Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/5124d0-2b3f-4dab-857d-2e639fca4640/1/agf2KZKh6yh4sZYcmeYI6RSCZS0.roa
File: agf2KZKh6yh4sZYcmeYI6RSCZS0.roa (raw, json)
Hash identifier: /nsGWv1x30vZ4w6cH0sweIjKFE5pcAwRw4wPl00Y7Us=
Subject key identifier: 6A:07:F6:29:92:A1:EB:28:78:B1:96:1C:99:E6:08:E9:14:82:65:2D
Certificate issuer: /CN=cc275b217df1de988ca2192a83ae11ddf423a44f
Certificate serial: 01856CC17087ED5FA31202531B271EB5B58B
Authority key identifier: CC:27:5B:21:7D:F1:DE:98:8C:A2:19:2A:83:AE:11:DD:F4:23:A4:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zCdbIX3x3piMohkqg64R3fQjpE8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/5124d0-2b3f-4dab-857d-2e639fca4640/1/agf2KZKh6yh4sZYcmeYI6RSCZS0.roa
Signing time: Sun 01 Jan 2023 09:54:54 +0000
ROA not before: Sun 01 Jan 2023 09:54:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42622
IP address blocks: 80.72.0.0/20 maxlen: 20
185.84.212.0/22 maxlen: 22
2a00:f4c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:c1:70:87:ed:5f:a3:12:02:53:1b:27:1e:b5:b5:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cc275b217df1de988ca2192a83ae11ddf423a44f
Validity
Not Before: Jan 1 09:54:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6a07f62992a1eb2878b1961c99e608e91482652d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:01:35:b1:69:9c:d2:81:66:67:a9:17:f4:84:
67:62:d9:71:21:6e:ba:af:b0:de:b7:a5:4d:50:7a:
01:dc:6b:33:12:84:0c:1c:8d:39:80:e2:b9:8e:64:
42:38:8f:c2:ef:17:2e:44:7a:74:69:74:d0:dd:eb:
43:2b:95:73:a3:05:ce:be:60:6f:a3:00:9f:7e:49:
b5:27:1a:e9:ca:9e:83:e0:37:c1:a9:08:ad:a0:ea:
66:f8:2e:d3:4b:f2:c7:97:ec:fd:98:5c:69:b7:ea:
19:66:a3:e2:2a:3a:0e:3d:f4:b3:dc:00:08:ec:d6:
7c:9e:4e:1e:76:fa:8d:76:e1:67:08:0c:5a:55:99:
06:5e:a6:3b:fb:f5:7b:8f:08:f7:57:f3:09:23:d5:
2d:4d:96:fe:de:68:fd:69:8a:b0:82:d5:7a:d5:d0:
bc:94:29:4c:f4:1d:f6:b4:b4:06:e2:af:29:a4:3f:
a0:7b:f9:3f:76:ee:70:f7:a8:3b:b3:f7:85:5a:aa:
00:2e:09:78:fc:0b:ef:69:9e:94:a5:58:85:cc:4d:
2f:22:75:ae:a6:9b:d2:a9:73:0d:f9:02:10:31:e1:
77:25:5d:75:b8:16:1b:e5:70:29:0f:53:00:e8:72:
1d:1a:34:b4:69:bb:35:ca:83:0c:ae:8b:ab:99:17:
c1:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:07:F6:29:92:A1:EB:28:78:B1:96:1C:99:E6:08:E9:14:82:65:2D
X509v3 Authority Key Identifier:
keyid:CC:27:5B:21:7D:F1:DE:98:8C:A2:19:2A:83:AE:11:DD:F4:23:A4:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zCdbIX3x3piMohkqg64R3fQjpE8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/5124d0-2b3f-4dab-857d-2e639fca4640/1/agf2KZKh6yh4sZYcmeYI6RSCZS0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/5124d0-2b3f-4dab-857d-2e639fca4640/1/zCdbIX3x3piMohkqg64R3fQjpE8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.72.0.0/20
185.84.212.0/22
IPv6:
2a00:f4c0::/32
Signature Algorithm: sha256WithRSAEncryption
6f:9e:61:83:c4:91:4c:d8:46:4f:36:9c:67:19:fc:3b:42:47:
52:d7:58:26:ac:16:d2:76:eb:5f:1a:e4:1c:70:44:f7:e5:e1:
8e:b9:cc:07:7c:5f:d4:f4:23:7a:07:58:c6:4e:9f:0a:ed:c0:
4b:fe:74:f4:13:ec:d7:d3:b5:cc:e3:c8:d9:95:af:5c:e2:47:
a1:66:0e:36:34:31:2a:bb:a3:9b:df:33:8d:c7:04:17:c6:b5:
9f:0e:db:c4:df:a9:63:de:64:d6:45:bd:2d:06:c3:16:a4:aa:
1e:2c:7f:e8:27:fd:45:70:8e:68:79:82:75:c9:20:49:e1:42:
32:c2:22:a6:1a:f1:58:fa:dc:bc:ba:e2:92:96:67:08:7d:f6:
42:63:99:1e:48:f4:ab:7e:01:b3:96:7d:e6:78:f2:28:01:a6:
f3:14:53:ec:1a:7d:79:2b:82:2c:53:31:91:0d:c2:34:70:40:
1a:07:69:ff:4b:f5:2c:1d:60:1f:42:e3:10:66:83:88:0e:06:
66:6b:8d:0a:26:f0:00:db:22:76:72:08:ee:7d:1e:50:6f:f1:
ce:32:00:86:c6:5e:d4:e3:ff:79:79:34:70:de:87:ad:35:69:
bc:9e:41:b8:74:08:47:d0:57:3c:f3:fc:92:7d:58:f8:9e:cb:
97:c2:44:e0
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVswXCH7V+jEgJTGycetbWLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjMjc1YjIxN2RmMWRlOTg4Y2EyMTkyYTgzYWUxMWRkZjQy
M2E0NGYwHhcNMjMwMTAxMDk1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTA3ZjYyOTkyYTFlYjI4NzhiMTk2MWM5OWU2MDhlOTE0ODI2NTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3gE1sWmc0oFmZ6kX9IRnYtlxIW66
r7Det6VNUHoB3GszEoQMHI05gOK5jmRCOI/C7xcuRHp0aXTQ3etDK5VzowXOvmBv
owCffkm1Jxrpyp6D4DfBqQitoOpm+C7TS/LHl+z9mFxpt+oZZqPiKjoOPfSz3AAI
7NZ8nk4edvqNduFnCAxaVZkGXqY7+/V7jwj3V/MJI9UtTZb+3mj9aYqwgtV61dC8
lClM9B32tLQG4q8ppD+ge/k/du5w96g7s/eFWqoALgl4/AvvaZ6UpViFzE0vInWu
ppvSqXMN+QIQMeF3JV11uBYb5XApD1MA6HIdGjS0abs1yoMMrourmRfB4wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGoH9imSoesoeLGWHJnmCOkUgmUtMB8GA1UdIwQY
MBaAFMwnWyF98d6YjKIZKoOuEd30I6RPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekNkYklYM3gzcGlNb2hrcWc2NFIzZlFqcEU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS81MTI0ZDAtMmIzZi00ZGFiLTg1N2Qt
MmU2MzlmY2E0NjQwLzEvYWdmMktaS2g2eWg0c1pZY21lWUk2UlNDWlMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS81MTI0ZDAtMmIzZi00ZGFiLTg1N2QtMmU2MzlmY2E0NjQw
LzEvekNkYklYM3gzcGlNb2hrcWc2NFIzZlFqcEU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEUEgAAwQC
uVTUMA0EAgACMAcDBQAqAPTAMA0GCSqGSIb3DQEBCwUAA4IBAQBvnmGDxJFM2EZP
NpxnGfw7QkdS11gmrBbSdutfGuQccET35eGOucwHfF/U9CN6B1jGTp8K7cBL/nT0
E+zX07XM48jZla9c4kehZg42NDEqu6Ob3zONxwQXxrWfDtvE36lj3mTWRb0tBsMW
pKoeLH/oJ/1FcI5oeYJ1ySBJ4UIywiKmGvFY+ty8uuKSlmcIffZCY5keSPSrfgGz
ln3mePIoAabzFFPsGn15K4IsUzGRDcI0cEAaB2n/S/UsHWAfQuMQZoOIDgZma40K
JvAA2yJ2cgjufR5Qb/HOMgCGxl7U4/95eTRw3oetNWm8nkG4dAhH0Fc88/ySfVj4
nsuXwkTg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:11 2024 by rpki-client on console-fra.rpki-client.org