Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/tey08hGrBOB1UR6rYmrReiU6Mzc.roa
File: tey08hGrBOB1UR6rYmrReiU6Mzc.roa (raw, json)
Hash identifier: 9Ul7p44Ptjy6eo7oWCw6BJa9Ss/MxW1KIfZOMN/QuVA=
Subject key identifier: B5:EC:B4:F2:11:AB:04:E0:75:51:1E:AB:62:6A:D1:7A:25:3A:33:37
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01942143EBECAA4F4AF1FC8B68ACF9FA51DE
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/tey08hGrBOB1UR6rYmrReiU6Mzc.roa
Signing time: Wed 01 Jan 2025 09:48:06 +0000
ROA not before: Wed 01 Jan 2025 09:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58212
IP address blocks: 80.240.86.0/24 maxlen: 24
82.153.207.0/24 maxlen: 24
212.38.89.0/24 maxlen: 24
213.218.209.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 27 Jan 2025 09:20:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:eb:ec:aa:4f:4a:f1:fc:8b:68:ac:f9:fa:51:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 09:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b5ecb4f211ab04e075511eab626ad17a253a3337
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:77:c8:1e:63:0b:d3:19:de:d1:bc:d4:e9:11:
f4:38:04:f4:b6:d6:6e:47:2d:59:09:a4:4e:26:41:
21:c2:02:ae:2e:34:c8:8d:9c:11:ac:ad:16:ee:48:
56:02:9f:a3:2a:d0:1c:69:8a:3c:16:70:00:c8:40:
bf:9b:11:79:56:8c:fa:9f:12:60:60:b5:5e:8f:88:
f0:47:e4:19:4f:8d:19:32:3a:c9:7c:64:1e:17:85:
17:be:56:b8:e1:63:00:cf:f5:6c:3b:04:ec:92:83:
93:fc:a5:eb:6a:1c:91:c2:d6:c2:da:97:92:1d:b9:
0b:53:1a:44:4d:e0:cb:46:a0:f3:7b:26:fb:9e:a6:
16:50:17:2d:6f:01:57:5f:1f:1f:09:57:fc:46:2c:
d3:79:bb:e0:2c:6a:26:79:9d:e5:63:f0:8c:7e:68:
75:2a:fd:ae:e6:75:e2:1b:54:97:a3:50:11:da:71:
18:6a:dc:92:2f:f4:25:dc:80:83:13:4e:ff:54:1a:
e7:23:bf:96:af:38:b3:85:7f:8a:ac:a6:0d:de:c0:
8c:fa:f6:59:95:3d:64:81:bd:2b:da:88:07:e2:7d:
4c:ab:a6:91:61:3c:56:57:6e:e8:e0:61:79:fc:ec:
17:a2:5b:2a:e6:93:a3:6c:bb:6d:5a:15:b4:3a:90:
58:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:EC:B4:F2:11:AB:04:E0:75:51:1E:AB:62:6A:D1:7A:25:3A:33:37
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/tey08hGrBOB1UR6rYmrReiU6Mzc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.240.86.0/24
82.153.207.0/24
212.38.89.0/24
213.218.209.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:6a:2b:6e:b6:9c:1b:5c:59:c4:a2:6f:94:82:1f:a8:ea:bd:
f9:7a:4d:bd:2f:b9:65:a5:9e:0c:82:6f:bc:5b:32:44:ce:8c:
e5:74:49:14:32:bc:a0:fb:0a:45:06:9d:31:31:88:2f:3d:1d:
54:ea:79:21:2a:0d:f5:3b:81:a2:4c:60:d3:de:a3:41:8a:eb:
00:e4:03:39:4c:24:78:7c:90:4b:b3:d3:77:c0:01:44:02:65:
4d:27:78:36:df:c2:de:8e:87:76:94:69:c8:da:cd:9a:d2:66:
1f:78:7f:a1:52:c4:98:1a:f5:49:e9:8e:e3:c3:e1:8c:04:85:
a3:83:79:f6:10:4c:48:df:f0:39:84:88:27:56:19:e3:99:55:
e2:cb:a1:76:1b:53:30:de:e7:06:2e:a2:61:de:96:c3:53:d2:
09:c9:56:0f:da:ec:82:d7:91:a8:94:20:b5:e3:48:a3:99:2e:
f9:9a:de:f0:56:8c:5b:28:7a:97:75:f1:0e:81:23:79:ed:48:
a7:29:47:bd:fd:d8:1c:09:53:60:24:a2:30:c1:bf:56:60:68:
df:e1:b0:bb:2a:9a:50:9e:04:9a:39:11:c0:ca:be:24:d4:17:
76:cf:11:f2:9e:b9:27:8b:7c:7a:a5:49:78:57:f6:99:86:17:
d4:f9:ef:eb
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQhQ+vsqk9K8fyLaKz5+lHeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTAxMDk0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWVjYjRmMjExYWIwNGUwNzU1MTFlYWI2MjZhZDE3YTI1M2EzMzM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwXfIHmML0xne0bzU6RH0OAT0ttZu
Ry1ZCaROJkEhwgKuLjTIjZwRrK0W7khWAp+jKtAcaYo8FnAAyEC/mxF5Voz6nxJg
YLVej4jwR+QZT40ZMjrJfGQeF4UXvla44WMAz/VsOwTskoOT/KXrahyRwtbC2peS
HbkLUxpETeDLRqDzeyb7nqYWUBctbwFXXx8fCVf8RizTebvgLGomeZ3lY/CMfmh1
Kv2u5nXiG1SXo1AR2nEYatySL/Ql3ICDE07/VBrnI7+WrzizhX+KrKYN3sCM+vZZ
lT1kgb0r2ogH4n1Mq6aRYTxWV27o4GF5/OwXolsq5pOjbLttWhW0OpBYtQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLXstPIRqwTgdVEeq2Jq0XolOjM3MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdGV5MDhoR3JCT0IxVVI2clltclJlaVU2TXpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUPBWAwQA
UpnPAwQA1CZZAwQA1drRMA0GCSqGSIb3DQEBCwUAA4IBAQCcaitutpwbXFnEom+U
gh+o6r35ek29L7llpZ4Mgm+8WzJEzozldEkUMryg+wpFBp0xMYgvPR1U6nkhKg31
O4GiTGDT3qNBiusA5AM5TCR4fJBLs9N3wAFEAmVNJ3g238Lejod2lGnI2s2a0mYf
eH+hUsSYGvVJ6Y7jw+GMBIWjg3n2EExI3/A5hIgnVhnjmVXiy6F2G1Mw3ucGLqJh
3pbDU9IJyVYP2uyC15GolCC140ijmS75mt7wVoxbKHqXdfEOgSN57UinKUe9/dgc
CVNgJKIwwb9WYGjf4bC7KppQngSaORHAyr4k1Bd2zxHynrkni3x6pUl4V/aZhhfU
+e/r
-----END CERTIFICATE-----
Generated at Wed Feb 5 07:37:02 2025 by rpki-client