Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/dFpxvK9wHnF7L48mMLd_fCqgvnw.roa
File: dFpxvK9wHnF7L48mMLd_fCqgvnw.roa (raw, json)
Hash identifier: lSEtyZL2guPmXGe7Z/NR49ob5kCEuZC9YdRr+H0Dh2I=
Subject key identifier: 74:5A:71:BC:AF:70:1E:71:7B:2F:8F:26:30:B7:7F:7C:2A:A0:BE:7C
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0190986CF0A56E3578A16F54EDF87121C458
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/dFpxvK9wHnF7L48mMLd_fCqgvnw.roa
Signing time: Tue 09 Jul 2024 16:56:34 +0000
ROA not before: Tue 09 Jul 2024 16:56:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50917
IP address blocks: 80.240.86.0/24 maxlen: 24
82.153.207.0/24 maxlen: 24
212.38.89.0/24 maxlen: 24
213.218.209.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 10 Jul 2024 14:59:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:98:6c:f0:a5:6e:35:78:a1:6f:54:ed:f8:71:21:c4:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jul 9 16:56:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=745a71bcaf701e717b2f8f2630b77f7c2aa0be7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:0c:18:e7:0e:d3:45:ba:11:f6:0f:86:54:70:
d7:8f:8d:5b:ef:87:c0:c5:a0:17:d8:43:59:7b:df:
9b:5c:40:c4:1f:04:cb:65:ae:dd:cd:87:e7:17:60:
6b:50:87:a9:fc:61:e4:dc:74:4b:dd:72:e6:1e:61:
c3:2e:34:7f:dd:3f:37:32:65:81:ad:40:d2:2b:c7:
50:e4:99:a1:f1:1b:3f:2b:87:09:90:f1:c7:8e:aa:
d5:85:cb:30:e3:69:e1:cc:bd:8e:94:34:aa:ed:44:
e4:e9:76:55:8c:c3:35:e3:84:a4:25:35:db:2f:0b:
27:92:3a:d4:bb:12:11:e3:2f:90:50:c4:f8:db:f0:
ed:56:34:6e:67:98:0f:91:41:33:12:e2:5c:73:12:
04:ee:34:6d:1f:35:47:d4:ab:08:09:35:ed:a1:cb:
e7:11:89:13:1a:80:0d:59:cb:21:2c:c1:50:ad:38:
5b:c0:e8:f0:5f:04:30:06:89:76:48:28:47:17:a4:
1c:8b:76:d4:7f:ec:9e:b6:a5:00:7d:87:32:4f:e1:
e2:92:a6:d1:bc:c0:64:a2:8e:58:16:24:70:d7:12:
25:d6:7f:35:9c:d1:32:8a:77:33:c2:3e:30:87:ae:
7e:03:f2:bb:22:06:d3:fc:b8:bc:63:f8:f6:b8:c7:
7b:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:5A:71:BC:AF:70:1E:71:7B:2F:8F:26:30:B7:7F:7C:2A:A0:BE:7C
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/dFpxvK9wHnF7L48mMLd_fCqgvnw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.240.86.0/24
82.153.207.0/24
212.38.89.0/24
213.218.209.0/24
Signature Algorithm: sha256WithRSAEncryption
71:76:e2:b7:f2:1b:5d:5e:01:ef:8a:45:2a:44:1d:75:ae:50:
e8:d3:e3:38:3b:4b:9f:dd:1e:f2:e8:69:3f:68:6a:16:2d:37:
aa:ff:ae:0f:d1:9a:27:2f:61:ab:d6:b7:88:29:47:42:d7:5d:
79:5a:85:4a:0a:24:02:c1:61:52:56:f2:48:16:98:6e:3a:70:
e3:de:30:ff:82:5c:da:bf:60:b5:d4:1f:b2:f9:29:96:33:b3:
7b:83:6c:96:86:3b:6f:43:03:75:33:ef:61:0d:33:a4:7f:0c:
b0:c1:e2:79:95:a7:31:fd:ee:dc:4d:36:36:17:3d:06:21:e5:
74:d8:41:25:2a:09:47:bb:55:a4:0e:91:23:61:cf:bf:f1:cf:
e8:b5:a1:d9:4d:44:df:0b:44:51:61:62:2b:52:51:3a:95:8e:
dd:9e:a5:35:a6:6c:fe:fc:48:49:3f:14:6e:09:94:a0:7a:db:
c5:29:11:0b:92:fa:74:ab:d7:1b:da:6c:f2:46:b3:fa:cc:32:
6a:25:9e:02:3b:fb:0f:72:d3:0f:59:a8:dd:57:87:17:8c:c5:
94:42:79:1e:cb:b0:70:6b:ec:06:8a:cf:e2:93:16:14:65:2a:
d2:17:5d:40:21:1a:ac:47:ae:11:e1:0c:d1:6c:60:ca:fd:dc:
42:e9:9c:a8
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZCYbPClbjV4oW9U7fhxIcRYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNzA5MTY1NjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDVhNzFiY2FmNzAxZTcxN2IyZjhmMjYzMGI3N2Y3YzJhYTBiZTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwwY5w7TRboR9g+GVHDXj41b74fA
xaAX2ENZe9+bXEDEHwTLZa7dzYfnF2BrUIep/GHk3HRL3XLmHmHDLjR/3T83MmWB
rUDSK8dQ5Jmh8Rs/K4cJkPHHjqrVhcsw42nhzL2OlDSq7UTk6XZVjMM144SkJTXb
LwsnkjrUuxIR4y+QUMT42/DtVjRuZ5gPkUEzEuJccxIE7jRtHzVH1KsICTXtocvn
EYkTGoANWcshLMFQrThbwOjwXwQwBol2SChHF6Qci3bUf+yetqUAfYcyT+HikqbR
vMBkoo5YFiRw1xIl1n81nNEyinczwj4wh65+A/K7IgbT/Li8Y/j2uMd7MQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHRacbyvcB5xey+PJjC3f3wqoL58MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvZEZweHZLOXdIbkY3TDQ4bU1MZF9mQ3Fndm53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUPBWAwQA
UpnPAwQA1CZZAwQA1drRMA0GCSqGSIb3DQEBCwUAA4IBAQBxduK38htdXgHvikUq
RB11rlDo0+M4O0uf3R7y6Gk/aGoWLTeq/64P0ZonL2Gr1reIKUdC1115WoVKCiQC
wWFSVvJIFphuOnDj3jD/glzav2C11B+y+SmWM7N7g2yWhjtvQwN1M+9hDTOkfwyw
weJ5lacx/e7cTTY2Fz0GIeV02EElKglHu1WkDpEjYc+/8c/otaHZTUTfC0RRYWIr
UlE6lY7dnqU1pmz+/EhJPxRuCZSgetvFKRELkvp0q9cb2mzyRrP6zDJqJZ4CO/sP
ctMPWajdV4cXjMWUQnkey7Bwa+wGis/ikxYUZSrSF11AIRqsR64R4QzRbGDK/dxC
6Zyo
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:28:02 2025 by rpki-client