Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/68f637-3121-40f7-b78f-9c9f2090329a/1/hCBS3bB4vypgsBY62BpwZI7l0VI.roa
File: hCBS3bB4vypgsBY62BpwZI7l0VI.roa (raw, json)
Hash identifier: MtTn6TAwi6MVU6oCBbL4Kh340YFkVlR2we19cypKQ4s=
Subject key identifier: 84:20:52:DD:B0:78:BF:2A:60:B0:16:3A:D8:1A:70:64:8E:E5:D1:52
Certificate issuer: /CN=ea550e54e4766d5765d0f3d061df1d74da558973
Certificate serial: 018CC5DC0A792739D10904BFA646DC85FBCB
Authority key identifier: EA:55:0E:54:E4:76:6D:57:65:D0:F3:D0:61:DF:1D:74:DA:55:89:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6lUOVOR2bVdl0PPQYd8ddNpViXM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/68f637-3121-40f7-b78f-9c9f2090329a/1/hCBS3bB4vypgsBY62BpwZI7l0VI.roa
Signing time: Mon 01 Jan 2024 16:29:41 +0000
ROA not before: Mon 01 Jan 2024 16:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210422
IP address blocks: 80.68.154.0/24 maxlen: 24
2a12:9f80::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:53:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:0a:79:27:39:d1:09:04:bf:a6:46:dc:85:fb:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ea550e54e4766d5765d0f3d061df1d74da558973
Validity
Not Before: Jan 1 16:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=842052ddb078bf2a60b0163ad81a70648ee5d152
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:51:d0:11:86:31:18:0e:48:77:d7:20:2e:b5:
3d:29:54:27:38:1a:0e:c9:19:17:52:8e:9b:8a:98:
2a:b7:5b:08:3d:48:46:d3:b2:74:6c:33:8a:8f:6b:
64:4b:09:de:ba:63:a3:da:7c:91:1c:d6:58:4c:75:
ce:10:4b:71:75:c6:25:43:13:df:0c:0b:43:51:a3:
b4:58:20:bd:94:c1:06:c3:67:62:9f:f6:7f:94:f6:
c5:93:35:b2:ff:c8:b2:dd:74:17:a1:ca:8c:52:75:
48:de:0e:c4:32:7d:f1:db:c5:57:9b:d0:db:1e:0f:
eb:14:db:cb:4b:98:d0:ad:9a:52:56:be:a9:8d:16:
e4:fb:d8:df:ca:8f:9e:6e:d0:38:72:47:3a:4f:1b:
05:35:6f:02:71:59:39:ce:43:60:3e:24:1f:a9:75:
dc:a7:9f:64:17:1b:ea:a5:56:af:aa:99:87:94:3f:
80:7a:9d:d3:c7:08:13:e3:f9:40:16:37:b7:4c:65:
42:2f:ee:7f:66:c9:6b:c3:14:2b:cf:65:44:1c:e5:
fc:87:fe:7a:5b:cd:b8:4e:4a:04:35:16:0a:c3:e5:
32:1a:9b:3e:f8:4a:5e:35:be:5f:ae:9b:53:69:1c:
cc:9c:cd:ac:c8:54:d9:f0:96:94:79:37:40:d9:e9:
fd:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:20:52:DD:B0:78:BF:2A:60:B0:16:3A:D8:1A:70:64:8E:E5:D1:52
X509v3 Authority Key Identifier:
keyid:EA:55:0E:54:E4:76:6D:57:65:D0:F3:D0:61:DF:1D:74:DA:55:89:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6lUOVOR2bVdl0PPQYd8ddNpViXM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/68f637-3121-40f7-b78f-9c9f2090329a/1/hCBS3bB4vypgsBY62BpwZI7l0VI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/68f637-3121-40f7-b78f-9c9f2090329a/1/6lUOVOR2bVdl0PPQYd8ddNpViXM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.68.154.0/24
IPv6:
2a12:9f80::/29
Signature Algorithm: sha256WithRSAEncryption
63:98:f9:88:c2:9c:78:d7:51:8a:56:e3:4e:f4:56:58:3a:75:
b3:61:9e:87:2b:8a:9f:22:bb:5f:9c:49:b2:9d:06:f6:e9:40:
56:43:16:ce:dc:ea:6a:fd:25:7e:ba:a1:59:47:0f:bf:12:1a:
01:43:32:e3:51:84:54:20:a4:94:69:05:e2:b9:4d:92:e8:25:
85:3e:05:7f:04:72:8b:49:8f:24:0c:7c:24:22:f6:46:63:86:
57:a2:51:ab:60:55:c8:0d:07:5d:0e:b0:91:0f:71:76:a5:52:
e5:99:27:dd:c2:76:02:79:fc:d9:e3:97:09:24:f9:26:0e:14:
2a:a7:9e:35:ea:d2:75:45:40:fd:a1:1b:db:93:e0:29:7b:13:
8e:2d:29:ec:e9:0c:23:db:5e:85:6b:77:75:7b:8b:d6:4a:02:
3a:0a:f9:e2:a3:e1:ac:53:95:c3:90:62:c9:29:e3:57:30:25:
cb:71:7b:91:76:50:70:ea:3d:59:d4:73:4d:fe:d0:30:08:80:
63:05:fa:53:5c:25:15:ec:2d:fa:4d:b3:02:28:82:bc:bb:11:
43:c2:5d:4e:f2:ba:6b:f9:6c:89:9b:09:25:37:96:03:e1:c1:
40:8b:39:77:3e:61:ed:7b:4f:ae:c8:da:81:7e:45:80:08:e2:
9c:83:60:f1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzF3Ap5JznRCQS/pkbchfvLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhNTUwZTU0ZTQ3NjZkNTc2NWQwZjNkMDYxZGYxZDc0ZGE1
NTg5NzMwHhcNMjQwMTAxMTYyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDIwNTJkZGIwNzhiZjJhNjBiMDE2M2FkODFhNzA2NDhlZTVkMTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg1HQEYYxGA5Id9cgLrU9KVQnOBoO
yRkXUo6bipgqt1sIPUhG07J0bDOKj2tkSwneumOj2nyRHNZYTHXOEEtxdcYlQxPf
DAtDUaO0WCC9lMEGw2din/Z/lPbFkzWy/8iy3XQXocqMUnVI3g7EMn3x28VXm9Db
Hg/rFNvLS5jQrZpSVr6pjRbk+9jfyo+ebtA4ckc6TxsFNW8CcVk5zkNgPiQfqXXc
p59kFxvqpVavqpmHlD+Aep3TxwgT4/lAFje3TGVCL+5/ZslrwxQrz2VEHOX8h/56
W824TkoENRYKw+UyGps++EpeNb5frptTaRzMnM2syFTZ8JaUeTdA2en9bQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIQgUt2weL8qYLAWOtgacGSO5dFSMB8GA1UdIwQY
MBaAFOpVDlTkdm1XZdDz0GHfHXTaVYlzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmxVT1ZPUjJiVmRsMFBQUVlkOGRkTnBWaVhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC82OGY2MzctMzEyMS00MGY3LWI3OGYt
OWM5ZjIwOTAzMjlhLzEvaENCUzNiQjR2eXBnc0JZNjJCcHdaSTdsMFZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC82OGY2MzctMzEyMS00MGY3LWI3OGYtOWM5ZjIwOTAzMjlh
LzEvNmxVT1ZPUjJiVmRsMFBQUVlkOGRkTnBWaVhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAUESaMA0E
AgACMAcDBQMqEp+AMA0GCSqGSIb3DQEBCwUAA4IBAQBjmPmIwpx411GKVuNO9FZY
OnWzYZ6HK4qfIrtfnEmynQb26UBWQxbO3Opq/SV+uqFZRw+/EhoBQzLjUYRUIKSU
aQXiuU2S6CWFPgV/BHKLSY8kDHwkIvZGY4ZXolGrYFXIDQddDrCRD3F2pVLlmSfd
wnYCefzZ45cJJPkmDhQqp5416tJ1RUD9oRvbk+ApexOOLSns6Qwj216Fa3d1e4vW
SgI6Cvnio+GsU5XDkGLJKeNXMCXLcXuRdlBw6j1Z1HNN/tAwCIBjBfpTXCUV7C36
TbMCKIK8uxFDwl1O8rpr+WyJmwklN5YD4cFAizl3PmHte0+uyNqBfkWACOKcg2Dx
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:55:51 2025 by rpki-client