Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/352kP4kGj3WCm2BK240gSe_rays.roa
File: 352kP4kGj3WCm2BK240gSe_rays.roa (raw, json)
Hash identifier: eHwklGwIyz6Ysdtn83uQ5hHH9dBC4pRGov0lk9CN4hU=
Subject key identifier: DF:9D:A4:3F:89:06:8F:75:82:9B:60:4A:DB:8D:20:49:EF:EB:6B:2B
Certificate issuer: /CN=d3e97033a36aa9bcc0c2f167e620d7ca1493cbea
Certificate serial: 018920049309274ABAA41DDCCFE0148026AF
Authority key identifier: D3:E9:70:33:A3:6A:A9:BC:C0:C2:F1:67:E6:20:D7:CA:14:93:CB:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/352kP4kGj3WCm2BK240gSe_rays.roa
Signing time: Tue 04 Jul 2023 08:28:37 +0000
ROA not before: Tue 04 Jul 2023 08:28:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206680
IP address blocks: 80.72.22.0/24 maxlen: 24
2a00:8740:700::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:20:04:93:09:27:4a:ba:a4:1d:dc:cf:e0:14:80:26:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3e97033a36aa9bcc0c2f167e620d7ca1493cbea
Validity
Not Before: Jul 4 08:28:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=df9da43f89068f75829b604adb8d2049efeb6b2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:4e:e5:31:7f:02:0c:73:a5:1b:cd:b3:2f:cd:
97:d7:ca:9e:b7:a2:1e:18:29:25:49:48:da:a8:a4:
ff:69:d8:15:20:0f:a7:84:1b:2d:13:0a:0f:aa:49:
ac:c1:97:84:ef:06:d9:28:94:a9:90:bd:3e:5e:85:
8e:74:e9:24:96:23:f7:3e:b8:fa:5d:94:8e:6a:d4:
5f:ac:ca:da:d8:8c:30:4f:8f:86:5c:b7:db:45:5d:
79:19:cc:f7:eb:8e:62:ae:e3:10:5a:0a:70:e3:a4:
9b:d9:2c:82:4a:cb:3b:59:7e:b2:8b:06:35:de:20:
e6:0f:c2:11:cb:11:c8:6e:b9:6b:d1:2c:87:e9:62:
68:9a:33:b3:f6:aa:0c:41:ef:74:09:e6:ba:61:dd:
ea:c7:53:6d:d3:b8:95:9e:e1:a8:4c:c3:40:66:4b:
ac:0c:16:b1:98:2d:ae:46:f6:87:23:14:18:43:fb:
fc:dc:56:38:17:0b:79:cc:75:93:a1:7c:7b:b0:3c:
5c:5c:d9:40:d1:f5:b6:80:d2:67:89:63:55:81:05:
2a:a3:3c:25:5e:61:f1:45:1b:1e:af:ca:8c:20:03:
48:16:a6:e3:72:ae:11:e8:32:e0:c3:04:45:8b:3e:
7a:bc:b2:9f:f0:d5:fc:88:1e:a9:7f:89:20:22:e4:
b2:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:9D:A4:3F:89:06:8F:75:82:9B:60:4A:DB:8D:20:49:EF:EB:6B:2B
X509v3 Authority Key Identifier:
keyid:D3:E9:70:33:A3:6A:A9:BC:C0:C2:F1:67:E6:20:D7:CA:14:93:CB:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/352kP4kGj3WCm2BK240gSe_rays.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/0-lwM6NqqbzAwvFn5iDXyhSTy-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.72.22.0/24
IPv6:
2a00:8740:700::/40
Signature Algorithm: sha256WithRSAEncryption
8e:93:95:bf:ec:33:e9:0a:db:6f:68:3c:05:44:19:d4:a2:c9:
99:35:01:d0:26:3f:e6:dc:34:bb:19:63:6f:7a:ab:2d:69:6b:
8d:5f:5d:4f:11:9d:9d:51:b3:4e:d9:61:32:c7:e6:f7:71:57:
2a:cd:19:3a:ee:2b:cd:e4:5a:34:08:19:f0:24:1d:ef:c9:cd:
7a:28:50:d4:3e:55:f3:4f:19:ae:88:eb:dd:ff:2d:fb:17:ca:
17:fc:d3:61:b4:8a:cd:da:81:5e:b6:b0:b9:47:7e:0c:d6:1c:
11:14:19:82:5c:d5:11:32:00:a8:34:29:33:9b:7e:6c:7e:70:
c8:d2:c3:d7:fd:74:49:cd:52:90:97:9a:4b:10:e2:69:bd:93:
74:a0:25:52:0b:42:e0:ab:5f:60:82:2d:dd:d2:d9:fc:bb:d9:
b3:63:6c:39:f1:8a:b1:ce:14:b0:eb:11:8f:c0:46:98:be:83:
c8:ef:da:49:12:e5:41:65:35:51:f0:8b:a9:04:21:95:20:f4:
1d:28:4d:8b:ed:b2:f6:48:8c:ea:23:27:a4:f3:4e:1a:31:ee:
0c:a7:e8:49:ad:e6:d1:22:ef:1b:a6:0f:ff:d6:11:63:6f:d9:
82:d0:c0:67:d1:50:8c:0b:75:7f:d8:98:6c:26:ed:6f:5f:1f:
5c:b7:c1:39
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYkgBJMJJ0q6pB3cz+AUgCavMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzZTk3MDMzYTM2YWE5YmNjMGMyZjE2N2U2MjBkN2NhMTQ5
M2NiZWEwHhcNMjMwNzA0MDgyODM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjlkYTQzZjg5MDY4Zjc1ODI5YjYwNGFkYjhkMjA0OWVmZWI2YjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtU7lMX8CDHOlG82zL82X18qet6Ie
GCklSUjaqKT/adgVIA+nhBstEwoPqkmswZeE7wbZKJSpkL0+XoWOdOkkliP3Prj6
XZSOatRfrMra2IwwT4+GXLfbRV15Gcz3645iruMQWgpw46Sb2SyCSss7WX6yiwY1
3iDmD8IRyxHIbrlr0SyH6WJomjOz9qoMQe90Cea6Yd3qx1Nt07iVnuGoTMNAZkus
DBaxmC2uRvaHIxQYQ/v83FY4Fwt5zHWToXx7sDxcXNlA0fW2gNJniWNVgQUqozwl
XmHxRRser8qMIANIFqbjcq4R6DLgwwRFiz56vLKf8NX8iB6pf4kgIuSy0QIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFN+dpD+JBo91gptgStuNIEnv62srMB8GA1UdIwQY
MBaAFNPpcDOjaqm8wMLxZ+Yg18oUk8vqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMC1sd002TnFxYnpBd3ZGbjVpRFh5aFNUeS1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS81YTMyMGItZTk0Zi00MWM5LTgyZjMt
ZGJmOWQ0MWYxNzk4LzEvMzUya1A0a0dqM1dDbTJCSzI0MGdTZV9yYXlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS81YTMyMGItZTk0Zi00MWM5LTgyZjMtZGJmOWQ0MWYxNzk4
LzEvMC1sd002TnFxYnpBd3ZGbjVpRFh5aFNUeS1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAUEgWMA4E
AgACMAgDBgAqAIdABzANBgkqhkiG9w0BAQsFAAOCAQEAjpOVv+wz6Qrbb2g8BUQZ
1KLJmTUB0CY/5tw0uxljb3qrLWlrjV9dTxGdnVGzTtlhMsfm93FXKs0ZOu4rzeRa
NAgZ8CQd78nNeihQ1D5V808Zrojr3f8t+xfKF/zTYbSKzdqBXrawuUd+DNYcERQZ
glzVETIAqDQpM5t+bH5wyNLD1/10Sc1SkJeaSxDiab2TdKAlUgtC4KtfYIIt3dLZ
/LvZs2NsOfGKsc4UsOsRj8BGmL6DyO/aSRLlQWU1UfCLqQQhlSD0HShNi+2y9kiM
6iMnpPNOGjHuDKfoSa3m0SLvG6YP/9YRY2/ZgtDAZ9FQjAt1f9iYbCbtb18fXLfB
OQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:44 2024 by rpki-client on console-fra.rpki-client.org