Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/95dbce-d4e9-41f1-82dc-e84cb1da21bd/1/4kY7Nr1rsEzY41iv4tROKRZC5cQ.roa
File: 4kY7Nr1rsEzY41iv4tROKRZC5cQ.roa (raw, json)
Hash identifier: DCRI+fZjJldDOsTDHdPizawQbm+fGKV4kWVMm2U06wM=
Subject key identifier: E2:46:3B:36:BD:6B:B0:4C:D8:E3:58:AF:E2:D4:4E:29:16:42:E5:C4
Certificate issuer: /CN=2acd8d1682e6622c1c09237bc41aa516669672b7
Certificate serial: 01856B77C3CE4A2E820A07194E50BE094682
Authority key identifier: 2A:CD:8D:16:82:E6:62:2C:1C:09:23:7B:C4:1A:A5:16:66:96:72:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ks2NFoLmYiwcCSN7xBqlFmaWcrc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/95dbce-d4e9-41f1-82dc-e84cb1da21bd/1/4kY7Nr1rsEzY41iv4tROKRZC5cQ.roa
Signing time: Sun 01 Jan 2023 03:54:49 +0000
ROA not before: Sun 01 Jan 2023 03:54:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 40627
IP address blocks: 80.81.128.0/20 maxlen: 32
185.23.248.0/22 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:77:c3:ce:4a:2e:82:0a:07:19:4e:50:be:09:46:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2acd8d1682e6622c1c09237bc41aa516669672b7
Validity
Not Before: Jan 1 03:54:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e2463b36bd6bb04cd8e358afe2d44e291642e5c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:66:85:8a:0b:02:39:d5:c6:c4:0d:7d:42:f8:
9a:dd:4c:16:3f:94:92:1f:78:98:eb:66:de:94:a0:
47:a8:b5:94:15:9f:a8:9d:cb:bd:e1:f7:2b:c2:7d:
8c:ec:b2:35:66:11:5f:35:19:77:ec:46:ff:1f:64:
db:5b:4a:9d:0c:10:14:8d:41:46:a9:42:09:80:f2:
4b:c8:8d:72:5b:06:ee:20:60:d1:d4:f1:87:bb:33:
c0:2a:22:81:ff:83:1e:a6:ae:10:7d:16:b9:cc:ae:
76:61:70:6a:c7:d8:09:e2:a4:08:16:67:48:1f:73:
f8:12:16:d0:01:d2:5e:9d:2c:cb:8c:75:09:6e:58:
b9:ca:32:9e:b5:eb:7d:43:89:82:97:da:7e:b1:50:
9d:58:6f:c6:bc:fe:d0:f9:2d:c7:f7:d8:b6:59:05:
82:af:72:8a:7d:29:99:ca:16:32:05:dc:4d:bc:8d:
7b:ff:64:b9:77:6c:7f:02:4b:ab:27:87:66:76:b5:
2f:f7:f5:24:3d:bd:0a:51:6b:a2:d2:e1:89:63:f9:
03:34:30:98:b9:90:02:0d:47:34:a4:72:4b:8b:d4:
41:f8:26:aa:01:35:a2:bd:0a:36:31:be:a8:f6:d1:
f2:5f:e0:69:46:f6:3f:f9:fe:7d:47:d1:10:7a:f0:
62:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:46:3B:36:BD:6B:B0:4C:D8:E3:58:AF:E2:D4:4E:29:16:42:E5:C4
X509v3 Authority Key Identifier:
keyid:2A:CD:8D:16:82:E6:62:2C:1C:09:23:7B:C4:1A:A5:16:66:96:72:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ks2NFoLmYiwcCSN7xBqlFmaWcrc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/95dbce-d4e9-41f1-82dc-e84cb1da21bd/1/4kY7Nr1rsEzY41iv4tROKRZC5cQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/95dbce-d4e9-41f1-82dc-e84cb1da21bd/1/Ks2NFoLmYiwcCSN7xBqlFmaWcrc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.81.128.0/20
185.23.248.0/22
Signature Algorithm: sha256WithRSAEncryption
6b:b6:fb:29:70:8c:f4:3c:62:56:64:48:76:4d:14:00:c3:7b:
ed:fa:89:d3:5b:50:d7:f8:49:ab:64:7f:f8:e5:22:a3:7b:89:
e1:aa:0b:29:6e:19:8c:ff:16:69:95:9b:c7:96:66:81:e5:90:
01:62:41:6b:5a:90:1d:90:92:be:07:d4:4d:b5:92:0a:39:66:
19:f2:55:91:d4:84:9f:e5:85:10:77:e8:ce:a2:2a:d1:c6:ff:
80:57:3a:11:33:58:b3:fe:c5:39:d0:9e:4d:6b:00:6f:f9:7f:
e4:65:ab:d3:59:2d:83:6c:d9:7b:98:74:ed:77:3f:98:36:b9:
3a:ec:d5:b6:0d:f2:f1:fd:2b:9f:c9:ed:d6:13:5a:cd:05:9e:
97:9a:f2:23:55:c4:01:6b:a3:04:d1:79:5c:2b:8a:95:57:59:
0f:9a:d7:81:81:19:78:e2:2e:a8:f1:6c:2f:8b:68:73:d0:3c:
02:0a:0c:32:66:bb:a5:da:35:06:d9:42:1d:58:b8:4f:ce:f1:
bf:bd:c2:27:65:54:86:3d:fd:a6:3b:3d:52:25:0d:05:0b:94:
b2:5b:80:ff:60:18:eb:37:e2:70:69:00:8e:87:d1:88:51:5a:
56:8b:7f:b5:36:8e:62:1b:13:26:c2:c4:5f:d9:e5:f0:2d:c8:
00:a2:ca:58
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVrd8POSi6CCgcZTlC+CUaCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhY2Q4ZDE2ODJlNjYyMmMxYzA5MjM3YmM0MWFhNTE2NjY5
NjcyYjcwHhcNMjMwMTAxMDM1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjQ2M2IzNmJkNmJiMDRjZDhlMzU4YWZlMmQ0NGUyOTE2NDJlNWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo2aFigsCOdXGxA19Qvia3UwWP5SS
H3iY62belKBHqLWUFZ+oncu94fcrwn2M7LI1ZhFfNRl37Eb/H2TbW0qdDBAUjUFG
qUIJgPJLyI1yWwbuIGDR1PGHuzPAKiKB/4Mepq4QfRa5zK52YXBqx9gJ4qQIFmdI
H3P4EhbQAdJenSzLjHUJbli5yjKetet9Q4mCl9p+sVCdWG/GvP7Q+S3H99i2WQWC
r3KKfSmZyhYyBdxNvI17/2S5d2x/AkurJ4dmdrUv9/UkPb0KUWui0uGJY/kDNDCY
uZACDUc0pHJLi9RB+CaqATWivQo2Mb6o9tHyX+BpRvY/+f59R9EQevBiuQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOJGOza9a7BM2ONYr+LUTikWQuXEMB8GA1UdIwQY
MBaAFCrNjRaC5mIsHAkje8QapRZmlnK3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3MyTkZvTG1ZaXdjQ1NON3hCcWxGbWFXY3JjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS85NWRiY2UtZDRlOS00MWYxLTgyZGMt
ZTg0Y2IxZGEyMWJkLzEvNGtZN05yMXJzRXpZNDFpdjR0Uk9LUlpDNWNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS85NWRiY2UtZDRlOS00MWYxLTgyZGMtZTg0Y2IxZGEyMWJk
LzEvS3MyTkZvTG1ZaXdjQ1NON3hCcWxGbWFXY3JjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEUFGAAwQC
uRf4MA0GCSqGSIb3DQEBCwUAA4IBAQBrtvspcIz0PGJWZEh2TRQAw3vt+onTW1DX
+EmrZH/45SKje4nhqgspbhmM/xZplZvHlmaB5ZABYkFrWpAdkJK+B9RNtZIKOWYZ
8lWR1ISf5YUQd+jOoirRxv+AVzoRM1iz/sU50J5NawBv+X/kZavTWS2DbNl7mHTt
dz+YNrk67NW2DfLx/Sufye3WE1rNBZ6XmvIjVcQBa6ME0XlcK4qVV1kPmteBgRl4
4i6o8Wwvi2hz0DwCCgwyZrul2jUG2UIdWLhPzvG/vcInZVSGPf2mOz1SJQ0FC5Sy
W4D/YBjrN+JwaQCOh9GIUVpWi3+1No5iGxMmwsRf2eXwLcgAospY
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:19 2024 by rpki-client on console-ams.rpki-client.org