Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/gFfAQaQkHKGzC0mTLom3uqmU3mU.roa
File: gFfAQaQkHKGzC0mTLom3uqmU3mU.roa (raw, json)
Hash identifier: CbN+b4Xwv//mGZikFyKN/Y/zNaBjrXtX5Gn/YY4s9OI=
Subject key identifier: 80:57:C0:41:A4:24:1C:A1:B3:0B:49:93:2E:89:B7:BA:A9:94:DE:65
Certificate issuer: /CN=72ed2fbb7213fbf32ad4c087f8b0b22cecef4fea
Certificate serial: 018CC9BBB4E9C45EBD1B727097BAB0A4A473
Authority key identifier: 72:ED:2F:BB:72:13:FB:F3:2A:D4:C0:87:F8:B0:B2:2C:EC:EF:4F:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cu0vu3IT-_Mq1MCH-LCyLOzvT-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/gFfAQaQkHKGzC0mTLom3uqmU3mU.roa
Signing time: Tue 02 Jan 2024 10:32:51 +0000
ROA not before: Tue 02 Jan 2024 10:32:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51083
IP address blocks: 80.67.185.0/24 maxlen: 24
80.67.183.0/24 maxlen: 24
80.67.180.0/24 maxlen: 24
80.67.189.0/24 maxlen: 24
2001:912:4000::/36 maxlen: 36
2001:912:1000::/36 maxlen: 36
2001:912::/36 maxlen: 36
2001:912:3000::/36 maxlen: 36
2001:912:2000::/36 maxlen: 36
Validation: Failed, certificate revoked on Wed 31 Jan 2024 20:15:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:b4:e9:c4:5e:bd:1b:72:70:97:ba:b0:a4:a4:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72ed2fbb7213fbf32ad4c087f8b0b22cecef4fea
Validity
Not Before: Jan 2 10:32:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8057c041a4241ca1b30b49932e89b7baa994de65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:4d:0b:fb:6d:03:70:41:c3:ec:bd:ce:45:95:
e2:6b:da:db:f7:d7:98:4e:cf:ed:6d:65:3c:4e:26:
9a:f5:53:9c:77:b7:19:2a:59:2a:f5:89:2b:f4:7d:
76:ed:9a:66:7f:26:2f:6b:fa:8e:d2:44:1a:06:f8:
83:25:65:1c:40:3e:3f:e8:d7:43:c4:6b:87:43:f5:
43:2f:15:fa:37:18:01:20:a1:7f:19:77:c6:38:09:
3e:ab:7d:83:d5:39:ad:0e:a3:ed:6d:aa:2b:ef:d2:
b7:c4:2c:50:9e:9d:7b:ee:cd:0c:0c:67:85:6c:c5:
ad:61:15:b5:2b:2a:d8:9f:e6:2d:30:fa:b4:36:bb:
cf:a0:2f:61:ae:28:c6:d7:71:16:a8:64:ff:7e:c3:
ea:2c:3d:ec:d1:69:2a:6b:66:32:4b:a2:6f:4a:9b:
99:31:85:db:f9:47:29:37:ae:6f:7d:35:bb:9a:dc:
9c:c6:3f:68:6c:dd:f1:cc:a2:ec:7a:f2:63:66:0e:
16:9d:c4:97:7b:59:b8:55:8d:66:fd:fb:bb:20:3e:
6e:56:07:9f:a3:e9:bd:26:67:4b:8c:85:1d:9c:12:
6b:68:e3:20:c0:76:a9:fd:c5:78:83:dd:cd:52:41:
48:a1:83:41:88:50:10:1f:69:33:de:34:62:32:8b:
35:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:57:C0:41:A4:24:1C:A1:B3:0B:49:93:2E:89:B7:BA:A9:94:DE:65
X509v3 Authority Key Identifier:
keyid:72:ED:2F:BB:72:13:FB:F3:2A:D4:C0:87:F8:B0:B2:2C:EC:EF:4F:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cu0vu3IT-_Mq1MCH-LCyLOzvT-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/gFfAQaQkHKGzC0mTLom3uqmU3mU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/cu0vu3IT-_Mq1MCH-LCyLOzvT-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.67.180.0/24
80.67.183.0/24
80.67.185.0/24
80.67.189.0/24
IPv6:
2001:912::-2001:912:4fff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
07:f1:35:9b:e3:df:15:da:53:d6:c2:fe:35:7b:a7:11:b1:88:
31:af:61:b2:ed:93:e5:d8:9f:4c:ee:de:81:bd:24:77:c5:d9:
9e:46:f0:c6:3d:5c:38:74:1f:5f:09:57:ab:24:cc:07:04:7a:
95:e3:74:94:a9:d1:bb:f4:e8:44:8a:50:7f:2d:61:04:c4:1e:
4d:4a:73:5e:a9:af:d3:e1:f8:e5:3e:be:6d:3b:f9:83:53:3a:
85:50:03:c2:85:dc:0a:3b:1e:d8:ff:67:1f:52:0b:ff:20:e5:
2a:64:9d:be:a8:dc:f4:3b:38:10:4b:f2:ac:18:d2:48:40:53:
b3:d6:86:be:06:27:07:dd:72:18:1e:62:e9:64:ab:90:32:45:
da:dd:03:85:38:ad:7f:79:5d:dc:e6:49:30:1e:08:69:92:fc:
86:90:19:ce:d4:3e:d1:58:58:93:7d:68:67:c3:6e:05:e5:35:
d2:26:d3:4b:e8:85:9c:2d:ec:cb:23:f9:29:4b:90:23:14:ce:
62:97:fb:55:5c:68:4a:94:c2:b3:2d:87:16:c8:97:87:bf:96:
c7:a8:13:96:ec:5a:21:91:d1:54:25:9c:2e:6e:47:16:63:8f:
2f:89:3d:d6:aa:12:d4:a4:0e:e1:c3:bf:b0:31:2d:20:39:90:
7a:3e:28:86
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAYzJu7TpxF69G3Jwl7qwpKRzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyZWQyZmJiNzIxM2ZiZjMyYWQ0YzA4N2Y4YjBiMjJjZWNl
ZjRmZWEwHhcNMjQwMTAyMTAzMjUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDU3YzA0MWE0MjQxY2ExYjMwYjQ5OTMyZTg5YjdiYWE5OTRkZTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgU0L+20DcEHD7L3ORZXia9rb99eY
Ts/tbWU8Tiaa9VOcd7cZKlkq9Ykr9H127ZpmfyYva/qO0kQaBviDJWUcQD4/6NdD
xGuHQ/VDLxX6NxgBIKF/GXfGOAk+q32D1TmtDqPtbaor79K3xCxQnp177s0MDGeF
bMWtYRW1KyrYn+YtMPq0NrvPoC9hrijG13EWqGT/fsPqLD3s0Wkqa2YyS6JvSpuZ
MYXb+UcpN65vfTW7mtycxj9obN3xzKLsevJjZg4WncSXe1m4VY1m/fu7ID5uVgef
o+m9JmdLjIUdnBJraOMgwHap/cV4g93NUkFIoYNBiFAQH2kz3jRiMos1LQIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFIBXwEGkJByhswtJky6Jt7qplN5lMB8GA1UdIwQY
MBaAFHLtL7tyE/vzKtTAh/iwsizs70/qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3UwdnUzSVQtX01xMU1DSC1MQ3lMT3p2VC1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9lNWE4OTItMjNmNS00OWZhLWI2YTkt
YTY1MjMzYjNlOTc1LzEvZ0ZmQVFhUWtIS0d6QzBtVExvbTN1cW1VM21VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9lNWE4OTItMjNmNS00OWZhLWI2YTktYTY1MjMzYjNlOTc1
LzEvY3UwdnUzSVQtX01xMU1DSC1MQ3lMT3p2VC1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTAeBAIAATAYAwQAUEO0AwQA
UEO3AwQAUEO5AwQAUEO9MBcEAgACMBEwDwMFASABCRIDBgQgAQkSQDANBgkqhkiG
9w0BAQsFAAOCAQEAB/E1m+PfFdpT1sL+NXunEbGIMa9hsu2T5difTO7egb0kd8XZ
nkbwxj1cOHQfXwlXqyTMBwR6leN0lKnRu/ToRIpQfy1hBMQeTUpzXqmv0+H45T6+
bTv5g1M6hVADwoXcCjse2P9nH1IL/yDlKmSdvqjc9Ds4EEvyrBjSSEBTs9aGvgYn
B91yGB5i6WSrkDJF2t0DhTitf3ld3OZJMB4IaZL8hpAZztQ+0VhYk31oZ8NuBeU1
0ibTS+iFnC3syyP5KUuQIxTOYpf7VVxoSpTCsy2HFsiXh7+Wx6gTluxaIZHRVCWc
Lm5HFmOPL4k91qoS1KQO4cO/sDEtIDmQej4ohg==
-----END CERTIFICATE-----
Generated at Wed Jan 31 23:00:05 2024 by rpki-client on console-fra.rpki-client.org