Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/cMmZX5Ra5R8FFMiSFz9FztRQyfc.roa
File: cMmZX5Ra5R8FFMiSFz9FztRQyfc.roa (raw, json)
Hash identifier: JE79TiNsbItxaDTnZBE4IqRbvcjOeOtBqQuzAnpM0BI=
Subject key identifier: 70:C9:99:5F:94:5A:E5:1F:05:14:C8:92:17:3F:45:CE:D4:50:C9:F7
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 018DF8CFDC966F527CFD20DC056F418B4184
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/cMmZX5Ra5R8FFMiSFz9FztRQyfc.roa
Signing time: Fri 01 Mar 2024 06:59:48 +0000
ROA not before: Fri 01 Mar 2024 06:59:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 328126
IP address blocks: 80.15.228.0/24 maxlen: 32
80.15.229.0/24 maxlen: 32
80.15.230.0/24 maxlen: 32
80.15.231.0/24 maxlen: 32
80.15.232.0/24 maxlen: 32
80.15.233.0/24 maxlen: 32
80.15.234.0/24 maxlen: 32
80.15.235.0/24 maxlen: 32
80.15.242.0/24 maxlen: 32
80.15.243.0/24 maxlen: 32
80.15.244.0/24 maxlen: 32
80.15.245.0/24 maxlen: 32
80.15.246.0/24 maxlen: 32
80.15.247.0/24 maxlen: 32
80.15.248.0/24 maxlen: 32
80.15.249.0/24 maxlen: 32
80.15.250.0/24 maxlen: 32
80.15.251.0/24 maxlen: 32
80.15.252.0/24 maxlen: 32
80.15.253.0/24 maxlen: 32
80.15.254.0/24 maxlen: 32
80.15.255.0/24 maxlen: 32
90.84.143.0/24 maxlen: 32
90.84.148.0/24 maxlen: 32
90.84.153.0/24 maxlen: 32
193.249.225.0/24 maxlen: 32
2a01:c9c0:c000::/48 maxlen: 128
2a01:c9c0:c002::/48 maxlen: 128
2a01:c9c0:c004::/48 maxlen: 128
2a01:c9c0:c006::/48 maxlen: 128
2a01:c9c0:c008::/48 maxlen: 128
2a01:c9c0:c00a::/48 maxlen: 128
2a01:c9c0:c00c::/48 maxlen: 128
2a01:c9c0:c00f::/48 maxlen: 128
2a01:c9c0:c010::/48 maxlen: 128
2a01:c9c0:c012::/48 maxlen: 128
2a01:c9c0:c014::/48 maxlen: 128
2a01:c9c0:c016::/48 maxlen: 128
2a01:c9c0:c018::/48 maxlen: 128
2a01:c9c0:c01a::/48 maxlen: 128
2a01:c9c0:c01c::/48 maxlen: 128
2a01:c9c0:c01e::/48 maxlen: 128
2a01:c9c0:c020::/48 maxlen: 128
2a01:c9c0:c022::/48 maxlen: 128
2a01:c9c0:c024::/48 maxlen: 128
2a01:c9c0:c026::/48 maxlen: 128
2a01:c9c0:c040::/48 maxlen: 128
2a01:c9c0:c060::/48 maxlen: 128
2a01:c9c0:c062::/48 maxlen: 128
2a01:c9c0:c080::/48 maxlen: 128
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:47:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f8:cf:dc:96:6f:52:7c:fd:20:dc:05:6f:41:8b:41:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Mar 1 06:59:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=70c9995f945ae51f0514c892173f45ced450c9f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:ed:7e:0f:3e:ac:e5:09:00:3b:50:31:47:35:
41:fa:72:04:b3:5d:63:09:d2:fc:b6:77:ee:6b:a9:
51:69:fb:68:54:47:43:22:7b:aa:5f:ef:ae:9d:fe:
25:9f:1e:70:17:2d:a0:37:f9:6f:0b:e6:b4:1c:a3:
47:d1:d3:3c:3b:f1:70:b1:70:67:d1:6b:40:be:66:
6a:cf:b9:93:98:07:74:a9:83:85:28:59:54:b8:5c:
d0:81:8e:38:c3:57:5f:66:60:71:c9:08:bf:3b:28:
4b:d4:8c:f3:30:8c:32:b1:5a:13:ae:27:d4:32:7d:
d3:7d:6e:0b:17:41:1d:f7:3f:fc:05:2a:2d:0b:c4:
d2:aa:fe:1a:c2:26:37:6d:db:39:76:80:cb:3e:e0:
0f:19:fc:e2:6e:43:2c:da:3f:00:25:ed:08:b2:2d:
24:c0:15:a2:ba:aa:16:c4:18:6a:8c:c3:54:96:71:
95:f5:72:c2:63:1c:63:96:c8:7d:77:ea:68:63:79:
48:b0:e5:20:a1:8b:cc:af:ea:b1:46:12:7a:a3:b9:
5a:da:0e:9e:4b:4d:21:b9:92:85:0b:4d:36:f5:5f:
a7:f4:c0:09:95:bf:c4:71:1f:56:71:80:02:68:8e:
80:c2:a6:36:6c:f5:9b:7a:f7:ab:14:d3:02:ad:9c:
38:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:C9:99:5F:94:5A:E5:1F:05:14:C8:92:17:3F:45:CE:D4:50:C9:F7
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/cMmZX5Ra5R8FFMiSFz9FztRQyfc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.15.228.0-80.15.235.255
80.15.242.0-80.15.255.255
90.84.143.0/24
90.84.148.0/24
90.84.153.0/24
193.249.225.0/24
IPv6:
2a01:c9c0:c000::/48
2a01:c9c0:c002::/48
2a01:c9c0:c004::/48
2a01:c9c0:c006::/48
2a01:c9c0:c008::/48
2a01:c9c0:c00a::/48
2a01:c9c0:c00c::/48
2a01:c9c0:c00f::-2a01:c9c0:c010:ffff:ffff:ffff:ffff:ffff
2a01:c9c0:c012::/48
2a01:c9c0:c014::/48
2a01:c9c0:c016::/48
2a01:c9c0:c018::/48
2a01:c9c0:c01a::/48
2a01:c9c0:c01c::/48
2a01:c9c0:c01e::/48
2a01:c9c0:c020::/48
2a01:c9c0:c022::/48
2a01:c9c0:c024::/48
2a01:c9c0:c026::/48
2a01:c9c0:c040::/48
2a01:c9c0:c060::/48
2a01:c9c0:c062::/48
2a01:c9c0:c080::/48
Signature Algorithm: sha256WithRSAEncryption
4b:bd:ed:29:08:64:87:00:9b:de:29:23:7b:6e:4d:66:13:f3:
29:2d:f2:3e:93:79:fe:a7:5a:21:8f:55:e8:6d:e7:2a:fe:23:
8c:72:b2:81:66:62:b0:d5:27:b1:99:bb:68:dc:eb:1a:32:7b:
04:c7:82:0d:3d:a3:43:4f:e6:3f:03:51:38:cd:06:95:b8:27:
30:23:d1:1f:54:5d:4c:cb:9d:08:e4:e9:b2:36:a0:f9:6c:6b:
13:99:9c:5e:f3:e4:04:f1:97:b8:d2:d9:c8:bb:d8:73:18:92:
f8:d9:a0:45:b3:df:8b:ab:5a:9d:f6:74:19:90:14:d9:eb:49:
4f:0f:84:ed:18:3f:3a:76:09:72:4c:ec:85:db:6e:40:ac:79:
0b:43:4e:0d:44:13:ef:8c:ba:ad:41:47:64:3a:04:9d:94:65:
8e:75:a7:fe:72:49:69:c1:fe:5a:2c:29:31:3a:ba:d0:94:68:
12:9e:bb:fe:8b:15:51:e1:c2:69:22:9e:58:41:f7:74:2c:cd:
be:22:99:75:4a:20:52:2a:e5:15:09:74:92:68:9a:e6:a2:b6:
7e:fe:a3:b0:04:65:0f:e8:d9:9c:5f:14:e3:94:4b:46:58:07:
41:64:15:d1:c3:6e:03:dc:73:08:d4:b7:dc:5e:f0:49:99:45:
e7:cc:44:6f
-----BEGIN CERTIFICATE-----
MIIGFDCCBPygAwIBAgISAY34z9yWb1J8/SDcBW9Bi0GEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjQwMzAxMDY1OTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGM5OTk1Zjk0NWFlNTFmMDUxNGM4OTIxNzNmNDVjZWQ0NTBjOWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAku1+Dz6s5QkAO1AxRzVB+nIEs11j
CdL8tnfua6lRaftoVEdDInuqX++unf4lnx5wFy2gN/lvC+a0HKNH0dM8O/FwsXBn
0WtAvmZqz7mTmAd0qYOFKFlUuFzQgY44w1dfZmBxyQi/OyhL1IzzMIwysVoTrifU
Mn3TfW4LF0Ed9z/8BSotC8TSqv4awiY3bds5doDLPuAPGfzibkMs2j8AJe0Isi0k
wBWiuqoWxBhqjMNUlnGV9XLCYxxjlsh9d+poY3lIsOUgoYvMr+qxRhJ6o7la2g6e
S00huZKFC0029V+n9MAJlb/EcR9WcYACaI6AwqY2bPWbeverFNMCrZw4NwIDAQAB
o4IDIDCCAxwwHQYDVR0OBBYEFHDJmV+UWuUfBRTIkhc/Rc7UUMn3MB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvY01tWlg1UmE1UjhGRk1pU0Z6OUZ6dFJReWZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBNAYIKwYBBQUHAQcBAf8EggEjMIIBHzA5BAIAATAzMAwD
BAJQD+QDBAJQD+gwCwMEAVAP8gMDBFAAAwQAWlSPAwQAWlSUAwQAWlSZAwQAwfnh
MIHhBAIAAjCB2gMHACoBycDAAAMHACoBycDAAgMHACoBycDABAMHACoBycDABgMH
ACoBycDACAMHACoBycDACgMHACoBycDADDASAwcAKgHJwMAPAwcAKgHJwMAQAwcA
KgHJwMASAwcAKgHJwMAUAwcAKgHJwMAWAwcAKgHJwMAYAwcAKgHJwMAaAwcAKgHJ
wMAcAwcAKgHJwMAeAwcAKgHJwMAgAwcAKgHJwMAiAwcAKgHJwMAkAwcAKgHJwMAm
AwcAKgHJwMBAAwcAKgHJwMBgAwcAKgHJwMBiAwcAKgHJwMCAMA0GCSqGSIb3DQEB
CwUAA4IBAQBLve0pCGSHAJveKSN7bk1mE/MpLfI+k3n+p1ohj1Xobecq/iOMcrKB
ZmKw1Sexmbto3OsaMnsEx4INPaNDT+Y/A1E4zQaVuCcwI9EfVF1My50I5OmyNqD5
bGsTmZxe8+QE8Ze40tnIu9hzGJL42aBFs9+Lq1qd9nQZkBTZ60lPD4TtGD86dgly
TOyF225ArHkLQ04NRBPvjLqtQUdkOgSdlGWOdaf+cklpwf5aLCkxOrrQlGgSnrv+
ixVR4cJpIp5YQfd0LM2+Ipl1SiBSKuUVCXSSaJrmorZ+/qOwBGUP6NmcXxTjlEtG
WAdBZBXRw24D3HMI1LfcXvBJmUXnzERv
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:08:52 2025 by rpki-client