Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/2fb593-43f5-4db7-9819-0f9d57a5d4fa/1/go-bz8Jo8BU-aKmMhShtL-DxhWs.roa
File: go-bz8Jo8BU-aKmMhShtL-DxhWs.roa (raw, json)
Hash identifier: qvypjDlDi2G91jjzAsrem7y5F520Ao3IyuhzXii2kt4=
Subject key identifier: 82:8F:9B:CF:C2:68:F0:15:3E:68:A9:8C:85:28:6D:2F:E0:F1:85:6B
Certificate issuer: /CN=d4c3b12c8d635190ec928437bbd6cb0e8c38f9a9
Certificate serial: 018F85F56BEF602F9C76698FBEC99605C7BC
Authority key identifier: D4:C3:B1:2C:8D:63:51:90:EC:92:84:37:BB:D6:CB:0E:8C:38:F9:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1MOxLI1jUZDskoQ3u9bLDow4-ak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/2fb593-43f5-4db7-9819-0f9d57a5d4fa/1/go-bz8Jo8BU-aKmMhShtL-DxhWs.roa
Signing time: Fri 17 May 2024 09:50:04 +0000
ROA not before: Fri 17 May 2024 09:50:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48918
IP address blocks: 80.66.96.0/20 maxlen: 20
80.66.96.0/23 maxlen: 23
80.66.98.0/24 maxlen: 24
80.66.101.0/24 maxlen: 24
80.66.102.0/24 maxlen: 24
80.66.104.0/23 maxlen: 23
80.66.107.0/24 maxlen: 24
80.66.110.0/24 maxlen: 24
185.198.200.0/22 maxlen: 24
195.20.20.0/22 maxlen: 24
2a02:340::/32 maxlen: 32
2a0a:8ec0::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 04 Oct 2024 08:11:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:85:f5:6b:ef:60:2f:9c:76:69:8f:be:c9:96:05:c7:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4c3b12c8d635190ec928437bbd6cb0e8c38f9a9
Validity
Not Before: May 17 09:50:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=828f9bcfc268f0153e68a98c85286d2fe0f1856b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:e6:ba:cb:a9:8f:47:e3:40:d6:cf:40:bb:1e:
c8:b5:0e:ee:7f:b6:b7:da:08:0a:f5:ed:0e:21:2b:
b6:c4:2c:2b:71:ad:ff:38:26:16:b1:06:25:93:c7:
53:09:de:c0:32:d4:77:e1:0c:7a:03:78:67:bd:4e:
24:da:76:fe:21:f1:93:b4:9c:e5:f2:41:2b:d7:08:
a2:93:4b:9a:24:3b:9c:71:1c:a6:11:c8:4c:c6:15:
d6:b0:9a:af:3e:57:c6:36:7a:f5:ab:35:ec:8d:d0:
a0:fe:eb:18:7a:db:96:43:aa:6f:78:05:f9:07:f5:
f3:49:a7:4f:95:8b:f3:64:54:44:fe:29:a9:e8:b2:
3a:09:ad:14:c9:3a:9f:81:39:9f:fd:bd:99:29:4f:
f8:35:08:a3:63:96:aa:99:52:ef:1f:94:ad:08:9d:
16:fb:d2:bd:22:00:44:b1:57:d1:e9:b7:bc:09:46:
ed:a9:45:8c:b4:87:12:d2:a2:4d:29:b7:a6:94:28:
c4:74:71:e8:c9:d9:eb:17:9b:db:63:2b:a7:64:45:
67:71:9e:30:29:7e:66:6c:68:48:1d:d7:ce:7e:64:
72:ad:00:c1:60:63:a2:ab:3a:d6:b3:27:92:e1:6a:
6c:2a:c2:27:eb:67:87:34:7a:a3:60:b5:d6:d9:da:
c4:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:8F:9B:CF:C2:68:F0:15:3E:68:A9:8C:85:28:6D:2F:E0:F1:85:6B
X509v3 Authority Key Identifier:
keyid:D4:C3:B1:2C:8D:63:51:90:EC:92:84:37:BB:D6:CB:0E:8C:38:F9:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1MOxLI1jUZDskoQ3u9bLDow4-ak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/2fb593-43f5-4db7-9819-0f9d57a5d4fa/1/go-bz8Jo8BU-aKmMhShtL-DxhWs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/2fb593-43f5-4db7-9819-0f9d57a5d4fa/1/1MOxLI1jUZDskoQ3u9bLDow4-ak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.66.96.0/20
185.198.200.0/22
195.20.20.0/22
IPv6:
2a02:340::/32
2a0a:8ec0::/29
Signature Algorithm: sha256WithRSAEncryption
50:61:48:2e:f3:bf:77:f2:1b:15:cb:1f:e6:2d:43:af:ac:4e:
b8:1d:03:85:f2:c6:25:51:8e:28:fe:2c:77:f4:b3:05:fc:69:
07:55:12:dc:d7:e7:7c:23:c0:b7:9d:03:03:12:b9:d0:db:5b:
a8:b3:7d:a2:3c:bc:0f:9d:18:98:cd:fc:6d:04:9b:ca:a8:42:
ed:73:84:dc:d4:80:e7:98:40:0e:5f:d5:a0:54:b0:6f:c5:19:
a4:31:0f:73:6f:ce:c4:34:50:26:ee:3c:ec:fb:8a:f8:40:a2:
61:11:e4:1e:90:43:b6:a7:a6:19:3c:67:0d:e9:06:c0:c6:cf:
ee:d1:f6:28:a7:ce:42:1a:0e:a8:47:f5:b4:89:d1:23:0a:4f:
ab:ca:ac:94:c4:00:c3:9e:92:d0:72:26:53:9c:24:30:64:d6:
91:88:ca:a5:a1:fe:46:64:75:a9:7a:bd:d1:25:4d:48:96:1a:
9e:00:f2:b5:15:67:fa:27:6c:43:ff:f6:9a:92:e7:d4:a7:e6:
f1:8a:b7:f1:b1:c3:08:91:48:c7:2a:5b:05:27:fe:b2:b4:ae:
44:e7:95:29:df:76:dd:ef:29:d0:f7:11:03:c7:13:be:de:d6:
ec:4e:63:24:dd:48:ad:15:fb:a0:e3:61:bd:e3:2d:21:a3:51:
50:50:05:36
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAY+F9WvvYC+cdmmPvsmWBce8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0YzNiMTJjOGQ2MzUxOTBlYzkyODQzN2JiZDZjYjBlOGMz
OGY5YTkwHhcNMjQwNTE3MDk1MDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjhmOWJjZmMyNjhmMDE1M2U2OGE5OGM4NTI4NmQyZmUwZjE4NTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvua6y6mPR+NA1s9Aux7ItQ7uf7a3
2ggK9e0OISu2xCwrca3/OCYWsQYlk8dTCd7AMtR34Qx6A3hnvU4k2nb+IfGTtJzl
8kEr1wiik0uaJDuccRymEchMxhXWsJqvPlfGNnr1qzXsjdCg/usYetuWQ6pveAX5
B/XzSadPlYvzZFRE/imp6LI6Ca0UyTqfgTmf/b2ZKU/4NQijY5aqmVLvH5StCJ0W
+9K9IgBEsVfR6be8CUbtqUWMtIcS0qJNKbemlCjEdHHoydnrF5vbYyunZEVncZ4w
KX5mbGhIHdfOfmRyrQDBYGOiqzrWsyeS4WpsKsIn62eHNHqjYLXW2drE3QIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFIKPm8/CaPAVPmipjIUobS/g8YVrMB8GA1UdIwQY
MBaAFNTDsSyNY1GQ7JKEN7vWyw6MOPmpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU1PeExJMWpVWkRza29RM3U5YkxEb3c0LWFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8yZmI1OTMtNDNmNS00ZGI3LTk4MTkt
MGY5ZDU3YTVkNGZhLzEvZ28tYno4Sm84QlUtYUttTWhTaHRMLUR4aFdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8yZmI1OTMtNDNmNS00ZGI3LTk4MTktMGY5ZDU3YTVkNGZh
LzEvMU1PeExJMWpVWkRza29RM3U5YkxEb3c0LWFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQEUEJgAwQC
ucbIAwQCwxQUMBQEAgACMA4DBQAqAgNAAwUDKgqOwDANBgkqhkiG9w0BAQsFAAOC
AQEAUGFILvO/d/IbFcsf5i1Dr6xOuB0DhfLGJVGOKP4sd/SzBfxpB1US3NfnfCPA
t50DAxK50NtbqLN9ojy8D50YmM38bQSbyqhC7XOE3NSA55hADl/VoFSwb8UZpDEP
c2/OxDRQJu487PuK+ECiYRHkHpBDtqemGTxnDekGwMbP7tH2KKfOQhoOqEf1tInR
IwpPq8qslMQAw56S0HImU5wkMGTWkYjKpaH+RmR1qXq90SVNSJYangDytRVn+ids
Q//2mpLn1Kfm8Yq38bHDCJFIxypbBSf+srSuROeVKd923e8p0PcRA8cTvt7W7E5j
JN1IrRX7oONhveMtIaNRUFAFNg==
-----END CERTIFICATE-----
Generated at Fri Oct 4 10:23:20 2024 by rpki-client on console-ams.rpki-client.org