Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Yf28CS5bX5G_c7YRrzW9KVymRcw.roa
File: Yf28CS5bX5G_c7YRrzW9KVymRcw.roa (raw, json)
Hash identifier: HB8QHrl/SLQNsxM7jidefo9bwGH2kGCG0Pa2sSMXsKg=
Subject key identifier: 61:FD:BC:09:2E:5B:5F:91:BF:73:B6:11:AF:35:BD:29:5C:A6:45:CC
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01909D2A039EFBD920AE7F1E62E588EF7992
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Yf28CS5bX5G_c7YRrzW9KVymRcw.roa
Signing time: Wed 10 Jul 2024 15:01:34 +0000
ROA not before: Wed 10 Jul 2024 15:01:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 398355
IP address blocks: 80.240.86.0/24 maxlen: 24
213.218.209.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 Jul 2024 16:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:9d:2a:03:9e:fb:d9:20:ae:7f:1e:62:e5:88:ef:79:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jul 10 15:01:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=61fdbc092e5b5f91bf73b611af35bd295ca645cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:dd:e7:68:5a:a6:30:c4:11:3f:b3:56:11:70:
00:aa:64:c0:7e:14:af:66:f5:c9:a6:07:e2:6d:e0:
dc:0d:ab:b6:37:26:ba:68:68:74:c5:d9:af:a9:4f:
35:c8:02:11:8a:9f:50:de:26:eb:dd:dd:ca:a4:96:
58:36:0a:88:f0:28:5d:1a:c5:be:a8:8e:f3:98:79:
3d:cf:77:e8:53:36:6b:66:bf:ca:a5:c7:5d:83:6e:
18:60:be:4e:08:de:41:43:4c:7f:fd:6f:57:8f:be:
b8:6b:55:18:f7:2d:42:0a:46:6c:37:49:02:3b:1e:
2d:ae:69:95:e0:60:fc:b6:da:e3:bd:70:96:3c:d2:
7c:c9:c4:6c:38:9a:61:77:d4:56:0a:9a:8e:bd:db:
1d:12:39:4a:f2:7e:46:d4:4d:f4:c2:6d:e1:92:9e:
1c:8b:1c:64:eb:41:10:04:c8:ec:b6:65:66:e6:21:
b2:c3:18:7a:9a:69:4e:78:51:b1:69:4a:c7:a1:dc:
28:6a:34:76:07:7e:9c:33:b0:3a:ea:53:be:70:81:
50:0f:03:5e:b5:4f:8c:3f:84:60:ed:aa:f5:29:8c:
6a:bd:93:c8:ae:2e:68:fb:ac:30:0a:95:62:54:5d:
ac:dd:b8:2a:f6:1b:57:45:a8:7a:d6:a1:d0:14:ab:
ec:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:FD:BC:09:2E:5B:5F:91:BF:73:B6:11:AF:35:BD:29:5C:A6:45:CC
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Yf28CS5bX5G_c7YRrzW9KVymRcw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.240.86.0/24
213.218.209.0/24
Signature Algorithm: sha256WithRSAEncryption
78:6a:45:84:1e:72:13:76:b8:7e:b5:53:76:61:34:26:7c:51:
85:36:ac:03:a7:a1:8c:6e:8c:de:1d:76:aa:22:78:eb:83:16:
b6:13:c6:09:fa:d4:bc:f0:35:99:3d:b5:c2:f2:19:43:d0:32:
7c:f9:1e:10:da:11:9b:d5:90:23:98:4b:1c:20:be:2e:56:64:
4d:c0:0c:01:27:a0:01:6f:93:d1:07:8c:38:04:2d:e5:74:7e:
2f:e7:88:72:c6:51:92:ce:da:39:52:9f:5c:d1:ab:81:f6:25:
0a:2c:fd:d8:2e:29:4a:fd:8e:29:da:90:0b:62:9b:ec:68:af:
55:76:07:48:b1:fc:e9:7c:77:1d:e0:04:dc:4f:aa:75:42:15:
46:4b:db:37:9c:61:8b:db:29:04:3b:44:c9:79:e4:26:e3:66:
6b:05:3d:8c:14:2c:70:88:a4:52:f9:d6:ff:69:ab:58:1e:ba:
a8:ad:3a:33:a3:af:62:fc:ed:f2:e8:60:f8:6d:cc:3e:c1:e3:
cc:51:44:f2:7e:09:37:bc:93:3e:ac:08:80:47:fc:11:29:31:
0d:e4:90:6b:5c:aa:5d:d6:08:a6:83:9a:4a:f6:87:a4:b5:aa:
81:8d:58:b4:15:d0:0e:d5:ee:b6:3a:0a:74:a5:f8:76:94:79:
eb:61:80:e6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZCdKgOe+9kgrn8eYuWI73mSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNzEwMTUwMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWZkYmMwOTJlNWI1ZjkxYmY3M2I2MTFhZjM1YmQyOTVjYTY0NWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsd3naFqmMMQRP7NWEXAAqmTAfhSv
ZvXJpgfibeDcDau2Nya6aGh0xdmvqU81yAIRip9Q3ibr3d3KpJZYNgqI8ChdGsW+
qI7zmHk9z3foUzZrZr/Kpcddg24YYL5OCN5BQ0x//W9Xj764a1UY9y1CCkZsN0kC
Ox4trmmV4GD8ttrjvXCWPNJ8ycRsOJphd9RWCpqOvdsdEjlK8n5G1E30wm3hkp4c
ixxk60EQBMjstmVm5iGywxh6mmlOeFGxaUrHodwoajR2B36cM7A66lO+cIFQDwNe
tU+MP4Rg7ar1KYxqvZPIri5o+6wwCpViVF2s3bgq9htXRah61qHQFKvsDwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGH9vAkuW1+Rv3O2Ea81vSlcpkXMMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvWWYyOENTNWJYNUdfYzdZUnJ6VzlLVnltUmN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUPBWAwQA
1drRMA0GCSqGSIb3DQEBCwUAA4IBAQB4akWEHnITdrh+tVN2YTQmfFGFNqwDp6GM
bozeHXaqInjrgxa2E8YJ+tS88DWZPbXC8hlD0DJ8+R4Q2hGb1ZAjmEscIL4uVmRN
wAwBJ6ABb5PRB4w4BC3ldH4v54hyxlGSzto5Up9c0auB9iUKLP3YLilK/Y4p2pAL
YpvsaK9VdgdIsfzpfHcd4ATcT6p1QhVGS9s3nGGL2ykEO0TJeeQm42ZrBT2MFCxw
iKRS+db/aatYHrqorTozo69i/O3y6GD4bcw+wePMUUTyfgk3vJM+rAiAR/wRKTEN
5JBrXKpd1gimg5pK9oektaqBjVi0FdAO1e62Ogp0pfh2lHnrYYDm
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:13:02 2025 by rpki-client