Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/2fb593-43f5-4db7-9819-0f9d57a5d4fa/1/bRy_y4u7rlnhoGm9VC8Fdudkcd0.roa
File: bRy_y4u7rlnhoGm9VC8Fdudkcd0.roa (raw, json)
Hash identifier: qWyNI1ahxA4+uuNxMD78i+DJXvLTiAfnrycR1n7Jens=
Subject key identifier: 6D:1C:BF:CB:8B:BB:AE:59:E1:A0:69:BD:54:2F:05:76:E7:64:71:DD
Certificate issuer: /CN=d4c3b12c8d635190ec928437bbd6cb0e8c38f9a9
Certificate serial: 01925695C58CE9120539CB1A7478D0DCEB80
Authority key identifier: D4:C3:B1:2C:8D:63:51:90:EC:92:84:37:BB:D6:CB:0E:8C:38:F9:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1MOxLI1jUZDskoQ3u9bLDow4-ak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/2fb593-43f5-4db7-9819-0f9d57a5d4fa/1/bRy_y4u7rlnhoGm9VC8Fdudkcd0.roa
Signing time: Fri 04 Oct 2024 08:11:48 +0000
ROA not before: Fri 04 Oct 2024 08:11:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48918
IP address blocks: 80.66.96.0/20 maxlen: 20
80.66.96.0/23 maxlen: 23
80.66.98.0/24 maxlen: 24
80.66.101.0/24 maxlen: 24
80.66.102.0/24 maxlen: 24
80.66.104.0/23 maxlen: 23
80.66.107.0/24 maxlen: 24
80.66.110.0/24 maxlen: 24
185.198.200.0/22 maxlen: 24
195.20.20.0/22 maxlen: 24
2a0a:8ec0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:48:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:56:95:c5:8c:e9:12:05:39:cb:1a:74:78:d0:dc:eb:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4c3b12c8d635190ec928437bbd6cb0e8c38f9a9
Validity
Not Before: Oct 4 08:11:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6d1cbfcb8bbbae59e1a069bd542f0576e76471dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:37:74:e5:63:2f:c0:cc:c6:81:26:ac:b9:60:
26:ce:80:54:ef:dc:25:76:8e:39:b9:a1:0c:72:c1:
30:e3:cd:68:1d:69:6e:2b:9f:38:4d:fd:d0:67:c8:
fc:4f:8a:d1:90:17:93:a7:a4:56:76:46:54:aa:4b:
f9:6c:d6:25:f1:fd:4d:e1:6a:52:da:a2:c8:48:0c:
a5:70:49:13:d7:6e:d7:38:51:f9:c7:8f:ca:80:03:
e1:46:b9:f8:3e:43:17:e6:ce:fa:d4:b1:a3:ce:c0:
27:12:ce:ec:65:95:9f:54:be:03:e2:28:40:3c:e8:
9e:f9:fa:ff:ee:32:8c:4a:2f:85:98:d8:83:a8:4f:
84:15:e7:a3:14:b0:8a:d9:00:27:30:14:1d:a0:5a:
6a:d9:d5:2a:30:b7:75:75:fd:65:d3:87:9a:cd:61:
c6:ca:87:ca:36:89:35:b0:85:eb:fd:6d:bd:ce:e0:
a0:3d:73:40:75:f9:47:11:ac:af:ca:96:e8:8a:d6:
1c:ac:e6:81:66:3a:a2:12:1d:77:40:e9:eb:d5:a0:
6d:dc:f3:75:ca:e6:52:80:50:fe:c6:e9:c5:36:95:
c7:ed:9f:4d:0b:68:ff:5d:f2:af:a6:b8:d9:c1:b6:
f4:f1:c9:07:4f:34:31:45:ad:d1:1f:42:11:07:75:
12:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:1C:BF:CB:8B:BB:AE:59:E1:A0:69:BD:54:2F:05:76:E7:64:71:DD
X509v3 Authority Key Identifier:
keyid:D4:C3:B1:2C:8D:63:51:90:EC:92:84:37:BB:D6:CB:0E:8C:38:F9:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1MOxLI1jUZDskoQ3u9bLDow4-ak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/2fb593-43f5-4db7-9819-0f9d57a5d4fa/1/bRy_y4u7rlnhoGm9VC8Fdudkcd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/2fb593-43f5-4db7-9819-0f9d57a5d4fa/1/1MOxLI1jUZDskoQ3u9bLDow4-ak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.66.96.0/20
185.198.200.0/22
195.20.20.0/22
IPv6:
2a0a:8ec0::/29
Signature Algorithm: sha256WithRSAEncryption
c9:d2:f7:4f:d5:84:81:d5:32:ef:cc:f6:25:a0:c6:21:b4:17:
3d:4b:77:ed:9d:ae:5d:4d:14:82:45:f3:d5:65:7b:23:b4:ce:
03:98:a9:25:0c:4a:b2:5b:e1:d0:4b:b1:bc:79:16:57:aa:c5:
74:25:79:de:dd:ee:f6:39:ee:30:fd:df:47:f1:34:b8:85:3a:
4a:0d:b4:1c:38:ab:92:c0:35:f2:32:01:13:bb:e4:1e:10:58:
91:13:4f:84:2d:b3:f9:31:cb:83:a9:cf:b0:2f:ec:cd:09:68:
8c:1e:7f:0f:5a:91:54:ce:e4:c3:4a:ea:0a:0c:b4:47:23:bd:
df:74:d9:07:62:f7:8c:97:7e:dd:96:c7:82:6e:a3:f9:0a:77:
3e:85:eb:8f:49:65:3d:54:6d:2d:36:16:d9:f8:82:c6:10:a0:
5c:e6:48:12:09:e5:b5:b7:ba:cb:9b:74:b4:27:07:5e:20:cc:
f3:a9:b5:93:ea:cf:28:9b:71:cd:56:70:e8:97:ff:d7:61:c9:
45:ac:36:33:91:1f:40:85:7f:0c:35:fc:27:79:84:23:1a:3c:
13:de:65:1d:87:13:8d:f3:04:87:cf:ef:9c:b5:55:82:b5:aa:
38:c7:f2:f4:15:b7:ab:55:76:12:04:a3:77:1c:b8:46:52:4c:
53:60:8a:06
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZJWlcWM6RIFOcsadHjQ3OuAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0YzNiMTJjOGQ2MzUxOTBlYzkyODQzN2JiZDZjYjBlOGMz
OGY5YTkwHhcNMjQxMDA0MDgxMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDFjYmZjYjhiYmJhZTU5ZTFhMDY5YmQ1NDJmMDU3NmU3NjQ3MWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtjd05WMvwMzGgSasuWAmzoBU79wl
do45uaEMcsEw481oHWluK584Tf3QZ8j8T4rRkBeTp6RWdkZUqkv5bNYl8f1N4WpS
2qLISAylcEkT127XOFH5x4/KgAPhRrn4PkMX5s761LGjzsAnEs7sZZWfVL4D4ihA
POie+fr/7jKMSi+FmNiDqE+EFeejFLCK2QAnMBQdoFpq2dUqMLd1df1l04eazWHG
yofKNok1sIXr/W29zuCgPXNAdflHEayvypboitYcrOaBZjqiEh13QOnr1aBt3PN1
yuZSgFD+xunFNpXH7Z9NC2j/XfKvprjZwbb08ckHTzQxRa3RH0IRB3US0wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFG0cv8uLu65Z4aBpvVQvBXbnZHHdMB8GA1UdIwQY
MBaAFNTDsSyNY1GQ7JKEN7vWyw6MOPmpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU1PeExJMWpVWkRza29RM3U5YkxEb3c0LWFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8yZmI1OTMtNDNmNS00ZGI3LTk4MTkt
MGY5ZDU3YTVkNGZhLzEvYlJ5X3k0dTdybG5ob0dtOVZDOEZkdWRrY2QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8yZmI1OTMtNDNmNS00ZGI3LTk4MTktMGY5ZDU3YTVkNGZh
LzEvMU1PeExJMWpVWkRza29RM3U5YkxEb3c0LWFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQEUEJgAwQC
ucbIAwQCwxQUMA0EAgACMAcDBQMqCo7AMA0GCSqGSIb3DQEBCwUAA4IBAQDJ0vdP
1YSB1TLvzPYloMYhtBc9S3ftna5dTRSCRfPVZXsjtM4DmKklDEqyW+HQS7G8eRZX
qsV0JXne3e72Oe4w/d9H8TS4hTpKDbQcOKuSwDXyMgETu+QeEFiRE0+ELbP5McuD
qc+wL+zNCWiMHn8PWpFUzuTDSuoKDLRHI73fdNkHYveMl37dlseCbqP5Cnc+heuP
SWU9VG0tNhbZ+ILGEKBc5kgSCeW1t7rLm3S0JwdeIMzzqbWT6s8om3HNVnDol//X
YclFrDYzkR9AhX8MNfwneYQjGjwT3mUdhxON8wSHz++ctVWCtao4x/L0FberVXYS
BKN3HLhGUkxTYIoG
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:23:48 2025 by rpki-client