Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/a47cdf-d21b-4f1d-8901-92ec515c595a/1/C8-FaAirgP6x8WAPLfZmL1M_7Js.roa
File: C8-FaAirgP6x8WAPLfZmL1M_7Js.roa (raw, json)
Hash identifier: C3BMc3cVoS3zQbH/Bsbtx8vin0u3yK3eubO36E6pLxY=
Subject key identifier: 0B:CF:85:68:08:AB:80:FE:B1:F1:60:0F:2D:F6:66:2F:53:3F:EC:9B
Certificate issuer: /CN=3bfa6636fe6440acf293b75705a7a1dcada8420b
Certificate serial: 018CC8709503C0A33D54E09BC59C84691CEC
Authority key identifier: 3B:FA:66:36:FE:64:40:AC:F2:93:B7:57:05:A7:A1:DC:AD:A8:42:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O_pmNv5kQKzyk7dXBaeh3K2oQgs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/a47cdf-d21b-4f1d-8901-92ec515c595a/1/C8-FaAirgP6x8WAPLfZmL1M_7Js.roa
Signing time: Tue 02 Jan 2024 04:31:10 +0000
ROA not before: Tue 02 Jan 2024 04:31:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43870
IP address blocks: 80.245.80.0/22 maxlen: 24
80.245.80.0/20 maxlen: 24
80.245.84.0/23 maxlen: 24
149.3.184.0/21 maxlen: 24
79.140.160.0/20 maxlen: 24
79.140.160.0/21 maxlen: 24
79.140.168.0/22 maxlen: 24
79.140.172.0/24 maxlen: 24
79.140.174.0/23 maxlen: 24
2a00:cce0::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:50:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:70:95:03:c0:a3:3d:54:e0:9b:c5:9c:84:69:1c:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bfa6636fe6440acf293b75705a7a1dcada8420b
Validity
Not Before: Jan 2 04:31:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0bcf856808ab80feb1f1600f2df6662f533fec9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:5c:08:72:e8:23:ef:45:f1:e3:4a:13:07:95:
eb:c3:2d:be:f3:31:a3:d9:83:08:7b:76:1a:23:47:
42:5b:1d:39:47:c9:b6:a0:69:1c:2d:19:56:6f:17:
6b:ca:19:d5:58:32:ff:8a:8d:fd:d0:e2:99:ed:13:
aa:c5:ca:a2:83:a7:0c:6e:23:71:6f:6c:aa:9e:92:
74:3f:a4:f3:60:58:dd:2d:78:c2:11:0c:87:4d:4d:
fd:46:94:ce:13:fb:c5:bf:d6:30:49:54:d2:84:fc:
1c:fa:45:86:28:98:62:ca:f9:78:27:80:d6:56:15:
16:a1:83:0b:2c:df:c7:58:44:0b:23:f5:27:41:ef:
7a:40:50:f6:2c:d2:92:f2:4b:6d:6c:c2:fe:89:61:
b3:c3:20:5a:21:4c:49:80:3f:5b:88:9d:98:ff:83:
a7:53:df:36:2c:ce:f5:3a:94:4d:f3:ca:eb:ab:b8:
27:9e:f6:78:b9:91:fe:12:b5:3e:73:b0:ce:5d:8d:
f5:0a:d9:33:69:dd:3c:fc:38:c1:41:48:cf:9e:73:
86:5d:91:2c:64:e7:d0:24:b5:2b:73:c1:b4:10:7d:
cb:e1:fe:d7:2f:b1:f5:3f:95:a6:5b:46:07:fa:a4:
04:bf:a8:36:7f:ed:ad:69:a3:32:df:e0:ac:89:b4:
b6:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:CF:85:68:08:AB:80:FE:B1:F1:60:0F:2D:F6:66:2F:53:3F:EC:9B
X509v3 Authority Key Identifier:
keyid:3B:FA:66:36:FE:64:40:AC:F2:93:B7:57:05:A7:A1:DC:AD:A8:42:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O_pmNv5kQKzyk7dXBaeh3K2oQgs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a47cdf-d21b-4f1d-8901-92ec515c595a/1/C8-FaAirgP6x8WAPLfZmL1M_7Js.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a47cdf-d21b-4f1d-8901-92ec515c595a/1/O_pmNv5kQKzyk7dXBaeh3K2oQgs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.140.160.0/20
80.245.80.0/20
149.3.184.0/21
IPv6:
2a00:cce0::/32
Signature Algorithm: sha256WithRSAEncryption
78:f6:66:e1:7d:74:3a:b5:18:60:ee:67:9a:9c:c5:b5:67:ec:
de:e6:14:48:83:fd:eb:37:13:6b:37:d2:b0:32:4a:44:5b:f6:
82:ce:f8:62:53:a3:b3:18:e9:8f:b7:92:ed:26:7b:46:a7:57:
7d:23:70:a9:e6:65:d7:e3:9f:3a:27:4d:b6:c2:74:b7:b7:b5:
a6:a5:69:a2:70:7e:bf:5b:58:08:05:57:f8:c5:c3:da:bc:ec:
ba:f4:fc:25:e1:0a:bd:85:11:28:4b:00:12:5c:13:d3:1b:31:
bb:e3:a3:25:56:76:7a:2a:89:86:7c:82:4c:9f:e7:a9:17:4a:
f0:4b:85:5c:85:28:1c:ac:0c:1b:7f:2a:87:18:5e:bc:9f:63:
db:62:22:e4:70:08:3d:13:81:94:cc:d8:de:ca:72:37:a3:85:
59:d0:12:61:2c:ab:b2:2d:f4:df:e3:b9:50:d2:15:44:77:fd:
fc:72:12:e5:d1:08:77:4d:07:fc:c2:3a:c2:c4:ef:18:0c:3c:
d6:4f:87:7e:43:52:59:aa:ef:ec:b3:26:0d:00:df:08:63:e7:
7f:84:54:82:41:58:7f:02:66:91:c7:f4:92:93:2c:d7:00:a8:
ab:79:f6:53:a1:51:c5:02:f4:4b:db:28:79:a2:25:bc:21:f3:
fe:ee:91:ee
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzIcJUDwKM9VOCbxZyEaRzsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZmE2NjM2ZmU2NDQwYWNmMjkzYjc1NzA1YTdhMWRjYWRh
ODQyMGIwHhcNMjQwMTAyMDQzMTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmNmODU2ODA4YWI4MGZlYjFmMTYwMGYyZGY2NjYyZjUzM2ZlYzliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4FwIcugj70Xx40oTB5Xrwy2+8zGj
2YMIe3YaI0dCWx05R8m2oGkcLRlWbxdryhnVWDL/io390OKZ7ROqxcqig6cMbiNx
b2yqnpJ0P6TzYFjdLXjCEQyHTU39RpTOE/vFv9YwSVTShPwc+kWGKJhiyvl4J4DW
VhUWoYMLLN/HWEQLI/UnQe96QFD2LNKS8kttbML+iWGzwyBaIUxJgD9biJ2Y/4On
U982LM71OpRN88rrq7gnnvZ4uZH+ErU+c7DOXY31Ctkzad08/DjBQUjPnnOGXZEs
ZOfQJLUrc8G0EH3L4f7XL7H1P5WmW0YH+qQEv6g2f+2taaMy3+CsibS2MwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFAvPhWgIq4D+sfFgDy32Zi9TP+ybMB8GA1UdIwQY
MBaAFDv6Zjb+ZECs8pO3VwWnodytqEILMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT19wbU52NWtRS3p5azdkWEJhZWgzSzJvUWdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9hNDdjZGYtZDIxYi00ZjFkLTg5MDEt
OTJlYzUxNWM1OTVhLzEvQzgtRmFBaXJnUDZ4OFdBUExmWm1MMU1fN0pzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9hNDdjZGYtZDIxYi00ZjFkLTg5MDEtOTJlYzUxNWM1OTVh
LzEvT19wbU52NWtRS3p5azdkWEJhZWgzSzJvUWdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQET4ygAwQE
UPVQAwQDlQO4MA0EAgACMAcDBQAqAMzgMA0GCSqGSIb3DQEBCwUAA4IBAQB49mbh
fXQ6tRhg7meanMW1Z+ze5hRIg/3rNxNrN9KwMkpEW/aCzvhiU6OzGOmPt5LtJntG
p1d9I3Cp5mXX4586J022wnS3t7WmpWmicH6/W1gIBVf4xcPavOy69Pwl4Qq9hREo
SwASXBPTGzG746MlVnZ6KomGfIJMn+epF0rwS4VchSgcrAwbfyqHGF68n2PbYiLk
cAg9E4GUzNjeynI3o4VZ0BJhLKuyLfTf47lQ0hVEd/38chLl0Qh3TQf8wjrCxO8Y
DDzWT4d+Q1JZqu/ssyYNAN8IY+d/hFSCQVh/AmaRx/SSkyzXAKirefZToVHFAvRL
2yh5oiW8IfP+7pHu
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:45:04 2025 by rpki-client