Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/1AQWjSnm0WhJ6F0b5y-3-DLej7o.roa
File: 1AQWjSnm0WhJ6F0b5y-3-DLej7o.roa (raw, json)
Hash identifier: GLxy2r6SeeNieaOiiANfcBtZOgBNio3BYpARbVg+yhI=
Subject key identifier: D4:04:16:8D:29:E6:D1:68:49:E8:5D:1B:E7:2F:B7:F8:32:DE:8F:BA
Certificate issuer: /CN=d3e97033a36aa9bcc0c2f167e620d7ca1493cbea
Certificate serial: 018CC500D9D141832BA0389DD0E0C51C4F63
Authority key identifier: D3:E9:70:33:A3:6A:A9:BC:C0:C2:F1:67:E6:20:D7:CA:14:93:CB:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/1AQWjSnm0WhJ6F0b5y-3-DLej7o.roa
Signing time: Mon 01 Jan 2024 12:30:16 +0000
ROA not before: Mon 01 Jan 2024 12:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207490
IP address blocks: 80.72.16.0/23 maxlen: 23
80.72.26.0/23 maxlen: 23
2a00:8740:500::/40 maxlen: 40
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:48:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:d9:d1:41:83:2b:a0:38:9d:d0:e0:c5:1c:4f:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3e97033a36aa9bcc0c2f167e620d7ca1493cbea
Validity
Not Before: Jan 1 12:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d404168d29e6d16849e85d1be72fb7f832de8fba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:8b:71:8c:71:e9:ee:37:4d:76:fc:2b:0c:2a:
8a:83:d3:fa:04:c4:a4:fc:b4:8b:85:fe:7d:56:76:
44:aa:9f:fe:c6:24:e8:42:82:9c:6c:fd:e6:87:74:
3b:d0:da:41:45:2f:d2:99:e0:75:91:c6:18:44:41:
0b:bc:aa:ca:b0:cb:a2:ed:7b:03:52:bd:f7:7f:94:
19:66:50:55:41:22:53:b8:da:c5:1f:b7:2e:33:e1:
9c:05:bc:d0:78:a5:bd:2d:37:a6:dc:c1:01:e3:fd:
8c:d2:5a:ae:eb:9c:53:d5:eb:85:a6:80:43:f7:d0:
4f:96:b8:03:fc:5b:90:ce:53:4a:e1:3e:f2:8c:7b:
b3:62:9b:d2:2b:92:e6:62:f4:22:c0:e2:dc:61:63:
19:1a:f5:6b:ac:c8:a1:ed:df:0a:d3:39:19:d2:4d:
1d:be:8b:d2:ba:a9:60:7e:15:fe:65:1a:0a:24:74:
fc:3b:81:48:11:23:3e:f5:da:3f:d6:96:3c:b7:35:
2b:2a:28:bf:cf:b8:aa:b5:ef:e8:7c:70:8a:a3:0e:
d8:9d:04:8d:1c:92:17:f6:7c:20:75:4e:c0:4c:42:
28:1a:9d:11:0d:19:04:b3:4b:01:23:62:0b:e8:44:
1a:2e:14:55:ed:4d:26:e5:bf:7e:52:6a:3a:6e:bb:
b8:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:04:16:8D:29:E6:D1:68:49:E8:5D:1B:E7:2F:B7:F8:32:DE:8F:BA
X509v3 Authority Key Identifier:
keyid:D3:E9:70:33:A3:6A:A9:BC:C0:C2:F1:67:E6:20:D7:CA:14:93:CB:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/1AQWjSnm0WhJ6F0b5y-3-DLej7o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/0-lwM6NqqbzAwvFn5iDXyhSTy-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.72.16.0/23
80.72.26.0/23
IPv6:
2a00:8740:500::/40
Signature Algorithm: sha256WithRSAEncryption
98:a3:d5:6e:f3:b8:26:73:a2:b9:f0:c9:3b:ab:0e:65:68:aa:
69:e6:fd:8e:05:0b:55:42:54:5c:57:ca:37:97:65:5a:50:9f:
31:0c:e1:44:1a:a7:6e:24:3e:de:3f:ca:18:4f:51:33:55:29:
71:89:b2:5e:13:5d:a3:e1:54:34:67:c5:0f:cc:4e:5f:32:35:
ef:8c:fe:a4:74:9e:db:20:d5:85:e4:d2:2a:ea:01:61:72:81:
da:a3:0c:fa:28:3b:34:38:2e:c3:72:93:62:e1:70:7b:80:0e:
58:a9:10:8b:e1:59:6c:0d:8b:e5:a8:b8:8d:ab:ba:5c:20:00:
34:d7:e9:da:a2:0e:fa:36:05:1f:50:4c:f6:1a:bc:e4:02:be:
32:87:74:13:36:e3:24:58:62:f8:11:ae:7a:f8:ed:e8:be:97:
f4:20:c6:0d:05:ad:11:19:d6:e6:14:61:e6:1b:d6:0b:0d:f6:
19:bb:92:ae:c8:3a:fc:cb:36:91:a4:5d:65:df:8b:2a:28:b7:
70:b0:5d:e0:b6:db:ca:0d:50:ac:7a:18:49:01:df:5c:56:e5:
b5:72:c2:7f:bf:e8:34:c8:90:a8:1c:48:0f:f3:03:76:8e:cb:
8d:5a:0f:fc:0e:11:cd:a8:12:65:4c:f7:5e:78:11:9b:2c:34:
4d:34:ab:29
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYzFANnRQYMroDid0ODFHE9jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzZTk3MDMzYTM2YWE5YmNjMGMyZjE2N2U2MjBkN2NhMTQ5
M2NiZWEwHhcNMjQwMTAxMTIzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDA0MTY4ZDI5ZTZkMTY4NDllODVkMWJlNzJmYjdmODMyZGU4ZmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoItxjHHp7jdNdvwrDCqKg9P6BMSk
/LSLhf59VnZEqp/+xiToQoKcbP3mh3Q70NpBRS/SmeB1kcYYREELvKrKsMui7XsD
Ur33f5QZZlBVQSJTuNrFH7cuM+GcBbzQeKW9LTem3MEB4/2M0lqu65xT1euFpoBD
99BPlrgD/FuQzlNK4T7yjHuzYpvSK5LmYvQiwOLcYWMZGvVrrMih7d8K0zkZ0k0d
vovSuqlgfhX+ZRoKJHT8O4FIESM+9do/1pY8tzUrKii/z7iqte/ofHCKow7YnQSN
HJIX9nwgdU7ATEIoGp0RDRkEs0sBI2IL6EQaLhRV7U0m5b9+Umo6bru4TQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFNQEFo0p5tFoSehdG+cvt/gy3o+6MB8GA1UdIwQY
MBaAFNPpcDOjaqm8wMLxZ+Yg18oUk8vqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMC1sd002TnFxYnpBd3ZGbjVpRFh5aFNUeS1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS81YTMyMGItZTk0Zi00MWM5LTgyZjMt
ZGJmOWQ0MWYxNzk4LzEvMUFRV2pTbm0wV2hKNkYwYjV5LTMtRExlajdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS81YTMyMGItZTk0Zi00MWM5LTgyZjMtZGJmOWQ0MWYxNzk4
LzEvMC1sd002TnFxYnpBd3ZGbjVpRFh5aFNUeS1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQBUEgQAwQB
UEgaMA4EAgACMAgDBgAqAIdABTANBgkqhkiG9w0BAQsFAAOCAQEAmKPVbvO4JnOi
ufDJO6sOZWiqaeb9jgULVUJUXFfKN5dlWlCfMQzhRBqnbiQ+3j/KGE9RM1UpcYmy
XhNdo+FUNGfFD8xOXzI174z+pHSe2yDVheTSKuoBYXKB2qMM+ig7NDguw3KTYuFw
e4AOWKkQi+FZbA2L5ai4jau6XCAANNfp2qIO+jYFH1BM9hq85AK+Mod0EzbjJFhi
+BGuevjt6L6X9CDGDQWtERnW5hRh5hvWCw32GbuSrsg6/Ms2kaRdZd+LKii3cLBd
4Lbbyg1QrHoYSQHfXFbltXLCf7/oNMiQqBxID/MDdo7LjVoP/A4RzagSZUz3XngR
myw0TTSrKQ==
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:27:31 2025 by rpki-client