Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/ec0981-d682-4f7b-b210-5c2d265705e0/1/TefcPc1n23Pt79m9zWLDng8_Fbw.roa
File: TefcPc1n23Pt79m9zWLDng8_Fbw.roa (raw, json)
Hash identifier: BtZgQ+rmgXVLyoeiWuOclY8kxQ5/BhtwIROa7t4CSxM=
Subject key identifier: 4D:E7:DC:3D:CD:67:DB:73:ED:EF:D9:BD:CD:62:C3:9E:0F:3F:15:BC
Certificate issuer: /CN=882fa01902f4e8c347f2116e4645da1a6b4e0962
Certificate serial: 019036FE4EE0F0E243B00782462C22768B67
Authority key identifier: 88:2F:A0:19:02:F4:E8:C3:47:F2:11:6E:46:45:DA:1A:6B:4E:09:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iC-gGQL06MNH8hFuRkXaGmtOCWI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/ec0981-d682-4f7b-b210-5c2d265705e0/1/TefcPc1n23Pt79m9zWLDng8_Fbw.roa
Signing time: Thu 20 Jun 2024 18:52:34 +0000
ROA not before: Thu 20 Jun 2024 18:52:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206011
IP address blocks: 80.244.40.0/21 maxlen: 23
80.244.40.0/22 maxlen: 23
80.244.44.0/22 maxlen: 23
80.244.47.0/24 maxlen: 24
185.199.8.0/24 maxlen: 24
185.199.9.0/24 maxlen: 24
185.199.10.0/24 maxlen: 24
2a0a:9740::/32 maxlen: 32
2a0a:9740:d000::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:48:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:36:fe:4e:e0:f0:e2:43:b0:07:82:46:2c:22:76:8b:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=882fa01902f4e8c347f2116e4645da1a6b4e0962
Validity
Not Before: Jun 20 18:52:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4de7dc3dcd67db73edefd9bdcd62c39e0f3f15bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:1b:e4:46:5d:a2:9b:ab:47:d2:f2:66:f9:ee:
99:78:7a:ab:14:14:99:34:64:cd:e9:15:e8:ee:46:
7d:f4:b7:1b:02:48:24:dc:a8:e2:c8:29:9f:3e:98:
8f:93:e3:ef:15:33:75:90:37:19:9f:ea:5e:b5:2a:
4e:aa:5f:08:28:e7:21:48:c7:b5:65:8c:0a:10:88:
85:15:36:9c:ac:5d:70:b2:bd:23:70:7f:bb:ed:91:
ca:34:6c:2c:b3:11:29:60:ef:9e:1f:3d:5a:74:00:
12:1a:c3:41:a2:c6:3d:ad:4e:88:79:bf:03:33:45:
23:09:09:65:82:f6:ad:61:83:8b:bd:05:b9:6f:8a:
db:53:b7:64:a4:50:74:45:68:27:47:13:b1:b3:97:
20:fa:6a:de:e1:62:4d:39:fb:ea:a2:49:98:6b:f5:
8e:5a:63:b3:bd:78:c7:0c:c3:a4:e3:e7:ea:8f:d0:
0b:42:56:2c:4d:0f:06:a4:66:28:02:ed:a6:d8:a2:
15:6e:70:26:22:9b:15:1c:61:a7:4d:50:6f:07:4d:
27:23:cc:3e:75:24:ca:22:9c:cb:60:a7:98:aa:01:
06:e1:e8:54:6f:e7:78:ea:f6:bb:36:cf:88:0d:a8:
d6:e4:7a:3f:00:a4:5c:02:67:fe:e3:11:18:43:e5:
0f:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:E7:DC:3D:CD:67:DB:73:ED:EF:D9:BD:CD:62:C3:9E:0F:3F:15:BC
X509v3 Authority Key Identifier:
keyid:88:2F:A0:19:02:F4:E8:C3:47:F2:11:6E:46:45:DA:1A:6B:4E:09:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iC-gGQL06MNH8hFuRkXaGmtOCWI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/ec0981-d682-4f7b-b210-5c2d265705e0/1/TefcPc1n23Pt79m9zWLDng8_Fbw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/ec0981-d682-4f7b-b210-5c2d265705e0/1/iC-gGQL06MNH8hFuRkXaGmtOCWI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.244.40.0/21
185.199.8.0-185.199.10.255
IPv6:
2a0a:9740::/32
Signature Algorithm: sha256WithRSAEncryption
60:63:9b:e3:38:f0:60:3d:e2:cd:a5:11:f0:1a:43:1b:e6:8a:
b6:0e:dd:c3:9b:45:8b:9c:74:0c:ef:fd:bd:78:f0:85:8c:0a:
c4:59:df:dc:bf:50:d9:80:5b:27:86:14:35:df:67:9a:6e:1b:
7c:b4:f0:0f:86:08:76:78:a1:56:da:9a:47:9e:57:8c:c7:d5:
e0:58:5c:e6:7b:4e:e7:87:34:cc:96:df:9e:76:99:bf:bb:9f:
c1:4b:0c:b4:d2:4b:8b:ac:32:76:68:9d:b9:5f:37:ca:04:1c:
1b:da:19:3f:6f:9e:97:c7:d5:f9:ee:2d:d2:4d:b6:07:3f:29:
45:47:83:d8:19:c5:db:00:73:8c:57:a0:3c:b7:d9:7b:fe:d3:
a9:8d:2c:2c:02:99:5b:de:dd:7f:b9:64:15:b5:41:e1:1d:1e:
47:c1:17:87:97:2f:f8:54:3e:04:1d:1d:7e:c1:4e:da:35:38:
81:75:a9:0b:47:ab:c8:b1:f7:ad:a3:f3:68:43:c6:37:6f:a7:
5f:7b:00:0f:ab:21:56:31:38:4b:2e:e2:bd:a1:96:33:7b:a2:
56:fd:85:81:df:b3:2b:c2:3d:da:57:f6:bc:0b:cf:d6:74:ae:
85:7e:eb:00:79:7e:bf:5f:fa:e7:ee:64:b6:bf:20:93:80:b2:
6d:69:c7:e1
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZA2/k7g8OJDsAeCRiwidotnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MmZhMDE5MDJmNGU4YzM0N2YyMTE2ZTQ2NDVkYTFhNmI0
ZTA5NjIwHhcNMjQwNjIwMTg1MjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGU3ZGMzZGNkNjdkYjczZWRlZmQ5YmRjZDYyYzM5ZTBmM2YxNWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApxvkRl2im6tH0vJm+e6ZeHqrFBSZ
NGTN6RXo7kZ99LcbAkgk3KjiyCmfPpiPk+PvFTN1kDcZn+petSpOql8IKOchSMe1
ZYwKEIiFFTacrF1wsr0jcH+77ZHKNGwssxEpYO+eHz1adAASGsNBosY9rU6Ieb8D
M0UjCQllgvatYYOLvQW5b4rbU7dkpFB0RWgnRxOxs5cg+mre4WJNOfvqokmYa/WO
WmOzvXjHDMOk4+fqj9ALQlYsTQ8GpGYoAu2m2KIVbnAmIpsVHGGnTVBvB00nI8w+
dSTKIpzLYKeYqgEG4ehUb+d46va7Ns+IDajW5Ho/AKRcAmf+4xEYQ+UPRwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFE3n3D3NZ9tz7e/Zvc1iw54PPxW8MB8GA1UdIwQY
MBaAFIgvoBkC9OjDR/IRbkZF2hprTgliMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUMtZ0dRTDA2TU5IOGhGdVJrWGFHbXRPQ1dJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9lYzA5ODEtZDY4Mi00ZjdiLWIyMTAt
NWMyZDI2NTcwNWUwLzEvVGVmY1BjMW4yM1B0NzltOXpXTERuZzhfRmJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9lYzA5ODEtZDY4Mi00ZjdiLWIyMTAtNWMyZDI2NTcwNWUw
LzEvaUMtZ0dRTDA2TU5IOGhGdVJrWGFHbXRPQ1dJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQDUPQoMAwD
BAO5xwgDBAC5xwowDQQCAAIwBwMFACoKl0AwDQYJKoZIhvcNAQELBQADggEBAGBj
m+M48GA94s2lEfAaQxvmirYO3cObRYucdAzv/b148IWMCsRZ39y/UNmAWyeGFDXf
Z5puG3y08A+GCHZ4oVbamkeeV4zH1eBYXOZ7TueHNMyW3552mb+7n8FLDLTSS4us
MnZonblfN8oEHBvaGT9vnpfH1fnuLdJNtgc/KUVHg9gZxdsAc4xXoDy32Xv+06mN
LCwCmVve3X+5ZBW1QeEdHkfBF4eXL/hUPgQdHX7BTto1OIF1qQtHq8ix962j82hD
xjdvp197AA+rIVYxOEsu4r2hljN7olb9hYHfsyvCPdpX9rwLz9Z0roV+6wB5fr9f
+ufuZLa/IJOAsm1px+E=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:28:36 2025 by rpki-client