjQtYzEwMGE5ODZiYzVj
LzEvQ1B5OE5CeUhRejBENU4xaFczODBVeFpEUkxNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQEUP4wMAwD
BAO5TQgDBAC5TQowDQQCAAIwBwMFACoDUaAwDQYJKoZIhvcNAQELBQADggEBAGHV
0VnxC6ca5dWKFjm06w9Ic6BGm14cm9jygtlxgQdPifZAdVTMJOe3QJSu8UR1mfuU
p1WtJTNU11WU3avMgO71z/M0UFVjZxg1zzFf11Wy7LMAuin1JnnuCI1rgYebdeRD
4yaT8P/xcIydHrYsTmmEqDBLWiNw5ZeZqE3oetiuH9QmW23ZlCGflC2CawbFXuT9
K9DvoFYksvaoX5izzZycvgUKuHNUSFncH13sC9gV/N9mhyH2zBofk6nzK4N21C3b
Fx2ZQmQta+QZdDZs/tfnQxL+as3sr44Icd/98K5wUooLDdPxTMBXRhBR71k+PbSI
ywLQfEeexThoUNfwrnY=
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:39:22 2024 by rpki-client on console-fra.rpki-client.org