Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/39b08d-eb01-43b0-b56c-273884b53c6e/1/1U-TJ17emWSgGfZ5BGcLojJGkX4.roa
File: 1U-TJ17emWSgGfZ5BGcLojJGkX4.roa (raw, json)
Hash identifier: S6TfCa3BY4OANvtb3ooTvt+gJBL1vH0k8odIVQQ1mUY=
Subject key identifier: D5:4F:93:27:5E:DE:99:64:A0:19:F6:79:04:67:0B:A2:32:46:91:7E
Certificate issuer: /CN=c334a35abfa82d549e490704d68bbe658005d63c
Certificate serial: 018CC2DB661A938946E4466CD0C3084FEE23
Authority key identifier: C3:34:A3:5A:BF:A8:2D:54:9E:49:07:04:D6:8B:BE:65:80:05:D6:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wzSjWr-oLVSeSQcE1ou-ZYAF1jw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/39b08d-eb01-43b0-b56c-273884b53c6e/1/1U-TJ17emWSgGfZ5BGcLojJGkX4.roa
Signing time: Mon 01 Jan 2024 02:30:07 +0000
ROA not before: Mon 01 Jan 2024 02:30:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15830
IP address blocks: 80.69.0.0/19 maxlen: 19
89.187.96.0/19 maxlen: 19
195.234.244.0/22 maxlen: 24
37.46.0.0/21 maxlen: 21
185.2.164.0/22 maxlen: 22
2001:1a0b::/32 maxlen: 32
2001:1a0a::/32 maxlen: 32
2001:1a08::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:47:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:66:1a:93:89:46:e4:46:6c:d0:c3:08:4f:ee:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c334a35abfa82d549e490704d68bbe658005d63c
Validity
Not Before: Jan 1 02:30:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d54f93275ede9964a019f67904670ba23246917e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:fe:22:69:51:ab:8f:b4:a9:50:81:c9:c5:b1:
6a:d4:7a:01:9e:ed:25:ca:1e:ce:3d:d5:cb:54:58:
a2:80:96:b5:ca:59:e3:06:91:46:93:86:e3:56:23:
db:ea:bd:0c:34:05:87:08:56:c0:c9:c1:22:7d:4e:
9c:5f:20:cb:8d:6b:14:08:62:55:13:7d:f5:5e:80:
eb:94:c4:64:67:5a:c5:82:5a:24:ee:cf:a9:c5:99:
23:96:91:de:01:68:87:b7:ed:89:6b:50:a3:39:14:
80:c2:4e:ab:95:f2:95:9f:fe:6b:49:c5:9b:6f:2c:
96:d3:3f:6a:1f:e0:b2:fc:1a:5c:39:93:ca:55:f9:
e7:55:35:42:25:d7:c0:98:27:4b:a3:f1:98:7f:ea:
8d:ad:dd:5e:52:37:85:07:49:06:00:bd:00:42:53:
fb:d2:72:37:84:a5:f6:3f:91:59:c2:49:be:52:25:
86:bf:54:5f:e3:df:bd:b5:d5:36:31:d5:2c:76:94:
56:71:ee:6b:2e:ac:bb:a6:a7:70:15:1e:58:f8:81:
12:42:44:09:03:bc:61:ab:1f:1c:80:c9:28:31:74:
86:0a:2b:76:5e:32:07:5c:83:fe:be:b1:4c:c7:3b:
36:90:d4:e4:07:a8:e7:ea:c8:ce:42:e1:f0:d8:b7:
a4:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:4F:93:27:5E:DE:99:64:A0:19:F6:79:04:67:0B:A2:32:46:91:7E
X509v3 Authority Key Identifier:
keyid:C3:34:A3:5A:BF:A8:2D:54:9E:49:07:04:D6:8B:BE:65:80:05:D6:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wzSjWr-oLVSeSQcE1ou-ZYAF1jw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/39b08d-eb01-43b0-b56c-273884b53c6e/1/1U-TJ17emWSgGfZ5BGcLojJGkX4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/39b08d-eb01-43b0-b56c-273884b53c6e/1/wzSjWr-oLVSeSQcE1ou-ZYAF1jw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.46.0.0/21
80.69.0.0/19
89.187.96.0/19
185.2.164.0/22
195.234.244.0/22
IPv6:
2001:1a08::/32
2001:1a0a::/31
Signature Algorithm: sha256WithRSAEncryption
ab:60:32:bd:3f:32:a8:f0:a4:e7:89:66:e3:9a:2b:7a:35:ae:
4c:3a:0a:0c:6d:50:59:85:e6:aa:c7:b2:fe:31:63:ba:b3:20:
2f:65:36:05:c3:9f:5b:68:7f:0b:e1:48:c1:ea:8b:26:ea:f3:
f5:b4:41:71:ac:7b:4d:e7:af:a8:da:1c:bf:e5:43:7c:97:3d:
6a:2d:af:8b:43:fe:57:2f:c6:a0:7d:5f:fa:80:c9:be:d3:d7:
88:79:18:10:6e:37:d3:be:b4:00:2f:3a:e7:8c:52:b3:17:94:
f1:f4:75:72:91:73:6c:0c:ed:2f:90:f8:f1:dc:50:d8:d4:bb:
9c:ad:19:fe:02:5a:90:ba:4b:df:b3:6b:22:e5:93:51:9b:5d:
f7:77:7a:8b:c0:10:64:5c:6c:1b:7e:03:54:78:3e:62:51:b3:
6b:17:36:1b:07:7b:8f:95:d4:08:40:86:e7:cf:ab:75:f1:89:
a6:26:fd:b5:5c:09:c4:93:de:5a:98:5e:ba:99:85:06:2a:97:
8b:79:32:03:1c:43:e5:09:97:00:87:7a:5f:23:80:20:5e:c7:
f2:bc:9f:68:76:80:b3:e8:bf:b7:66:0f:43:2c:bf:8b:b5:82:
b6:f0:c9:4a:90:f0:9f:bf:4e:5f:9b:9f:f5:1e:ab:f1:58:ee:
c3:31:d1:3f
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYzC22Yak4lG5EZs0MMIT+4jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzMzRhMzVhYmZhODJkNTQ5ZTQ5MDcwNGQ2OGJiZTY1ODAw
NWQ2M2MwHhcNMjQwMTAxMDIzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTRmOTMyNzVlZGU5OTY0YTAxOWY2NzkwNDY3MGJhMjMyNDY5MTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtf4iaVGrj7SpUIHJxbFq1HoBnu0l
yh7OPdXLVFiigJa1ylnjBpFGk4bjViPb6r0MNAWHCFbAycEifU6cXyDLjWsUCGJV
E331XoDrlMRkZ1rFglok7s+pxZkjlpHeAWiHt+2Ja1CjORSAwk6rlfKVn/5rScWb
byyW0z9qH+Cy/BpcOZPKVfnnVTVCJdfAmCdLo/GYf+qNrd1eUjeFB0kGAL0AQlP7
0nI3hKX2P5FZwkm+UiWGv1Rf49+9tdU2MdUsdpRWce5rLqy7pqdwFR5Y+IESQkQJ
A7xhqx8cgMkoMXSGCit2XjIHXIP+vrFMxzs2kNTkB6jn6sjOQuHw2LekaQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFNVPkyde3plkoBn2eQRnC6IyRpF+MB8GA1UdIwQY
MBaAFMM0o1q/qC1UnkkHBNaLvmWABdY8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3pTaldyLW9MVlNlU1FjRTFvdS1aWUFGMWp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC8zOWIwOGQtZWIwMS00M2IwLWI1NmMt
MjczODg0YjUzYzZlLzEvMVUtVEoxN2VtV1NnR2ZaNUJHY0xvakpHa1g0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC8zOWIwOGQtZWIwMS00M2IwLWI1NmMtMjczODg0YjUzYzZl
LzEvd3pTaldyLW9MVlNlU1FjRTFvdS1aWUFGMWp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQDJS4AAwQF
UEUAAwQFWbtgAwQCuQKkAwQCw+r0MBQEAgACMA4DBQAgARoIAwUBIAEaCjANBgkq
hkiG9w0BAQsFAAOCAQEAq2AyvT8yqPCk54lm45orejWuTDoKDG1QWYXmqsey/jFj
urMgL2U2BcOfW2h/C+FIweqLJurz9bRBcax7TeevqNocv+VDfJc9ai2vi0P+Vy/G
oH1f+oDJvtPXiHkYEG430760AC8654xSsxeU8fR1cpFzbAztL5D48dxQ2NS7nK0Z
/gJakLpL37NrIuWTUZtd93d6i8AQZFxsG34DVHg+YlGzaxc2Gwd7j5XUCECG58+r
dfGJpib9tVwJxJPeWpheupmFBiqXi3kyAxxD5QmXAId6XyOAIF7H8ryfaHaAs+i/
t2YPQyy/i7WCtvDJSpDwn79OX5uf9R6r8VjuwzHRPw==
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:11:58 2025 by rpki-client