Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/b0fb0b-b96a-4390-86a8-6fe35ae54a5b/1/rSsqB6btLLlXFGHXjgqRdYUICvA.roa
File: rSsqB6btLLlXFGHXjgqRdYUICvA.roa (raw, json)
Hash identifier: dqtC3PgDR70SBDQtq3zA59+GYIubU56skwUkLlhEaXY=
Subject key identifier: AD:2B:2A:07:A6:ED:2C:B9:57:14:61:D7:8E:0A:91:75:85:08:0A:F0
Certificate issuer: /CN=4568d0a7204560b6356d837bbf1510d9636df63a
Certificate serial: 019011CEA7B8F6FBC550948FE906BC7569FE
Authority key identifier: 45:68:D0:A7:20:45:60:B6:35:6D:83:7B:BF:15:10:D9:63:6D:F6:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RWjQpyBFYLY1bYN7vxUQ2WNt9jo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/b0fb0b-b96a-4390-86a8-6fe35ae54a5b/1/rSsqB6btLLlXFGHXjgqRdYUICvA.roa
Signing time: Thu 13 Jun 2024 13:34:34 +0000
ROA not before: Thu 13 Jun 2024 13:34:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20521
IP address blocks: 80.245.208.0/20 maxlen: 32
2a00:1cc0::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 06 Aug 2024 04:02:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:11:ce:a7:b8:f6:fb:c5:50:94:8f:e9:06:bc:75:69:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4568d0a7204560b6356d837bbf1510d9636df63a
Validity
Not Before: Jun 13 13:34:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ad2b2a07a6ed2cb9571461d78e0a917585080af0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:02:f5:17:2c:a9:e0:15:2d:e9:b6:b3:88:be:
3a:08:56:33:2f:6a:fd:46:64:5f:ef:a4:58:8e:09:
d5:9e:08:07:a0:d0:f1:89:50:04:3c:16:38:69:8d:
54:04:4f:93:d8:6f:42:d4:56:95:f9:fe:6c:35:57:
d3:bc:1d:49:0a:0c:8a:7b:e0:62:c1:00:31:8f:90:
8d:f6:a4:2f:52:ce:b6:1c:c3:06:cc:a6:50:e4:e0:
83:82:ad:4e:39:47:64:22:88:c9:f3:81:27:28:5a:
2d:46:5e:32:71:35:9c:e6:62:63:8e:9a:cf:f5:b3:
fd:d3:7d:b3:09:84:01:3d:60:12:50:8f:0d:44:65:
f4:aa:ce:2a:9c:d1:3d:ef:02:78:3f:3c:65:fc:ce:
75:51:3d:50:e5:fa:4e:f1:2e:24:a1:79:a6:d9:4f:
fa:0b:4f:50:c6:a7:4a:fe:bc:be:03:0d:60:ea:e7:
8a:e1:c7:72:0a:ab:ee:a5:bc:ee:a6:af:67:cd:3a:
38:0e:df:82:3a:12:68:1e:50:8e:1e:b2:34:0f:ae:
e7:91:7b:36:9d:ac:21:ba:d8:8e:1a:fb:58:f0:27:
bb:76:3d:54:da:a0:0b:84:a3:ca:1f:f9:11:ee:ad:
d1:6c:03:d1:ea:ec:37:42:2b:56:6c:8d:e4:df:3f:
7f:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:2B:2A:07:A6:ED:2C:B9:57:14:61:D7:8E:0A:91:75:85:08:0A:F0
X509v3 Authority Key Identifier:
keyid:45:68:D0:A7:20:45:60:B6:35:6D:83:7B:BF:15:10:D9:63:6D:F6:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RWjQpyBFYLY1bYN7vxUQ2WNt9jo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/b0fb0b-b96a-4390-86a8-6fe35ae54a5b/1/rSsqB6btLLlXFGHXjgqRdYUICvA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/b0fb0b-b96a-4390-86a8-6fe35ae54a5b/1/RWjQpyBFYLY1bYN7vxUQ2WNt9jo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.245.208.0/20
IPv6:
2a00:1cc0::/32
Signature Algorithm: sha256WithRSAEncryption
49:6e:8b:73:1c:f8:77:18:9c:3c:c5:ab:95:69:86:16:b8:c3:
aa:3a:4e:76:e7:97:db:24:81:fd:29:8d:a8:d4:2f:c6:de:2d:
3f:d9:0e:54:3c:08:8c:dc:ac:e6:d2:4f:56:a1:38:ef:85:4f:
57:1c:32:35:9a:ac:e3:a4:57:3c:0f:c3:fa:08:e6:29:8a:51:
66:3b:61:c6:c6:bd:a7:53:6d:1b:c4:83:61:7d:c8:78:c9:6e:
68:bd:3f:f4:0b:91:7d:97:9d:d9:3b:44:a1:04:b8:59:a1:8f:
81:fa:4e:11:c1:fb:2b:8b:35:58:10:1b:62:c5:92:d2:34:8d:
8e:37:5d:c0:09:a3:63:55:9b:ed:9f:e5:1f:e1:9c:fb:03:8f:
bb:cc:8e:3c:a5:84:ce:ed:15:27:1b:ba:60:a2:cc:de:b8:75:
76:c6:ec:48:e7:f6:fc:62:02:d2:d0:2b:f1:66:d0:db:ad:88:
48:4c:b5:c7:ba:c3:61:78:45:88:7a:51:af:bc:1f:f2:fe:d7:
73:5c:9f:c8:9e:34:49:19:4a:34:dc:d9:ae:c2:37:96:88:d3:
fd:50:9a:d3:0f:05:b0:94:f3:0b:83:e4:2f:de:7f:2e:a3:cd:
f7:e3:4e:b3:c6:6d:8f:15:e3:4e:28:5a:6c:84:8e:c4:0c:27:
b0:05:0a:6f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZARzqe49vvFUJSP6Qa8dWn+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1NjhkMGE3MjA0NTYwYjYzNTZkODM3YmJmMTUxMGQ5NjM2
ZGY2M2EwHhcNMjQwNjEzMTMzNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDJiMmEwN2E2ZWQyY2I5NTcxNDYxZDc4ZTBhOTE3NTg1MDgwYWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAogL1Fyyp4BUt6baziL46CFYzL2r9
RmRf76RYjgnVnggHoNDxiVAEPBY4aY1UBE+T2G9C1FaV+f5sNVfTvB1JCgyKe+Bi
wQAxj5CN9qQvUs62HMMGzKZQ5OCDgq1OOUdkIojJ84EnKFotRl4ycTWc5mJjjprP
9bP9032zCYQBPWASUI8NRGX0qs4qnNE97wJ4Pzxl/M51UT1Q5fpO8S4koXmm2U/6
C09QxqdK/ry+Aw1g6ueK4cdyCqvupbzupq9nzTo4Dt+COhJoHlCOHrI0D67nkXs2
nawhutiOGvtY8Ce7dj1U2qALhKPKH/kR7q3RbAPR6uw3QitWbI3k3z9/nQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFK0rKgem7Sy5VxRh144KkXWFCArwMB8GA1UdIwQY
MBaAFEVo0KcgRWC2NW2De78VENljbfY6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUldqUXB5QkZZTFkxYllON3Z4VVEyV050OWpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS9iMGZiMGItYjk2YS00MzkwLTg2YTgt
NmZlMzVhZTU0YTViLzEvclNzcUI2YnRMTGxYRkdIWGpncVJkWVVJQ3ZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS9iMGZiMGItYjk2YS00MzkwLTg2YTgtNmZlMzVhZTU0YTVi
LzEvUldqUXB5QkZZTFkxYllON3Z4VVEyV050OWpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQEUPXQMA0E
AgACMAcDBQAqABzAMA0GCSqGSIb3DQEBCwUAA4IBAQBJbotzHPh3GJw8xauVaYYW
uMOqOk5255fbJIH9KY2o1C/G3i0/2Q5UPAiM3Kzm0k9WoTjvhU9XHDI1mqzjpFc8
D8P6COYpilFmO2HGxr2nU20bxINhfch4yW5ovT/0C5F9l53ZO0ShBLhZoY+B+k4R
wfsrizVYEBtixZLSNI2ON13ACaNjVZvtn+Uf4Zz7A4+7zI48pYTO7RUnG7pgosze
uHV2xuxI5/b8YgLS0CvxZtDbrYhITLXHusNheEWIelGvvB/y/tdzXJ/InjRJGUo0
3NmuwjeWiNP9UJrTDwWwlPMLg+Qv3n8uo833406zxm2PFeNOKFpshI7EDCewBQpv
-----END CERTIFICATE-----
Generated at Tue Aug 6 05:14:52 2024 by rpki-client on console-fra.rpki-client.org