Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/afe373-e5bc-4010-8ad6-6aab2b1b922c/1/mXJq2C8hRXWfK81Kvhz-5xiK5ec.roa
File: mXJq2C8hRXWfK81Kvhz-5xiK5ec.roa (raw, json)
Hash identifier: hjJAuZYmoZP+jV2/C/5/cW4fKzRTJdyOxe3lNXjVLeE=
Subject key identifier: 99:72:6A:D8:2F:21:45:75:9F:2B:CD:4A:BE:1C:FE:E7:18:8A:E5:E7
Certificate issuer: /CN=6fa86d1c1676a59a46acf37336192e985cff0e5b
Certificate serial: 01856D93EDB8DEF250142AEFFBD67064A769
Authority key identifier: 6F:A8:6D:1C:16:76:A5:9A:46:AC:F3:73:36:19:2E:98:5C:FF:0E:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b6htHBZ2pZpGrPNzNhkumFz_Dls.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/afe373-e5bc-4010-8ad6-6aab2b1b922c/1/mXJq2C8hRXWfK81Kvhz-5xiK5ec.roa
Signing time: Sun 01 Jan 2023 13:44:49 +0000
ROA not before: Sun 01 Jan 2023 13:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200187
IP address blocks: 80.94.82.0/24 maxlen: 24
185.35.144.0/22 maxlen: 22
2a04:4fe0::/30 maxlen: 30
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:93:ed:b8:de:f2:50:14:2a:ef:fb:d6:70:64:a7:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6fa86d1c1676a59a46acf37336192e985cff0e5b
Validity
Not Before: Jan 1 13:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=99726ad82f2145759f2bcd4abe1cfee7188ae5e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:a0:64:06:0a:fc:41:b4:df:8c:a0:6c:cd:d7:
70:25:b2:24:f0:df:1b:59:bd:db:30:fe:61:43:f3:
9a:fa:16:41:82:ac:cb:79:8d:c6:e1:52:c0:1f:79:
07:ec:23:ca:03:49:3d:1c:b4:0c:ff:54:ee:d7:76:
96:62:c6:d5:aa:27:7f:ca:62:74:90:7b:cb:10:7b:
15:d7:40:c0:57:f4:c4:6f:9b:5a:8d:a1:69:5d:1c:
a4:c4:db:0a:ac:36:49:62:d3:a1:73:28:36:62:50:
13:0c:53:fd:b8:1a:4a:a0:1d:a8:6d:d9:3f:42:e1:
ba:3e:19:14:62:2d:64:a7:70:42:c1:2c:66:ea:59:
1e:c5:04:7e:41:8a:62:aa:17:25:40:9f:ce:d1:5b:
be:60:7a:2a:c6:e7:7e:3f:d9:05:0c:08:03:00:38:
e4:83:19:64:5c:bd:01:b6:11:a8:13:3d:5b:e3:f2:
b9:f3:e9:8d:0d:86:ae:15:5d:9f:46:e3:c3:4d:7b:
91:13:cb:62:63:d5:7e:54:08:55:24:04:51:eb:6e:
89:40:29:6b:63:c1:d0:4a:01:70:ab:16:e6:3f:66:
5b:1f:5b:72:b3:44:6c:14:fb:b2:ad:35:0d:dc:f6:
98:1a:fe:e2:c6:3d:e5:07:a1:80:a4:49:3f:9a:13:
b7:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:72:6A:D8:2F:21:45:75:9F:2B:CD:4A:BE:1C:FE:E7:18:8A:E5:E7
X509v3 Authority Key Identifier:
keyid:6F:A8:6D:1C:16:76:A5:9A:46:AC:F3:73:36:19:2E:98:5C:FF:0E:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6htHBZ2pZpGrPNzNhkumFz_Dls.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/afe373-e5bc-4010-8ad6-6aab2b1b922c/1/mXJq2C8hRXWfK81Kvhz-5xiK5ec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/afe373-e5bc-4010-8ad6-6aab2b1b922c/1/b6htHBZ2pZpGrPNzNhkumFz_Dls.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.94.82.0/24
185.35.144.0/22
IPv6:
2a04:4fe0::/30
Signature Algorithm: sha256WithRSAEncryption
7d:a1:bf:5c:dc:06:07:ba:d0:6b:7f:34:a0:bc:4b:0a:d8:28:
9b:2b:ed:2e:f0:34:0b:25:46:b8:9d:2b:e5:1d:d7:0e:59:8d:
0d:c6:e2:47:58:43:3d:fd:27:f8:20:3a:ea:9c:84:8d:3f:4a:
26:1e:fe:24:ee:4f:1e:ad:c4:b8:2b:b7:c0:57:60:4b:a3:d4:
84:bd:55:f9:d8:83:02:07:70:7c:44:d7:0a:3a:ef:9d:dd:70:
a2:29:d5:86:02:ea:fe:6c:f0:e3:8e:3b:e5:d3:64:ce:6b:eb:
f3:0f:8f:1c:af:48:e5:d1:e2:23:67:0b:89:6e:28:e2:bc:8a:
96:a1:1a:94:35:f9:87:29:09:97:2d:e5:5f:4e:76:85:d0:6c:
06:b7:89:d6:7b:8e:39:58:3d:9b:f0:13:20:69:9b:0c:7d:8c:
24:3a:fb:62:24:ed:a0:2b:5d:3e:06:79:aa:40:54:ad:2a:d4:
90:95:6b:d0:55:71:c0:1c:d7:aa:ef:dd:19:5a:28:a4:e7:b8:
13:1a:f7:0d:cf:2f:ce:f1:4b:76:a7:c7:71:2a:94:64:1f:1b:
94:42:01:29:91:77:04:58:69:d8:d0:63:67:a6:28:fe:ac:e1:
3e:72:ed:2d:c1:f2:57:ae:73:93:2b:7e:e6:8c:8b:db:0a:bb:
ec:f6:af:f9
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVtk+243vJQFCrv+9ZwZKdpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmYTg2ZDFjMTY3NmE1OWE0NmFjZjM3MzM2MTkyZTk4NWNm
ZjBlNWIwHhcNMjMwMTAxMTM0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTcyNmFkODJmMjE0NTc1OWYyYmNkNGFiZTFjZmVlNzE4OGFlNWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi6BkBgr8QbTfjKBszddwJbIk8N8b
Wb3bMP5hQ/Oa+hZBgqzLeY3G4VLAH3kH7CPKA0k9HLQM/1Tu13aWYsbVqid/ymJ0
kHvLEHsV10DAV/TEb5tajaFpXRykxNsKrDZJYtOhcyg2YlATDFP9uBpKoB2obdk/
QuG6PhkUYi1kp3BCwSxm6lkexQR+QYpiqhclQJ/O0Vu+YHoqxud+P9kFDAgDADjk
gxlkXL0BthGoEz1b4/K58+mNDYauFV2fRuPDTXuRE8tiY9V+VAhVJARR626JQClr
Y8HQSgFwqxbmP2ZbH1tys0RsFPuyrTUN3PaYGv7ixj3lB6GApEk/mhO3YQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJlyatgvIUV1nyvNSr4c/ucYiuXnMB8GA1UdIwQY
MBaAFG+obRwWdqWaRqzzczYZLphc/w5bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjZodEhCWjJwWnBHclBOek5oa3VtRnpfRGxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9hZmUzNzMtZTViYy00MDEwLThhZDYt
NmFhYjJiMWI5MjJjLzEvbVhKcTJDOGhSWFdmSzgxS3Zoei01eGlLNWVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9hZmUzNzMtZTViYy00MDEwLThhZDYtNmFhYjJiMWI5MjJj
LzEvYjZodEhCWjJwWnBHclBOek5oa3VtRnpfRGxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAUF5SAwQC
uSOQMA0EAgACMAcDBQIqBE/gMA0GCSqGSIb3DQEBCwUAA4IBAQB9ob9c3AYHutBr
fzSgvEsK2CibK+0u8DQLJUa4nSvlHdcOWY0NxuJHWEM9/Sf4IDrqnISNP0omHv4k
7k8ercS4K7fAV2BLo9SEvVX52IMCB3B8RNcKOu+d3XCiKdWGAur+bPDjjjvl02TO
a+vzD48cr0jl0eIjZwuJbijivIqWoRqUNfmHKQmXLeVfTnaF0GwGt4nWe445WD2b
8BMgaZsMfYwkOvtiJO2gK10+BnmqQFStKtSQlWvQVXHAHNeq790ZWiik57gTGvcN
zy/O8Ut2p8dxKpRkHxuUQgEpkXcEWGnY0GNnpij+rOE+cu0twfJXrnOTK37mjIvb
Crvs9q/5
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:25 2024 by rpki-client on console-ams.rpki-client.org