Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/2fb593-43f5-4db7-9819-0f9d57a5d4fa/1/K82jANUg7hzoE0iIC2cbOJB8i4s.roa
File: K82jANUg7hzoE0iIC2cbOJB8i4s.roa (raw, json)
Hash identifier: YB/4cahKigUAkl1k2WxwrlG0Zd0JsyS0AhV581AAaUE=
Subject key identifier: 2B:CD:A3:00:D5:20:EE:1C:E8:13:48:88:0B:67:1B:38:90:7C:8B:8B
Certificate issuer: /CN=d4c3b12c8d635190ec928437bbd6cb0e8c38f9a9
Certificate serial: 018A98290984DF5A6D8D0A2EDD2496AE0EC4
Authority key identifier: D4:C3:B1:2C:8D:63:51:90:EC:92:84:37:BB:D6:CB:0E:8C:38:F9:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1MOxLI1jUZDskoQ3u9bLDow4-ak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/2fb593-43f5-4db7-9819-0f9d57a5d4fa/1/K82jANUg7hzoE0iIC2cbOJB8i4s.roa
Signing time: Fri 15 Sep 2023 09:25:40 +0000
ROA not before: Fri 15 Sep 2023 09:25:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59745
IP address blocks: 80.66.96.0/20 maxlen: 24
185.198.200.0/22 maxlen: 24
2a02:340::/32 maxlen: 32
2a0a:8ec0::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:98:29:09:84:df:5a:6d:8d:0a:2e:dd:24:96:ae:0e:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4c3b12c8d635190ec928437bbd6cb0e8c38f9a9
Validity
Not Before: Sep 15 09:25:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2bcda300d520ee1ce81348880b671b38907c8b8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:89:23:2c:1c:13:2b:26:c9:a4:33:37:a4:b1:
3a:f3:81:4a:9d:15:62:3d:f2:96:b6:ce:77:0b:38:
73:1a:52:01:a5:dc:3c:ed:97:93:2d:9b:1a:63:57:
58:29:24:1b:78:00:6e:05:f0:c2:09:e2:ef:3c:75:
51:30:a2:89:e7:1e:21:d6:0b:fe:de:96:03:fe:f9:
ec:cd:37:9b:f6:6d:fd:e8:bc:8c:c4:86:62:71:71:
33:56:1c:0b:d5:d8:0c:de:2b:d9:3a:3c:d3:8a:e6:
a0:9e:6e:94:d2:d2:d3:e2:5c:d7:96:9c:e8:0a:e0:
dd:eb:9a:04:85:08:d2:17:76:15:51:9b:95:e1:12:
6b:1a:24:b7:eb:ab:e7:df:98:1d:06:b4:d2:bd:b8:
7a:b8:dd:d9:99:e2:e4:11:64:18:1a:4d:c0:d2:a7:
5c:a6:86:b7:27:69:58:2c:e4:ce:53:54:54:09:62:
3b:2a:8b:9e:38:23:56:3e:9d:b8:a4:09:b5:97:4b:
2a:f3:6b:dd:1e:cf:4f:21:85:06:34:91:68:ed:71:
d1:02:d1:40:dd:4d:d0:12:d3:aa:66:a8:0e:15:ac:
38:c5:46:ae:fa:ad:b7:9b:92:53:cd:76:97:30:67:
13:ff:74:34:d7:ff:83:4b:87:e4:0b:2e:c5:10:4c:
8a:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:CD:A3:00:D5:20:EE:1C:E8:13:48:88:0B:67:1B:38:90:7C:8B:8B
X509v3 Authority Key Identifier:
keyid:D4:C3:B1:2C:8D:63:51:90:EC:92:84:37:BB:D6:CB:0E:8C:38:F9:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1MOxLI1jUZDskoQ3u9bLDow4-ak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/2fb593-43f5-4db7-9819-0f9d57a5d4fa/1/K82jANUg7hzoE0iIC2cbOJB8i4s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/2fb593-43f5-4db7-9819-0f9d57a5d4fa/1/1MOxLI1jUZDskoQ3u9bLDow4-ak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.66.96.0/20
185.198.200.0/22
IPv6:
2a02:340::/32
2a0a:8ec0::/29
Signature Algorithm: sha256WithRSAEncryption
64:98:0a:68:b0:cf:b3:3b:b4:03:00:e5:a6:54:0e:3c:62:fe:
64:ff:7a:ba:e2:15:7b:91:64:5e:28:1f:ad:fd:c6:e3:f2:de:
36:78:f0:12:a5:cb:d6:c3:14:cd:6f:63:3f:81:6f:b9:d5:dc:
2f:97:86:bc:01:01:4e:cf:96:41:d8:fa:88:5d:2b:f8:28:51:
8a:48:9f:08:05:a7:a5:02:79:8a:1c:69:6c:5b:16:b2:7d:c7:
6a:fd:2b:79:dc:3c:79:66:b7:2d:3c:84:cf:23:e8:0f:88:82:
f7:1a:71:af:e9:2f:92:fd:00:2f:88:d9:16:be:93:44:b2:ba:
ff:ab:3a:19:be:48:83:1b:80:71:57:06:e7:ea:5f:8d:73:ce:
a5:43:3b:c4:21:38:58:3e:27:cd:cc:fd:e9:c9:7c:1c:8a:92:
d5:6e:47:ec:c2:3b:91:43:1f:8c:fc:63:ca:20:2b:92:77:00:
cd:74:ed:c5:41:bd:d6:75:c4:9d:98:86:88:9a:4e:70:27:bc:
b1:c1:50:a9:ec:22:c2:e9:7c:93:64:e9:ff:4b:6e:32:df:4c:
c1:eb:60:89:c0:69:19:cc:f6:43:95:e8:c5:3e:9b:63:91:44:
56:cd:ad:ec:03:f9:98:ef:6e:99:ea:83:24:cc:61:f8:1e:2d:
cd:6e:e8:66
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYqYKQmE31ptjQou3SSWrg7EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0YzNiMTJjOGQ2MzUxOTBlYzkyODQzN2JiZDZjYjBlOGMz
OGY5YTkwHhcNMjMwOTE1MDkyNTQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmNkYTMwMGQ1MjBlZTFjZTgxMzQ4ODgwYjY3MWIzODkwN2M4YjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjYkjLBwTKybJpDM3pLE684FKnRVi
PfKWts53CzhzGlIBpdw87ZeTLZsaY1dYKSQbeABuBfDCCeLvPHVRMKKJ5x4h1gv+
3pYD/vnszTeb9m396LyMxIZicXEzVhwL1dgM3ivZOjzTiuagnm6U0tLT4lzXlpzo
CuDd65oEhQjSF3YVUZuV4RJrGiS366vn35gdBrTSvbh6uN3ZmeLkEWQYGk3A0qdc
poa3J2lYLOTOU1RUCWI7KoueOCNWPp24pAm1l0sq82vdHs9PIYUGNJFo7XHRAtFA
3U3QEtOqZqgOFaw4xUau+q23m5JTzXaXMGcT/3Q01/+DS4fkCy7FEEyK+QIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFCvNowDVIO4c6BNIiAtnGziQfIuLMB8GA1UdIwQY
MBaAFNTDsSyNY1GQ7JKEN7vWyw6MOPmpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU1PeExJMWpVWkRza29RM3U5YkxEb3c0LWFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8yZmI1OTMtNDNmNS00ZGI3LTk4MTkt
MGY5ZDU3YTVkNGZhLzEvSzgyakFOVWc3aHpvRTBpSUMyY2JPSkI4aTRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8yZmI1OTMtNDNmNS00ZGI3LTk4MTktMGY5ZDU3YTVkNGZh
LzEvMU1PeExJMWpVWkRza29RM3U5YkxEb3c0LWFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQEUEJgAwQC
ucbIMBQEAgACMA4DBQAqAgNAAwUDKgqOwDANBgkqhkiG9w0BAQsFAAOCAQEAZJgK
aLDPszu0AwDlplQOPGL+ZP96uuIVe5FkXigfrf3G4/LeNnjwEqXL1sMUzW9jP4Fv
udXcL5eGvAEBTs+WQdj6iF0r+ChRikifCAWnpQJ5ihxpbFsWsn3Hav0redw8eWa3
LTyEzyPoD4iC9xpxr+kvkv0AL4jZFr6TRLK6/6s6Gb5IgxuAcVcG5+pfjXPOpUM7
xCE4WD4nzcz96cl8HIqS1W5H7MI7kUMfjPxjyiArkncAzXTtxUG91nXEnZiGiJpO
cCe8scFQqewiwul8k2Tp/0tuMt9MwetgicBpGcz2Q5XoxT6bY5FEVs2t7AP5mO9u
meqDJMxh+B4tzW7oZg==
-----END CERTIFICATE-----
Generated at Mon Oct 23 13:43:10 2023 by rpki-client on console-fra.rpki-client.org