Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/f1af29-7f09-4f9c-acd6-694d78b32d20/1/lL04h7Y1PIguSN65j2bWDYPEg8Q.roa
File: lL04h7Y1PIguSN65j2bWDYPEg8Q.roa (raw, json)
Hash identifier: +MsDXuifa/qJabTVQEs7XlmSHaI2QVdv96liZaMgjn8=
Subject key identifier: 94:BD:38:87:B6:35:3C:88:2E:48:DE:B9:8F:66:D6:0D:83:C4:83:C4
Certificate issuer: /CN=b1f713cf20552d6c5c23f09e7b37669846f9ca50
Certificate serial: 018EF0DD754901306B4E39958EFB148FD334
Authority key identifier: B1:F7:13:CF:20:55:2D:6C:5C:23:F0:9E:7B:37:66:98:46:F9:CA:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sfcTzyBVLWxcI_CeezdmmEb5ylA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/f1af29-7f09-4f9c-acd6-694d78b32d20/1/lL04h7Y1PIguSN65j2bWDYPEg8Q.roa
Signing time: Thu 18 Apr 2024 11:00:29 +0000
ROA not before: Thu 18 Apr 2024 11:00:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50857
IP address blocks: 80.91.144.0/20 maxlen: 24
217.64.240.0/20 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:f0:dd:75:49:01:30:6b:4e:39:95:8e:fb:14:8f:d3:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1f713cf20552d6c5c23f09e7b37669846f9ca50
Validity
Not Before: Apr 18 11:00:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=94bd3887b6353c882e48deb98f66d60d83c483c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:55:b8:70:dd:45:70:3d:7e:a7:e2:9a:6c:62:
21:4b:78:08:e2:d7:6f:ab:83:b6:30:41:3d:05:b6:
c1:08:b2:be:8d:38:82:1e:7b:1d:65:97:31:30:63:
16:ea:99:09:55:14:f5:ba:0d:7a:dc:7a:fd:9e:49:
31:6e:5d:9e:bf:9a:a6:d3:4e:07:0a:db:21:8f:76:
6a:fe:ee:47:91:b3:e3:96:50:eb:cd:78:f9:a9:22:
31:25:1a:c8:72:47:32:e2:7a:0c:34:3b:5b:34:a8:
d8:e2:64:9b:56:be:8a:57:67:6e:b3:cf:55:e3:fc:
37:3e:d4:9a:b9:3d:30:45:44:88:5a:df:f2:00:8a:
86:ef:9a:aa:88:8a:02:55:c8:51:fb:e3:83:e9:57:
c0:32:f0:24:91:c0:78:b6:b5:ea:81:bd:4c:2f:6f:
2e:80:c2:90:5d:e5:8c:81:79:f9:46:1a:89:b7:48:
b3:5b:3b:14:26:8d:e8:aa:70:d6:f4:b5:6e:f6:c5:
a2:34:06:0e:3e:08:ce:d1:3f:91:5a:f3:08:fe:6a:
f1:fd:97:b5:f3:89:1f:ba:b4:64:ad:5d:46:27:69:
3a:83:84:ce:82:90:3d:30:0b:8d:22:33:13:d6:a5:
a4:7f:46:2a:62:5f:0f:8f:64:f5:d2:9c:ff:94:db:
f7:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:BD:38:87:B6:35:3C:88:2E:48:DE:B9:8F:66:D6:0D:83:C4:83:C4
X509v3 Authority Key Identifier:
keyid:B1:F7:13:CF:20:55:2D:6C:5C:23:F0:9E:7B:37:66:98:46:F9:CA:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sfcTzyBVLWxcI_CeezdmmEb5ylA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/f1af29-7f09-4f9c-acd6-694d78b32d20/1/lL04h7Y1PIguSN65j2bWDYPEg8Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/f1af29-7f09-4f9c-acd6-694d78b32d20/1/sfcTzyBVLWxcI_CeezdmmEb5ylA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.91.144.0/20
217.64.240.0/20
Signature Algorithm: sha256WithRSAEncryption
a9:fa:c0:8e:ed:16:7e:61:f8:ff:fa:42:aa:cd:e8:f1:15:d8:
67:4d:7d:41:f2:9c:81:53:c5:ee:b3:3f:82:1d:ac:e9:8b:c7:
96:59:0a:52:1e:83:81:30:70:30:92:99:5b:77:c3:91:75:ba:
29:ef:ef:92:7c:d8:d2:6b:68:bb:6f:c4:71:74:0d:54:2e:c8:
06:c3:68:f3:43:37:02:8a:3a:09:fa:3c:bd:46:5d:5f:a2:da:
da:f4:b3:b6:d9:43:b1:15:2c:cf:37:c9:ee:0a:a5:10:ae:6f:
e9:78:d9:17:7f:ac:fa:58:07:28:ea:c6:f3:ce:42:18:ee:fd:
9a:71:66:d2:20:34:4e:1a:bc:69:23:f3:d2:7c:2e:72:74:42:
62:65:f2:4d:83:fa:79:d4:45:fe:95:24:9e:5a:e8:7b:b2:34:
0f:70:14:eb:be:fb:4e:d6:a1:f2:fa:ed:33:00:72:c4:d1:21:
a0:29:5a:c2:b7:ae:5a:2a:03:78:b6:94:88:b2:c6:e7:0e:c8:
01:90:b1:b0:f0:e5:35:01:53:62:5e:cf:00:ff:5f:29:1d:b4:
09:46:7b:18:3a:c8:c0:7c:1b:01:9b:53:84:ae:8f:e7:59:7e:
5d:b9:18:d2:a0:e0:cb:d2:50:f5:89:6f:6b:3a:97:ae:3b:c9:
4c:30:7c:2e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY7w3XVJATBrTjmVjvsUj9M0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxZjcxM2NmMjA1NTJkNmM1YzIzZjA5ZTdiMzc2Njk4NDZm
OWNhNTAwHhcNMjQwNDE4MTEwMDI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGJkMzg4N2I2MzUzYzg4MmU0OGRlYjk4ZjY2ZDYwZDgzYzQ4M2M0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh1W4cN1FcD1+p+KabGIhS3gI4tdv
q4O2MEE9BbbBCLK+jTiCHnsdZZcxMGMW6pkJVRT1ug163Hr9nkkxbl2ev5qm004H
Ctshj3Zq/u5HkbPjllDrzXj5qSIxJRrIckcy4noMNDtbNKjY4mSbVr6KV2dus89V
4/w3PtSauT0wRUSIWt/yAIqG75qqiIoCVchR++OD6VfAMvAkkcB4trXqgb1ML28u
gMKQXeWMgXn5RhqJt0izWzsUJo3oqnDW9LVu9sWiNAYOPgjO0T+RWvMI/mrx/Ze1
84kfurRkrV1GJ2k6g4TOgpA9MAuNIjMT1qWkf0YqYl8Pj2T10pz/lNv3nQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJS9OIe2NTyILkjeuY9m1g2DxIPEMB8GA1UdIwQY
MBaAFLH3E88gVS1sXCPwnns3ZphG+cpQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2ZjVHp5QlZMV3hjSV9DZWV6ZG1tRWI1eWxBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy9mMWFmMjktN2YwOS00ZjljLWFjZDYt
Njk0ZDc4YjMyZDIwLzEvbEwwNGg3WTFQSWd1U042NWoyYldEWVBFZzhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy9mMWFmMjktN2YwOS00ZjljLWFjZDYtNjk0ZDc4YjMyZDIw
LzEvc2ZjVHp5QlZMV3hjSV9DZWV6ZG1tRWI1eWxBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEUFuQAwQE
2UDwMA0GCSqGSIb3DQEBCwUAA4IBAQCp+sCO7RZ+Yfj/+kKqzejxFdhnTX1B8pyB
U8Xusz+CHazpi8eWWQpSHoOBMHAwkplbd8ORdbop7++SfNjSa2i7b8RxdA1ULsgG
w2jzQzcCijoJ+jy9Rl1fotra9LO22UOxFSzPN8nuCqUQrm/peNkXf6z6WAco6sbz
zkIY7v2acWbSIDROGrxpI/PSfC5ydEJiZfJNg/p51EX+lSSeWuh7sjQPcBTrvvtO
1qHy+u0zAHLE0SGgKVrCt65aKgN4tpSIssbnDsgBkLGw8OU1AVNiXs8A/18pHbQJ
RnsYOsjAfBsBm1OEro/nWX5duRjSoODL0lD1iW9rOpeuO8lMMHwu
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:22 2025 by rpki-client