Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/_atTZslpU5TuNgqZibo9AZpOKoo.roa
File: _atTZslpU5TuNgqZibo9AZpOKoo.roa (raw, json)
Hash identifier: TBaiylKoGfzTX9ktMyTZXaWwYHvbliroVgM/WzhHaCI=
Subject key identifier: FD:AB:53:66:C9:69:53:94:EE:36:0A:99:89:BA:3D:01:9A:4E:2A:8A
Certificate issuer: /CN=b9ea8936f8e53063b4b3bdf0f3b15b2ae667ef13
Certificate serial: 01856DC1C92C3F44F884893240AF95A16A37
Authority key identifier: B9:EA:89:36:F8:E5:30:63:B4:B3:BD:F0:F3:B1:5B:2A:E6:67:EF:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ueqJNvjlMGO0s73w87FbKuZn7xM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/_atTZslpU5TuNgqZibo9AZpOKoo.roa
Signing time: Sun 01 Jan 2023 14:34:54 +0000
ROA not before: Sun 01 Jan 2023 14:34:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8915
IP address blocks: 95.140.144.0/21 maxlen: 24
80.90.176.0/22 maxlen: 24
2a00:1818::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 18 Apr 2023 19:02:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:c1:c9:2c:3f:44:f8:84:89:32:40:af:95:a1:6a:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9ea8936f8e53063b4b3bdf0f3b15b2ae667ef13
Validity
Not Before: Jan 1 14:34:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fdab5366c9695394ee360a9989ba3d019a4e2a8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:6b:85:0f:15:9b:06:09:4b:ee:74:f4:7c:d4:
a7:c6:8b:f2:3c:97:99:cc:af:d4:10:51:2c:5f:b2:
92:0f:3c:21:91:75:22:81:b0:67:7a:5f:af:6b:73:
64:49:21:bd:62:d9:6a:52:c1:8c:d1:a4:bc:86:72:
74:19:0f:48:c4:5a:75:70:39:f6:fa:4f:03:d1:b7:
c1:f8:8b:5c:9c:aa:55:fd:aa:67:e4:5e:a3:95:cd:
22:3a:b4:67:31:ed:2e:a6:87:b4:a7:51:ea:5e:e8:
2b:9e:95:d3:3b:d9:4d:64:cc:49:6d:9a:c7:d4:47:
8b:2f:30:63:93:6c:13:79:e3:89:fc:50:35:20:8e:
97:37:b5:73:1d:7e:40:f0:35:5f:a5:e8:97:78:d9:
0c:4f:2f:61:7b:35:f9:15:5d:f3:f8:c1:ef:d4:bc:
fc:39:07:79:23:76:1f:a5:56:8f:11:92:c8:17:b2:
a0:f7:d5:37:4e:ef:a1:60:8f:de:8a:1e:07:52:46:
4e:b2:14:62:f0:64:d8:9c:a4:65:60:2c:60:6e:0a:
a0:25:bd:f7:5e:c2:11:5e:f6:5c:68:29:b8:e2:3e:
5f:aa:2f:76:ff:6c:d6:63:5d:c4:a4:c8:05:02:3f:
e0:8b:6f:16:0f:c6:fd:c9:a0:9c:97:9d:7b:67:cb:
04:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:AB:53:66:C9:69:53:94:EE:36:0A:99:89:BA:3D:01:9A:4E:2A:8A
X509v3 Authority Key Identifier:
keyid:B9:EA:89:36:F8:E5:30:63:B4:B3:BD:F0:F3:B1:5B:2A:E6:67:EF:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ueqJNvjlMGO0s73w87FbKuZn7xM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/_atTZslpU5TuNgqZibo9AZpOKoo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/ueqJNvjlMGO0s73w87FbKuZn7xM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.90.176.0/22
95.140.144.0/21
IPv6:
2a00:1818::/32
Signature Algorithm: sha256WithRSAEncryption
84:85:ae:2a:13:d9:5d:0e:74:a2:4f:79:61:06:28:01:e3:4b:
37:81:fb:9b:a8:eb:b1:19:a9:5c:7e:df:b2:82:7f:5a:db:25:
4e:6b:02:e7:5e:96:99:42:39:7a:ff:37:82:6c:e9:db:cf:cb:
64:fb:18:bb:68:74:96:d4:00:70:93:34:6a:7f:58:79:17:5c:
8e:fc:c9:b0:31:af:e1:fb:66:bd:61:94:76:5a:c1:43:b2:ab:
e7:6f:40:36:83:e1:42:5f:c8:8c:a0:15:7a:7f:e0:3b:93:7d:
ac:9a:3f:2a:f6:43:ea:06:0e:64:52:3b:34:cb:8e:65:09:26:
55:57:8a:0a:d0:80:20:e0:8a:c5:df:d7:d2:ab:b3:62:38:9c:
68:17:b8:f4:3d:ea:8e:8f:dc:89:ee:c1:74:51:9d:d8:ea:31:
99:8e:8b:cd:fe:39:6f:1f:62:c8:af:14:43:43:b7:bc:99:29:
5b:76:4d:6e:ed:6e:1a:26:96:2c:35:e2:06:23:96:d1:74:de:
7e:ea:45:25:5d:b9:12:50:a4:f4:5c:46:6c:64:a7:96:7e:de:
4d:b4:42:bb:f8:e6:c4:3c:fc:a5:b6:cc:13:02:ce:d1:e6:a7:
05:4d:3b:d8:19:24:70:28:b5:46:c5:a5:68:29:c6:ee:07:17:
a1:20:e3:21
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVtwcksP0T4hIkyQK+VoWo3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZWE4OTM2ZjhlNTMwNjNiNGIzYmRmMGYzYjE1YjJhZTY2
N2VmMTMwHhcNMjMwMTAxMTQzNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGFiNTM2NmM5Njk1Mzk0ZWUzNjBhOTk4OWJhM2QwMTlhNGUyYThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjGuFDxWbBglL7nT0fNSnxovyPJeZ
zK/UEFEsX7KSDzwhkXUigbBnel+va3NkSSG9YtlqUsGM0aS8hnJ0GQ9IxFp1cDn2
+k8D0bfB+ItcnKpV/apn5F6jlc0iOrRnMe0upoe0p1HqXugrnpXTO9lNZMxJbZrH
1EeLLzBjk2wTeeOJ/FA1II6XN7VzHX5A8DVfpeiXeNkMTy9hezX5FV3z+MHv1Lz8
OQd5I3YfpVaPEZLIF7Kg99U3Tu+hYI/eih4HUkZOshRi8GTYnKRlYCxgbgqgJb33
XsIRXvZcaCm44j5fqi92/2zWY13EpMgFAj/gi28WD8b9yaCcl517Z8sElwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFP2rU2bJaVOU7jYKmYm6PQGaTiqKMB8GA1UdIwQY
MBaAFLnqiTb45TBjtLO98POxWyrmZ+8TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWVxSk52amxNR08wczczdzg3RmJLdVpuN3hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9lYzI5ZTItMzQ0MC00MDlhLTk4NmEt
YjI1MDk5N2ZjNzVkLzEvX2F0VFpzbHBVNVR1TmdxWmlibzlBWnBPS29vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9lYzI5ZTItMzQ0MC00MDlhLTk4NmEtYjI1MDk5N2ZjNzVk
LzEvdWVxSk52amxNR08wczczdzg3RmJLdVpuN3hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCUFqwAwQD
X4yQMA0EAgACMAcDBQAqABgYMA0GCSqGSIb3DQEBCwUAA4IBAQCEha4qE9ldDnSi
T3lhBigB40s3gfubqOuxGalcft+ygn9a2yVOawLnXpaZQjl6/zeCbOnbz8tk+xi7
aHSW1ABwkzRqf1h5F1yO/MmwMa/h+2a9YZR2WsFDsqvnb0A2g+FCX8iMoBV6f+A7
k32smj8q9kPqBg5kUjs0y45lCSZVV4oK0IAg4IrF39fSq7NiOJxoF7j0PeqOj9yJ
7sF0UZ3Y6jGZjovN/jlvH2LIrxRDQ7e8mSlbdk1u7W4aJpYsNeIGI5bRdN5+6kUl
XbkSUKT0XEZsZKeWft5NtEK7+ObEPPyltswTAs7R5qcFTTvYGSRwKLVGxaVoKcbu
BxehIOMh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:15 2024 by rpki-client on console-fra.rpki-client.org