Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/2c11c1-4250-4387-a4db-2701d591deae/1/_WF0lyytelRjDkulMYfll_I8aoQ.roa
File: _WF0lyytelRjDkulMYfll_I8aoQ.roa (raw, json)
Hash identifier: LmOEvMJdSHp/RUvCu+1CAjjOlR9efsw9RY0CHOucsWs=
Subject key identifier: FD:61:74:97:2C:AD:7A:54:63:0E:4B:A5:31:87:E5:97:F2:3C:6A:84
Certificate issuer: /CN=d020f10832c49bad6f15a96058c5ba18572ac52a
Certificate serial: 0186A20F312E59D95D9C3EFA4741AF1BF039
Authority key identifier: D0:20:F1:08:32:C4:9B:AD:6F:15:A9:60:58:C5:BA:18:57:2A:C5:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0CDxCDLEm61vFalgWMW6GFcqxSo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/2c11c1-4250-4387-a4db-2701d591deae/1/_WF0lyytelRjDkulMYfll_I8aoQ.roa
Signing time: Thu 02 Mar 2023 11:22:29 +0000
ROA not before: Thu 02 Mar 2023 11:22:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1299
IP address blocks: 80.245.0.0/24 maxlen: 24
80.245.1.0/24 maxlen: 24
80.245.2.0/24 maxlen: 24
80.245.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Mar 2023 11:43:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a2:0f:31:2e:59:d9:5d:9c:3e:fa:47:41:af:1b:f0:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d020f10832c49bad6f15a96058c5ba18572ac52a
Validity
Not Before: Mar 2 11:22:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fd6174972cad7a54630e4ba53187e597f23c6a84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:21:bd:97:76:e8:ac:e0:e5:26:f6:9a:c4:dc:
24:0c:2f:ba:f6:4e:dc:ba:65:0f:1f:9d:ea:f8:88:
4c:6f:7f:36:ef:94:af:b6:92:c3:f4:e4:e0:62:c4:
a9:03:5a:64:be:9f:0a:3c:47:a2:23:2f:31:e5:9e:
40:af:c8:51:15:07:88:95:10:e8:9b:57:29:09:b7:
b2:0a:ed:ca:dd:9a:15:c9:9d:c2:c7:04:d9:48:73:
2f:21:61:d9:82:54:64:69:41:df:24:de:af:98:a8:
16:53:b5:53:0c:8e:86:39:c3:c2:77:8c:8e:fa:c8:
58:8a:0c:50:d7:55:a4:00:1e:d1:cd:3a:ab:39:63:
aa:02:84:52:6f:07:38:ff:e6:4b:20:6d:d1:6f:e7:
af:6e:2b:22:1b:d1:d3:58:40:5a:99:36:a9:d7:69:
35:cc:da:57:0a:fe:59:00:38:48:7f:8d:08:75:7c:
c7:cb:32:de:3b:a3:d5:d4:9e:2d:cc:13:5c:66:da:
d3:09:5c:1a:f4:f7:a1:1b:d1:5e:be:75:19:c1:24:
b1:1b:9f:d0:dc:23:02:79:81:ba:f3:a6:9f:f2:ee:
88:b2:f5:c3:56:26:8a:c0:d1:3e:9c:35:02:07:0d:
53:c1:27:75:e0:83:07:87:1d:c2:29:3c:aa:cc:1b:
35:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:61:74:97:2C:AD:7A:54:63:0E:4B:A5:31:87:E5:97:F2:3C:6A:84
X509v3 Authority Key Identifier:
keyid:D0:20:F1:08:32:C4:9B:AD:6F:15:A9:60:58:C5:BA:18:57:2A:C5:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0CDxCDLEm61vFalgWMW6GFcqxSo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/2c11c1-4250-4387-a4db-2701d591deae/1/_WF0lyytelRjDkulMYfll_I8aoQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/2c11c1-4250-4387-a4db-2701d591deae/1/0CDxCDLEm61vFalgWMW6GFcqxSo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.245.0.0/22
Signature Algorithm: sha256WithRSAEncryption
a4:c3:3f:10:e1:3e:30:23:a5:cf:d9:32:9b:34:a3:87:7f:63:
07:4a:2b:df:a9:64:4e:2b:e9:90:b5:be:cc:88:91:9e:47:c5:
8a:7c:86:85:3d:79:e4:23:ea:55:4b:22:07:49:8b:91:e9:36:
88:ee:17:46:9e:66:32:d0:c5:a1:00:de:68:10:64:56:c2:68:
07:37:05:4a:1c:a1:84:de:58:2a:78:a6:b9:65:a8:07:8a:cb:
67:17:50:8d:77:23:44:12:bf:c2:52:5b:8d:ed:37:b8:9b:96:
80:e9:b5:c9:68:dd:67:93:84:9b:bd:ac:b8:ac:45:9b:d1:75:
3a:e4:d3:8f:71:86:f3:cf:17:63:20:6f:a6:2b:16:d4:ac:04:
d1:43:29:3c:97:77:a3:c6:65:65:ce:19:fc:30:60:5d:ec:35:
a5:03:ee:7b:9a:09:d9:f7:5a:77:6a:d5:25:1e:6b:2d:d3:a0:
60:db:ac:c7:2e:20:94:07:e2:53:af:ed:b4:85:91:5d:82:2b:
8d:35:81:ff:b2:fa:b9:ae:31:b0:06:6d:fc:cc:cf:15:13:3a:
b4:b7:87:c9:30:8c:a3:41:66:45:16:5b:7d:9f:00:61:58:6b:
e5:de:20:80:a6:b4:a2:83:28:75:99:8b:b3:ca:e8:fc:66:50:
25:77:bf:e2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYaiDzEuWdldnD76R0GvG/A5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMjBmMTA4MzJjNDliYWQ2ZjE1YTk2MDU4YzViYTE4NTcy
YWM1MmEwHhcNMjMwMzAyMTEyMjI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDYxNzQ5NzJjYWQ3YTU0NjMwZTRiYTUzMTg3ZTU5N2YyM2M2YTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAliG9l3borODlJvaaxNwkDC+69k7c
umUPH53q+IhMb38275SvtpLD9OTgYsSpA1pkvp8KPEeiIy8x5Z5Ar8hRFQeIlRDo
m1cpCbeyCu3K3ZoVyZ3CxwTZSHMvIWHZglRkaUHfJN6vmKgWU7VTDI6GOcPCd4yO
+shYigxQ11WkAB7RzTqrOWOqAoRSbwc4/+ZLIG3Rb+evbisiG9HTWEBamTap12k1
zNpXCv5ZADhIf40IdXzHyzLeO6PV1J4tzBNcZtrTCVwa9PehG9FevnUZwSSxG5/Q
3CMCeYG686af8u6IsvXDViaKwNE+nDUCBw1TwSd14IMHhx3CKTyqzBs1yQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP1hdJcsrXpUYw5LpTGH5ZfyPGqEMB8GA1UdIwQY
MBaAFNAg8QgyxJutbxWpYFjFuhhXKsUqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMENEeENETEVtNjF2RmFsZ1dNVzZHRmNxeFNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni8yYzExYzEtNDI1MC00Mzg3LWE0ZGIt
MjcwMWQ1OTFkZWFlLzEvX1dGMGx5eXRlbFJqRGt1bE1ZZmxsX0k4YW9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni8yYzExYzEtNDI1MC00Mzg3LWE0ZGItMjcwMWQ1OTFkZWFl
LzEvMENEeENETEVtNjF2RmFsZ1dNVzZHRmNxeFNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCUPUAMA0G
CSqGSIb3DQEBCwUAA4IBAQCkwz8Q4T4wI6XP2TKbNKOHf2MHSivfqWROK+mQtb7M
iJGeR8WKfIaFPXnkI+pVSyIHSYuR6TaI7hdGnmYy0MWhAN5oEGRWwmgHNwVKHKGE
3lgqeKa5ZagHistnF1CNdyNEEr/CUluN7Te4m5aA6bXJaN1nk4Sbvay4rEWb0XU6
5NOPcYbzzxdjIG+mKxbUrATRQyk8l3ejxmVlzhn8MGBd7DWlA+57mgnZ91p3atUl
Hmst06Bg26zHLiCUB+JTr+20hZFdgiuNNYH/svq5rjGwBm38zM8VEzq0t4fJMIyj
QWZFFlt9nwBhWGvl3iCAprSigyh1mYuzyuj8ZlAld7/i
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:42 2024 by rpki-client on console-ams.rpki-client.org