Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/68a4b2-5894-47c5-be01-66aa2a23239e/1/8ha6z8fZ4iwMHVwjvGBsuGb8EhE.roa
File: 8ha6z8fZ4iwMHVwjvGBsuGb8EhE.roa (raw, json)
Hash identifier: /HFvgNjc0Ug+KFO7qYPYmWo+dKS1MEenUbXZymD2iUs=
Subject key identifier: F2:16:BA:CF:C7:D9:E2:2C:0C:1D:5C:23:BC:60:6C:B8:66:FC:12:11
Certificate issuer: /CN=23e45164c572edde5df253917cc12a2dfd398b97
Certificate serial: 018CC5DCA66744565F6685F4EB762BF22CEF
Authority key identifier: 23:E4:51:64:C5:72:ED:DE:5D:F2:53:91:7C:C1:2A:2D:FD:39:8B:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I-RRZMVy7d5d8lORfMEqLf05i5c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/68a4b2-5894-47c5-be01-66aa2a23239e/1/8ha6z8fZ4iwMHVwjvGBsuGb8EhE.roa
Signing time: Mon 01 Jan 2024 16:30:21 +0000
ROA not before: Mon 01 Jan 2024 16:30:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35826
IP address blocks: 80.248.176.0/20 maxlen: 21
94.229.128.0/20 maxlen: 21
185.113.204.0/22 maxlen: 22
37.1.96.0/21 maxlen: 22
185.229.48.0/22 maxlen: 22
2a02:700::/32 maxlen: 32
2a0d:c600::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:47:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:a6:67:44:56:5f:66:85:f4:eb:76:2b:f2:2c:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23e45164c572edde5df253917cc12a2dfd398b97
Validity
Not Before: Jan 1 16:30:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f216bacfc7d9e22c0c1d5c23bc606cb866fc1211
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:81:73:a8:f3:ad:e7:0a:31:2d:f7:d7:6d:5c:
a0:06:ff:8a:f1:08:e7:8a:f8:59:5d:75:cc:2d:a5:
30:86:62:dc:e0:82:d5:32:c3:ec:6e:7c:ef:b8:99:
1b:0b:ed:3c:ed:80:1d:69:8f:26:37:e0:46:34:a8:
dc:93:2d:db:ba:31:32:d7:61:b2:c6:55:9c:ed:68:
45:03:5d:ea:4f:e3:04:a6:96:39:5f:9d:81:44:46:
38:42:fc:4b:ab:d6:43:1f:c9:fd:93:c1:5c:48:cb:
46:07:ae:30:e1:1f:d7:95:88:07:8c:90:77:74:ce:
a3:89:97:7e:9a:df:94:8f:34:c5:8b:05:90:38:f4:
2e:f2:23:9a:71:40:66:b6:db:4a:b2:36:d0:ad:c3:
b4:6e:75:a7:6e:8d:a4:e9:fd:88:d4:af:5f:3c:af:
44:a6:5d:a1:8f:7b:40:a3:9d:b9:11:48:74:89:64:
02:49:f1:ea:26:81:c5:a3:0d:e7:f2:18:7e:94:90:
75:75:64:d6:6a:b9:95:d9:21:1e:97:a2:35:57:69:
f3:b1:ac:53:f3:f5:35:94:13:9d:02:83:71:42:46:
38:87:50:20:60:85:3e:cb:42:4a:4a:36:54:04:ca:
f6:48:b5:14:b9:00:f4:a3:db:4e:ff:7e:3e:cf:bb:
52:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:16:BA:CF:C7:D9:E2:2C:0C:1D:5C:23:BC:60:6C:B8:66:FC:12:11
X509v3 Authority Key Identifier:
keyid:23:E4:51:64:C5:72:ED:DE:5D:F2:53:91:7C:C1:2A:2D:FD:39:8B:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I-RRZMVy7d5d8lORfMEqLf05i5c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/68a4b2-5894-47c5-be01-66aa2a23239e/1/8ha6z8fZ4iwMHVwjvGBsuGb8EhE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/68a4b2-5894-47c5-be01-66aa2a23239e/1/I-RRZMVy7d5d8lORfMEqLf05i5c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.1.96.0/21
80.248.176.0/20
94.229.128.0/20
185.113.204.0/22
185.229.48.0/22
IPv6:
2a02:700::/32
2a0d:c600::/29
Signature Algorithm: sha256WithRSAEncryption
9e:ca:f3:d3:8a:61:c5:20:d9:d6:2a:5f:07:de:55:f3:63:14:
b1:a2:60:c1:cd:ae:5a:82:74:69:01:c4:78:5b:2c:a4:f7:e2:
ad:37:46:c1:b7:50:fd:98:a9:a4:74:7e:e6:f3:c4:cd:d8:18:
2e:15:6a:87:b5:3c:62:01:5e:a6:88:2c:d1:d1:2b:ab:c7:a4:
50:d2:7d:66:b3:91:ed:e8:0f:b5:d3:c4:3d:63:b9:6c:21:09:
ed:3d:b8:17:97:81:d3:9c:3f:80:e9:f2:fe:e9:3c:6f:7e:b9:
11:3b:30:82:0f:90:21:2a:6d:0f:a4:1a:60:a3:d3:61:2a:a5:
3f:b2:e2:49:b0:a6:0b:8a:6b:1c:45:25:59:54:22:6c:25:88:
dd:14:91:fb:34:a4:99:e6:a7:56:df:61:6c:e1:7d:5d:a6:50:
cc:b0:a6:25:d6:d6:af:77:68:02:68:60:bb:01:2f:d6:3e:9b:
6e:74:68:92:ec:96:0a:9b:96:8f:af:97:24:25:b4:03:55:0a:
bb:98:8b:61:8c:82:a3:f2:67:8c:3d:ca:00:17:e3:24:9f:89:
e2:30:30:cd:24:60:c2:34:e0:14:ed:36:54:b1:f1:4c:57:07:
9c:ca:58:0e:de:e7:63:08:e7:cb:f0:e6:9d:fb:3a:2c:7f:a3:
ab:6e:05:a6
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYzF3KZnRFZfZoX063Yr8izvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZTQ1MTY0YzU3MmVkZGU1ZGYyNTM5MTdjYzEyYTJkZmQz
OThiOTcwHhcNMjQwMTAxMTYzMDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjE2YmFjZmM3ZDllMjJjMGMxZDVjMjNiYzYwNmNiODY2ZmMxMjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj4FzqPOt5woxLffXbVygBv+K8Qjn
ivhZXXXMLaUwhmLc4ILVMsPsbnzvuJkbC+087YAdaY8mN+BGNKjcky3bujEy12Gy
xlWc7WhFA13qT+MEppY5X52BREY4QvxLq9ZDH8n9k8FcSMtGB64w4R/XlYgHjJB3
dM6jiZd+mt+UjzTFiwWQOPQu8iOacUBmtttKsjbQrcO0bnWnbo2k6f2I1K9fPK9E
pl2hj3tAo525EUh0iWQCSfHqJoHFow3n8hh+lJB1dWTWarmV2SEel6I1V2nzsaxT
8/U1lBOdAoNxQkY4h1AgYIU+y0JKSjZUBMr2SLUUuQD0o9tO/34+z7tSCwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFPIWus/H2eIsDB1cI7xgbLhm/BIRMB8GA1UdIwQY
MBaAFCPkUWTFcu3eXfJTkXzBKi39OYuXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSS1SUlpNVnk3ZDVkOGxPUmZNRXFMZjA1aTVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi82OGE0YjItNTg5NC00N2M1LWJlMDEt
NjZhYTJhMjMyMzllLzEvOGhhNno4Zlo0aXdNSFZ3anZHQnN1R2I4RWhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi82OGE0YjItNTg5NC00N2M1LWJlMDEtNjZhYTJhMjMyMzll
LzEvSS1SUlpNVnk3ZDVkOGxPUmZNRXFMZjA1aTVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQDJQFgAwQE
UPiwAwQEXuWAAwQCuXHMAwQCueUwMBQEAgACMA4DBQAqAgcAAwUDKg3GADANBgkq
hkiG9w0BAQsFAAOCAQEAnsrz04phxSDZ1ipfB95V82MUsaJgwc2uWoJ0aQHEeFss
pPfirTdGwbdQ/ZippHR+5vPEzdgYLhVqh7U8YgFepogs0dErq8ekUNJ9ZrOR7egP
tdPEPWO5bCEJ7T24F5eB05w/gOny/uk8b365ETswgg+QISptD6QaYKPTYSqlP7Li
SbCmC4prHEUlWVQibCWI3RSR+zSkmeanVt9hbOF9XaZQzLCmJdbWr3doAmhguwEv
1j6bbnRokuyWCpuWj6+XJCW0A1UKu5iLYYyCo/JnjD3KABfjJJ+J4jAwzSRgwjTg
FO02VLHxTFcHnMpYDt7nYwjny/Dmnfs6LH+jq24Fpg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:00 2025 by rpki-client