Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/5b36ce-d8dd-4561-8ebf-53e9ef6073c5/1/LiE1sNdDdBMTD9P4qsrFhaKenzA.roa
File: LiE1sNdDdBMTD9P4qsrFhaKenzA.roa (raw, json)
Hash identifier: rvW+SfM2tdLg4NK6tBHJRIEZCTI/S5XGXExl0Mh5f9Y=
Subject key identifier: 2E:21:35:B0:D7:43:74:13:13:0F:D3:F8:AA:CA:C5:85:A2:9E:9F:30
Certificate issuer: /CN=97310ada6a1bbd7aa68e140223bf9c625a33be41
Certificate serial: 018ACF3ED95DE234F61A5ECA1B8A102A3C35
Authority key identifier: 97:31:0A:DA:6A:1B:BD:7A:A6:8E:14:02:23:BF:9C:62:5A:33:BE:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lzEK2mobvXqmjhQCI7-cYlozvkE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/5b36ce-d8dd-4561-8ebf-53e9ef6073c5/1/LiE1sNdDdBMTD9P4qsrFhaKenzA.roa
Signing time: Tue 26 Sep 2023 02:08:37 +0000
ROA not before: Tue 26 Sep 2023 02:08:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21105
IP address blocks: 80.89.9.0/24 maxlen: 24
80.89.11.0/24 maxlen: 24
80.89.8.0/22 maxlen: 22
80.89.8.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 12 Oct 2023 13:25:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:cf:3e:d9:5d:e2:34:f6:1a:5e:ca:1b:8a:10:2a:3c:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97310ada6a1bbd7aa68e140223bf9c625a33be41
Validity
Not Before: Sep 26 02:08:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2e2135b0d7437413130fd3f8aacac585a29e9f30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:e6:7b:69:a6:9d:c9:d2:02:93:af:aa:71:2d:
b0:4e:ef:b9:f0:f9:38:b4:4d:91:17:95:72:0f:c2:
5d:c3:4e:49:18:ac:aa:53:b5:19:a0:a7:10:89:d7:
72:b9:98:96:f0:c4:17:e6:88:2e:20:cd:84:4c:c7:
9a:a1:37:e6:33:ff:e0:dc:81:51:6a:37:ce:cb:f4:
96:28:cf:e9:1e:51:ab:e8:44:d0:ee:87:dc:f3:39:
20:d1:98:03:b5:be:03:bf:4c:ef:ce:0e:04:93:69:
74:73:4b:03:28:cc:6a:2e:1b:ee:8c:a4:1d:c9:e7:
9c:fe:3f:c8:fd:8a:87:2a:8b:b6:4e:91:0e:cf:23:
9d:8c:d5:f2:55:d1:a6:63:6a:a6:51:a7:22:d9:bf:
3f:a7:06:c0:8f:2f:6c:f1:76:e1:b9:e4:71:51:cd:
53:b6:6e:39:82:24:da:6e:09:73:72:88:7e:d4:fb:
34:92:83:10:7e:9b:e2:9f:2b:ed:7e:88:ce:59:a4:
d0:e9:b6:51:dc:c4:6b:d3:70:8c:d4:50:07:38:e7:
6d:d4:75:4b:04:c1:b2:67:d9:53:86:b9:93:b8:62:
28:d2:2b:3c:98:69:9a:2a:48:ae:97:76:52:f0:5f:
9d:9e:07:f3:00:12:b1:4a:2e:59:cd:46:9a:de:83:
c5:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:21:35:B0:D7:43:74:13:13:0F:D3:F8:AA:CA:C5:85:A2:9E:9F:30
X509v3 Authority Key Identifier:
keyid:97:31:0A:DA:6A:1B:BD:7A:A6:8E:14:02:23:BF:9C:62:5A:33:BE:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lzEK2mobvXqmjhQCI7-cYlozvkE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/5b36ce-d8dd-4561-8ebf-53e9ef6073c5/1/LiE1sNdDdBMTD9P4qsrFhaKenzA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/5b36ce-d8dd-4561-8ebf-53e9ef6073c5/1/lzEK2mobvXqmjhQCI7-cYlozvkE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.89.8.0/22
Signature Algorithm: sha256WithRSAEncryption
93:60:24:cd:c1:5b:a3:9f:7f:6d:db:6e:16:ab:68:8c:50:c1:
3e:02:43:82:6e:03:e9:54:94:36:25:fb:83:b8:12:c8:9c:ff:
ff:9f:ff:32:5b:64:eb:77:5b:77:ba:d5:99:f7:a9:64:df:70:
a8:c4:50:48:47:f3:c1:d3:1f:8a:2c:80:d3:e1:da:83:56:fc:
d4:f5:59:be:48:ee:c3:3a:ef:9d:f0:57:0f:d9:08:09:52:9a:
0e:7a:e4:13:cb:f4:c5:0e:82:12:e5:69:eb:a9:9b:e6:d0:b6:
e3:b2:6b:bc:69:ff:56:4a:4a:ae:01:61:35:0c:7e:dc:27:be:
7b:fe:c8:50:05:b9:0f:68:93:54:61:ec:db:1f:94:70:7d:52:
c5:59:00:d8:1a:84:9c:4c:0f:bf:cf:75:d4:8d:c0:65:f0:37:
4f:9c:06:3b:2d:ee:07:53:49:a8:46:36:68:9a:be:ee:56:d4:
11:8f:7c:2e:83:8a:21:70:d7:e1:a8:5a:b8:b7:d3:a3:aa:1c:
97:4c:72:d3:9c:72:0a:75:29:ed:2e:3b:0b:4a:04:ff:0c:1e:
40:0e:6b:fb:9c:09:5e:f8:70:24:b7:78:e2:de:b4:5f:6a:69:
1c:dd:3a:1b:38:20:36:13:24:3d:e3:4d:0c:98:e0:b5:31:71:
77:f7:19:93
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYrPPtld4jT2Gl7KG4oQKjw1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3MzEwYWRhNmExYmJkN2FhNjhlMTQwMjIzYmY5YzYyNWEz
M2JlNDEwHhcNMjMwOTI2MDIwODM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTIxMzViMGQ3NDM3NDEzMTMwZmQzZjhhYWNhYzU4NWEyOWU5ZjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxeZ7aaadydICk6+qcS2wTu+58Pk4
tE2RF5VyD8Jdw05JGKyqU7UZoKcQiddyuZiW8MQX5oguIM2ETMeaoTfmM//g3IFR
ajfOy/SWKM/pHlGr6ETQ7ofc8zkg0ZgDtb4Dv0zvzg4Ek2l0c0sDKMxqLhvujKQd
yeec/j/I/YqHKou2TpEOzyOdjNXyVdGmY2qmUaci2b8/pwbAjy9s8XbhueRxUc1T
tm45giTabglzcoh+1Ps0koMQfpvinyvtfojOWaTQ6bZR3MRr03CM1FAHOOdt1HVL
BMGyZ9lThrmTuGIo0is8mGmaKkiul3ZS8F+dngfzABKxSi5ZzUaa3oPFSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC4hNbDXQ3QTEw/T+KrKxYWinp8wMB8GA1UdIwQY
MBaAFJcxCtpqG716po4UAiO/nGJaM75BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHpFSzJtb2J2WHFtamhRQ0k3LWNZbG96dmtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS81YjM2Y2UtZDhkZC00NTYxLThlYmYt
NTNlOWVmNjA3M2M1LzEvTGlFMXNOZERkQk1URDlQNHFzckZoYUtlbnpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS81YjM2Y2UtZDhkZC00NTYxLThlYmYtNTNlOWVmNjA3M2M1
LzEvbHpFSzJtb2J2WHFtamhRQ0k3LWNZbG96dmtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCUFkIMA0G
CSqGSIb3DQEBCwUAA4IBAQCTYCTNwVujn39t224Wq2iMUME+AkOCbgPpVJQ2JfuD
uBLInP//n/8yW2Trd1t3utWZ96lk33CoxFBIR/PB0x+KLIDT4dqDVvzU9Vm+SO7D
Ou+d8FcP2QgJUpoOeuQTy/TFDoIS5WnrqZvm0Lbjsmu8af9WSkquAWE1DH7cJ757
/shQBbkPaJNUYezbH5RwfVLFWQDYGoScTA+/z3XUjcBl8DdPnAY7Le4HU0moRjZo
mr7uVtQRj3wug4ohcNfhqFq4t9OjqhyXTHLTnHIKdSntLjsLSgT/DB5ADmv7nAle
+HAkt3ji3rRfamkc3TobOCA2EyQ9400MmOC1MXF39xmT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:45 2024 by rpki-client on console-fra.rpki-client.org