Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/99ed06-e445-4ca2-b647-bd2b3abae121/1/dRCCrQlbCl5cnPZS_97FGox7KT8.roa
File: dRCCrQlbCl5cnPZS_97FGox7KT8.roa (raw, json)
Hash identifier: fCuqxntNMN3+hGbFRnYWXO8SO6UnTTss4ZDUz2torlo=
Subject key identifier: 75:10:82:AD:09:5B:0A:5E:5C:9C:F6:52:FF:DE:C5:1A:8C:7B:29:3F
Certificate issuer: /CN=f31ed7b1f63b51aa516a9ffcb035a3a0d69e65a1
Certificate serial: 0194883F704798359A667FCE3D9E3853D9E4
Authority key identifier: F3:1E:D7:B1:F6:3B:51:AA:51:6A:9F:FC:B0:35:A3:A0:D6:9E:65:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8x7XsfY7UapRap_8sDWjoNaeZaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/99ed06-e445-4ca2-b647-bd2b3abae121/1/dRCCrQlbCl5cnPZS_97FGox7KT8.roa
Signing time: Tue 21 Jan 2025 09:44:06 +0000
ROA not before: Tue 21 Jan 2025 09:44:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216211
IP address blocks: 80.249.134.0/24 maxlen: 24
2a13:edc0:1::/48 maxlen: 48
2a13:edc0:2::/48 maxlen: 48
2a13:edc0:3::/48 maxlen: 48
2a13:edc0:4::/48 maxlen: 48
2a13:edc0:5::/48 maxlen: 48
2a13:edc0:6::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 01 Feb 2025 15:13:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:88:3f:70:47:98:35:9a:66:7f:ce:3d:9e:38:53:d9:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f31ed7b1f63b51aa516a9ffcb035a3a0d69e65a1
Validity
Not Before: Jan 21 09:44:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=751082ad095b0a5e5c9cf652ffdec51a8c7b293f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:77:61:51:4d:47:37:e5:34:a3:c1:ae:79:dd:
b2:fd:31:06:36:d0:d6:22:99:7f:b5:7e:e7:56:65:
35:03:14:46:d2:17:4a:e6:a1:f2:ae:52:7f:d8:9e:
26:f3:6c:d2:10:18:ff:8b:ff:0b:c7:49:ba:c3:c2:
88:36:1d:e9:52:10:a9:31:9e:79:34:11:c3:6b:d5:
f6:0d:f6:91:23:46:af:70:7c:a0:80:ea:43:9c:97:
4a:2c:ff:ec:c3:0a:af:7d:e4:22:be:5b:e7:1e:eb:
4d:cd:83:bb:2d:ad:9d:03:cf:03:61:87:b2:6b:88:
c3:b4:56:d5:36:9c:ad:8d:76:fb:80:e0:54:72:4e:
4f:97:d1:88:da:21:4b:20:c5:a1:71:f4:5b:13:05:
25:1d:0d:d7:57:5f:78:4c:7b:4c:70:44:6d:f1:8c:
8e:68:23:60:e1:81:f2:63:88:51:71:b7:cc:a5:eb:
c9:65:10:de:78:92:02:81:7c:8f:fe:9c:f5:bb:8b:
ec:61:17:4f:9d:fa:04:4a:08:c3:c9:59:3d:2a:e5:
62:e2:15:6b:7a:d1:73:1b:47:01:fb:b5:f5:99:1f:
0d:80:b5:c5:5d:63:15:ca:20:88:c0:ba:cf:aa:20:
b0:91:ff:e0:c7:43:05:eb:c4:df:8c:cb:f4:1e:42:
55:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:10:82:AD:09:5B:0A:5E:5C:9C:F6:52:FF:DE:C5:1A:8C:7B:29:3F
X509v3 Authority Key Identifier:
keyid:F3:1E:D7:B1:F6:3B:51:AA:51:6A:9F:FC:B0:35:A3:A0:D6:9E:65:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8x7XsfY7UapRap_8sDWjoNaeZaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/99ed06-e445-4ca2-b647-bd2b3abae121/1/dRCCrQlbCl5cnPZS_97FGox7KT8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/99ed06-e445-4ca2-b647-bd2b3abae121/1/8x7XsfY7UapRap_8sDWjoNaeZaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.249.134.0/24
IPv6:
2a13:edc0:1::-2a13:edc0:6:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
b0:87:69:81:51:e1:a7:79:99:40:af:b5:a5:62:c8:d1:a0:1d:
2b:1d:43:a8:7b:c7:96:c5:88:e5:96:4e:50:7f:19:ac:de:9a:
4a:32:54:eb:f5:90:9f:2a:fb:a1:fa:ee:53:c0:9c:09:e8:67:
41:38:df:3d:62:b5:c3:fc:30:da:16:ed:55:97:31:83:1e:d6:
a5:fa:71:74:ff:d9:ad:45:31:9e:23:f0:1d:16:c9:d2:f7:35:
98:1d:f9:7e:ef:aa:ca:ee:04:09:0a:0e:bc:a0:4a:0b:53:28:
77:86:0f:33:6c:03:bf:dd:25:dd:49:2c:07:4e:be:4e:db:6d:
0b:5e:d9:46:86:df:d1:46:b7:9e:35:78:48:7d:9c:cb:62:1a:
8f:c7:12:6e:72:1c:b7:12:1f:57:8a:d5:af:4b:a9:5c:57:ce:
74:eb:5c:ae:f7:d3:a0:8b:83:ad:22:91:de:99:69:7c:f1:45:
3c:bc:3d:34:51:f3:e4:ae:e6:3a:8f:a5:0c:7d:98:c5:71:af:
e8:19:d5:09:43:72:fa:dc:fc:18:ad:07:40:ae:86:a6:e4:32:
28:65:5f:91:2f:24:51:19:99:73:26:f9:37:09:03:75:dd:d5:
36:ab:8a:0c:56:e3:70:6c:2d:b0:ec:b2:df:44:1b:57:6a:69:
4e:9e:53:30
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZSIP3BHmDWaZn/OPZ44U9nkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzMWVkN2IxZjYzYjUxYWE1MTZhOWZmY2IwMzVhM2EwZDY5
ZTY1YTEwHhcNMjUwMTIxMDk0NDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTEwODJhZDA5NWIwYTVlNWM5Y2Y2NTJmZmRlYzUxYThjN2IyOTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHdhUU1HN+U0o8Gued2y/TEGNtDW
Ipl/tX7nVmU1AxRG0hdK5qHyrlJ/2J4m82zSEBj/i/8Lx0m6w8KINh3pUhCpMZ55
NBHDa9X2DfaRI0avcHyggOpDnJdKLP/swwqvfeQivlvnHutNzYO7La2dA88DYYey
a4jDtFbVNpytjXb7gOBUck5Pl9GI2iFLIMWhcfRbEwUlHQ3XV194THtMcERt8YyO
aCNg4YHyY4hRcbfMpevJZRDeeJICgXyP/pz1u4vsYRdPnfoESgjDyVk9KuVi4hVr
etFzG0cB+7X1mR8NgLXFXWMVyiCIwLrPqiCwkf/gx0MF68TfjMv0HkJVqQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFHUQgq0JWwpeXJz2Uv/exRqMeyk/MB8GA1UdIwQY
MBaAFPMe17H2O1GqUWqf/LA1o6DWnmWhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHg3WHNmWTdVYXBSYXBfOHNEV2pvTmFlWmFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC85OWVkMDYtZTQ0NS00Y2EyLWI2NDct
YmQyYjNhYmFlMTIxLzEvZFJDQ3JRbGJDbDVjblBaU185N0ZHb3g3S1Q4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC85OWVkMDYtZTQ0NS00Y2EyLWI2NDctYmQyYjNhYmFlMTIx
LzEvOHg3WHNmWTdVYXBSYXBfOHNEV2pvTmFlWmFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQAUPmGMBoE
AgACMBQwEgMHACoT7cAAAQMHACoT7cAABjANBgkqhkiG9w0BAQsFAAOCAQEAsIdp
gVHhp3mZQK+1pWLI0aAdKx1DqHvHlsWI5ZZOUH8ZrN6aSjJU6/WQnyr7ofruU8Cc
CehnQTjfPWK1w/ww2hbtVZcxgx7WpfpxdP/ZrUUxniPwHRbJ0vc1mB35fu+qyu4E
CQoOvKBKC1Mod4YPM2wDv90l3UksB06+TtttC17ZRobf0Ua3njV4SH2cy2Iaj8cS
bnIctxIfV4rVr0upXFfOdOtcrvfToIuDrSKR3plpfPFFPLw9NFHz5K7mOo+lDH2Y
xXGv6BnVCUNy+tz8GK0HQK6GpuQyKGVfkS8kURmZcyb5NwkDdd3VNquKDFbjcGwt
sOyy30QbV2ppTp5TMA==
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:10:56 2025 by rpki-client