Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/605f1c-0d7a-4bd3-88b6-2f0a6bdbbe51/1/Va2zKvWwvJE6OWNjfJXDH93ttdI.roa
File: Va2zKvWwvJE6OWNjfJXDH93ttdI.roa (raw, json)
Hash identifier: 0ibIHhUdyhU3Q5kwMSB3/N+hssVrV8V36qeZkhDq9Dk=
Subject key identifier: 55:AD:B3:2A:F5:B0:BC:91:3A:39:63:63:7C:95:C3:1F:DD:ED:B5:D2
Certificate issuer: /CN=10f1d0dbe093c722350618f4045c25ba94317f87
Certificate serial: 018CC8DE61D9BF47994AE7D3FB70EAD7178F
Authority key identifier: 10:F1:D0:DB:E0:93:C7:22:35:06:18:F4:04:5C:25:BA:94:31:7F:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EPHQ2-CTxyI1Bhj0BFwlupQxf4c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/605f1c-0d7a-4bd3-88b6-2f0a6bdbbe51/1/Va2zKvWwvJE6OWNjfJXDH93ttdI.roa
Signing time: Tue 02 Jan 2024 06:31:06 +0000
ROA not before: Tue 02 Jan 2024 06:31:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9120
IP address blocks: 212.97.136.0/22 maxlen: 22
212.97.144.0/20 maxlen: 20
92.43.88.0/21 maxlen: 21
185.238.192.0/22 maxlen: 22
185.221.246.0/23 maxlen: 23
80.70.8.0/21 maxlen: 21
2a04:3f80::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 02 Feb 2024 16:38:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:61:d9:bf:47:99:4a:e7:d3:fb:70:ea:d7:17:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=10f1d0dbe093c722350618f4045c25ba94317f87
Validity
Not Before: Jan 2 06:31:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=55adb32af5b0bc913a3963637c95c31fddedb5d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:ae:b0:40:f0:32:20:08:8f:91:2b:7a:c2:a4:
a4:61:be:e7:20:35:e8:2e:33:bf:c4:c5:26:da:29:
63:e3:e9:d6:d1:b5:f6:c2:81:db:f0:ad:9a:55:d8:
28:9b:e3:2d:1a:f6:ba:16:b1:07:62:75:3a:e0:45:
8f:d1:15:69:46:4a:b7:5e:89:dd:fa:05:dd:1e:18:
49:fc:d5:ec:48:58:61:15:fe:0f:ff:9f:75:4b:7a:
4e:d8:f5:ea:25:9b:f5:38:a2:39:5b:05:15:79:29:
3b:36:72:0b:1e:46:38:26:67:73:02:5b:73:cc:6b:
fe:58:1e:54:78:83:3c:c4:5d:23:13:1e:9c:f5:72:
f6:ab:08:ba:bf:07:cd:53:9f:9a:cc:90:ce:59:1e:
ce:ac:d9:f1:7a:36:ba:d8:e5:2a:d1:4b:93:a6:c0:
f5:d7:39:76:f7:c7:a0:f0:63:23:40:4b:f9:32:66:
41:3d:ef:14:43:8c:77:37:21:80:78:c8:43:64:ef:
b4:1d:d5:10:64:9c:35:03:b6:30:08:4b:63:06:7d:
a5:cf:d3:52:07:57:b2:c2:47:fe:40:f7:21:13:35:
f8:06:c7:3a:b6:14:97:ab:9d:d1:6d:4b:7a:81:6e:
d3:97:f1:79:66:7e:fd:46:fa:e2:a8:b6:cd:fd:5d:
c6:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:AD:B3:2A:F5:B0:BC:91:3A:39:63:63:7C:95:C3:1F:DD:ED:B5:D2
X509v3 Authority Key Identifier:
keyid:10:F1:D0:DB:E0:93:C7:22:35:06:18:F4:04:5C:25:BA:94:31:7F:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EPHQ2-CTxyI1Bhj0BFwlupQxf4c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/605f1c-0d7a-4bd3-88b6-2f0a6bdbbe51/1/Va2zKvWwvJE6OWNjfJXDH93ttdI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/605f1c-0d7a-4bd3-88b6-2f0a6bdbbe51/1/EPHQ2-CTxyI1Bhj0BFwlupQxf4c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.70.8.0/21
92.43.88.0/21
185.221.246.0/23
185.238.192.0/22
212.97.136.0/22
212.97.144.0/20
IPv6:
2a04:3f80::/29
Signature Algorithm: sha256WithRSAEncryption
73:c3:94:e1:4c:3d:b8:40:e5:21:fd:67:f2:1e:ea:88:8c:d7:
88:d9:49:76:0c:46:09:28:79:40:23:6b:93:e9:49:bb:1d:5e:
60:86:f2:9d:96:fe:db:cd:81:91:56:c7:fd:c7:1b:2f:ef:da:
f6:ca:f0:ed:f1:e3:f5:f1:bc:cf:77:fb:fd:04:7a:46:6a:bc:
1e:23:a4:52:af:c6:6a:f8:63:66:75:62:5a:13:cf:a1:28:d2:
94:22:7f:cf:1e:5d:76:dd:78:32:92:ad:e8:97:e4:20:70:20:
8c:3a:1c:c8:c3:0f:e6:a9:73:b5:e6:e0:bf:31:0d:32:0f:08:
8b:65:24:96:29:da:8b:ef:ab:54:2c:d6:0a:05:35:31:e1:cc:
ff:ae:b9:75:4a:93:00:f3:04:b1:4c:3e:6a:eb:d0:be:b7:8e:
2c:5b:29:d0:c4:fa:a5:3c:e0:03:21:54:32:7d:a8:97:2e:56:
03:e1:ef:c2:3d:66:3a:94:2e:9e:26:86:1a:54:1e:93:d3:c4:
8d:4e:f1:ee:69:6d:e0:1b:e5:04:9a:c7:2c:f1:b7:c2:8f:ae:
d4:db:3d:19:27:46:26:50:3f:55:6c:4e:38:a3:c3:e2:fe:c1:
08:4b:20:7e:63:48:c3:c3:10:4b:c5:30:c8:76:41:71:bb:22:
03:d6:16:f0
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYzI3mHZv0eZSufT+3Dq1xePMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwZjFkMGRiZTA5M2M3MjIzNTA2MThmNDA0NWMyNWJhOTQz
MTdmODcwHhcNMjQwMTAyMDYzMTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWFkYjMyYWY1YjBiYzkxM2EzOTYzNjM3Yzk1YzMxZmRkZWRiNWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxK6wQPAyIAiPkSt6wqSkYb7nIDXo
LjO/xMUm2ilj4+nW0bX2woHb8K2aVdgom+MtGva6FrEHYnU64EWP0RVpRkq3Xond
+gXdHhhJ/NXsSFhhFf4P/591S3pO2PXqJZv1OKI5WwUVeSk7NnILHkY4JmdzAltz
zGv+WB5UeIM8xF0jEx6c9XL2qwi6vwfNU5+azJDOWR7OrNnxeja62OUq0UuTpsD1
1zl298eg8GMjQEv5MmZBPe8UQ4x3NyGAeMhDZO+0HdUQZJw1A7YwCEtjBn2lz9NS
B1eywkf+QPchEzX4Bsc6thSXq53RbUt6gW7Tl/F5Zn79RvriqLbN/V3GbQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFFWtsyr1sLyROjljY3yVwx/d7bXSMB8GA1UdIwQY
MBaAFBDx0Nvgk8ciNQYY9ARcJbqUMX+HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVBIUTItQ1R4eUkxQmhqMEJGd2x1cFF4ZjRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC82MDVmMWMtMGQ3YS00YmQzLTg4YjYt
MmYwYTZiZGJiZTUxLzEvVmEyekt2V3d2SkU2T1dOamZKWERIOTN0dGRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC82MDVmMWMtMGQ3YS00YmQzLTg4YjYtMmYwYTZiZGJiZTUx
LzEvRVBIUTItQ1R4eUkxQmhqMEJGd2x1cFF4ZjRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDUEYIAwQD
XCtYAwQBud32AwQCue7AAwQC1GGIAwQE1GGQMA0EAgACMAcDBQMqBD+AMA0GCSqG
SIb3DQEBCwUAA4IBAQBzw5ThTD24QOUh/WfyHuqIjNeI2Ul2DEYJKHlAI2uT6Um7
HV5ghvKdlv7bzYGRVsf9xxsv79r2yvDt8eP18bzPd/v9BHpGarweI6RSr8Zq+GNm
dWJaE8+hKNKUIn/PHl123Xgykq3ol+QgcCCMOhzIww/mqXO15uC/MQ0yDwiLZSSW
KdqL76tULNYKBTUx4cz/rrl1SpMA8wSxTD5q69C+t44sWynQxPqlPOADIVQyfaiX
LlYD4e/CPWY6lC6eJoYaVB6T08SNTvHuaW3gG+UEmscs8bfCj67U2z0ZJ0YmUD9V
bE44o8Pi/sEISyB+Y0jDwxBLxTDIdkFxuyID1hbw
-----END CERTIFICATE-----
Generated at Fri Feb 2 20:33:32 2024 by rpki-client on console-fra.rpki-client.org