Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/3066ca-e017-4f61-adc5-728e9967daca/1/CTxnATKsG65EavPP4K3JOi7gQ2o.roa
File: CTxnATKsG65EavPP4K3JOi7gQ2o.roa (raw, json)
Hash identifier: nfdsYpk0bl/P0iP3KZkQEPRN0HBMTdFlTY3EkeJTCIU=
Subject key identifier: 09:3C:67:01:32:AC:1B:AE:44:6A:F3:CF:E0:AD:C9:3A:2E:E0:43:6A
Certificate issuer: /CN=8c89801b19aa9728ad4f6bb7185c11f14b9d8d7c
Certificate serial: 018CC4936332C5733276C12B27BC32D6232D
Authority key identifier: 8C:89:80:1B:19:AA:97:28:AD:4F:6B:B7:18:5C:11:F1:4B:9D:8D:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jImAGxmqlyitT2u3GFwR8UudjXw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/3066ca-e017-4f61-adc5-728e9967daca/1/CTxnATKsG65EavPP4K3JOi7gQ2o.roa
Signing time: Mon 01 Jan 2024 10:30:42 +0000
ROA not before: Mon 01 Jan 2024 10:30:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5500
IP address blocks: 193.108.218.0/24 maxlen: 24
85.119.112.0/21 maxlen: 21
80.92.144.0/20 maxlen: 20
88.82.128.0/19 maxlen: 19
195.206.192.0/19 maxlen: 19
217.22.80.0/20 maxlen: 20
195.72.114.0/23 maxlen: 23
195.72.113.0/24 maxlen: 24
195.128.250.0/23 maxlen: 23
2a00:1160::/29 maxlen: 29
2a05:aa40::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 12 Feb 2024 14:39:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:63:32:c5:73:32:76:c1:2b:27:bc:32:d6:23:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c89801b19aa9728ad4f6bb7185c11f14b9d8d7c
Validity
Not Before: Jan 1 10:30:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=093c670132ac1bae446af3cfe0adc93a2ee0436a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:12:ee:73:46:a5:9c:fa:f7:3d:a3:40:8d:9a:
6f:e7:f4:44:cd:bb:49:2f:6a:5c:a0:3d:04:ad:e2:
51:e6:a5:45:81:6a:38:18:53:8e:e8:59:66:cf:82:
8a:76:79:3f:62:bd:7b:ec:74:16:38:67:1b:5f:86:
34:3e:f3:55:ba:be:91:a0:f0:36:9e:b6:34:fe:b3:
11:44:eb:95:0d:79:5b:c1:2a:e7:c9:bb:23:69:24:
aa:45:e0:46:36:0c:d2:ce:23:ab:18:b4:0c:02:fe:
c9:71:d3:74:b5:84:39:a9:87:e1:90:bb:22:f8:e3:
7b:e0:cc:2e:ce:24:88:8b:77:6b:33:1b:4c:7b:bf:
06:06:d1:f7:40:5a:cb:85:da:43:a8:26:a8:8c:a7:
e0:0b:29:66:c9:50:a2:87:eb:af:e5:43:7b:3a:3e:
02:12:91:86:f8:3e:86:dd:09:59:42:68:a1:a5:a1:
84:8e:ee:65:cd:cb:18:28:d3:6c:d0:12:b9:2d:c7:
d3:31:47:3c:47:03:a3:56:21:15:18:3f:e1:dd:3d:
a7:1c:e3:ce:59:b3:6c:10:25:85:24:a6:71:2c:23:
c9:0d:76:86:cf:41:37:6c:fd:07:95:1c:a8:f4:fa:
2e:9b:7f:0b:7e:bd:cd:34:44:10:19:fe:02:98:35:
d1:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:3C:67:01:32:AC:1B:AE:44:6A:F3:CF:E0:AD:C9:3A:2E:E0:43:6A
X509v3 Authority Key Identifier:
keyid:8C:89:80:1B:19:AA:97:28:AD:4F:6B:B7:18:5C:11:F1:4B:9D:8D:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jImAGxmqlyitT2u3GFwR8UudjXw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/3066ca-e017-4f61-adc5-728e9967daca/1/CTxnATKsG65EavPP4K3JOi7gQ2o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/3066ca-e017-4f61-adc5-728e9967daca/1/jImAGxmqlyitT2u3GFwR8UudjXw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.92.144.0/20
85.119.112.0/21
88.82.128.0/19
193.108.218.0/24
195.72.113.0-195.72.115.255
195.128.250.0/23
195.206.192.0/19
217.22.80.0/20
IPv6:
2a00:1160::/29
2a05:aa40::/29
Signature Algorithm: sha256WithRSAEncryption
20:8f:45:86:08:c6:39:64:7b:98:c3:d4:e3:41:e3:cf:3f:58:
6f:3e:47:83:d6:bf:0a:00:bc:8f:87:c2:e8:74:e0:4f:f0:a3:
87:8b:ae:9d:2a:5a:73:21:f0:b1:68:d5:87:47:04:7f:02:5d:
de:d7:52:8d:f7:88:62:61:d2:80:35:7f:86:83:90:8d:8d:e0:
90:10:cb:84:c0:e5:f3:85:28:6d:c9:3f:bf:d4:53:ce:c1:b5:
63:8e:a0:e2:ee:c6:55:62:8a:92:ef:82:d9:40:0c:a0:48:3b:
34:ce:7d:0d:97:bd:06:57:95:31:88:86:d0:25:3d:d5:4c:82:
6f:f6:02:9a:15:f6:f0:fb:56:59:d7:e2:59:4a:ca:98:f9:ee:
46:26:cc:fa:fc:b2:b9:10:b3:2a:85:cc:ff:52:17:3a:cd:5f:
64:27:bb:e3:af:af:19:02:8e:be:ce:31:ba:52:18:cf:fa:f6:
8d:ab:6f:50:73:4b:15:6e:95:0a:fa:26:85:37:89:1d:f2:6e:
33:c0:9c:4c:96:4a:4e:ad:d7:c9:20:c9:f5:57:13:d7:bf:8d:
fb:49:6e:eb:32:02:73:4f:0d:4c:15:c4:01:03:bb:13:01:cb:
c7:86:17:8b:68:3e:7c:4d:87:50:60:a4:dd:2b:2d:a6:93:60:
0b:62:67:29
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYzEk2MyxXMydsErJ7wy1iMtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjODk4MDFiMTlhYTk3MjhhZDRmNmJiNzE4NWMxMWYxNGI5
ZDhkN2MwHhcNMjQwMTAxMTAzMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTNjNjcwMTMyYWMxYmFlNDQ2YWYzY2ZlMGFkYzkzYTJlZTA0MzZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjhLuc0alnPr3PaNAjZpv5/REzbtJ
L2pcoD0EreJR5qVFgWo4GFOO6Flmz4KKdnk/Yr177HQWOGcbX4Y0PvNVur6RoPA2
nrY0/rMRROuVDXlbwSrnybsjaSSqReBGNgzSziOrGLQMAv7JcdN0tYQ5qYfhkLsi
+ON74MwuziSIi3drMxtMe78GBtH3QFrLhdpDqCaojKfgCylmyVCih+uv5UN7Oj4C
EpGG+D6G3QlZQmihpaGEju5lzcsYKNNs0BK5LcfTMUc8RwOjViEVGD/h3T2nHOPO
WbNsECWFJKZxLCPJDXaGz0E3bP0HlRyo9Poum38Lfr3NNEQQGf4CmDXRaQIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFAk8ZwEyrBuuRGrzz+CtyTou4ENqMB8GA1UdIwQY
MBaAFIyJgBsZqpcorU9rtxhcEfFLnY18MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakltQUd4bXFseWl0VDJ1M0dGd1I4VXVkalh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi8zMDY2Y2EtZTAxNy00ZjYxLWFkYzUt
NzI4ZTk5NjdkYWNhLzEvQ1R4bkFUS3NHNjVFYXZQUDRLM0pPaTdnUTJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi8zMDY2Y2EtZTAxNy00ZjYxLWFkYzUtNzI4ZTk5NjdkYWNh
LzEvakltQUd4bXFseWl0VDJ1M0dGd1I4VXVkalh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjA+BAIAATA4AwQEUFyQAwQD
VXdwAwQFWFKAAwQAwWzaMAwDBADDSHEDBALDSHADBAHDgPoDBAXDzsADBATZFlAw
FAQCAAIwDgMFAyoAEWADBQMqBapAMA0GCSqGSIb3DQEBCwUAA4IBAQAgj0WGCMY5
ZHuYw9TjQePPP1hvPkeD1r8KALyPh8LodOBP8KOHi66dKlpzIfCxaNWHRwR/Al3e
11KN94hiYdKANX+Gg5CNjeCQEMuEwOXzhShtyT+/1FPOwbVjjqDi7sZVYoqS74LZ
QAygSDs0zn0Nl70GV5UxiIbQJT3VTIJv9gKaFfbw+1ZZ1+JZSsqY+e5GJsz6/LK5
ELMqhcz/Uhc6zV9kJ7vjr68ZAo6+zjG6UhjP+vaNq29Qc0sVbpUK+iaFN4kd8m4z
wJxMlkpOrdfJIMn1VxPXv437SW7rMgJzTw1MFcQBA7sTAcvHhheLaD58TYdQYKTd
Ky2mk2ALYmcp
-----END CERTIFICATE-----
Generated at Tue Apr 22 13:28:23 2025 by rpki-client