Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/e7a2f1-2e10-4ebe-91b3-0cef512f5009/1/z8wDKKgvvG6b9CYQpbMakvy_ZBQ.roa
File: z8wDKKgvvG6b9CYQpbMakvy_ZBQ.roa (raw, json)
Hash identifier: Z/sICPidGnEqnuieyuLQfV78LHWSJJEXmPb/4VS58qk=
Subject key identifier: CF:CC:03:28:A8:2F:BC:6E:9B:F4:26:10:A5:B3:1A:92:FC:BF:64:14
Certificate issuer: /CN=8ec4a67dbed7444ddd27e800fb6c21013a5b11c6
Certificate serial: 018BF174BD271CDBAB533778D8045AE5E18E
Authority key identifier: 8E:C4:A6:7D:BE:D7:44:4D:DD:27:E8:00:FB:6C:21:01:3A:5B:11:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jsSmfb7XRE3dJ-gA-2whATpbEcY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/e7a2f1-2e10-4ebe-91b3-0cef512f5009/1/z8wDKKgvvG6b9CYQpbMakvy_ZBQ.roa
Signing time: Tue 21 Nov 2023 10:37:21 +0000
ROA not before: Tue 21 Nov 2023 10:37:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30742
IP address blocks: 185.115.80.0/22 maxlen: 24
176.118.180.0/22 maxlen: 24
82.198.192.0/19 maxlen: 24
185.48.224.0/22 maxlen: 24
80.245.132.0/22 maxlen: 24
80.245.136.0/21 maxlen: 24
185.43.24.0/22 maxlen: 24
2a03:9980::/29 maxlen: 32
2a01:9b60::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f1:74:bd:27:1c:db:ab:53:37:78:d8:04:5a:e5:e1:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ec4a67dbed7444ddd27e800fb6c21013a5b11c6
Validity
Not Before: Nov 21 10:37:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cfcc0328a82fbc6e9bf42610a5b31a92fcbf6414
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:95:fa:24:29:9c:90:39:50:38:ef:0a:8b:f8:
5a:a7:28:68:6f:13:70:3a:ff:99:77:58:d3:ff:95:
2f:b2:ad:a2:27:65:9a:22:6c:7b:db:23:b4:0e:5b:
95:93:5f:93:da:56:c9:87:49:e3:2c:60:29:e7:e1:
79:f2:9d:6b:f4:24:4b:30:92:7a:37:22:41:e7:7d:
56:a7:ae:b6:3e:24:81:39:7a:2f:29:96:20:19:e1:
43:42:c1:06:09:0a:7d:dd:d2:d8:c6:ba:98:84:c0:
8d:99:97:c9:c5:25:1c:19:fd:72:f6:88:37:3a:a4:
8b:2d:14:2a:61:09:a6:82:c9:5a:a6:1a:bf:b1:41:
96:89:e9:cb:05:70:d0:76:89:f6:c4:ea:83:44:b2:
bf:2d:82:f3:5b:7e:e0:47:f7:c5:7e:ed:19:54:18:
dd:24:3c:9b:b4:ba:b9:5e:37:60:e7:4b:1f:e3:af:
06:fb:71:73:f9:eb:08:bb:91:8e:b3:38:57:9c:e2:
c7:4e:ae:2b:f3:41:87:fc:9f:1c:37:08:01:3e:38:
92:e7:61:ca:9c:4d:9e:80:1d:1f:db:f6:25:61:23:
f0:f3:45:a4:ee:aa:85:18:b6:dc:f0:3e:63:a4:81:
19:8d:d2:88:41:bf:e4:eb:4a:83:00:a0:5f:d9:ba:
f1:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:CC:03:28:A8:2F:BC:6E:9B:F4:26:10:A5:B3:1A:92:FC:BF:64:14
X509v3 Authority Key Identifier:
keyid:8E:C4:A6:7D:BE:D7:44:4D:DD:27:E8:00:FB:6C:21:01:3A:5B:11:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jsSmfb7XRE3dJ-gA-2whATpbEcY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/e7a2f1-2e10-4ebe-91b3-0cef512f5009/1/z8wDKKgvvG6b9CYQpbMakvy_ZBQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/e7a2f1-2e10-4ebe-91b3-0cef512f5009/1/jsSmfb7XRE3dJ-gA-2whATpbEcY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.245.132.0-80.245.143.255
82.198.192.0/19
176.118.180.0/22
185.43.24.0/22
185.48.224.0/22
185.115.80.0/22
IPv6:
2a01:9b60::/32
2a03:9980::/29
Signature Algorithm: sha256WithRSAEncryption
14:5b:40:91:d8:42:75:c2:a6:93:d8:de:c9:d2:2a:87:87:ba:
9f:75:86:8c:79:98:f6:e5:b7:40:99:18:ab:30:77:e9:35:c8:
e8:8c:5b:69:c3:61:bd:ae:cd:b0:6f:d7:e8:69:de:a4:03:f2:
03:2f:68:7f:6a:6c:26:a2:b5:98:b7:d9:a2:5a:98:2a:c3:cd:
df:f2:96:52:4b:1d:d0:dc:7f:e9:f1:c9:4c:e5:6c:b6:62:26:
8e:ec:47:f1:db:ab:a3:59:a7:a0:0b:a2:94:d0:dd:e5:aa:bb:
c4:43:a9:2c:5d:4b:10:dc:35:62:74:2a:5f:31:0e:95:97:a0:
43:9d:4f:db:f4:4c:7d:48:6c:81:2d:8e:a4:35:94:7e:f5:a9:
f1:96:d4:a4:f6:7a:4f:fd:5e:40:0f:56:41:bf:a9:1f:e0:67:
41:5c:c5:09:b5:d3:01:77:a6:33:53:e0:d9:34:f9:1b:a2:cd:
4f:d4:0c:af:7b:15:86:2d:8e:15:1e:c8:03:26:b0:55:2d:bc:
17:5c:0e:c7:df:41:e5:14:7f:96:de:34:2c:7e:b9:81:7b:f6:
eb:55:35:5b:c8:fe:a1:24:5e:9d:37:0f:21:5c:67:1e:b4:35:
a0:62:95:07:d2:39:73:fb:e1:53:d4:95:e3:6d:d4:9b:b8:02:
3e:6e:8b:10
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYvxdL0nHNurUzd42ARa5eGOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlYzRhNjdkYmVkNzQ0NGRkZDI3ZTgwMGZiNmMyMTAxM2E1
YjExYzYwHhcNMjMxMTIxMTAzNzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmNjMDMyOGE4MmZiYzZlOWJmNDI2MTBhNWIzMWE5MmZjYmY2NDE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxpX6JCmckDlQOO8Ki/hapyhobxNw
Ov+Zd1jT/5Uvsq2iJ2WaImx72yO0DluVk1+T2lbJh0njLGAp5+F58p1r9CRLMJJ6
NyJB531Wp662PiSBOXovKZYgGeFDQsEGCQp93dLYxrqYhMCNmZfJxSUcGf1y9og3
OqSLLRQqYQmmgslaphq/sUGWienLBXDQdon2xOqDRLK/LYLzW37gR/fFfu0ZVBjd
JDybtLq5Xjdg50sf468G+3Fz+esIu5GOszhXnOLHTq4r80GH/J8cNwgBPjiS52HK
nE2egB0f2/YlYSPw80Wk7qqFGLbc8D5jpIEZjdKIQb/k60qDAKBf2brxowIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFM/MAyioL7xum/QmEKWzGpL8v2QUMB8GA1UdIwQY
MBaAFI7Epn2+10RN3SfoAPtsIQE6WxHGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanNTbWZiN1hSRTNkSi1nQS0yd2hBVHBiRWNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9lN2EyZjEtMmUxMC00ZWJlLTkxYjMt
MGNlZjUxMmY1MDA5LzEvejh3REtLZ3Z2RzZiOUNZUXBiTWFrdnlfWkJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9lN2EyZjEtMmUxMC00ZWJlLTkxYjMtMGNlZjUxMmY1MDA5
LzEvanNTbWZiN1hSRTNkSi1nQS0yd2hBVHBiRWNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjAyBAIAATAsMAwDBAJQ9YQD
BARQ9YADBAVSxsADBAKwdrQDBAK5KxgDBAK5MOADBAK5c1AwFAQCAAIwDgMFACoB
m2ADBQMqA5mAMA0GCSqGSIb3DQEBCwUAA4IBAQAUW0CR2EJ1wqaT2N7J0iqHh7qf
dYaMeZj25bdAmRirMHfpNcjojFtpw2G9rs2wb9foad6kA/IDL2h/amwmorWYt9mi
Wpgqw83f8pZSSx3Q3H/p8clM5Wy2YiaO7Efx26ujWaegC6KU0N3lqrvEQ6ksXUsQ
3DVidCpfMQ6Vl6BDnU/b9Ex9SGyBLY6kNZR+9anxltSk9npP/V5AD1ZBv6kf4GdB
XMUJtdMBd6YzU+DZNPkbos1P1AyvexWGLY4VHsgDJrBVLbwXXA7H30HlFH+W3jQs
frmBe/brVTVbyP6hJF6dNw8hXGcetDWgYpUH0jlz++FT1JXjbdSbuAI+bosQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:41 2024 by rpki-client on console-fra.rpki-client.org