Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/0it0-5JsbwnY9YLLGUeFt_TPKRM.roa
File: 0it0-5JsbwnY9YLLGUeFt_TPKRM.roa (raw, json)
Hash identifier: 4AC0sU4hXV1ovZCcGIcxpL7MSvIp090lvbFh84JYnmI=
Subject key identifier: D2:2B:74:FB:92:6C:6F:09:D8:F5:82:CB:19:47:85:B7:F4:CF:29:13
Certificate issuer: /CN=87958ba661c435ccd25c2060462ef600d2719ee0
Certificate serial: 01856FF949C4A421D0328BDDB0751CFCA978
Authority key identifier: 87:95:8B:A6:61:C4:35:CC:D2:5C:20:60:46:2E:F6:00:D2:71:9E:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h5WLpmHENczSXCBgRi72ANJxnuA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/0it0-5JsbwnY9YLLGUeFt_TPKRM.roa
Signing time: Mon 02 Jan 2023 00:54:46 +0000
ROA not before: Mon 02 Jan 2023 00:54:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35356
IP address blocks: 80.93.144.0/21 maxlen: 21
80.93.144.0/20 maxlen: 20
80.93.147.0/24 maxlen: 24
80.93.146.0/24 maxlen: 24
80.93.154.0/24 maxlen: 24
80.93.155.0/24 maxlen: 24
80.93.159.0/24 maxlen: 24
80.93.156.0/24 maxlen: 24
80.93.157.0/24 maxlen: 24
83.142.252.0/23 maxlen: 23
83.142.248.0/22 maxlen: 22
83.142.254.0/24 maxlen: 24
83.142.255.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f9:49:c4:a4:21:d0:32:8b:dd:b0:75:1c:fc:a9:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87958ba661c435ccd25c2060462ef600d2719ee0
Validity
Not Before: Jan 2 00:54:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d22b74fb926c6f09d8f582cb194785b7f4cf2913
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:9d:f8:63:f3:9e:81:e7:67:ba:dd:75:4b:04:
74:60:a1:eb:e0:09:72:fa:b9:7d:da:9a:49:0f:78:
77:9d:32:80:8e:a7:18:0c:d9:f9:42:e1:ae:c8:41:
36:b7:54:4d:3a:08:27:7b:f8:d8:b8:1b:10:c6:ac:
51:4f:1c:5b:7e:62:42:0e:7c:18:c9:ea:40:dc:23:
f6:b8:67:45:86:1e:3e:14:61:37:60:4d:01:52:f7:
a9:a1:bf:49:57:1a:79:06:6f:80:fe:61:40:5f:3b:
42:20:b6:88:0a:cb:cf:c2:0d:b6:d0:f0:b7:67:90:
18:c2:a6:53:7a:b6:7e:3d:25:4a:eb:52:49:f8:32:
95:a8:2e:42:99:5f:a8:56:e1:e5:02:36:9d:9a:d7:
33:79:bf:4d:3c:a1:0d:ee:c0:34:a4:ec:58:c5:45:
b8:dc:34:a5:a6:ea:86:1a:b7:05:6d:7e:7c:75:18:
d7:c7:d0:66:3d:95:7a:bc:96:4c:ec:ba:7d:e2:af:
d2:38:e4:cd:fe:69:4e:f8:57:ca:4d:e7:20:dd:66:
d6:81:fc:32:b5:6c:99:22:5b:55:1f:67:6b:2e:9d:
b6:39:c2:ba:f1:c0:1c:58:10:cc:aa:c8:a4:21:f3:
c5:d7:f7:b0:b0:02:45:0d:99:9d:90:ee:fe:cd:8b:
e3:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:2B:74:FB:92:6C:6F:09:D8:F5:82:CB:19:47:85:B7:F4:CF:29:13
X509v3 Authority Key Identifier:
keyid:87:95:8B:A6:61:C4:35:CC:D2:5C:20:60:46:2E:F6:00:D2:71:9E:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h5WLpmHENczSXCBgRi72ANJxnuA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/0it0-5JsbwnY9YLLGUeFt_TPKRM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/h5WLpmHENczSXCBgRi72ANJxnuA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.93.144.0/20
83.142.248.0/21
Signature Algorithm: sha256WithRSAEncryption
49:81:bf:c2:29:51:41:73:8d:c3:27:94:ed:84:7e:83:a6:ab:
b1:65:b2:ca:15:2b:50:7f:9c:b8:c2:a7:4f:3a:62:4f:21:a4:
05:d8:1c:55:5c:74:27:ae:b0:39:e5:9b:cd:48:82:ae:de:d4:
9d:b3:ea:94:b7:3d:cb:09:a7:fe:47:40:67:9d:14:ef:ed:ca:
9d:33:e2:76:7b:d6:5d:00:54:ce:ca:07:c9:55:bb:56:ea:74:
d4:a5:80:03:4b:e7:42:20:41:96:43:16:f7:73:0e:43:83:a3:
f3:10:e4:48:fb:e3:29:4b:bd:cb:f7:3b:b3:38:cf:24:cb:d3:
3a:2c:79:aa:97:21:a8:3d:a3:3f:c3:fb:bd:4e:ec:e1:38:98:
80:c4:ab:a1:dc:0a:1a:83:c9:7e:5e:83:45:c1:03:17:e3:37:
27:18:0c:7c:d9:33:b7:27:b2:a7:64:40:4d:b2:f9:1e:f3:e4:
6c:64:75:77:13:b7:d4:c7:5a:45:ca:09:b8:f6:48:43:01:8e:
dc:ef:fa:65:23:89:92:19:9f:cf:79:f9:98:7e:16:9d:b0:4a:
c7:78:65:a0:d4:9c:4c:38:cc:de:b0:60:7e:03:1f:fa:84:d8:
c9:5e:d2:e3:f2:9f:74:26:f2:fc:aa:68:6a:b5:4c:2a:08:24:
1d:a4:f5:cb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVv+UnEpCHQMovdsHUc/Kl4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3OTU4YmE2NjFjNDM1Y2NkMjVjMjA2MDQ2MmVmNjAwZDI3
MTllZTAwHhcNMjMwMTAyMDA1NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjJiNzRmYjkyNmM2ZjA5ZDhmNTgyY2IxOTQ3ODViN2Y0Y2YyOTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtp34Y/Oegednut11SwR0YKHr4Aly
+rl92ppJD3h3nTKAjqcYDNn5QuGuyEE2t1RNOggne/jYuBsQxqxRTxxbfmJCDnwY
yepA3CP2uGdFhh4+FGE3YE0BUvepob9JVxp5Bm+A/mFAXztCILaICsvPwg220PC3
Z5AYwqZTerZ+PSVK61JJ+DKVqC5CmV+oVuHlAjadmtczeb9NPKEN7sA0pOxYxUW4
3DSlpuqGGrcFbX58dRjXx9BmPZV6vJZM7Lp94q/SOOTN/mlO+FfKTecg3WbWgfwy
tWyZIltVH2drLp22OcK68cAcWBDMqsikIfPF1/ewsAJFDZmdkO7+zYvjUwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNIrdPuSbG8J2PWCyxlHhbf0zykTMB8GA1UdIwQY
MBaAFIeVi6ZhxDXM0lwgYEYu9gDScZ7gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDVXTHBtSEVOY3pTWENCZ1JpNzJBTkp4bnVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82NWNmMGEtYWRlMy00MGIxLTk5ODct
OGMzNGU0Y2Y5MDI2LzEvMGl0MC01SnNid25ZOVlMTEdVZUZ0X1RQS1JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82NWNmMGEtYWRlMy00MGIxLTk5ODctOGMzNGU0Y2Y5MDI2
LzEvaDVXTHBtSEVOY3pTWENCZ1JpNzJBTkp4bnVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEUF2QAwQD
U474MA0GCSqGSIb3DQEBCwUAA4IBAQBJgb/CKVFBc43DJ5TthH6DpquxZbLKFStQ
f5y4wqdPOmJPIaQF2BxVXHQnrrA55ZvNSIKu3tSds+qUtz3LCaf+R0BnnRTv7cqd
M+J2e9ZdAFTOygfJVbtW6nTUpYADS+dCIEGWQxb3cw5Dg6PzEORI++MpS73L9zuz
OM8ky9M6LHmqlyGoPaM/w/u9TuzhOJiAxKuh3Aoag8l+XoNFwQMX4zcnGAx82TO3
J7KnZEBNsvke8+RsZHV3E7fUx1pFygm49khDAY7c7/plI4mSGZ/PefmYfhadsErH
eGWg1JxMOMzesGB+Ax/6hNjJXtLj8p90JvL8qmhqtUwqCCQdpPXL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:37 2024 by rpki-client on console-fra.rpki-client.org