Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/R8K1_woY3QkyPuJGJpD_w46aGjk.roa
File: R8K1_woY3QkyPuJGJpD_w46aGjk.roa (raw, json)
Hash identifier: F2iP1M6VWyMcdiYLNzbhsoiWPYL3VErmurYuyZhUCrs=
Subject key identifier: 47:C2:B5:FF:0A:18:DD:09:32:3E:E2:46:26:90:FF:C3:8E:9A:1A:39
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 01913698DEC4976B5D060DBBACBAE110873C
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/R8K1_woY3QkyPuJGJpD_w46aGjk.roa
Signing time: Fri 09 Aug 2024 10:04:33 +0000
ROA not before: Fri 09 Aug 2024 10:04:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9123
IP address blocks: 80.68.156.0/24 maxlen: 24
91.240.254.0/24 maxlen: 24
185.201.28.0/24 maxlen: 24
185.211.170.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 19 Aug 2024 19:30:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:36:98:de:c4:97:6b:5d:06:0d:bb:ac:ba:e1:10:87:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Aug 9 10:04:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=47c2b5ff0a18dd09323ee2462690ffc38e9a1a39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:69:90:16:97:de:3c:3f:0e:09:55:b4:1e:12:
29:a0:56:49:6f:03:3e:9b:77:9e:5f:ea:7b:af:da:
38:c4:f0:c9:f4:2e:0a:c5:c2:7b:f3:7a:ef:26:e2:
da:df:02:30:3a:37:9c:f8:a9:14:c1:50:e8:bf:81:
1a:75:a6:d3:f9:ae:74:34:69:54:65:e8:1e:30:b5:
f5:74:3a:cc:72:f9:b5:f4:89:16:4b:f0:86:44:bc:
3b:df:b8:b1:84:75:8f:51:e8:a9:02:94:12:94:a3:
69:90:a4:11:2b:91:44:33:28:30:af:9f:48:fa:48:
29:a4:a7:5f:69:8a:a5:0d:19:29:a2:79:59:97:22:
45:b7:aa:4e:74:38:50:7b:5e:09:a7:d8:f5:85:b7:
ca:fb:9a:36:79:c1:74:48:8e:2d:98:1a:84:3c:8c:
da:b0:73:a5:1e:3e:37:43:2a:4b:61:1b:8a:50:5b:
ae:c8:3f:54:7c:bd:07:7d:ad:22:94:5b:5f:69:9f:
a1:23:c6:3e:43:b5:aa:96:67:46:39:85:1d:82:99:
3d:e1:45:a5:39:fd:d7:9f:c0:9e:4d:a5:0c:18:de:
13:3b:94:2f:35:70:95:e5:0c:5a:88:8b:98:11:a9:
36:60:9f:5d:6f:83:c2:fa:fb:3c:4e:dd:a9:7d:15:
81:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:C2:B5:FF:0A:18:DD:09:32:3E:E2:46:26:90:FF:C3:8E:9A:1A:39
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/R8K1_woY3QkyPuJGJpD_w46aGjk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.68.156.0/24
91.240.254.0/24
185.201.28.0/24
185.211.170.0/24
Signature Algorithm: sha256WithRSAEncryption
62:b5:ad:0f:85:94:6f:26:91:70:c9:a3:57:50:ba:43:d2:aa:
ad:76:97:e0:be:77:d6:69:ff:2d:09:1d:43:3d:b1:20:8c:44:
16:c0:6f:d4:f4:7a:bd:79:93:4a:75:ca:54:f9:90:18:1a:21:
a0:74:a0:d3:ea:b9:6f:35:e6:9a:b7:93:17:5c:c1:74:89:cf:
38:73:3a:31:9b:d9:5f:3f:76:8a:ee:58:90:c5:b1:d3:09:38:
a1:d5:55:9d:21:a1:8f:54:ac:b8:3b:6f:38:69:c7:bc:ec:c0:
84:c8:09:b8:ff:25:b5:be:46:96:e5:8d:5e:28:12:05:e5:e2:
57:39:d6:ba:f7:0b:b7:f7:02:ff:e3:29:13:ce:0d:5c:c9:87:
14:13:73:92:f0:d0:0d:7b:67:1a:87:df:c0:81:5c:47:93:b5:
c2:22:7d:3b:13:11:4d:7b:75:45:24:82:46:ba:5f:88:90:ea:
99:78:ae:c9:9a:65:1d:a1:fa:62:4d:67:3b:1b:f8:08:8a:52:
55:96:fe:b6:5e:2b:98:77:87:d9:b0:d7:c8:4e:95:b0:b5:ea:
25:5b:4b:83:68:f9:4f:a2:05:ff:39:ec:9e:20:08:ae:18:d5:
9d:f4:5b:38:57:0d:66:cf:11:bb:02:91:61:5d:e8:6f:75:17:
05:f5:c9:7b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZE2mN7El2tdBg27rLrhEIc8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwODA5MTAwNDMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2MyYjVmZjBhMThkZDA5MzIzZWUyNDYyNjkwZmZjMzhlOWExYTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0mmQFpfePD8OCVW0HhIpoFZJbwM+
m3eeX+p7r9o4xPDJ9C4KxcJ783rvJuLa3wIwOjec+KkUwVDov4EadabT+a50NGlU
ZegeMLX1dDrMcvm19IkWS/CGRLw737ixhHWPUeipApQSlKNpkKQRK5FEMygwr59I
+kgppKdfaYqlDRkponlZlyJFt6pOdDhQe14Jp9j1hbfK+5o2ecF0SI4tmBqEPIza
sHOlHj43QypLYRuKUFuuyD9UfL0Hfa0ilFtfaZ+hI8Y+Q7WqlmdGOYUdgpk94UWl
Of3Xn8CeTaUMGN4TO5QvNXCV5QxaiIuYEak2YJ9db4PC+vs8Tt2pfRWBlwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEfCtf8KGN0JMj7iRiaQ/8OOmho5MB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvUjhLMV93b1kzUWt5UHVKR0pwRF93NDZhR2prLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUEScAwQA
W/D+AwQAuckcAwQAudOqMA0GCSqGSIb3DQEBCwUAA4IBAQBita0PhZRvJpFwyaNX
ULpD0qqtdpfgvnfWaf8tCR1DPbEgjEQWwG/U9Hq9eZNKdcpU+ZAYGiGgdKDT6rlv
Neaat5MXXMF0ic84czoxm9lfP3aK7liQxbHTCTih1VWdIaGPVKy4O284ace87MCE
yAm4/yW1vkaW5Y1eKBIF5eJXOda69wu39wL/4ykTzg1cyYcUE3OS8NANe2cah9/A
gVxHk7XCIn07ExFNe3VFJIJGul+IkOqZeK7JmmUdofpiTWc7G/gIilJVlv62XiuY
d4fZsNfITpWwteolW0uDaPlPogX/OeyeIAiuGNWd9Fs4Vw1mzxG7ApFhXehvdRcF
9cl7
-----END CERTIFICATE-----
Generated at Mon Aug 19 20:43:45 2024 by rpki-client on console-fra.rpki-client.org