Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/kZqQ_JD9dY_6o9y3E4tldQyxgOs.roa
File: kZqQ_JD9dY_6o9y3E4tldQyxgOs.roa (raw, json)
Hash identifier: GuP4vDhD5CxNdG1MYDcYZw0UAgixx4rW4mH+Me76VrI=
Subject key identifier: 91:9A:90:FC:90:FD:75:8F:FA:A3:DC:B7:13:8B:65:75:0C:B1:80:EB
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018F34219B9B6FC7A5910D30AFD09830495A
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/kZqQ_JD9dY_6o9y3E4tldQyxgOs.roa
Signing time: Wed 01 May 2024 12:29:28 +0000
ROA not before: Wed 01 May 2024 12:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64267
IP address blocks: 80.240.85.0/24 maxlen: 24
80.240.87.0/24 maxlen: 24
217.145.71.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 25 Sep 2024 14:11:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:34:21:9b:9b:6f:c7:a5:91:0d:30:af:d0:98:30:49:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 1 12:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=919a90fc90fd758ffaa3dcb7138b65750cb180eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:74:af:e1:eb:5b:37:d7:4b:7b:b4:08:ac:bd:
f3:1a:22:48:85:91:d6:e4:cb:7a:b5:45:24:5a:fe:
7d:64:4d:c3:2c:82:e7:0a:ad:af:09:9c:ec:69:9d:
54:9a:19:ad:0d:71:31:c8:dc:12:2e:18:9c:fe:c2:
41:36:ba:34:3c:6d:23:b6:9a:ce:78:9f:c4:7e:8d:
19:68:f6:bc:d8:d3:48:e6:08:f7:3e:b0:83:65:2d:
41:76:89:fe:28:57:1d:34:c6:b3:fa:d5:f8:dd:ca:
67:1d:78:22:d6:b5:65:a7:2c:21:25:9a:17:0b:89:
c3:d8:79:6c:6f:92:df:14:0a:4c:30:be:4b:69:d5:
2d:02:0f:ce:c8:fe:2a:f1:3a:58:38:88:3e:ed:1d:
3c:00:bf:1b:18:27:9b:af:eb:0a:72:30:8f:a3:0b:
c1:3c:38:9b:a8:b2:35:c3:28:9f:32:d8:01:f0:1b:
29:4d:02:09:6c:38:ee:77:0e:90:81:70:2d:63:a2:
a2:44:28:3a:c1:df:ad:c4:5f:d3:78:1d:3c:7b:8c:
7b:e7:db:b8:b0:dd:51:28:77:9f:e2:ed:40:1d:33:
95:c0:b6:1c:1f:cb:2b:69:05:54:47:ad:06:36:f3:
31:1d:6a:4b:1c:4e:f1:99:85:1f:33:60:b8:16:97:
ee:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:9A:90:FC:90:FD:75:8F:FA:A3:DC:B7:13:8B:65:75:0C:B1:80:EB
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/kZqQ_JD9dY_6o9y3E4tldQyxgOs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.240.85.0/24
80.240.87.0/24
217.145.71.0/24
Signature Algorithm: sha256WithRSAEncryption
41:b5:48:a3:16:f9:44:df:85:ad:3a:47:82:4b:dc:05:6c:9c:
66:00:54:74:b4:6e:d6:85:77:7b:18:7a:b5:e4:e0:76:88:e9:
cc:bb:dc:01:f8:d1:30:a6:dc:1c:47:b0:63:8d:58:18:fc:29:
0c:d9:83:73:94:24:b5:c1:bd:a1:9a:94:89:e7:41:1f:9c:22:
54:32:dd:fe:99:70:f3:7f:94:93:5c:02:10:a4:b7:b6:f2:2d:
81:94:39:32:c6:36:51:94:5d:bb:e1:eb:68:0e:e4:f0:56:13:
9d:3f:ed:81:5d:38:28:73:93:e4:9d:ba:6a:55:1c:7c:22:9f:
c7:e1:57:64:c6:4c:77:d4:79:ba:d5:d0:c3:54:ed:eb:1e:a8:
21:99:e2:1a:e4:22:e1:c6:e7:e9:e5:d9:1c:2f:8b:9f:c1:b6:
4f:52:78:67:69:e7:12:e6:af:a6:78:16:5f:ae:b8:bc:97:5b:
aa:78:17:ce:f6:0f:a5:94:a7:ed:91:0d:40:da:22:fc:2a:50:
db:74:3f:45:48:72:39:64:9c:f1:a1:f8:b7:24:5d:3f:72:3e:
dc:d4:dd:2f:ba:1e:5c:ed:cf:3c:50:1c:4a:a9:5a:4d:6c:8a:
b0:dc:c3:d8:fb:8c:67:82:c4:68:d1:96:c7:bf:c3:5b:40:73:
69:34:f8:8c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY80IZubb8elkQ0wr9CYMElaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNTAxMTIyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTlhOTBmYzkwZmQ3NThmZmFhM2RjYjcxMzhiNjU3NTBjYjE4MGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtnSv4etbN9dLe7QIrL3zGiJIhZHW
5Mt6tUUkWv59ZE3DLILnCq2vCZzsaZ1UmhmtDXExyNwSLhic/sJBNro0PG0jtprO
eJ/Efo0ZaPa82NNI5gj3PrCDZS1Bdon+KFcdNMaz+tX43cpnHXgi1rVlpywhJZoX
C4nD2Hlsb5LfFApMML5LadUtAg/OyP4q8TpYOIg+7R08AL8bGCebr+sKcjCPowvB
PDibqLI1wyifMtgB8BspTQIJbDjudw6QgXAtY6KiRCg6wd+txF/TeB08e4x759u4
sN1RKHef4u1AHTOVwLYcH8sraQVUR60GNvMxHWpLHE7xmYUfM2C4FpfuGQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJGakPyQ/XWP+qPctxOLZXUMsYDrMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEva1pxUV9KRDlkWV82bzl5M0U0dGxkUXl4Z09zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUPBVAwQA
UPBXAwQA2ZFHMA0GCSqGSIb3DQEBCwUAA4IBAQBBtUijFvlE34WtOkeCS9wFbJxm
AFR0tG7WhXd7GHq15OB2iOnMu9wB+NEwptwcR7BjjVgY/CkM2YNzlCS1wb2hmpSJ
50EfnCJUMt3+mXDzf5STXAIQpLe28i2BlDkyxjZRlF274etoDuTwVhOdP+2BXTgo
c5PknbpqVRx8Ip/H4Vdkxkx31Hm61dDDVO3rHqghmeIa5CLhxufp5dkcL4ufwbZP
UnhnaecS5q+meBZfrri8l1uqeBfO9g+llKftkQ1A2iL8KlDbdD9FSHI5ZJzxofi3
JF0/cj7c1N0vuh5c7c88UBxKqVpNbIqw3MPY+4xngsRo0ZbHv8NbQHNpNPiM
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:09:19 2025 by rpki-client