Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/a47cdf-d21b-4f1d-8901-92ec515c595a/1/1-PuwUtnsexYi4_BAcRyPORhNHYs.roa
File: 1-PuwUtnsexYi4_BAcRyPORhNHYs.roa (raw, json)
Hash identifier: i69At/4b0Df8hyYwgaF97LxMJvjTZGdzrX1mU6gmU20=
Subject key identifier: F8:FB:B0:52:D9:EC:7B:16:22:E3:F0:40:71:1C:8F:39:18:4D:1D:8B
Certificate issuer: /CN=3bfa6636fe6440acf293b75705a7a1dcada8420b
Certificate serial: 018737C9F3E3FBDB0352D0D9D4B92EE6D130
Authority key identifier: 3B:FA:66:36:FE:64:40:AC:F2:93:B7:57:05:A7:A1:DC:AD:A8:42:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O_pmNv5kQKzyk7dXBaeh3K2oQgs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/a47cdf-d21b-4f1d-8901-92ec515c595a/1/1-PuwUtnsexYi4_BAcRyPORhNHYs.roa
Signing time: Fri 31 Mar 2023 13:09:54 +0000
ROA not before: Fri 31 Mar 2023 13:09:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43870
IP address blocks: 80.245.80.0/20 maxlen: 24
149.3.184.0/21 maxlen: 24
79.140.160.0/20 maxlen: 24
2a00:cce0::/32 maxlen: 32
Validation: Failed, certificate revoked on Sat 29 Apr 2023 14:20:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:37:c9:f3:e3:fb:db:03:52:d0:d9:d4:b9:2e:e6:d1:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bfa6636fe6440acf293b75705a7a1dcada8420b
Validity
Not Before: Mar 31 13:09:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f8fbb052d9ec7b1622e3f040711c8f39184d1d8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:20:94:b2:f4:6c:eb:5b:bb:20:5d:09:61:f6:
44:15:91:e9:e6:35:6e:bc:40:b7:43:7a:13:2b:e8:
09:4f:29:45:15:67:d3:fe:93:7d:88:30:27:25:19:
49:78:07:31:15:33:3e:2f:3e:57:41:ba:f1:77:0e:
8d:77:19:64:97:00:be:21:3f:71:0d:8a:3b:43:15:
b4:a8:41:06:bc:6a:57:d1:b3:6d:70:f3:24:3d:95:
5e:63:41:dc:b8:57:03:91:03:43:a2:98:ae:01:b5:
e1:18:a7:9c:55:68:6d:9e:fc:49:fc:e0:fd:95:1f:
a1:bd:61:47:19:e1:00:76:31:32:bd:73:af:ef:62:
f6:14:19:7d:ed:83:d7:2f:c4:fc:da:bd:6d:54:f1:
0d:1f:55:67:0a:b8:0b:cb:9d:c8:85:fa:ed:a5:a7:
6e:6a:a9:27:7d:24:36:b9:ac:02:dc:de:18:af:c6:
bb:77:e7:d5:78:ca:c0:66:7c:5f:22:dd:e3:93:dc:
72:9b:41:d2:bf:e4:a4:c7:ee:65:cd:ce:d7:e0:9a:
cc:9d:f4:16:49:fb:d5:55:a6:62:29:aa:8a:b6:96:
bd:77:38:e3:7b:dc:25:c1:53:bd:65:12:30:58:51:
2f:69:90:e8:d1:6c:b8:64:c7:9e:8d:e7:fa:c2:1f:
fe:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:FB:B0:52:D9:EC:7B:16:22:E3:F0:40:71:1C:8F:39:18:4D:1D:8B
X509v3 Authority Key Identifier:
keyid:3B:FA:66:36:FE:64:40:AC:F2:93:B7:57:05:A7:A1:DC:AD:A8:42:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O_pmNv5kQKzyk7dXBaeh3K2oQgs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a47cdf-d21b-4f1d-8901-92ec515c595a/1/1-PuwUtnsexYi4_BAcRyPORhNHYs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a47cdf-d21b-4f1d-8901-92ec515c595a/1/O_pmNv5kQKzyk7dXBaeh3K2oQgs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.140.160.0/20
80.245.80.0/20
149.3.184.0/21
IPv6:
2a00:cce0::/32
Signature Algorithm: sha256WithRSAEncryption
a1:4e:87:28:f3:a2:2f:4b:5b:13:e8:8b:26:6d:62:d6:c5:24:
62:90:f0:1b:9d:8d:92:79:17:68:19:82:f4:5c:56:ed:6a:8a:
99:4a:da:8f:86:46:14:a7:50:e9:7d:5b:a4:8d:6b:da:29:9e:
72:b6:b6:4c:0d:67:30:e5:51:5e:89:02:80:4f:d0:44:d2:d2:
14:bb:d0:2f:b4:8a:e0:17:e2:f1:b4:c4:d5:46:5b:25:02:cc:
ad:b9:4f:59:3c:25:1d:dd:85:b9:e3:23:81:39:1d:75:7d:5b:
cd:d7:12:9e:c7:a7:27:3f:bf:13:d2:f6:5c:ba:78:59:ed:0b:
0d:9c:91:ec:39:62:5d:46:bf:58:59:82:22:e8:0f:53:c9:63:
28:0c:20:fb:75:1b:55:e2:35:17:41:3d:4f:86:9f:06:b9:62:
d5:55:bf:a9:33:1c:66:71:b4:12:f7:2b:f5:26:9f:22:e7:77:
8e:17:40:0c:08:85:5d:f6:ff:35:22:25:01:b3:b8:0d:ef:60:
ca:f8:8e:c1:91:02:06:8e:62:3d:4b:31:73:bf:8d:02:d5:4e:
25:9e:b4:7d:35:5a:62:fa:75:17:1d:d6:64:08:25:b6:bb:4a:
f2:0b:7a:e1:4c:93:c2:1a:af:06:62:c7:44:36:fc:46:fa:55:
40:3a:3c:24
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYc3yfPj+9sDUtDZ1Lku5tEwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZmE2NjM2ZmU2NDQwYWNmMjkzYjc1NzA1YTdhMWRjYWRh
ODQyMGIwHhcNMjMwMzMxMTMwOTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGZiYjA1MmQ5ZWM3YjE2MjJlM2YwNDA3MTFjOGYzOTE4NGQxZDhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmiCUsvRs61u7IF0JYfZEFZHp5jVu
vEC3Q3oTK+gJTylFFWfT/pN9iDAnJRlJeAcxFTM+Lz5XQbrxdw6NdxlklwC+IT9x
DYo7QxW0qEEGvGpX0bNtcPMkPZVeY0HcuFcDkQNDopiuAbXhGKecVWhtnvxJ/OD9
lR+hvWFHGeEAdjEyvXOv72L2FBl97YPXL8T82r1tVPENH1VnCrgLy53Ihfrtpadu
aqknfSQ2uawC3N4Yr8a7d+fVeMrAZnxfIt3jk9xym0HSv+Skx+5lzc7X4JrMnfQW
SfvVVaZiKaqKtpa9dzjje9wlwVO9ZRIwWFEvaZDo0Wy4ZMeejef6wh/+XQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFPj7sFLZ7HsWIuPwQHEcjzkYTR2LMB8GA1UdIwQY
MBaAFDv6Zjb+ZECs8pO3VwWnodytqEILMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT19wbU52NWtRS3p5azdkWEJhZWgzSzJvUWdzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9hNDdjZGYtZDIxYi00ZjFkLTg5MDEt
OTJlYzUxNWM1OTVhLzEvMS1QdXdVdG5zZXhZaTRfQkFjUnlQT1JoTkhZcy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYjYvYTQ3Y2RmLWQyMWItNGYxZC04OTAxLTkyZWM1MTVjNTk1
YS8xL09fcG1OdjVrUUt6eWs3ZFhCYWVoM0syb1Fncy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA6BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEBE+MoAME
BFD1UAMEA5UDuDANBAIAAjAHAwUAKgDM4DANBgkqhkiG9w0BAQsFAAOCAQEAoU6H
KPOiL0tbE+iLJm1i1sUkYpDwG52NknkXaBmC9FxW7WqKmUraj4ZGFKdQ6X1bpI1r
2imecra2TA1nMOVRXokCgE/QRNLSFLvQL7SK4Bfi8bTE1UZbJQLMrblPWTwlHd2F
ueMjgTkddX1bzdcSnsenJz+/E9L2XLp4We0LDZyR7DliXUa/WFmCIugPU8ljKAwg
+3UbVeI1F0E9T4afBrli1VW/qTMcZnG0Evcr9SafIud3jhdADAiFXfb/NSIlAbO4
De9gyviOwZECBo5iPUsxc7+NAtVOJZ60fTVaYvp1Fx3WZAgltrtK8gt64UyTwhqv
BmLHRDb8RvpVQDo8JA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:58 2024 by rpki-client on console-fra.rpki-client.org