Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/23968a-fa36-4654-bfbf-9404e177200e/1/SRLq1m_lhVH-uKVlYVY8U8vsZGU.roa
File: SRLq1m_lhVH-uKVlYVY8U8vsZGU.roa (raw, json)
Hash identifier: f0/+77uzmfDJIM/+Onou9YaivZL84G1xoRqjggFP5Cg=
Subject key identifier: 49:12:EA:D6:6F:E5:85:51:FE:B8:A5:65:61:56:3C:53:CB:EC:64:65
Certificate issuer: /CN=6ad70ef25e522c0d26e977a1d24ff77ead3ada19
Certificate serial: 0193E9E7C1C4D4AF8E8A1EFC9A352520C903
Authority key identifier: 6A:D7:0E:F2:5E:52:2C:0D:26:E9:77:A1:D2:4F:F7:7E:AD:3A:DA:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/atcO8l5SLA0m6Xeh0k_3fq062hk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/23968a-fa36-4654-bfbf-9404e177200e/1/SRLq1m_lhVH-uKVlYVY8U8vsZGU.roa
Signing time: Sat 21 Dec 2024 15:48:19 +0000
ROA not before: Sat 21 Dec 2024 15:48:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21058
IP address blocks: 80.83.160.0/20 maxlen: 20
80.83.160.0/24 maxlen: 24
80.83.161.0/24 maxlen: 24
80.83.162.0/24 maxlen: 24
80.83.163.0/24 maxlen: 24
80.83.164.0/24 maxlen: 24
80.83.165.0/24 maxlen: 24
80.83.166.0/24 maxlen: 24
80.83.167.0/24 maxlen: 24
80.83.168.0/24 maxlen: 24
80.83.169.0/24 maxlen: 24
80.83.170.0/24 maxlen: 24
80.83.171.0/24 maxlen: 24
80.83.172.0/24 maxlen: 24
80.83.173.0/24 maxlen: 24
80.83.174.0/24 maxlen: 24
80.83.175.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:e9:e7:c1:c4:d4:af:8e:8a:1e:fc:9a:35:25:20:c9:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ad70ef25e522c0d26e977a1d24ff77ead3ada19
Validity
Not Before: Dec 21 15:48:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4912ead66fe58551feb8a56561563c53cbec6465
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:d6:00:03:01:00:60:7c:80:af:37:8e:56:7f:
7d:06:50:58:f5:bd:ec:b9:6d:6d:b7:37:f5:6d:78:
3c:41:fc:7a:1d:09:6f:b0:2c:ab:ac:1d:36:d6:b9:
1a:d4:43:f0:d6:86:6e:c3:65:24:39:eb:02:fd:9f:
09:69:ab:28:6f:1c:bd:01:a5:86:e3:9f:64:e0:59:
8b:73:0e:7b:07:51:06:d6:ce:fc:a7:e2:80:da:9c:
4f:ae:ec:ee:ec:0b:a6:83:17:b3:6e:7b:c2:8c:43:
df:ff:d4:98:fe:9f:c7:7b:b5:37:b7:91:e2:34:35:
73:12:ae:9a:56:9d:62:c6:9e:c4:b9:05:4b:5b:60:
e8:d6:43:b6:8f:f1:62:0d:7a:47:c7:18:2d:3a:e8:
35:da:d5:1c:0b:2f:4e:34:c9:94:5e:36:23:e7:f7:
a2:32:47:97:e6:f3:cc:6d:71:65:a3:e9:f5:72:82:
bf:6f:e8:22:6f:0d:7e:02:d4:d0:66:20:89:58:cb:
5b:9c:28:48:14:b1:f5:40:5b:f7:2a:b7:96:d5:da:
30:d2:85:96:26:76:bb:eb:2e:8a:d6:62:c9:0e:cf:
2a:3b:5c:46:79:f5:21:56:a4:b4:05:82:cc:64:1b:
a8:a7:54:a7:b8:7b:b9:69:a4:4e:3b:26:3b:8e:54:
38:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:12:EA:D6:6F:E5:85:51:FE:B8:A5:65:61:56:3C:53:CB:EC:64:65
X509v3 Authority Key Identifier:
keyid:6A:D7:0E:F2:5E:52:2C:0D:26:E9:77:A1:D2:4F:F7:7E:AD:3A:DA:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/atcO8l5SLA0m6Xeh0k_3fq062hk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/23968a-fa36-4654-bfbf-9404e177200e/1/SRLq1m_lhVH-uKVlYVY8U8vsZGU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/23968a-fa36-4654-bfbf-9404e177200e/1/atcO8l5SLA0m6Xeh0k_3fq062hk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.83.160.0/20
Signature Algorithm: sha256WithRSAEncryption
71:b0:5a:34:1d:98:73:19:38:4f:f4:ec:93:23:0c:2a:20:df:
9e:e7:95:df:cf:2c:fb:2b:09:4c:0e:a0:5c:94:bf:0e:fb:e2:
71:ae:4f:40:f7:3c:f9:01:7d:ce:44:5e:1c:d5:63:ee:bb:1c:
8b:ad:87:98:69:0a:a0:b5:90:d7:ac:80:c4:33:e9:39:b3:a7:
56:49:de:21:fc:6f:ce:29:86:5a:78:e2:21:fb:e5:49:83:00:
5d:31:ca:74:bd:57:91:8f:86:44:f9:12:38:2e:00:7c:c2:ca:
77:6d:64:c4:93:aa:e5:fa:9b:06:5c:e8:7f:d2:24:ef:db:30:
cd:0e:3d:b7:17:5d:4c:9f:ae:f9:25:43:9f:38:17:be:fe:a9:
62:5d:aa:00:b5:de:45:a0:a4:77:e6:8b:51:50:18:77:0b:85:
19:fd:ad:b5:43:f9:67:37:fc:bd:fe:fe:c9:6d:80:fe:c3:31:
1c:98:b4:3d:00:8a:02:bc:11:48:b1:cf:e2:d4:93:c3:ae:04:
67:51:27:58:30:53:a6:a6:7a:d9:da:7e:a3:77:09:6d:e4:14:
1e:c4:d6:ab:08:41:b6:b0:24:b9:4d:14:75:41:13:ae:b0:bb:
4b:a7:a2:15:15:77:77:12:2e:a5:28:a5:f9:2f:08:44:e1:b2:
ba:bb:16:90
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZPp58HE1K+Oih78mjUlIMkDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhZDcwZWYyNWU1MjJjMGQyNmU5NzdhMWQyNGZmNzdlYWQz
YWRhMTkwHhcNMjQxMjIxMTU0ODE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTEyZWFkNjZmZTU4NTUxZmViOGE1NjU2MTU2M2M1M2NiZWM2NDY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA69YAAwEAYHyArzeOVn99BlBY9b3s
uW1ttzf1bXg8Qfx6HQlvsCyrrB021rka1EPw1oZuw2UkOesC/Z8Jaasobxy9AaWG
459k4FmLcw57B1EG1s78p+KA2pxPruzu7AumgxezbnvCjEPf/9SY/p/He7U3t5Hi
NDVzEq6aVp1ixp7EuQVLW2Do1kO2j/FiDXpHxxgtOug12tUcCy9ONMmUXjYj5/ei
MkeX5vPMbXFlo+n1coK/b+gibw1+AtTQZiCJWMtbnChIFLH1QFv3KreW1dow0oWW
Jna76y6K1mLJDs8qO1xGefUhVqS0BYLMZBuop1SnuHu5aaROOyY7jlQ4YQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEkS6tZv5YVR/rilZWFWPFPL7GRlMB8GA1UdIwQY
MBaAFGrXDvJeUiwNJul3odJP936tOtoZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXRjTzhsNVNMQTBtNlhlaDBrXzNmcTA2MmhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi8yMzk2OGEtZmEzNi00NjU0LWJmYmYt
OTQwNGUxNzcyMDBlLzEvU1JMcTFtX2xoVkgtdUtWbFlWWThVOHZzWkdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi8yMzk2OGEtZmEzNi00NjU0LWJmYmYtOTQwNGUxNzcyMDBl
LzEvYXRjTzhsNVNMQTBtNlhlaDBrXzNmcTA2MmhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEUFOgMA0G
CSqGSIb3DQEBCwUAA4IBAQBxsFo0HZhzGThP9OyTIwwqIN+e55Xfzyz7KwlMDqBc
lL8O++Jxrk9A9zz5AX3ORF4c1WPuuxyLrYeYaQqgtZDXrIDEM+k5s6dWSd4h/G/O
KYZaeOIh++VJgwBdMcp0vVeRj4ZE+RI4LgB8wsp3bWTEk6rl+psGXOh/0iTv2zDN
Dj23F11Mn675JUOfOBe+/qliXaoAtd5FoKR35otRUBh3C4UZ/a21Q/lnN/y9/v7J
bYD+wzEcmLQ9AIoCvBFIsc/i1JPDrgRnUSdYMFOmpnrZ2n6jdwlt5BQexNarCEG2
sCS5TRR1QROusLtLp6IVFXd3Ei6lKKX5LwhE4bK6uxaQ
-----END CERTIFICATE-----
Generated at Tue Apr 22 13:22:09 2025 by rpki-client