Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/4faaff-384f-402e-8b8c-45f77dfa2636/1/5tAxlYwvQcUdibsHl_6f1yGmlD4.roa
File: 5tAxlYwvQcUdibsHl_6f1yGmlD4.roa (raw, json)
Hash identifier: xJ6Lm1P3+HdqUXPiJjpwRBkPlqFoRLxPpQzLvVABrIM=
Subject key identifier: E6:D0:31:95:8C:2F:41:C5:1D:89:BB:07:97:FE:9F:D7:21:A6:94:3E
Certificate issuer: /CN=bbf3a257f99528c3a924d269d1af438185c2006d
Certificate serial: 0193B007D150729CBCD88303EFA5E2BC9F65
Authority key identifier: BB:F3:A2:57:F9:95:28:C3:A9:24:D2:69:D1:AF:43:81:85:C2:00:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u_OiV_mVKMOpJNJp0a9DgYXCAG0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/4faaff-384f-402e-8b8c-45f77dfa2636/1/5tAxlYwvQcUdibsHl_6f1yGmlD4.roa
Signing time: Tue 10 Dec 2024 10:05:22 +0000
ROA not before: Tue 10 Dec 2024 10:05:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16178
IP address blocks: 80.87.254.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:49:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:b0:07:d1:50:72:9c:bc:d8:83:03:ef:a5:e2:bc:9f:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bbf3a257f99528c3a924d269d1af438185c2006d
Validity
Not Before: Dec 10 10:05:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e6d031958c2f41c51d89bb0797fe9fd721a6943e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:fd:97:e3:1f:8e:46:94:48:1e:d0:01:fb:ec:
b8:68:6d:a1:9a:91:7a:3b:66:5c:51:5e:29:74:fd:
17:67:dc:b2:2f:f5:92:ae:e6:28:99:d8:19:a7:88:
89:23:f8:2a:ae:1b:8d:7a:f2:95:c1:cf:76:6a:3f:
02:0d:df:a2:07:58:72:fa:c6:d6:b8:77:a2:f2:ab:
fb:23:84:2f:b5:c2:d0:70:cf:30:36:99:4e:e8:4f:
9c:7a:36:f1:9a:76:93:36:68:90:b4:d3:10:41:01:
75:bb:7e:9a:3e:cc:ab:ec:c5:4e:bb:3e:fe:83:27:
cd:d5:b1:68:c3:82:20:a8:6c:86:94:bf:74:1f:8c:
69:00:84:04:ad:01:03:fc:33:28:21:b3:27:0d:ff:
b6:71:fc:fe:5a:2a:a7:11:f6:76:81:06:f5:ff:89:
0f:02:c9:54:f6:f7:82:9f:6d:f6:ef:93:3f:52:f9:
2e:81:87:c4:7d:08:28:cf:43:c0:e1:ca:67:29:d4:
9f:96:fc:95:d5:bf:b0:10:68:a3:48:f4:7b:28:29:
40:67:42:54:b4:ae:81:18:73:d5:8c:9e:8b:63:de:
c9:04:25:db:6a:b1:b4:74:38:26:36:1a:ef:8a:71:
81:f9:65:5c:1c:87:3a:ad:68:c2:83:27:ef:45:9b:
60:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:D0:31:95:8C:2F:41:C5:1D:89:BB:07:97:FE:9F:D7:21:A6:94:3E
X509v3 Authority Key Identifier:
keyid:BB:F3:A2:57:F9:95:28:C3:A9:24:D2:69:D1:AF:43:81:85:C2:00:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u_OiV_mVKMOpJNJp0a9DgYXCAG0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/4faaff-384f-402e-8b8c-45f77dfa2636/1/5tAxlYwvQcUdibsHl_6f1yGmlD4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/4faaff-384f-402e-8b8c-45f77dfa2636/1/u_OiV_mVKMOpJNJp0a9DgYXCAG0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.87.254.0/23
Signature Algorithm: sha256WithRSAEncryption
34:16:6a:3e:dc:49:82:9a:6f:37:f7:f6:63:06:47:fc:9c:19:
99:73:99:68:43:4f:67:93:f8:53:f7:19:7e:49:42:42:46:13:
ea:15:67:08:ec:8a:56:dd:82:02:b0:6f:8b:64:6f:b3:c3:e2:
27:79:4a:79:0d:0f:f7:99:f9:07:a7:0e:d1:2a:70:9c:02:83:
4f:7c:48:6b:31:0d:15:65:63:bf:10:bd:a7:7d:0f:7e:a3:27:
b9:ed:7c:9a:2e:46:d4:13:ff:c7:44:3e:23:04:ba:bd:f4:27:
b0:fd:8a:1b:1e:ee:f5:52:f4:50:19:2b:13:ca:04:73:38:c6:
b3:a1:f7:b5:55:96:4a:34:3d:73:47:94:46:39:82:fd:b5:60:
b3:d1:0a:74:ee:ed:28:c6:6e:39:f4:61:12:f4:f9:f3:f3:76:
71:bf:cd:5b:be:c5:62:23:33:c4:76:8e:e1:f1:ad:7f:73:2f:
f5:f9:86:50:d3:c1:11:87:ff:ec:04:44:10:52:29:14:eb:78:
8f:71:f2:52:6f:1b:01:6d:e2:5a:c3:9f:2f:86:cc:2a:65:fc:
8e:79:7c:1e:60:b8:8a:e3:50:85:f4:6b:2f:15:6a:b9:92:78:
64:85:b0:8a:2a:bc:b2:0c:08:ae:bf:bb:16:e7:08:75:c5:20:
3b:4d:91:05
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZOwB9FQcpy82IMD76XivJ9lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiZjNhMjU3Zjk5NTI4YzNhOTI0ZDI2OWQxYWY0MzgxODVj
MjAwNmQwHhcNMjQxMjEwMTAwNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmQwMzE5NThjMmY0MWM1MWQ4OWJiMDc5N2ZlOWZkNzIxYTY5NDNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvP2X4x+ORpRIHtAB++y4aG2hmpF6
O2ZcUV4pdP0XZ9yyL/WSruYomdgZp4iJI/gqrhuNevKVwc92aj8CDd+iB1hy+sbW
uHei8qv7I4QvtcLQcM8wNplO6E+cejbxmnaTNmiQtNMQQQF1u36aPsyr7MVOuz7+
gyfN1bFow4IgqGyGlL90H4xpAIQErQED/DMoIbMnDf+2cfz+WiqnEfZ2gQb1/4kP
AslU9veCn23275M/UvkugYfEfQgoz0PA4cpnKdSflvyV1b+wEGijSPR7KClAZ0JU
tK6BGHPVjJ6LY97JBCXbarG0dDgmNhrvinGB+WVcHIc6rWjCgyfvRZtgowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFObQMZWML0HFHYm7B5f+n9chppQ+MB8GA1UdIwQY
MBaAFLvzolf5lSjDqSTSadGvQ4GFwgBtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdV9PaVZfbVZLTU9wSk5KcDBhOURnWVhDQUcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC80ZmFhZmYtMzg0Zi00MDJlLThiOGMt
NDVmNzdkZmEyNjM2LzEvNXRBeGxZd3ZRY1VkaWJzSGxfNmYxeUdtbEQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC80ZmFhZmYtMzg0Zi00MDJlLThiOGMtNDVmNzdkZmEyNjM2
LzEvdV9PaVZfbVZLTU9wSk5KcDBhOURnWVhDQUcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBUFf+MA0G
CSqGSIb3DQEBCwUAA4IBAQA0Fmo+3EmCmm839/ZjBkf8nBmZc5loQ09nk/hT9xl+
SUJCRhPqFWcI7IpW3YICsG+LZG+zw+IneUp5DQ/3mfkHpw7RKnCcAoNPfEhrMQ0V
ZWO/EL2nfQ9+oye57XyaLkbUE//HRD4jBLq99Cew/YobHu71UvRQGSsTygRzOMaz
ofe1VZZKND1zR5RGOYL9tWCz0Qp07u0oxm459GES9Pnz83Zxv81bvsViIzPEdo7h
8a1/cy/1+YZQ08ERh//sBEQQUikU63iPcfJSbxsBbeJaw58vhswqZfyOeXweYLiK
41CF9GsvFWq5knhkhbCKKryyDAiuv7sW5wh1xSA7TZEF
-----END CERTIFICATE-----
Generated at Tue Apr 22 23:27:13 2025 by rpki-client