Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/605f1c-0d7a-4bd3-88b6-2f0a6bdbbe51/1/O0SOZDpzIjHkg-hs2AYhUpjblAQ.roa
File: O0SOZDpzIjHkg-hs2AYhUpjblAQ.roa (raw, json)
Hash identifier: y4nRKzetgbHtW9c7XKUU1r+LtG876Tnxh02gVYVsubs=
Subject key identifier: 3B:44:8E:64:3A:73:22:31:E4:83:E8:6C:D8:06:21:52:98:DB:94:04
Certificate issuer: /CN=10f1d0dbe093c722350618f4045c25ba94317f87
Certificate serial: 018D93780F7BD8A76E1B0621DF54F1C6A7E4
Authority key identifier: 10:F1:D0:DB:E0:93:C7:22:35:06:18:F4:04:5C:25:BA:94:31:7F:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EPHQ2-CTxyI1Bhj0BFwlupQxf4c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/605f1c-0d7a-4bd3-88b6-2f0a6bdbbe51/1/O0SOZDpzIjHkg-hs2AYhUpjblAQ.roa
Signing time: Sat 10 Feb 2024 14:42:15 +0000
ROA not before: Sat 10 Feb 2024 14:42:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9120
IP address blocks: 80.70.8.0/21 maxlen: 21
92.43.88.0/21 maxlen: 21
185.221.247.0/24 maxlen: 24
185.238.192.0/22 maxlen: 22
212.97.136.0/22 maxlen: 22
212.97.144.0/20 maxlen: 20
2a04:3f80::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:47:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:93:78:0f:7b:d8:a7:6e:1b:06:21:df:54:f1:c6:a7:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=10f1d0dbe093c722350618f4045c25ba94317f87
Validity
Not Before: Feb 10 14:42:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3b448e643a732231e483e86cd806215298db9404
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:c4:78:67:f4:1d:ed:28:71:e2:e2:8f:71:fa:
4f:c0:14:e5:9e:0c:7e:db:88:cc:2b:39:39:c1:bc:
9b:60:5e:26:8d:8e:9e:05:10:a6:9a:f7:7f:7f:4a:
a5:a0:db:a9:0e:f7:52:6f:20:4c:96:91:ef:7c:3c:
6b:5e:2e:be:dd:51:b5:33:e4:d7:ca:16:f9:58:59:
e1:12:ce:1c:df:27:de:60:db:e6:1c:9e:a0:34:40:
66:b4:f3:e6:96:52:e6:5a:e1:3b:15:0b:47:de:a7:
9b:16:02:87:d7:4f:29:55:99:8c:62:de:2f:a9:fc:
81:49:dd:b8:bd:fd:99:b7:d9:65:c1:98:7f:f9:6f:
db:f8:9f:10:6a:d0:e9:45:7a:cb:e4:00:81:7a:b9:
c0:7e:0c:ac:f7:d4:f6:ed:0b:a8:d4:ea:fc:d3:cb:
aa:d5:1b:aa:c8:81:8a:1e:15:d6:ff:fe:0e:6c:a9:
b4:57:f7:30:a1:45:d3:5b:27:32:7e:5c:18:89:5a:
0f:46:5e:ec:1a:7a:61:a6:7f:dd:a2:70:9a:09:7c:
de:dc:d9:05:2b:ac:87:7d:6c:87:36:8c:17:37:4f:
7b:e2:48:55:17:1b:f5:78:b8:d7:66:9b:ca:07:8a:
ed:e0:00:e6:15:9b:eb:87:00:a5:0b:98:ee:c6:04:
17:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:44:8E:64:3A:73:22:31:E4:83:E8:6C:D8:06:21:52:98:DB:94:04
X509v3 Authority Key Identifier:
keyid:10:F1:D0:DB:E0:93:C7:22:35:06:18:F4:04:5C:25:BA:94:31:7F:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EPHQ2-CTxyI1Bhj0BFwlupQxf4c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/605f1c-0d7a-4bd3-88b6-2f0a6bdbbe51/1/O0SOZDpzIjHkg-hs2AYhUpjblAQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/605f1c-0d7a-4bd3-88b6-2f0a6bdbbe51/1/EPHQ2-CTxyI1Bhj0BFwlupQxf4c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.70.8.0/21
92.43.88.0/21
185.221.247.0/24
185.238.192.0/22
212.97.136.0/22
212.97.144.0/20
IPv6:
2a04:3f80::/29
Signature Algorithm: sha256WithRSAEncryption
4a:5c:ea:25:60:2e:bf:4c:d0:22:66:f4:ea:17:41:c6:c8:4e:
04:77:f6:51:60:a1:71:1b:d1:6e:d5:57:c2:68:6f:93:5d:4d:
c0:e8:25:9b:43:41:e6:4a:d4:51:ef:ff:47:21:9b:fd:e6:da:
fe:ac:94:ee:31:26:3e:f9:05:4e:38:63:a6:a6:42:97:7b:cb:
48:e0:3a:5b:1b:1f:a5:16:fe:18:59:ba:81:ef:f0:cc:ec:6a:
c5:80:5b:77:6d:e8:61:53:ad:d0:e4:dc:10:55:c9:92:9f:7d:
8a:f4:ea:ee:86:a4:4c:15:e4:f8:8f:3d:e6:be:1c:7d:a8:4e:
65:d6:12:f3:af:45:87:df:da:c7:10:08:dd:8b:ea:20:c1:26:
0a:e0:d6:9d:d0:56:97:f9:30:c8:ce:26:6b:8a:f7:1f:2b:68:
bc:eb:bf:b7:5e:c2:25:ac:73:c0:a3:8c:53:ca:7f:b4:49:aa:
88:7e:d9:d2:1d:d8:58:c8:46:a5:49:65:a2:a8:6f:3e:bb:de:
35:2c:5a:8a:c1:50:63:24:51:76:5c:1d:7a:9d:af:59:76:74:
34:c3:86:b4:40:b8:1f:2b:ef:05:76:b9:14:ef:03:d4:2e:f0:
b8:5d:24:61:7d:ee:d3:f8:2a:ea:25:67:af:96:a1:60:c0:a2:
a0:81:5d:07
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAY2TeA972KduGwYh31TxxqfkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwZjFkMGRiZTA5M2M3MjIzNTA2MThmNDA0NWMyNWJhOTQz
MTdmODcwHhcNMjQwMjEwMTQ0MjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjQ0OGU2NDNhNzMyMjMxZTQ4M2U4NmNkODA2MjE1Mjk4ZGI5NDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt8R4Z/Qd7Shx4uKPcfpPwBTlngx+
24jMKzk5wbybYF4mjY6eBRCmmvd/f0qloNupDvdSbyBMlpHvfDxrXi6+3VG1M+TX
yhb5WFnhEs4c3yfeYNvmHJ6gNEBmtPPmllLmWuE7FQtH3qebFgKH108pVZmMYt4v
qfyBSd24vf2Zt9llwZh/+W/b+J8QatDpRXrL5ACBernAfgys99T27Quo1Or808uq
1RuqyIGKHhXW//4ObKm0V/cwoUXTWycyflwYiVoPRl7sGnphpn/donCaCXze3NkF
K6yHfWyHNowXN0974khVFxv1eLjXZpvKB4rt4ADmFZvrhwClC5juxgQXYQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFDtEjmQ6cyIx5IPobNgGIVKY25QEMB8GA1UdIwQY
MBaAFBDx0Nvgk8ciNQYY9ARcJbqUMX+HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVBIUTItQ1R4eUkxQmhqMEJGd2x1cFF4ZjRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC82MDVmMWMtMGQ3YS00YmQzLTg4YjYt
MmYwYTZiZGJiZTUxLzEvTzBTT1pEcHpJakhrZy1oczJBWWhVcGpibEFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC82MDVmMWMtMGQ3YS00YmQzLTg4YjYtMmYwYTZiZGJiZTUx
LzEvRVBIUTItQ1R4eUkxQmhqMEJGd2x1cFF4ZjRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDUEYIAwQD
XCtYAwQAud33AwQCue7AAwQC1GGIAwQE1GGQMA0EAgACMAcDBQMqBD+AMA0GCSqG
SIb3DQEBCwUAA4IBAQBKXOolYC6/TNAiZvTqF0HGyE4Ed/ZRYKFxG9Fu1VfCaG+T
XU3A6CWbQ0HmStRR7/9HIZv95tr+rJTuMSY++QVOOGOmpkKXe8tI4DpbGx+lFv4Y
WbqB7/DM7GrFgFt3behhU63Q5NwQVcmSn32K9OruhqRMFeT4jz3mvhx9qE5l1hLz
r0WH39rHEAjdi+ogwSYK4Nad0FaX+TDIziZrivcfK2i867+3XsIlrHPAo4xTyn+0
SaqIftnSHdhYyEalSWWiqG8+u941LFqKwVBjJFF2XB16na9ZdnQ0w4a0QLgfK+8F
drkU7wPULvC4XSRhfe7T+CrqJWevlqFgwKKggV0H
-----END CERTIFICATE-----
Generated at Sat Apr 19 03:39:14 2025 by rpki-client