Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/810599-731a-486a-b23f-47537eb644f5/1/1BrWLjMvPfJ2AAXv763ygqbgkNQ.roa
File: 1BrWLjMvPfJ2AAXv763ygqbgkNQ.roa (raw, json)
Hash identifier: RBpqMimqIz4ZBKTkjLflHVRdiRdhH3HJalJW30rdclU=
Subject key identifier: D4:1A:D6:2E:33:2F:3D:F2:76:00:05:EF:EF:AD:F2:82:A6:E0:90:D4
Certificate issuer: /CN=e123860e20cdb2cfdf2cefb3753a15b822829266
Certificate serial: 018CC5DC47FE17BC8E14DD8609204609A090
Authority key identifier: E1:23:86:0E:20:CD:B2:CF:DF:2C:EF:B3:75:3A:15:B8:22:82:92:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4SOGDiDNss_fLO-zdToVuCKCkmY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/810599-731a-486a-b23f-47537eb644f5/1/1BrWLjMvPfJ2AAXv763ygqbgkNQ.roa
Signing time: Mon 01 Jan 2024 16:29:57 +0000
ROA not before: Mon 01 Jan 2024 16:29:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199620
IP address blocks: 80.86.238.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:50:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:47:fe:17:bc:8e:14:dd:86:09:20:46:09:a0:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e123860e20cdb2cfdf2cefb3753a15b822829266
Validity
Not Before: Jan 1 16:29:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d41ad62e332f3df2760005efefadf282a6e090d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:ee:88:34:97:2a:da:e5:5f:9a:a3:16:b8:1a:
73:d9:31:fe:c0:a0:e2:af:f0:4e:44:c2:4e:6b:9d:
35:1e:9f:d1:7c:9d:ea:ef:ff:2d:4f:44:44:8b:81:
0c:76:48:69:e8:56:52:01:5a:4a:3a:76:58:5b:da:
56:7f:f6:8c:76:df:9c:6d:c5:ec:16:4b:cf:20:be:
d5:f8:67:20:97:9f:ea:81:a3:44:08:67:4a:1e:c8:
2c:1e:cc:c6:8a:2c:a5:6f:9c:73:0d:bd:f2:97:43:
42:c1:d2:fb:00:98:24:f4:fb:bf:55:3d:6f:df:74:
f0:98:25:3e:d6:2a:fb:87:3d:cc:9e:e2:34:b6:8d:
aa:41:06:f5:1f:2c:aa:31:71:05:30:8d:a0:55:88:
a5:2e:b7:67:18:07:b6:3e:3e:08:31:fb:0f:ae:7a:
25:c1:46:d0:aa:e0:b5:ee:76:19:80:38:e3:a6:8d:
9f:27:36:42:6a:31:02:7a:17:0b:92:de:17:1d:25:
9e:03:7b:b7:f5:e9:09:bf:b3:21:cc:aa:0b:66:9e:
e7:f7:a0:99:fe:22:23:8b:87:cd:28:57:4c:b0:cc:
01:e2:95:99:84:16:d3:84:3e:9b:c8:28:e5:9e:4e:
13:9e:12:db:3c:e2:7f:ea:a9:0e:be:fc:d4:c7:65:
05:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:1A:D6:2E:33:2F:3D:F2:76:00:05:EF:EF:AD:F2:82:A6:E0:90:D4
X509v3 Authority Key Identifier:
keyid:E1:23:86:0E:20:CD:B2:CF:DF:2C:EF:B3:75:3A:15:B8:22:82:92:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4SOGDiDNss_fLO-zdToVuCKCkmY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/810599-731a-486a-b23f-47537eb644f5/1/1BrWLjMvPfJ2AAXv763ygqbgkNQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/810599-731a-486a-b23f-47537eb644f5/1/4SOGDiDNss_fLO-zdToVuCKCkmY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.86.238.0/24
Signature Algorithm: sha256WithRSAEncryption
68:21:0d:de:1f:e6:c5:29:27:36:98:3b:23:db:67:ab:09:bc:
4a:8e:9e:ba:b7:7e:2f:2e:67:f3:f2:95:a7:a0:1d:ec:98:d3:
48:e0:4d:7f:55:79:7f:57:29:0b:06:e1:49:bd:3f:25:1b:75:
e9:4b:2a:fd:84:66:9c:9b:a8:ab:00:f4:7a:0f:09:8d:89:85:
89:8d:ef:9a:88:80:89:cc:99:39:6e:55:37:74:5b:cc:33:1e:
df:7b:8f:1b:3f:a7:d6:23:39:b0:f3:4b:82:49:c6:a4:18:38:
6e:a4:79:f9:1a:9c:d7:d4:af:b0:8b:16:a8:4b:aa:62:c6:d0:
d4:36:da:45:0f:d5:e8:24:b9:35:44:c4:b9:77:93:96:43:48:
be:b9:40:a8:7c:fe:5b:09:b2:37:17:20:41:22:b2:28:a3:3a:
7d:d7:60:03:97:8f:63:40:99:7a:b1:07:4a:25:0c:0b:6c:88:
3c:04:1f:ef:d6:08:8f:a6:45:b9:aa:d9:0a:85:cc:05:27:66:
3f:19:53:52:cf:17:06:2c:0c:91:06:10:bc:29:a6:7a:73:ba:
dd:9a:72:d4:f0:85:b1:85:aa:ca:9c:f7:78:27:b9:6f:5b:e9:
34:a6:d3:cc:29:f2:f9:bc:de:eb:b4:23:a8:f9:1a:3c:9a:9f:
c6:84:32:b7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3Ef+F7yOFN2GCSBGCaCQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxMjM4NjBlMjBjZGIyY2ZkZjJjZWZiMzc1M2ExNWI4MjI4
MjkyNjYwHhcNMjQwMTAxMTYyOTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDFhZDYyZTMzMmYzZGYyNzYwMDA1ZWZlZmFkZjI4MmE2ZTA5MGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+6INJcq2uVfmqMWuBpz2TH+wKDi
r/BORMJOa501Hp/RfJ3q7/8tT0REi4EMdkhp6FZSAVpKOnZYW9pWf/aMdt+cbcXs
FkvPIL7V+Gcgl5/qgaNECGdKHsgsHszGiiylb5xzDb3yl0NCwdL7AJgk9Pu/VT1v
33TwmCU+1ir7hz3MnuI0to2qQQb1HyyqMXEFMI2gVYilLrdnGAe2Pj4IMfsPrnol
wUbQquC17nYZgDjjpo2fJzZCajECehcLkt4XHSWeA3u39ekJv7MhzKoLZp7n96CZ
/iIji4fNKFdMsMwB4pWZhBbThD6byCjlnk4TnhLbPOJ/6qkOvvzUx2UFKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNQa1i4zLz3ydgAF7++t8oKm4JDUMB8GA1UdIwQY
MBaAFOEjhg4gzbLP3yzvs3U6FbgigpJmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFNPR0RpRE5zc19mTE8temRUb1Z1Q0tDa21ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC84MTA1OTktNzMxYS00ODZhLWIyM2Yt
NDc1MzdlYjY0NGY1LzEvMUJyV0xqTXZQZkoyQUFYdjc2M3lncWJna05RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC84MTA1OTktNzMxYS00ODZhLWIyM2YtNDc1MzdlYjY0NGY1
LzEvNFNPR0RpRE5zc19mTE8temRUb1Z1Q0tDa21ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUFbuMA0G
CSqGSIb3DQEBCwUAA4IBAQBoIQ3eH+bFKSc2mDsj22erCbxKjp66t34vLmfz8pWn
oB3smNNI4E1/VXl/VykLBuFJvT8lG3XpSyr9hGacm6irAPR6DwmNiYWJje+aiICJ
zJk5blU3dFvMMx7fe48bP6fWIzmw80uCScakGDhupHn5GpzX1K+wixaoS6pixtDU
NtpFD9XoJLk1RMS5d5OWQ0i+uUCofP5bCbI3FyBBIrIoozp912ADl49jQJl6sQdK
JQwLbIg8BB/v1giPpkW5qtkKhcwFJ2Y/GVNSzxcGLAyRBhC8KaZ6c7rdmnLU8IWx
harKnPd4J7lvW+k0ptPMKfL5vN7rtCOo+Ro8mp/GhDK3
-----END CERTIFICATE-----
Generated at Mon Apr 14 11:25:29 2025 by rpki-client