Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/6109d6-0a8a-4bf6-a0e2-e52da3b86754/1/vxvXk9DIOcSwt1QR9I_aAZEuBy4.roa
File: vxvXk9DIOcSwt1QR9I_aAZEuBy4.roa (raw, json)
Hash identifier: x2BEoEbXia8G/PuUTZSPnio9Q4Ml/4IpZKN02kdaNec=
Subject key identifier: BF:1B:D7:93:D0:C8:39:C4:B0:B7:54:11:F4:8F:DA:01:91:2E:07:2E
Certificate issuer: /CN=56e3353d5f423ad4271c3261caa543140530bddb
Certificate serial: 018CC7953DE09CFD17EFBE435EB34A8E602F
Authority key identifier: 56:E3:35:3D:5F:42:3A:D4:27:1C:32:61:CA:A5:43:14:05:30:BD:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VuM1PV9COtQnHDJhyqVDFAUwvds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/6109d6-0a8a-4bf6-a0e2-e52da3b86754/1/vxvXk9DIOcSwt1QR9I_aAZEuBy4.roa
Signing time: Tue 02 Jan 2024 00:31:35 +0000
ROA not before: Tue 02 Jan 2024 00:31:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 33871
IP address blocks: 80.67.208.0/20 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:49:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:3d:e0:9c:fd:17:ef:be:43:5e:b3:4a:8e:60:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56e3353d5f423ad4271c3261caa543140530bddb
Validity
Not Before: Jan 2 00:31:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bf1bd793d0c839c4b0b75411f48fda01912e072e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:70:e5:12:c1:e1:2f:c2:b2:f7:7a:27:ff:4b:
6e:a0:b9:eb:ec:af:df:d4:a9:41:0b:45:8c:58:26:
f3:d4:22:94:96:fd:1a:b8:da:d9:6e:94:ba:40:45:
3c:85:80:e1:29:b2:de:61:15:62:43:a3:51:cd:38:
80:f3:c7:25:a0:3e:ff:ad:99:31:33:33:da:25:f3:
10:1a:23:e4:f5:9a:f0:e5:62:69:90:6a:0e:fb:42:
5c:ab:79:cf:bf:60:f1:32:64:50:ae:eb:19:82:a6:
ae:9e:a6:0b:95:ad:02:07:9c:cf:18:76:4e:a3:ed:
b1:2d:eb:31:22:80:b1:99:e3:8b:a3:01:b5:07:d5:
20:ed:9e:97:90:dd:35:e7:19:f4:69:3b:16:1e:c3:
9c:e5:38:82:01:f6:de:e3:4f:e6:45:07:0b:e6:05:
ee:db:c8:af:52:71:6f:4c:87:95:fc:b6:82:7c:99:
fb:68:76:c6:22:82:8c:d6:88:6a:8a:00:19:1f:3a:
36:c5:f8:79:23:36:24:2a:a3:0a:35:94:93:6f:4d:
62:ba:c9:c9:cd:1d:be:f9:2a:af:22:0b:d9:c7:d9:
1e:94:bb:1e:ee:b8:30:5c:4c:77:3e:6d:3a:03:c9:
fb:7a:42:c3:4a:d8:3e:32:1f:80:56:de:86:fc:b3:
e0:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:1B:D7:93:D0:C8:39:C4:B0:B7:54:11:F4:8F:DA:01:91:2E:07:2E
X509v3 Authority Key Identifier:
keyid:56:E3:35:3D:5F:42:3A:D4:27:1C:32:61:CA:A5:43:14:05:30:BD:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VuM1PV9COtQnHDJhyqVDFAUwvds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/6109d6-0a8a-4bf6-a0e2-e52da3b86754/1/vxvXk9DIOcSwt1QR9I_aAZEuBy4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/6109d6-0a8a-4bf6-a0e2-e52da3b86754/1/VuM1PV9COtQnHDJhyqVDFAUwvds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.67.208.0/20
Signature Algorithm: sha256WithRSAEncryption
3e:4c:f0:78:b7:a7:6e:b8:37:eb:02:f7:cc:24:77:30:de:0f:
bd:df:c4:19:39:b7:58:7e:2e:c0:3b:47:41:29:aa:cf:46:08:
9f:57:8a:81:67:1f:cc:ff:01:34:74:8e:c7:1d:55:99:08:99:
c8:f7:53:b0:4f:11:0b:1f:5c:22:71:11:1e:c4:a0:47:82:cc:
19:48:f7:ee:1e:3d:a3:2d:c5:d0:25:15:f3:0b:94:03:1e:09:
3c:89:5f:6d:ca:a1:5d:b4:29:8f:9c:f7:56:da:c5:2d:5f:1a:
c2:14:41:6b:95:73:7a:54:06:ab:b0:ad:70:f5:39:00:fd:07:
99:d3:90:c1:62:5a:18:d8:24:ff:ca:77:13:7a:a2:20:e1:96:
a0:f1:69:94:19:ec:01:9e:6c:be:62:04:6f:7c:d3:ee:d4:2a:
cb:b1:0f:45:28:9a:8d:87:80:27:d2:f5:88:e7:91:7d:c9:80:
50:d4:0a:26:42:07:bb:33:4d:7a:d0:6a:fe:5c:5a:a1:8b:bf:
fa:26:1b:5c:4e:84:2b:09:52:2c:5b:ce:15:ef:5b:34:ce:c1:
d9:5b:13:20:d8:de:df:f3:ed:7a:36:68:d1:a8:e9:c1:1e:b2:
8f:26:40:c9:db:ac:69:95:e7:78:11:2e:c2:4e:84:1b:59:a8:
28:62:96:bc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlT3gnP0X775DXrNKjmAvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2ZTMzNTNkNWY0MjNhZDQyNzFjMzI2MWNhYTU0MzE0MDUz
MGJkZGIwHhcNMjQwMTAyMDAzMTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjFiZDc5M2QwYzgzOWM0YjBiNzU0MTFmNDhmZGEwMTkxMmUwNzJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnHDlEsHhL8Ky93on/0tuoLnr7K/f
1KlBC0WMWCbz1CKUlv0auNrZbpS6QEU8hYDhKbLeYRViQ6NRzTiA88cloD7/rZkx
MzPaJfMQGiPk9Zrw5WJpkGoO+0Jcq3nPv2DxMmRQrusZgqaunqYLla0CB5zPGHZO
o+2xLesxIoCxmeOLowG1B9Ug7Z6XkN015xn0aTsWHsOc5TiCAfbe40/mRQcL5gXu
28ivUnFvTIeV/LaCfJn7aHbGIoKM1ohqigAZHzo2xfh5IzYkKqMKNZSTb01iusnJ
zR2++SqvIgvZx9kelLse7rgwXEx3Pm06A8n7ekLDStg+Mh+AVt6G/LPgrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL8b15PQyDnEsLdUEfSP2gGRLgcuMB8GA1UdIwQY
MBaAFFbjNT1fQjrUJxwyYcqlQxQFML3bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnVNMVBWOUNPdFFuSERKaHlxVkRGQVV3dmRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS82MTA5ZDYtMGE4YS00YmY2LWEwZTIt
ZTUyZGEzYjg2NzU0LzEvdnh2WGs5RElPY1N3dDFRUjlJX2FBWkV1Qnk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS82MTA5ZDYtMGE4YS00YmY2LWEwZTItZTUyZGEzYjg2NzU0
LzEvVnVNMVBWOUNPdFFuSERKaHlxVkRGQVV3dmRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEUEPQMA0G
CSqGSIb3DQEBCwUAA4IBAQA+TPB4t6duuDfrAvfMJHcw3g+938QZObdYfi7AO0dB
KarPRgifV4qBZx/M/wE0dI7HHVWZCJnI91OwTxELH1wicREexKBHgswZSPfuHj2j
LcXQJRXzC5QDHgk8iV9tyqFdtCmPnPdW2sUtXxrCFEFrlXN6VAarsK1w9TkA/QeZ
05DBYloY2CT/yncTeqIg4Zag8WmUGewBnmy+YgRvfNPu1CrLsQ9FKJqNh4An0vWI
55F9yYBQ1AomQge7M0160Gr+XFqhi7/6JhtcToQrCVIsW84V71s0zsHZWxMg2N7f
8+16NmjRqOnBHrKPJkDJ26xpled4ES7CToQbWagoYpa8
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:01:34 2025 by rpki-client