Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/ace373-b81b-400c-845c-9628f5266542/1/ex7g0KT0fSeQKC92H_WbY5oHFYA.roa
File: ex7g0KT0fSeQKC92H_WbY5oHFYA.roa (raw, json)
Hash identifier: G4RTOyAsnaF5NJUXLTHp4BTennFVPNy1x2Pi4S6wHV8=
Subject key identifier: 7B:1E:E0:D0:A4:F4:7D:27:90:28:2F:76:1F:F5:9B:63:9A:07:15:80
Certificate issuer: /CN=bd4e6edd26ef1b16d848e98130e6fc4450b32752
Certificate serial: 018CC94CBA77BABC1A0AF830A860BA5C0740
Authority key identifier: BD:4E:6E:DD:26:EF:1B:16:D8:48:E9:81:30:E6:FC:44:50:B3:27:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vU5u3SbvGxbYSOmBMOb8RFCzJ1I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/ace373-b81b-400c-845c-9628f5266542/1/ex7g0KT0fSeQKC92H_WbY5oHFYA.roa
Signing time: Tue 02 Jan 2024 08:31:38 +0000
ROA not before: Tue 02 Jan 2024 08:31:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35074
IP address blocks: 80.89.176.0/24 maxlen: 24
80.89.177.0/24 maxlen: 24
80.89.178.0/24 maxlen: 24
80.89.179.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4c:ba:77:ba:bc:1a:0a:f8:30:a8:60:ba:5c:07:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd4e6edd26ef1b16d848e98130e6fc4450b32752
Validity
Not Before: Jan 2 08:31:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7b1ee0d0a4f47d2790282f761ff59b639a071580
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:cc:f0:10:41:2b:64:8f:1c:c1:bd:50:17:4e:
8a:20:b5:9f:09:1e:35:52:a4:20:63:f7:59:10:0e:
87:88:5d:be:e3:0b:c4:c6:0f:2a:0e:cf:6a:53:a5:
42:61:96:34:43:55:33:2c:3f:95:5d:b5:9b:e4:97:
e0:f6:3e:59:08:c3:1f:5a:44:25:76:54:34:65:35:
74:c4:27:c6:6c:ad:22:4f:6a:e4:f7:db:c7:31:11:
d2:a8:64:5f:22:ef:c4:14:99:d6:03:6a:5e:a6:b0:
60:2f:6e:8c:16:5e:4d:e4:24:53:8d:7a:db:c1:17:
81:b0:8a:4c:e9:c2:f4:2e:91:24:79:72:f7:03:36:
c4:70:72:d7:b8:cd:d2:c4:c2:57:7e:71:97:5e:24:
cd:87:be:0e:3b:cb:7f:9e:84:58:24:5d:86:09:7f:
ed:0f:7b:bf:aa:25:cb:1a:ca:59:f1:40:28:88:32:
0c:74:47:4e:08:93:19:c7:69:5a:ba:f0:30:40:0d:
86:a4:e4:2b:7e:0c:cc:64:3b:9d:03:e2:2f:d1:a2:
12:8f:89:0d:79:f2:b3:be:bf:67:ff:18:1d:cf:5b:
ea:18:d4:24:cb:0c:ea:63:ed:79:cb:cf:54:3c:f3:
93:77:0b:79:1a:53:e6:eb:1f:02:7d:61:ed:59:cf:
f1:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:1E:E0:D0:A4:F4:7D:27:90:28:2F:76:1F:F5:9B:63:9A:07:15:80
X509v3 Authority Key Identifier:
keyid:BD:4E:6E:DD:26:EF:1B:16:D8:48:E9:81:30:E6:FC:44:50:B3:27:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vU5u3SbvGxbYSOmBMOb8RFCzJ1I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/ace373-b81b-400c-845c-9628f5266542/1/ex7g0KT0fSeQKC92H_WbY5oHFYA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/ace373-b81b-400c-845c-9628f5266542/1/vU5u3SbvGxbYSOmBMOb8RFCzJ1I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.89.176.0/22
Signature Algorithm: sha256WithRSAEncryption
67:68:27:de:93:1d:b2:54:6f:15:c1:2b:cc:30:2a:83:51:d4:
a3:7e:6e:2f:3d:bf:dd:d0:4b:1e:e5:df:4a:e7:93:12:fa:f9:
8f:17:82:c0:3b:28:7a:fe:8c:40:3b:17:db:13:36:24:e3:0c:
d5:78:1b:04:7e:0f:98:cc:af:84:4a:88:be:bc:47:3b:39:3d:
c9:9e:f1:41:dc:21:5f:49:ce:7d:db:12:90:2f:3b:d4:7c:01:
90:48:2e:d8:ed:f1:27:9b:af:85:ec:19:fa:3c:78:b4:b8:90:
42:1b:5c:d0:92:b5:7c:76:f2:3c:25:6a:27:bb:11:d0:99:7d:
28:b7:03:05:cb:5c:2f:7a:1f:19:ad:ae:fa:be:e6:33:32:3a:
84:c7:99:42:35:ea:1c:44:d8:7e:4e:7a:71:3c:82:a6:9d:07:
95:0f:64:e5:49:e4:1a:7c:31:61:ce:37:0b:30:d4:81:39:48:
84:95:33:bf:51:73:70:6c:56:70:19:1b:5c:e6:a6:14:ab:31:
a1:1d:0a:42:df:4f:34:a4:12:94:e3:f0:f6:8e:81:20:ce:5f:
26:0c:bb:e6:15:04:ce:49:bc:b7:3b:44:b6:6d:de:77:5e:7f:
48:2e:d8:d9:e2:6b:16:1b:dc:e0:57:ce:21:8d:00:64:0c:3e:
d5:ac:68:df
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTLp3urwaCvgwqGC6XAdAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkNGU2ZWRkMjZlZjFiMTZkODQ4ZTk4MTMwZTZmYzQ0NTBi
MzI3NTIwHhcNMjQwMTAyMDgzMTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjFlZTBkMGE0ZjQ3ZDI3OTAyODJmNzYxZmY1OWI2MzlhMDcxNTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMzwEEErZI8cwb1QF06KILWfCR41
UqQgY/dZEA6HiF2+4wvExg8qDs9qU6VCYZY0Q1UzLD+VXbWb5Jfg9j5ZCMMfWkQl
dlQ0ZTV0xCfGbK0iT2rk99vHMRHSqGRfIu/EFJnWA2peprBgL26MFl5N5CRTjXrb
wReBsIpM6cL0LpEkeXL3AzbEcHLXuM3SxMJXfnGXXiTNh74OO8t/noRYJF2GCX/t
D3u/qiXLGspZ8UAoiDIMdEdOCJMZx2lauvAwQA2GpOQrfgzMZDudA+Iv0aISj4kN
efKzvr9n/xgdz1vqGNQkywzqY+15y89UPPOTdwt5GlPm6x8CfWHtWc/xAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHse4NCk9H0nkCgvdh/1m2OaBxWAMB8GA1UdIwQY
MBaAFL1Obt0m7xsW2EjpgTDm/ERQsydSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlU1dTNTYnZHeGJZU09tQk1PYjhSRkN6SjFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9hY2UzNzMtYjgxYi00MDBjLTg0NWMt
OTYyOGY1MjY2NTQyLzEvZXg3ZzBLVDBmU2VRS0M5MkhfV2JZNW9IRllBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy9hY2UzNzMtYjgxYi00MDBjLTg0NWMtOTYyOGY1MjY2NTQy
LzEvdlU1dTNTYnZHeGJZU09tQk1PYjhSRkN6SjFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCUFmwMA0G
CSqGSIb3DQEBCwUAA4IBAQBnaCfekx2yVG8VwSvMMCqDUdSjfm4vPb/d0Ese5d9K
55MS+vmPF4LAOyh6/oxAOxfbEzYk4wzVeBsEfg+YzK+ESoi+vEc7OT3JnvFB3CFf
Sc592xKQLzvUfAGQSC7Y7fEnm6+F7Bn6PHi0uJBCG1zQkrV8dvI8JWonuxHQmX0o
twMFy1wveh8Zra76vuYzMjqEx5lCNeocRNh+TnpxPIKmnQeVD2TlSeQafDFhzjcL
MNSBOUiElTO/UXNwbFZwGRtc5qYUqzGhHQpC3080pBKU4/D2joEgzl8mDLvmFQTO
Sby3O0S2bd53Xn9ILtjZ4msWG9zgV84hjQBkDD7VrGjf
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:08:36 2025 by rpki-client