Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/2c11c1-4250-4387-a4db-2701d591deae/1/ZFH3eYAxtataJ-IJgOl9Uy4CWCM.roa
File: ZFH3eYAxtataJ-IJgOl9Uy4CWCM.roa (raw, json)
Hash identifier: MbCNfqgdA4U2fniczvHDXGOFwmoygHSK6rWs8bmg/Jc=
Subject key identifier: 64:51:F7:79:80:31:B5:AB:5A:27:E2:09:80:E9:7D:53:2E:02:58:23
Certificate issuer: /CN=d020f10832c49bad6f15a96058c5ba18572ac52a
Certificate serial: 0186A2226D17ED0B087AA6CFF5C1E49DB1C6
Authority key identifier: D0:20:F1:08:32:C4:9B:AD:6F:15:A9:60:58:C5:BA:18:57:2A:C5:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0CDxCDLEm61vFalgWMW6GFcqxSo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/2c11c1-4250-4387-a4db-2701d591deae/1/ZFH3eYAxtataJ-IJgOl9Uy4CWCM.roa
Signing time: Thu 02 Mar 2023 11:43:30 +0000
ROA not before: Thu 02 Mar 2023 11:43:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1299
IP address blocks: 80.245.14.0/24 maxlen: 24
80.245.15.0/24 maxlen: 24
80.245.12.0/24 maxlen: 24
80.245.13.0/24 maxlen: 24
80.245.0.0/24 maxlen: 24
80.245.1.0/24 maxlen: 24
80.245.2.0/24 maxlen: 24
80.245.3.0/24 maxlen: 24
80.245.4.0/24 maxlen: 24
80.245.7.0/24 maxlen: 24
80.245.8.0/24 maxlen: 24
80.245.9.0/24 maxlen: 24
80.245.10.0/24 maxlen: 24
80.245.11.0/24 maxlen: 24
80.245.5.0/24 maxlen: 24
80.245.6.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a2:22:6d:17:ed:0b:08:7a:a6:cf:f5:c1:e4:9d:b1:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d020f10832c49bad6f15a96058c5ba18572ac52a
Validity
Not Before: Mar 2 11:43:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6451f7798031b5ab5a27e20980e97d532e025823
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:67:6f:cb:97:44:0a:cc:73:46:76:19:8c:56:
35:c2:50:44:52:69:35:59:d4:c3:42:3d:65:c2:f4:
98:6b:1b:dc:2a:b9:14:6d:e3:24:3f:ca:62:23:b8:
d5:53:87:07:c3:4a:c9:47:6a:30:f5:43:94:92:2f:
70:ed:6a:a5:dd:44:f1:f6:ef:b5:70:d7:56:38:d9:
98:f6:61:b6:23:f4:22:96:fd:59:02:05:19:4b:94:
3e:f9:6c:52:af:04:2d:66:3a:ad:2b:7a:4b:ff:3b:
76:66:47:b1:03:64:21:ff:9c:04:89:4a:72:7d:e2:
80:34:81:e2:98:1e:57:de:d2:21:a6:e3:95:86:1b:
4e:e9:3b:93:1b:04:93:f5:d4:15:02:6d:67:dd:71:
b8:15:e8:a6:36:df:7d:eb:25:16:52:1c:3f:f1:68:
c3:7e:63:ec:81:c9:84:5c:be:b0:83:c6:bc:c5:b0:
bc:8a:7d:56:c4:93:9f:29:97:a8:a7:0c:8d:f3:05:
93:0b:76:60:01:2c:42:1b:09:c0:d3:25:30:bd:9a:
5b:94:dd:25:44:ff:4c:6c:52:bc:89:08:6a:bc:ce:
e2:de:a2:f6:bb:1f:c3:30:6f:90:b9:97:96:1a:bf:
76:cf:70:79:91:35:6e:c4:18:96:79:5f:83:d0:56:
3c:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:51:F7:79:80:31:B5:AB:5A:27:E2:09:80:E9:7D:53:2E:02:58:23
X509v3 Authority Key Identifier:
keyid:D0:20:F1:08:32:C4:9B:AD:6F:15:A9:60:58:C5:BA:18:57:2A:C5:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0CDxCDLEm61vFalgWMW6GFcqxSo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/2c11c1-4250-4387-a4db-2701d591deae/1/ZFH3eYAxtataJ-IJgOl9Uy4CWCM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/2c11c1-4250-4387-a4db-2701d591deae/1/0CDxCDLEm61vFalgWMW6GFcqxSo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.245.0.0/20
Signature Algorithm: sha256WithRSAEncryption
8c:06:b5:56:6f:64:99:d9:6e:5b:5f:1e:7d:58:af:74:5a:8e:
5e:bb:05:9f:a8:11:ae:57:38:67:e5:0a:13:4f:a0:ab:fa:cc:
59:2d:b1:02:47:ec:d4:02:6a:a9:91:3c:43:1c:7d:9e:bf:37:
ff:22:2f:2e:1e:e2:88:7c:47:47:e1:e1:93:35:68:16:cd:28:
b4:e2:83:d3:79:b4:da:11:c8:9c:93:11:84:21:f8:0f:de:8c:
49:06:79:2a:92:1a:ca:19:51:79:39:0d:40:99:5b:0d:54:0b:
c4:37:bf:88:71:d4:f4:0a:ba:2e:38:ba:9c:a6:11:1a:6f:b4:
3c:a1:12:89:c2:7c:82:d2:5b:5c:fe:31:72:2b:1c:9d:8b:42:
9b:c7:a9:93:8d:2c:6f:8c:b2:ef:7c:f0:e7:03:22:f1:d5:fa:
34:fb:f5:b4:3a:e3:89:99:dd:39:59:dc:43:2e:43:74:21:94:
e8:28:e4:7d:0b:60:1e:76:e8:aa:c3:bf:d7:cb:e6:28:dd:f0:
9f:c1:d4:20:df:b5:20:f4:3f:b1:11:12:3f:b9:24:fa:f1:c7:
0c:bc:98:00:94:e3:87:a6:c4:ac:2b:82:1c:74:59:49:ed:52:
fd:f5:b8:93:9f:60:bb:0b:c9:22:8e:30:7e:d8:ed:55:95:b2:
e8:e1:58:8d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYaiIm0X7QsIeqbP9cHknbHGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMjBmMTA4MzJjNDliYWQ2ZjE1YTk2MDU4YzViYTE4NTcy
YWM1MmEwHhcNMjMwMzAyMTE0MzMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDUxZjc3OTgwMzFiNWFiNWEyN2UyMDk4MGU5N2Q1MzJlMDI1ODIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmGdvy5dECsxzRnYZjFY1wlBEUmk1
WdTDQj1lwvSYaxvcKrkUbeMkP8piI7jVU4cHw0rJR2ow9UOUki9w7Wql3UTx9u+1
cNdWONmY9mG2I/Qilv1ZAgUZS5Q++WxSrwQtZjqtK3pL/zt2ZkexA2Qh/5wEiUpy
feKANIHimB5X3tIhpuOVhhtO6TuTGwST9dQVAm1n3XG4FeimNt996yUWUhw/8WjD
fmPsgcmEXL6wg8a8xbC8in1WxJOfKZeopwyN8wWTC3ZgASxCGwnA0yUwvZpblN0l
RP9MbFK8iQhqvM7i3qL2ux/DMG+QuZeWGr92z3B5kTVuxBiWeV+D0FY8GwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGRR93mAMbWrWifiCYDpfVMuAlgjMB8GA1UdIwQY
MBaAFNAg8QgyxJutbxWpYFjFuhhXKsUqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMENEeENETEVtNjF2RmFsZ1dNVzZHRmNxeFNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni8yYzExYzEtNDI1MC00Mzg3LWE0ZGIt
MjcwMWQ1OTFkZWFlLzEvWkZIM2VZQXh0YXRhSi1JSmdPbDlVeTRDV0NNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni8yYzExYzEtNDI1MC00Mzg3LWE0ZGItMjcwMWQ1OTFkZWFl
LzEvMENEeENETEVtNjF2RmFsZ1dNVzZHRmNxeFNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEUPUAMA0G
CSqGSIb3DQEBCwUAA4IBAQCMBrVWb2SZ2W5bXx59WK90Wo5euwWfqBGuVzhn5QoT
T6Cr+sxZLbECR+zUAmqpkTxDHH2evzf/Ii8uHuKIfEdH4eGTNWgWzSi04oPTebTa
EcickxGEIfgP3oxJBnkqkhrKGVF5OQ1AmVsNVAvEN7+IcdT0CrouOLqcphEab7Q8
oRKJwnyC0ltc/jFyKxydi0Kbx6mTjSxvjLLvfPDnAyLx1fo0+/W0OuOJmd05WdxD
LkN0IZToKOR9C2Aeduiqw7/Xy+Yo3fCfwdQg37Ug9D+xERI/uST68ccMvJgAlOOH
psSsK4IcdFlJ7VL99biTn2C7C8kijjB+2O1VlbLo4ViN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:53 2024 by rpki-client on console-fra.rpki-client.org