Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/566fb3-a641-4d19-a58e-640e075bf87f/1/cvsbTNgp3CJUwodsSCaTqtk1HdQ.roa
File: cvsbTNgp3CJUwodsSCaTqtk1HdQ.roa (raw, json)
Hash identifier: zDpKY9Cox/5hRrVav5Pwb7+zfTAL3l8P2klQscXjigs=
Subject key identifier: 72:FB:1B:4C:D8:29:DC:22:54:C2:87:6C:48:26:93:AA:D9:35:1D:D4
Certificate issuer: /CN=14446466c71d24658c8b6f7eae5305febd17a4ba
Certificate serial: 018806651C97DF6F54A799A34B878304DCBA
Authority key identifier: 14:44:64:66:C7:1D:24:65:8C:8B:6F:7E:AE:53:05:FE:BD:17:A4:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FERkZscdJGWMi29-rlMF_r0XpLo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/566fb3-a641-4d19-a58e-640e075bf87f/1/cvsbTNgp3CJUwodsSCaTqtk1HdQ.roa
Signing time: Wed 10 May 2023 16:01:09 +0000
ROA not before: Wed 10 May 2023 16:01:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35704
IP address blocks: 80.245.144.0/20 maxlen: 20
80.245.145.0/24 maxlen: 24
80.245.144.0/22 maxlen: 22
80.245.152.0/21 maxlen: 21
80.245.148.0/22 maxlen: 22
80.245.147.0/24 maxlen: 24
80.245.146.0/24 maxlen: 24
80.245.156.0/24 maxlen: 24
80.245.159.0/24 maxlen: 24
2a09:1480::/29 maxlen: 29
2a09:1480:100::/40 maxlen: 40
2a09:1480::/40 maxlen: 40
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:06:65:1c:97:df:6f:54:a7:99:a3:4b:87:83:04:dc:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=14446466c71d24658c8b6f7eae5305febd17a4ba
Validity
Not Before: May 10 16:01:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=72fb1b4cd829dc2254c2876c482693aad9351dd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:24:f9:1d:d0:a1:29:f5:c9:0f:0f:be:64:a4:
9b:fb:11:5c:0b:a8:e6:4f:0d:6a:3f:47:e0:53:75:
ec:3e:eb:d0:d9:0c:7c:55:0e:8c:d5:30:5d:21:6c:
4c:37:32:56:ca:88:98:3d:f3:c6:45:b8:79:29:ff:
d4:ad:f7:ec:71:b7:5a:72:c3:18:19:d5:cf:72:20:
04:47:92:f0:99:e5:e1:e1:44:4b:76:47:d9:ff:8e:
e2:18:d6:db:30:c4:69:b1:1d:7d:ad:a7:e4:2d:f3:
16:04:1e:f7:f0:63:97:23:5c:38:24:13:00:77:fa:
bc:69:09:10:ea:ac:35:0e:92:83:45:12:02:3a:e7:
13:00:42:0a:c3:5f:13:1f:33:a1:5e:ab:af:31:13:
e9:e5:1b:71:8d:90:21:13:12:91:f8:7a:09:9d:2b:
9c:36:19:ea:8a:9c:13:1a:99:41:e8:3c:5c:26:2f:
cc:fd:16:cc:bb:90:a8:b0:1a:19:e3:52:8d:48:88:
3c:71:69:a4:8d:e2:c4:15:db:4d:33:b2:a7:48:07:
b3:cc:00:81:a8:ad:ed:2a:76:d5:f9:45:b8:ef:2e:
12:70:c5:48:6e:e0:7b:65:dd:53:42:83:03:e8:6f:
e3:51:ac:cb:54:56:2b:ba:17:c5:64:26:ff:92:e9:
7e:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:FB:1B:4C:D8:29:DC:22:54:C2:87:6C:48:26:93:AA:D9:35:1D:D4
X509v3 Authority Key Identifier:
keyid:14:44:64:66:C7:1D:24:65:8C:8B:6F:7E:AE:53:05:FE:BD:17:A4:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FERkZscdJGWMi29-rlMF_r0XpLo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/566fb3-a641-4d19-a58e-640e075bf87f/1/cvsbTNgp3CJUwodsSCaTqtk1HdQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/566fb3-a641-4d19-a58e-640e075bf87f/1/FERkZscdJGWMi29-rlMF_r0XpLo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.245.144.0/20
IPv6:
2a09:1480::/29
Signature Algorithm: sha256WithRSAEncryption
87:91:5e:50:e8:98:16:42:2f:1a:97:47:a5:89:e0:eb:1d:4e:
8e:14:e3:67:be:17:84:3c:40:ea:18:0e:ce:2c:b4:ce:4b:a6:
4c:db:41:95:1d:00:68:fb:d8:a2:c0:3b:e5:dc:48:57:66:0f:
3c:87:e3:17:57:d3:fa:e9:7f:54:14:da:5e:04:37:46:41:95:
28:89:d0:e7:56:a8:f7:3d:b5:94:7c:27:92:f6:15:6e:a9:54:
aa:6c:d9:08:56:85:a0:3a:15:ac:95:5b:43:4d:6e:07:09:ce:
7c:28:fc:ac:37:78:76:7e:0b:7a:18:fa:30:76:cc:da:f7:a3:
21:a5:45:b9:c5:a6:1a:25:8b:60:62:1d:ad:56:5e:12:aa:f9:
d9:8d:b0:e7:23:7c:48:92:94:de:3e:b1:19:cb:a7:98:d8:af:
bc:05:57:d4:3d:cb:ef:ab:38:35:52:60:48:79:68:56:9c:f9:
1f:0b:0f:fc:cc:61:ed:9e:95:ee:cb:fd:c1:2a:99:3c:e0:08:
99:eb:1e:37:7f:bd:ef:97:2b:b9:9f:f8:66:5d:34:48:25:aa:
ef:6f:89:67:b6:b2:7e:3d:ca:e5:52:db:aa:f1:59:68:4f:20:
8a:b2:2c:0f:c8:46:1c:9f:63:ea:a8:e5:63:09:ed:2f:cd:a4:
2c:b1:4f:6f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYgGZRyX329Up5mjS4eDBNy6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0NDQ2NDY2YzcxZDI0NjU4YzhiNmY3ZWFlNTMwNWZlYmQx
N2E0YmEwHhcNMjMwNTEwMTYwMTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmZiMWI0Y2Q4MjlkYzIyNTRjMjg3NmM0ODI2OTNhYWQ5MzUxZGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuyT5HdChKfXJDw++ZKSb+xFcC6jm
Tw1qP0fgU3XsPuvQ2Qx8VQ6M1TBdIWxMNzJWyoiYPfPGRbh5Kf/UrffscbdacsMY
GdXPciAER5LwmeXh4URLdkfZ/47iGNbbMMRpsR19rafkLfMWBB738GOXI1w4JBMA
d/q8aQkQ6qw1DpKDRRICOucTAEIKw18THzOhXquvMRPp5RtxjZAhExKR+HoJnSuc
NhnqipwTGplB6DxcJi/M/RbMu5CosBoZ41KNSIg8cWmkjeLEFdtNM7KnSAezzACB
qK3tKnbV+UW47y4ScMVIbuB7Zd1TQoMD6G/jUazLVFYruhfFZCb/kul+NwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHL7G0zYKdwiVMKHbEgmk6rZNR3UMB8GA1UdIwQY
MBaAFBREZGbHHSRljItvfq5TBf69F6S6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkVSa1pzY2RKR1dNaTI5LXJsTUZfcjBYcExvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC81NjZmYjMtYTY0MS00ZDE5LWE1OGUt
NjQwZTA3NWJmODdmLzEvY3ZzYlROZ3AzQ0pVd29kc1NDYVRxdGsxSGRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC81NjZmYjMtYTY0MS00ZDE5LWE1OGUtNjQwZTA3NWJmODdm
LzEvRkVSa1pzY2RKR1dNaTI5LXJsTUZfcjBYcExvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQEUPWQMA0E
AgACMAcDBQMqCRSAMA0GCSqGSIb3DQEBCwUAA4IBAQCHkV5Q6JgWQi8al0elieDr
HU6OFONnvheEPEDqGA7OLLTOS6ZM20GVHQBo+9iiwDvl3EhXZg88h+MXV9P66X9U
FNpeBDdGQZUoidDnVqj3PbWUfCeS9hVuqVSqbNkIVoWgOhWslVtDTW4HCc58KPys
N3h2fgt6GPowdsza96MhpUW5xaYaJYtgYh2tVl4SqvnZjbDnI3xIkpTePrEZy6eY
2K+8BVfUPcvvqzg1UmBIeWhWnPkfCw/8zGHtnpXuy/3BKpk84AiZ6x43f73vlyu5
n/hmXTRIJarvb4lntrJ+PcrlUtuq8VloTyCKsiwPyEYcn2PqqOVjCe0vzaQssU9v
-----END CERTIFICATE-----
Generated at Mon Jan 1 03:23:07 2024 by rpki-client on console-fra.rpki-client.org