Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/RXB3hLm48wkWNh3VAFgyzhLHH2w.roa
File: RXB3hLm48wkWNh3VAFgyzhLHH2w.roa (raw, json)
Hash identifier: TGVEMmdDE0eVk37G16KiSlGIgQkWaVSkUCnJTUu5rC8=
Subject key identifier: 45:70:77:84:B9:B8:F3:09:16:36:1D:D5:00:58:32:CE:12:C7:1F:6C
Certificate issuer: /CN=b9ea8936f8e53063b4b3bdf0f3b15b2ae667ef13
Certificate serial: 018B1AB2032480573EBFF42C535762BB051E
Authority key identifier: B9:EA:89:36:F8:E5:30:63:B4:B3:BD:F0:F3:B1:5B:2A:E6:67:EF:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ueqJNvjlMGO0s73w87FbKuZn7xM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/RXB3hLm48wkWNh3VAFgyzhLHH2w.roa
Signing time: Tue 10 Oct 2023 17:45:55 +0000
ROA not before: Tue 10 Oct 2023 17:45:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9123
IP address blocks: 80.90.188.0/22 maxlen: 24
80.90.178.0/24 maxlen: 24
80.90.180.0/22 maxlen: 24
80.90.184.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 23 Nov 2023 15:21:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:1a:b2:03:24:80:57:3e:bf:f4:2c:53:57:62:bb:05:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9ea8936f8e53063b4b3bdf0f3b15b2ae667ef13
Validity
Not Before: Oct 10 17:45:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=45707784b9b8f30916361dd5005832ce12c71f6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:3b:37:85:95:38:67:32:d6:36:11:2f:83:70:
19:7c:98:b5:6e:a4:a0:20:16:f2:e6:e2:68:92:37:
77:8c:11:4c:d0:38:11:40:72:35:96:57:f0:1f:47:
8b:d3:63:3b:b9:df:53:cd:a2:4a:36:99:12:83:37:
01:c8:57:af:53:6c:d4:bb:2b:18:1a:db:74:ba:71:
55:b5:4c:ff:86:9f:4d:89:10:48:8d:f8:32:0d:e4:
5f:58:f9:ed:e4:4b:fc:ef:28:97:9a:a4:6b:15:a4:
7e:d8:28:49:5b:16:89:50:d5:71:00:a5:4d:6a:b9:
74:4a:61:e0:e6:ee:57:90:b0:2c:b6:58:d3:5f:32:
8a:62:98:f6:1f:3f:52:86:8e:9e:77:b9:ac:e0:22:
fb:b5:36:80:a3:a0:0b:d4:19:5c:4f:45:5b:67:e0:
bc:eb:77:af:97:ad:ec:1f:04:9c:02:15:70:c6:ac:
06:1a:07:be:0d:ea:d1:6a:a1:2d:af:e6:31:e8:7e:
59:0f:18:eb:91:3f:85:83:6c:23:25:d9:d0:0a:64:
79:f3:b0:6e:f6:e8:62:37:db:5d:71:8e:85:91:ce:
0a:df:b2:a8:0d:67:cf:d4:5e:39:dc:d9:5b:92:31:
a5:10:7f:4a:89:7c:69:2c:0e:82:95:72:8e:f9:82:
05:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:70:77:84:B9:B8:F3:09:16:36:1D:D5:00:58:32:CE:12:C7:1F:6C
X509v3 Authority Key Identifier:
keyid:B9:EA:89:36:F8:E5:30:63:B4:B3:BD:F0:F3:B1:5B:2A:E6:67:EF:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ueqJNvjlMGO0s73w87FbKuZn7xM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/RXB3hLm48wkWNh3VAFgyzhLHH2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/ueqJNvjlMGO0s73w87FbKuZn7xM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.90.178.0/24
80.90.180.0-80.90.191.255
Signature Algorithm: sha256WithRSAEncryption
2b:ca:db:37:0f:7f:13:07:69:87:69:a3:44:b1:10:df:ab:25:
ec:85:d8:34:75:30:c1:7d:33:fc:8a:66:5a:90:7f:a7:46:7d:
2c:a5:af:ec:cb:16:d2:c0:f3:ac:b2:97:f5:f2:2c:6a:2f:ea:
03:ef:80:b0:1c:72:5a:dd:5f:b0:c4:28:ed:ce:9b:a2:10:b6:
0b:b5:32:28:b1:47:e8:6d:f5:9b:58:2f:1a:36:12:02:25:97:
b9:4f:79:17:d3:5a:a8:a4:09:de:7b:6b:5e:e9:5e:69:b1:96:
f4:7f:56:e5:81:c0:ad:ec:e4:ff:df:06:da:9d:53:42:4a:05:
0d:8b:01:fb:97:24:3c:b6:1a:a2:5b:4e:8a:21:b2:72:9f:3f:
7e:97:be:8b:d1:d2:30:2a:9e:0c:fa:9e:fe:ad:d1:2e:fd:89:
63:a1:ce:6e:9e:84:75:d8:5d:05:eb:6d:d6:a0:1a:14:02:4d:
29:6e:68:2a:ad:05:df:54:fe:8d:83:ed:ef:65:98:37:6c:35:
b9:84:cd:73:19:b9:7f:d4:fb:fb:f1:c8:27:e1:96:43:ca:28:
30:a4:84:0f:56:8b:a4:98:a1:48:f3:a2:7e:68:14:72:ce:07:
41:db:49:01:43:51:84:fa:73:2a:20:f6:a1:4f:59:6b:24:56:
70:94:d3:97
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYsasgMkgFc+v/QsU1diuwUeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZWE4OTM2ZjhlNTMwNjNiNGIzYmRmMGYzYjE1YjJhZTY2
N2VmMTMwHhcNMjMxMDEwMTc0NTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTcwNzc4NGI5YjhmMzA5MTYzNjFkZDUwMDU4MzJjZTEyYzcxZjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApDs3hZU4ZzLWNhEvg3AZfJi1bqSg
IBby5uJokjd3jBFM0DgRQHI1llfwH0eL02M7ud9TzaJKNpkSgzcByFevU2zUuysY
Gtt0unFVtUz/hp9NiRBIjfgyDeRfWPnt5Ev87yiXmqRrFaR+2ChJWxaJUNVxAKVN
arl0SmHg5u5XkLAstljTXzKKYpj2Hz9Sho6ed7ms4CL7tTaAo6AL1BlcT0VbZ+C8
63evl63sHwScAhVwxqwGGge+DerRaqEtr+Yx6H5ZDxjrkT+Fg2wjJdnQCmR587Bu
9uhiN9tdcY6Fkc4K37KoDWfP1F453NlbkjGlEH9KiXxpLA6ClXKO+YIFNQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFEVwd4S5uPMJFjYd1QBYMs4Sxx9sMB8GA1UdIwQY
MBaAFLnqiTb45TBjtLO98POxWyrmZ+8TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWVxSk52amxNR08wczczdzg3RmJLdVpuN3hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9lYzI5ZTItMzQ0MC00MDlhLTk4NmEt
YjI1MDk5N2ZjNzVkLzEvUlhCM2hMbTQ4d2tXTmgzVkFGZ3l6aExISDJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9lYzI5ZTItMzQ0MC00MDlhLTk4NmEtYjI1MDk5N2ZjNzVk
LzEvdWVxSk52amxNR08wczczdzg3RmJLdVpuN3hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAUFqyMAwD
BAJQWrQDBAZQWoAwDQYJKoZIhvcNAQELBQADggEBACvK2zcPfxMHaYdpo0SxEN+r
JeyF2DR1MMF9M/yKZlqQf6dGfSylr+zLFtLA86yyl/XyLGov6gPvgLAcclrdX7DE
KO3Om6IQtgu1MiixR+ht9ZtYLxo2EgIll7lPeRfTWqikCd57a17pXmmxlvR/VuWB
wK3s5P/fBtqdU0JKBQ2LAfuXJDy2GqJbToohsnKfP36XvovR0jAqngz6nv6t0S79
iWOhzm6ehHXYXQXrbdagGhQCTSluaCqtBd9U/o2D7e9lmDdsNbmEzXMZuX/U+/vx
yCfhlkPKKDCkhA9Wi6SYoUjzon5oFHLOB0HbSQFDUYT6cyog9qFPWWskVnCU05c=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:15 2024 by rpki-client on console-fra.rpki-client.org