Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/dbc0e6-2555-4bf3-9ab1-9915990bcb59/1/HXpgsvR_U3TaRLpzTSDMSSJxp-4.roa
File: HXpgsvR_U3TaRLpzTSDMSSJxp-4.roa (raw, json)
Hash identifier: reI1Y924JHA/P4EwGK49onyjQt4i74/Gpgqwye7Glsk=
Subject key identifier: 1D:7A:60:B2:F4:7F:53:74:DA:44:BA:73:4D:20:CC:49:22:71:A7:EE
Certificate issuer: /CN=af4d16c335407bf0d0a51cef9b9c1c5310280f48
Certificate serial: 018CC5DC140FC5E8E53792FD3FAD8139DC0C
Authority key identifier: AF:4D:16:C3:35:40:7B:F0:D0:A5:1C:EF:9B:9C:1C:53:10:28:0F:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r00WwzVAe_DQpRzvm5wcUxAoD0g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/dbc0e6-2555-4bf3-9ab1-9915990bcb59/1/HXpgsvR_U3TaRLpzTSDMSSJxp-4.roa
Signing time: Mon 01 Jan 2024 16:29:43 +0000
ROA not before: Mon 01 Jan 2024 16:29:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25176
IP address blocks: 185.80.208.0/22 maxlen: 22
2a03:7c80::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:48:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:14:0f:c5:e8:e5:37:92:fd:3f:ad:81:39:dc:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af4d16c335407bf0d0a51cef9b9c1c5310280f48
Validity
Not Before: Jan 1 16:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1d7a60b2f47f5374da44ba734d20cc492271a7ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:e2:ff:4a:97:73:69:69:b8:43:01:13:33:38:
8c:4e:89:4b:a2:80:6a:08:73:b7:42:11:20:c8:21:
34:42:72:9e:0a:f6:e5:8b:25:7f:c6:1f:13:74:67:
03:b6:91:a6:85:eb:c9:62:af:7b:8f:f9:f5:44:ce:
93:49:8e:e4:f2:d6:f9:43:e4:14:d8:b1:c1:be:26:
fb:37:3f:ea:e0:9e:62:43:a8:fa:0d:a7:68:be:62:
83:61:26:54:aa:30:1e:9b:15:30:94:0d:1a:9d:bb:
8d:b2:18:70:d1:e6:af:f4:1c:e4:a7:5e:12:17:db:
4b:6a:28:9b:e8:32:94:de:25:4b:ab:fb:18:b6:27:
0d:c3:7e:79:74:21:2a:d7:93:00:49:cd:be:0d:21:
52:50:ba:54:1d:07:d2:8e:d4:4e:07:90:b7:6f:5e:
36:d1:5b:ac:15:a5:d3:ec:c0:91:13:5f:47:a2:10:
67:33:e0:01:9c:8a:68:94:be:80:1a:49:ca:93:d6:
24:93:e5:94:58:c7:e4:a4:72:b4:1e:e6:d1:1f:e2:
d4:cc:65:99:b3:67:45:e6:c1:c2:cf:e3:18:a2:0f:
fc:fb:f6:33:57:79:73:1e:ae:8a:50:af:17:46:4f:
8f:80:0f:24:5b:20:f2:74:85:75:58:0f:f0:a8:f5:
fb:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:7A:60:B2:F4:7F:53:74:DA:44:BA:73:4D:20:CC:49:22:71:A7:EE
X509v3 Authority Key Identifier:
keyid:AF:4D:16:C3:35:40:7B:F0:D0:A5:1C:EF:9B:9C:1C:53:10:28:0F:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r00WwzVAe_DQpRzvm5wcUxAoD0g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/dbc0e6-2555-4bf3-9ab1-9915990bcb59/1/HXpgsvR_U3TaRLpzTSDMSSJxp-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/dbc0e6-2555-4bf3-9ab1-9915990bcb59/1/r00WwzVAe_DQpRzvm5wcUxAoD0g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.80.208.0/22
IPv6:
2a03:7c80::/32
Signature Algorithm: sha256WithRSAEncryption
8e:31:73:37:11:4e:b7:51:03:1e:a7:15:7a:70:58:4e:91:e8:
14:43:e5:52:4d:a8:77:69:8b:51:14:28:f0:30:9f:0e:68:f8:
64:7f:79:58:1b:eb:25:3a:a6:d1:f0:b8:66:62:89:ff:ff:c3:
c4:e7:00:62:2f:66:24:2d:a2:82:fc:a5:97:05:8a:ee:f1:c3:
55:3b:65:e3:d8:cf:b4:98:15:c6:3b:d2:85:ed:74:82:36:17:
32:8e:d5:88:e0:ea:81:51:be:6d:84:cd:8e:00:a1:57:65:13:
c2:2f:8a:94:22:b7:c9:cc:6b:f6:93:d5:70:c8:e7:18:55:0d:
fe:8d:bb:a0:0b:7e:21:12:f6:6c:c4:90:8c:c1:93:6f:16:3a:
fa:f9:bf:56:df:69:3b:7c:e5:19:7c:3b:ca:a6:00:a7:68:61:
c2:10:b7:98:93:dc:02:a1:07:5f:2f:5e:de:d1:ac:5a:e5:d3:
27:1f:34:fd:5c:bb:8b:8b:47:8e:67:53:9d:6b:24:52:06:91:
8b:1a:8c:45:61:79:0f:0d:8e:9e:f0:97:de:e8:fc:24:16:aa:
a7:1c:eb:07:89:0a:f6:37:d6:69:26:22:4c:48:b4:cd:63:f0:
c8:80:80:3c:60:32:7a:85:64:59:e1:f1:9a:4b:a5:4e:80:5b:
98:74:01:74
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzF3BQPxejlN5L9P62BOdwMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNGQxNmMzMzU0MDdiZjBkMGE1MWNlZjliOWMxYzUzMTAy
ODBmNDgwHhcNMjQwMTAxMTYyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDdhNjBiMmY0N2Y1Mzc0ZGE0NGJhNzM0ZDIwY2M0OTIyNzFhN2VlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+L/SpdzaWm4QwETMziMTolLooBq
CHO3QhEgyCE0QnKeCvbliyV/xh8TdGcDtpGmhevJYq97j/n1RM6TSY7k8tb5Q+QU
2LHBvib7Nz/q4J5iQ6j6DadovmKDYSZUqjAemxUwlA0anbuNshhw0eav9Bzkp14S
F9tLaiib6DKU3iVLq/sYticNw355dCEq15MASc2+DSFSULpUHQfSjtROB5C3b142
0VusFaXT7MCRE19HohBnM+ABnIpolL6AGknKk9Ykk+WUWMfkpHK0HubRH+LUzGWZ
s2dF5sHCz+MYog/8+/YzV3lzHq6KUK8XRk+PgA8kWyDydIV1WA/wqPX7lQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFB16YLL0f1N02kS6c00gzEkicafuMB8GA1UdIwQY
MBaAFK9NFsM1QHvw0KUc75ucHFMQKA9IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjAwV3d6VkFlX0RRcFJ6dm01d2NVeEFvRDBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9kYmMwZTYtMjU1NS00YmYzLTlhYjEt
OTkxNTk5MGJjYjU5LzEvSFhwZ3N2Ul9VM1RhUkxwelRTRE1TU0p4cC00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9kYmMwZTYtMjU1NS00YmYzLTlhYjEtOTkxNTk5MGJjYjU5
LzEvcjAwV3d6VkFlX0RRcFJ6dm01d2NVeEFvRDBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVDQMA0E
AgACMAcDBQAqA3yAMA0GCSqGSIb3DQEBCwUAA4IBAQCOMXM3EU63UQMepxV6cFhO
kegUQ+VSTah3aYtRFCjwMJ8OaPhkf3lYG+slOqbR8LhmYon//8PE5wBiL2YkLaKC
/KWXBYru8cNVO2Xj2M+0mBXGO9KF7XSCNhcyjtWI4OqBUb5thM2OAKFXZRPCL4qU
IrfJzGv2k9VwyOcYVQ3+jbugC34hEvZsxJCMwZNvFjr6+b9W32k7fOUZfDvKpgCn
aGHCELeYk9wCoQdfL17e0axa5dMnHzT9XLuLi0eOZ1OdayRSBpGLGoxFYXkPDY6e
8Jfe6PwkFqqnHOsHiQr2N9ZpJiJMSLTNY/DIgIA8YDJ6hWRZ4fGaS6VOgFuYdAF0
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:13 2025 by rpki-client