Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/a47cdf-d21b-4f1d-8901-92ec515c595a/1/0DrS_2Z6ypDiUVA1aW5CUZV4Ebo.roa
File: 0DrS_2Z6ypDiUVA1aW5CUZV4Ebo.roa (raw, json)
Hash identifier: f8cqkmV0fY24DyjaS+hyXzQR93ntAe7qeWwI8D3ZXwA=
Subject key identifier: D0:3A:D2:FF:66:7A:CA:90:E2:51:50:35:69:6E:42:51:95:78:11:BA
Certificate issuer: /CN=3bfa6636fe6440acf293b75705a7a1dcada8420b
Certificate serial: 0187CD6B6FA8F6192B63B56A28FD072C49A1
Authority key identifier: 3B:FA:66:36:FE:64:40:AC:F2:93:B7:57:05:A7:A1:DC:AD:A8:42:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O_pmNv5kQKzyk7dXBaeh3K2oQgs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/a47cdf-d21b-4f1d-8901-92ec515c595a/1/0DrS_2Z6ypDiUVA1aW5CUZV4Ebo.roa
Signing time: Sat 29 Apr 2023 14:29:42 +0000
ROA not before: Sat 29 Apr 2023 14:29:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202931
IP address blocks: 80.245.95.0/24 maxlen: 24
80.245.93.0/24 maxlen: 24
79.140.173.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:31:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:cd:6b:6f:a8:f6:19:2b:63:b5:6a:28:fd:07:2c:49:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bfa6636fe6440acf293b75705a7a1dcada8420b
Validity
Not Before: Apr 29 14:29:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d03ad2ff667aca90e2515035696e4251957811ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:5d:7a:d4:06:ce:4e:c5:cc:93:b1:32:98:c3:
ff:df:fc:fc:cc:a6:ad:f8:6e:e5:b7:fc:df:74:30:
17:72:b2:9d:ed:0b:18:b6:84:9e:43:55:b3:96:d8:
fd:c9:8b:3d:4d:68:2c:c1:51:a2:3d:5a:8b:1f:25:
de:00:59:29:99:1d:5d:10:bd:7f:81:8a:44:13:7e:
b6:da:6e:5a:81:c2:22:63:d8:13:89:0f:13:77:6f:
ec:1c:49:09:20:c9:00:59:a7:03:ef:e6:eb:88:fe:
7d:fb:eb:94:f9:64:43:48:29:6d:00:f3:ff:ed:15:
a7:03:60:01:ee:70:c6:9a:0b:03:5e:7c:62:38:5b:
91:eb:da:df:ae:25:a4:cd:a9:eb:76:a4:b3:53:48:
d9:35:1a:db:87:8b:ec:05:c8:64:9d:f3:04:c2:27:
82:fd:12:ff:ca:c0:99:be:36:8b:43:f3:80:32:1c:
56:e5:d0:7d:1d:4e:60:ab:a3:f6:b0:a3:f8:24:94:
29:63:31:52:0d:f5:c6:76:36:25:80:bb:dd:15:85:
86:03:e5:f9:41:86:d3:f1:fb:c9:06:93:c3:23:97:
aa:37:90:a3:9e:44:a3:f6:dd:15:bd:bd:a9:ea:ea:
e1:e2:e3:a2:22:4a:af:55:03:e5:c3:be:42:12:89:
dc:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:3A:D2:FF:66:7A:CA:90:E2:51:50:35:69:6E:42:51:95:78:11:BA
X509v3 Authority Key Identifier:
keyid:3B:FA:66:36:FE:64:40:AC:F2:93:B7:57:05:A7:A1:DC:AD:A8:42:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O_pmNv5kQKzyk7dXBaeh3K2oQgs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a47cdf-d21b-4f1d-8901-92ec515c595a/1/0DrS_2Z6ypDiUVA1aW5CUZV4Ebo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a47cdf-d21b-4f1d-8901-92ec515c595a/1/O_pmNv5kQKzyk7dXBaeh3K2oQgs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.140.173.0/24
80.245.93.0/24
80.245.95.0/24
Signature Algorithm: sha256WithRSAEncryption
65:34:39:43:86:48:0b:7c:53:99:66:c4:0e:da:63:96:f3:14:
dc:d7:1d:8b:fe:f8:68:f9:09:4a:8f:19:22:54:fb:dd:35:ee:
32:1c:3a:59:9d:d6:53:e4:df:a1:54:48:3f:7f:8e:da:88:1a:
f0:72:de:fd:87:e0:49:ef:f9:34:92:f1:05:17:a9:4a:2b:3e:
b4:74:67:fa:a6:7a:6d:20:98:ad:3f:57:cc:f6:cd:4e:b1:f6:
07:a6:13:6b:4e:75:a8:bb:98:a7:17:37:62:0d:75:60:ef:15:
01:ff:1a:bf:cb:90:c5:ca:7d:ca:25:1f:b3:39:fa:1e:a9:a5:
fc:5a:80:9a:71:52:b1:2a:5e:49:b8:2e:36:fc:a4:3b:4f:d9:
81:19:a5:ff:e3:21:05:f1:d7:a6:a4:50:17:e8:bd:5c:f5:b3:
ea:1f:e2:18:2c:98:30:9c:fd:e4:2d:83:59:31:0b:1c:d3:50:
b2:35:3d:31:8c:85:f4:d8:e0:c2:cc:ee:26:d3:5d:c8:06:26:
73:5f:7c:94:d5:d6:0e:9c:d7:7a:55:1f:05:ec:fe:8f:14:8a:
b2:8f:71:bd:91:2b:c8:7c:f7:6d:6e:07:0b:1d:9f:57:6b:4a:
75:b0:b4:55:f8:4b:0e:88:f6:1f:ce:7c:2a:73:0c:20:29:a2:
13:1a:ce:f5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYfNa2+o9hkrY7VqKP0HLEmhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZmE2NjM2ZmU2NDQwYWNmMjkzYjc1NzA1YTdhMWRjYWRh
ODQyMGIwHhcNMjMwNDI5MTQyOTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDNhZDJmZjY2N2FjYTkwZTI1MTUwMzU2OTZlNDI1MTk1NzgxMWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnV161AbOTsXMk7EymMP/3/z8zKat
+G7lt/zfdDAXcrKd7QsYtoSeQ1Wzltj9yYs9TWgswVGiPVqLHyXeAFkpmR1dEL1/
gYpEE3622m5agcIiY9gTiQ8Td2/sHEkJIMkAWacD7+briP59++uU+WRDSCltAPP/
7RWnA2AB7nDGmgsDXnxiOFuR69rfriWkzanrdqSzU0jZNRrbh4vsBchknfMEwieC
/RL/ysCZvjaLQ/OAMhxW5dB9HU5gq6P2sKP4JJQpYzFSDfXGdjYlgLvdFYWGA+X5
QYbT8fvJBpPDI5eqN5CjnkSj9t0Vvb2p6urh4uOiIkqvVQPlw75CEoncRQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNA60v9mesqQ4lFQNWluQlGVeBG6MB8GA1UdIwQY
MBaAFDv6Zjb+ZECs8pO3VwWnodytqEILMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT19wbU52NWtRS3p5azdkWEJhZWgzSzJvUWdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9hNDdjZGYtZDIxYi00ZjFkLTg5MDEt
OTJlYzUxNWM1OTVhLzEvMERyU18yWjZ5cERpVVZBMWFXNUNVWlY0RWJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9hNDdjZGYtZDIxYi00ZjFkLTg5MDEtOTJlYzUxNWM1OTVh
LzEvT19wbU52NWtRS3p5azdkWEJhZWgzSzJvUWdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAT4ytAwQA
UPVdAwQAUPVfMA0GCSqGSIb3DQEBCwUAA4IBAQBlNDlDhkgLfFOZZsQO2mOW8xTc
1x2L/vho+QlKjxkiVPvdNe4yHDpZndZT5N+hVEg/f47aiBrwct79h+BJ7/k0kvEF
F6lKKz60dGf6pnptIJitP1fM9s1OsfYHphNrTnWou5inFzdiDXVg7xUB/xq/y5DF
yn3KJR+zOfoeqaX8WoCacVKxKl5JuC42/KQ7T9mBGaX/4yEF8dempFAX6L1c9bPq
H+IYLJgwnP3kLYNZMQsc01CyNT0xjIX02ODCzO4m013IBiZzX3yU1dYOnNd6VR8F
7P6PFIqyj3G9kSvIfPdtbgcLHZ9Xa0p1sLRV+EsOiPYfznwqcwwgKaITGs71
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:58 2024 by rpki-client on console-fra.rpki-client.org