Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/uXsHGCgCIrzK8djJO8mZ9Se1ITw.roa
File: uXsHGCgCIrzK8djJO8mZ9Se1ITw.roa (raw, json)
Hash identifier: As1Gnu+fBYsAAJeiNognfLi2K5+kUuZbR+P1BSbejQI=
Subject key identifier: B9:7B:07:18:28:02:22:BC:CA:F1:D8:C9:3B:C9:99:F5:27:B5:21:3C
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018F9A24A8C4F6EC1128CB11B0577BE08955
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/uXsHGCgCIrzK8djJO8mZ9Se1ITw.roa
Signing time: Tue 21 May 2024 07:54:04 +0000
ROA not before: Tue 21 May 2024 07:54:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 80.240.88.0/21 maxlen: 24
82.152.174.0/23 maxlen: 23
82.153.208.0/22 maxlen: 22
82.163.24.0/21 maxlen: 24
89.213.198.0/23 maxlen: 24
89.213.200.0/23 maxlen: 24
89.213.202.0/23 maxlen: 24
89.213.204.0/23 maxlen: 24
Validation: Failed, certificate revoked on Fri 31 May 2024 07:59:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:9a:24:a8:c4:f6:ec:11:28:cb:11:b0:57:7b:e0:89:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 21 07:54:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b97b0718280222bccaf1d8c93bc999f527b5213c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:4e:6c:f1:64:4f:b1:e9:07:68:43:79:16:05:
28:de:bf:e0:d8:7c:07:4f:e4:2a:90:15:d9:86:b8:
26:34:18:eb:e3:99:1a:c4:c1:d4:1b:9e:df:81:50:
76:57:e4:c9:04:57:2a:6d:49:61:b7:dc:2a:47:3f:
61:d4:e5:86:17:97:43:11:6a:95:48:df:2c:16:3c:
03:c4:53:f4:0e:28:b5:8a:51:69:e6:ae:41:d2:2e:
ff:08:58:d0:a1:9d:c4:14:26:d9:3b:cd:d2:2e:42:
60:cd:48:d6:21:17:7d:52:21:cc:28:4e:af:69:48:
75:52:4b:a6:0c:e5:9f:ad:db:bf:3e:19:47:69:86:
cf:80:cd:5b:ab:1f:c9:2c:5e:f2:65:e8:b4:a2:ba:
fc:af:9f:90:76:c9:5c:71:a2:33:ee:9f:06:52:12:
9d:6d:90:59:35:ee:9c:e7:0e:7a:8b:cb:ee:e9:45:
ca:06:37:b2:7e:4e:d9:9e:3f:d5:85:bc:f0:6d:8b:
dd:a7:ea:e0:23:e1:b0:4f:e2:10:c4:5d:60:5c:90:
86:80:0a:96:cd:16:60:d3:d1:e9:43:fc:7d:3e:66:
7f:9f:28:be:7e:a8:6c:1b:0d:b5:bd:b2:3d:6c:23:
ec:ad:31:08:6f:71:5a:f6:b9:e7:08:c0:79:c4:d2:
17:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:7B:07:18:28:02:22:BC:CA:F1:D8:C9:3B:C9:99:F5:27:B5:21:3C
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/uXsHGCgCIrzK8djJO8mZ9Se1ITw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.240.88.0/21
82.152.174.0/23
82.153.208.0/22
82.163.24.0/21
89.213.198.0-89.213.205.255
Signature Algorithm: sha256WithRSAEncryption
12:29:e1:ef:00:31:f6:59:87:1c:16:c0:6b:d9:38:7e:24:30:
64:2a:92:c0:4a:f7:28:29:20:a8:a3:75:c4:b2:bc:27:8c:f4:
3f:75:3c:4e:b2:84:42:75:29:4f:6d:fb:43:0a:88:1d:9e:a3:
22:79:d7:62:e9:a2:43:fb:76:43:a4:1e:6e:ff:a8:bf:4e:f9:
bb:0b:cd:95:65:e9:06:6e:af:20:e0:09:19:a4:12:2e:b1:7b:
c1:40:a9:34:b9:12:48:77:b0:07:f0:de:8d:0e:dd:f6:21:13:
51:d4:59:fd:ea:14:35:d2:68:fc:90:59:90:29:90:fd:78:54:
a5:6b:fd:da:d6:c2:ad:7d:4d:16:f3:7a:4d:85:f1:b3:dd:1e:
ce:3c:be:f1:f2:91:8b:08:83:61:e9:b4:3b:89:28:09:fd:ca:
2d:b5:25:16:9e:59:c4:e4:d6:cf:3f:a2:19:ac:0d:a4:7f:7e:
75:3e:b2:ba:4b:00:da:1e:40:b4:28:11:73:bc:b3:d1:51:fd:
f1:99:69:f5:5c:21:27:15:fc:9a:a7:8d:13:8b:ca:1f:8b:c3:
b9:94:1e:db:08:22:ce:8d:91:f4:3d:7e:de:38:5d:b0:70:32:
eb:ff:ee:d9:2a:59:d2:bb:4f:54:1f:35:69:b6:b1:61:f8:49:
2c:72:bf:10
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAY+aJKjE9uwRKMsRsFd74IlVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNTIxMDc1NDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTdiMDcxODI4MDIyMmJjY2FmMWQ4YzkzYmM5OTlmNTI3YjUyMTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtU5s8WRPsekHaEN5FgUo3r/g2HwH
T+QqkBXZhrgmNBjr45kaxMHUG57fgVB2V+TJBFcqbUlht9wqRz9h1OWGF5dDEWqV
SN8sFjwDxFP0Dii1ilFp5q5B0i7/CFjQoZ3EFCbZO83SLkJgzUjWIRd9UiHMKE6v
aUh1UkumDOWfrdu/PhlHaYbPgM1bqx/JLF7yZei0orr8r5+QdslccaIz7p8GUhKd
bZBZNe6c5w56i8vu6UXKBjeyfk7Znj/VhbzwbYvdp+rgI+GwT+IQxF1gXJCGgAqW
zRZg09HpQ/x9PmZ/nyi+fqhsGw21vbI9bCPsrTEIb3Fa9rnnCMB5xNIXlQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFLl7BxgoAiK8yvHYyTvJmfUntSE8MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdVhzSEdDZ0NJcnpLOGRqSk84bVo5U2UxSVR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQDUPBYAwQB
UpiuAwQCUpnQAwQDUqMYMAwDBAFZ1cYDBAFZ1cwwDQYJKoZIhvcNAQELBQADggEB
ABIp4e8AMfZZhxwWwGvZOH4kMGQqksBK9ygpIKijdcSyvCeM9D91PE6yhEJ1KU9t
+0MKiB2eoyJ512LpokP7dkOkHm7/qL9O+bsLzZVl6QZuryDgCRmkEi6xe8FAqTS5
Ekh3sAfw3o0O3fYhE1HUWf3qFDXSaPyQWZApkP14VKVr/drWwq19TRbzek2F8bPd
Hs48vvHykYsIg2HptDuJKAn9yi21JRaeWcTk1s8/ohmsDaR/fnU+srpLANoeQLQo
EXO8s9FR/fGZafVcIScV/JqnjROLyh+Lw7mUHtsIIs6NkfQ9ft44XbBwMuv/7tkq
WdK7T1QfNWm2sWH4SSxyvxA=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:20:35 2025 by rpki-client