Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/227d14-d751-4573-9919-fec8a80ed233/1/opiD93qzk2Q-OqehRvFyjS6PMnI.roa
File: opiD93qzk2Q-OqehRvFyjS6PMnI.roa (raw, json)
Hash identifier: Eb/Ejpg7gVRGfd51XR4PgKtBSnWCDJrInm87AzDIxN8=
Subject key identifier: A2:98:83:F7:7A:B3:93:64:3E:3A:A7:A1:46:F1:72:8D:2E:8F:32:72
Certificate issuer: /CN=a23224c5017d34ecdc28d0cf36442d65bef9e0a0
Certificate serial: 0193EAF1427BCB5189172E388882C9032CA1
Authority key identifier: A2:32:24:C5:01:7D:34:EC:DC:28:D0:CF:36:44:2D:65:BE:F9:E0:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ojIkxQF9NOzcKNDPNkQtZb754KA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/227d14-d751-4573-9919-fec8a80ed233/1/opiD93qzk2Q-OqehRvFyjS6PMnI.roa
Signing time: Sat 21 Dec 2024 20:38:19 +0000
ROA not before: Sat 21 Dec 2024 20:38:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200287
IP address blocks: 80.243.232.0/22 maxlen: 24
80.243.232.0/24 maxlen: 24
80.243.233.0/24 maxlen: 24
80.243.234.0/24 maxlen: 24
80.243.235.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:49:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ea:f1:42:7b:cb:51:89:17:2e:38:88:82:c9:03:2c:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a23224c5017d34ecdc28d0cf36442d65bef9e0a0
Validity
Not Before: Dec 21 20:38:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a29883f77ab393643e3aa7a146f1728d2e8f3272
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:25:e2:ca:0e:e3:da:e6:60:ea:0b:c4:bd:66:
5f:d6:0b:b3:90:ed:57:c2:78:7b:b5:2b:b2:44:3a:
13:84:ea:d6:60:89:7d:e3:98:f5:fd:af:42:27:e8:
5b:96:9c:18:58:d0:26:88:23:c9:fd:c4:1c:8d:70:
05:95:41:32:4c:c9:53:04:a5:39:06:f0:72:e5:be:
f4:57:c7:71:00:fd:54:75:e3:69:0d:cb:37:41:10:
9c:4f:9b:be:e7:7a:4e:b3:99:0c:53:f4:33:9c:68:
4d:d1:bf:a2:87:b1:f6:fe:a2:83:f1:7d:4e:c5:91:
31:1c:e2:99:86:4f:39:44:83:3d:e9:65:31:86:03:
bf:de:1d:21:8b:db:cb:43:70:55:cb:33:6f:b1:cf:
79:73:2e:21:8d:98:03:be:aa:13:45:1d:a8:52:02:
23:20:b2:c6:1f:35:15:87:da:a4:15:01:09:e1:d5:
88:66:6f:a9:ce:c9:b0:fd:dc:d8:db:e7:44:01:38:
7b:cd:cd:15:ff:4c:c0:48:cc:8f:a2:46:c1:c9:57:
03:db:ff:94:0e:ef:6d:71:7a:8a:e2:60:ef:12:dc:
83:0b:9b:d5:bf:f9:26:f3:48:12:30:90:87:ed:c9:
f2:08:8b:a1:7f:8b:45:15:05:df:81:0c:5b:5e:cd:
c8:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:98:83:F7:7A:B3:93:64:3E:3A:A7:A1:46:F1:72:8D:2E:8F:32:72
X509v3 Authority Key Identifier:
keyid:A2:32:24:C5:01:7D:34:EC:DC:28:D0:CF:36:44:2D:65:BE:F9:E0:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ojIkxQF9NOzcKNDPNkQtZb754KA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/227d14-d751-4573-9919-fec8a80ed233/1/opiD93qzk2Q-OqehRvFyjS6PMnI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/227d14-d751-4573-9919-fec8a80ed233/1/ojIkxQF9NOzcKNDPNkQtZb754KA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.243.232.0/22
Signature Algorithm: sha256WithRSAEncryption
89:a5:4c:e6:26:44:29:5b:33:3f:dd:ff:c9:ca:1d:df:cd:7e:
44:8f:df:aa:e3:b0:df:5c:3d:a2:87:4f:2e:45:c4:1a:5f:ef:
83:b7:40:8c:d2:40:c1:23:fc:c8:d6:f4:34:e9:c8:89:6b:1c:
70:08:6b:bd:15:5a:63:47:94:9c:89:8d:d0:ad:73:16:d4:be:
c1:11:0a:10:f0:5e:35:62:e3:a3:bb:1f:b8:fc:6e:ab:27:76:
4d:14:09:58:09:ea:ea:0f:61:14:cb:ce:2c:7a:9b:af:a1:e6:
8a:4f:d6:f1:57:80:74:44:74:e0:f6:30:90:89:37:8c:d0:a9:
db:e9:1c:bf:1b:ea:56:06:b6:cb:39:46:84:5a:95:c5:d3:21:
19:3f:88:32:b4:7d:2c:fd:d7:a0:35:55:29:9e:c0:18:36:cd:
36:e2:26:42:08:c5:ae:73:95:5b:ca:0e:1e:ef:79:62:22:af:
e6:21:ce:9e:62:3d:2c:ab:97:8f:23:e9:14:ae:79:5a:f8:73:
06:93:90:2d:d9:ae:64:21:4c:be:5f:f0:13:e7:a0:6b:0a:b8:
b7:36:3b:ec:f2:0b:8d:6d:e7:cd:b0:c6:09:c9:4f:4d:c7:ef:
f7:44:17:1c:2d:d4:05:f5:37:b1:73:a2:e7:4e:f5:e2:a3:22:
01:44:20:19
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZPq8UJ7y1GJFy44iILJAyyhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMzIyNGM1MDE3ZDM0ZWNkYzI4ZDBjZjM2NDQyZDY1YmVm
OWUwYTAwHhcNMjQxMjIxMjAzODE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjk4ODNmNzdhYjM5MzY0M2UzYWE3YTE0NmYxNzI4ZDJlOGYzMjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2iXiyg7j2uZg6gvEvWZf1guzkO1X
wnh7tSuyRDoThOrWYIl945j1/a9CJ+hblpwYWNAmiCPJ/cQcjXAFlUEyTMlTBKU5
BvBy5b70V8dxAP1UdeNpDcs3QRCcT5u+53pOs5kMU/QznGhN0b+ih7H2/qKD8X1O
xZExHOKZhk85RIM96WUxhgO/3h0hi9vLQ3BVyzNvsc95cy4hjZgDvqoTRR2oUgIj
ILLGHzUVh9qkFQEJ4dWIZm+pzsmw/dzY2+dEATh7zc0V/0zASMyPokbByVcD2/+U
Du9tcXqK4mDvEtyDC5vVv/km80gSMJCH7cnyCIuhf4tFFQXfgQxbXs3IpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKKYg/d6s5NkPjqnoUbxco0ujzJyMB8GA1UdIwQY
MBaAFKIyJMUBfTTs3CjQzzZELWW++eCgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2pJa3hRRjlOT3pjS05EUE5rUXRaYjc1NEtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi8yMjdkMTQtZDc1MS00NTczLTk5MTkt
ZmVjOGE4MGVkMjMzLzEvb3BpRDkzcXprMlEtT3FlaFJ2RnlqUzZQTW5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi8yMjdkMTQtZDc1MS00NTczLTk5MTktZmVjOGE4MGVkMjMz
LzEvb2pJa3hRRjlOT3pjS05EUE5rUXRaYjc1NEtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCUPPoMA0G
CSqGSIb3DQEBCwUAA4IBAQCJpUzmJkQpWzM/3f/Jyh3fzX5Ej9+q47DfXD2ih08u
RcQaX++Dt0CM0kDBI/zI1vQ06ciJaxxwCGu9FVpjR5SciY3QrXMW1L7BEQoQ8F41
YuOjux+4/G6rJ3ZNFAlYCerqD2EUy84sepuvoeaKT9bxV4B0RHTg9jCQiTeM0Knb
6Ry/G+pWBrbLOUaEWpXF0yEZP4gytH0s/degNVUpnsAYNs024iZCCMWuc5Vbyg4e
73liIq/mIc6eYj0sq5ePI+kUrnla+HMGk5At2a5kIUy+X/AT56BrCri3Njvs8guN
befNsMYJyU9Nx+/3RBccLdQF9Texc6LnTvXioyIBRCAZ
-----END CERTIFICATE-----
Generated at Tue Apr 22 11:50:27 2025 by rpki-client