Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/a4c6f1-7c93-45ee-8eaf-4394052cd65e/1/bD3_2vQDJrbW_Z7s-Tdw3Oh5tjw.roa
File: bD3_2vQDJrbW_Z7s-Tdw3Oh5tjw.roa (raw, json)
Hash identifier: aeFDLPQJIJ+e4Xr3AIKQz0jkfNgq2vkw7SRQdzpquD0=
Subject key identifier: 6C:3D:FF:DA:F4:03:26:B6:D6:FD:9E:EC:F9:37:70:DC:E8:79:B6:3C
Certificate issuer: /CN=c1adbdfe01e9a3f96d50022c3cdafdc3e1a8d988
Certificate serial: 018CCA2B4C1AA74CD24C927192C82494145D
Authority key identifier: C1:AD:BD:FE:01:E9:A3:F9:6D:50:02:2C:3C:DA:FD:C3:E1:A8:D9:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wa29_gHpo_ltUAIsPNr9w-Go2Yg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/a4c6f1-7c93-45ee-8eaf-4394052cd65e/1/bD3_2vQDJrbW_Z7s-Tdw3Oh5tjw.roa
Signing time: Tue 02 Jan 2024 12:34:44 +0000
ROA not before: Tue 02 Jan 2024 12:34:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35328
IP address blocks: 80.87.208.0/21 maxlen: 21
80.87.208.0/20 maxlen: 20
80.87.216.0/21 maxlen: 21
145.255.144.0/21 maxlen: 21
145.255.144.0/20 maxlen: 20
77.234.240.0/20 maxlen: 20
217.31.40.0/21 maxlen: 21
46.18.144.0/22 maxlen: 22
46.18.144.0/21 maxlen: 21
46.18.148.0/22 maxlen: 22
185.42.4.0/22 maxlen: 22
185.42.4.0/23 maxlen: 23
77.234.224.0/19 maxlen: 19
77.234.224.0/20 maxlen: 20
185.42.6.0/23 maxlen: 23
217.31.32.0/20 maxlen: 20
217.31.32.0/21 maxlen: 21
145.255.152.0/21 maxlen: 21
2a00:e380::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:50:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:4c:1a:a7:4c:d2:4c:92:71:92:c8:24:94:14:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1adbdfe01e9a3f96d50022c3cdafdc3e1a8d988
Validity
Not Before: Jan 2 12:34:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6c3dffdaf40326b6d6fd9eecf93770dce879b63c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:5d:7a:37:a4:02:af:f2:33:ce:9f:d4:5a:05:
ef:f4:d3:b2:62:c8:10:fe:e1:c8:78:68:e8:54:2b:
14:67:7f:ac:b4:ee:b3:18:86:19:11:23:85:38:8f:
4a:ef:d5:b1:bb:2b:68:a3:8b:99:1f:51:dd:e4:17:
63:89:52:a1:b8:69:be:4b:d8:bf:5e:00:59:9d:cc:
09:f1:2d:2f:cf:ac:cb:60:da:8f:61:34:65:16:82:
a1:62:37:9b:c7:6e:44:43:a6:aa:fe:39:d2:02:b5:
5a:b5:45:8d:e3:1a:af:8b:58:d9:37:d4:42:f9:b7:
65:40:75:cd:3e:06:65:29:bd:84:6d:e2:4a:3e:37:
60:55:46:bf:eb:d6:49:1b:65:8c:3c:c4:a1:2c:f2:
40:f0:1e:c4:93:09:ed:f8:6f:e7:5b:70:85:26:0a:
49:41:bb:0f:e4:b6:90:20:db:e4:22:a4:9a:3a:f2:
c8:98:34:dc:30:b8:7c:aa:b5:7a:d3:80:3c:e7:c5:
a1:dc:a0:bf:2c:12:16:c9:54:0a:11:88:74:c9:83:
87:f9:ce:f1:01:df:73:3c:ac:65:38:b1:df:45:07:
4e:3d:cc:b0:c5:9c:bb:e1:41:34:52:08:c5:4c:92:
9a:78:55:5d:c9:83:1d:6d:27:b8:94:09:df:72:a8:
86:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:3D:FF:DA:F4:03:26:B6:D6:FD:9E:EC:F9:37:70:DC:E8:79:B6:3C
X509v3 Authority Key Identifier:
keyid:C1:AD:BD:FE:01:E9:A3:F9:6D:50:02:2C:3C:DA:FD:C3:E1:A8:D9:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wa29_gHpo_ltUAIsPNr9w-Go2Yg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/a4c6f1-7c93-45ee-8eaf-4394052cd65e/1/bD3_2vQDJrbW_Z7s-Tdw3Oh5tjw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/a4c6f1-7c93-45ee-8eaf-4394052cd65e/1/wa29_gHpo_ltUAIsPNr9w-Go2Yg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.18.144.0/21
77.234.224.0/19
80.87.208.0/20
145.255.144.0/20
185.42.4.0/22
217.31.32.0/20
IPv6:
2a00:e380::/29
Signature Algorithm: sha256WithRSAEncryption
8c:1b:a2:12:55:3f:85:30:67:22:e2:41:9a:40:5a:12:41:95:
c0:79:5a:fa:ce:06:b5:4f:33:b9:fa:72:b4:61:6a:f2:f5:f0:
54:a3:6d:04:b4:29:62:09:2c:3e:2e:dd:7f:4c:d4:56:38:ea:
4a:af:aa:e6:4c:9b:9b:20:a6:ef:21:3d:58:da:95:c1:92:61:
74:c2:92:2a:c2:3e:7b:0a:76:68:74:e2:0c:a5:3c:17:d1:41:
f4:72:d5:af:57:8c:cd:11:0a:da:3f:a2:13:8e:c3:05:95:d0:
9b:07:5a:b8:3f:c5:c9:d9:53:a0:d4:6c:e5:8a:63:3a:15:99:
c7:e7:15:f7:c4:09:89:80:dc:55:e7:23:eb:78:a5:08:f1:bf:
b7:aa:e7:90:98:e8:be:f0:bf:81:fa:06:c4:af:b1:ae:32:6d:
ea:42:ba:aa:be:c5:01:3f:ba:62:03:0f:df:34:41:c3:18:92:
2d:cb:4b:52:c4:20:28:7b:30:8c:5d:43:4c:ff:13:3a:4a:2f:
64:ee:53:2b:f1:0f:6f:85:f8:3e:63:20:5f:91:18:d3:f5:43:
f1:44:1a:84:84:e0:8c:2c:f8:ad:39:ae:71:d3:7f:64:00:41:
7f:93:3a:56:c9:b9:05:fe:fd:e1:35:97:f9:14:0c:24:f7:1b:
45:5b:7f:d6
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYzKK0wap0zSTJJxksgklBRdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxYWRiZGZlMDFlOWEzZjk2ZDUwMDIyYzNjZGFmZGMzZTFh
OGQ5ODgwHhcNMjQwMTAyMTIzNDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzNkZmZkYWY0MDMyNmI2ZDZmZDllZWNmOTM3NzBkY2U4NzliNjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx116N6QCr/Izzp/UWgXv9NOyYsgQ
/uHIeGjoVCsUZ3+stO6zGIYZESOFOI9K79Wxuytoo4uZH1Hd5BdjiVKhuGm+S9i/
XgBZncwJ8S0vz6zLYNqPYTRlFoKhYjebx25EQ6aq/jnSArVatUWN4xqvi1jZN9RC
+bdlQHXNPgZlKb2EbeJKPjdgVUa/69ZJG2WMPMShLPJA8B7Ekwnt+G/nW3CFJgpJ
QbsP5LaQINvkIqSaOvLImDTcMLh8qrV604A858Wh3KC/LBIWyVQKEYh0yYOH+c7x
Ad9zPKxlOLHfRQdOPcywxZy74UE0UgjFTJKaeFVdyYMdbSe4lAnfcqiGSwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFGw9/9r0Aya21v2e7Pk3cNzoebY8MB8GA1UdIwQY
MBaAFMGtvf4B6aP5bVACLDza/cPhqNmIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2EyOV9nSHBvX2x0VUFJc1BOcjl3LUdvMllnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9hNGM2ZjEtN2M5My00NWVlLThlYWYt
NDM5NDA1MmNkNjVlLzEvYkQzXzJ2UURKcmJXX1o3cy1UZHczT2g1dGp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9hNGM2ZjEtN2M5My00NWVlLThlYWYtNDM5NDA1MmNkNjVl
LzEvd2EyOV9nSHBvX2x0VUFJc1BOcjl3LUdvMllnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDLhKQAwQF
TergAwQEUFfQAwQEkf+QAwQCuSoEAwQE2R8gMA0EAgACMAcDBQMqAOOAMA0GCSqG
SIb3DQEBCwUAA4IBAQCMG6ISVT+FMGci4kGaQFoSQZXAeVr6zga1TzO5+nK0YWry
9fBUo20EtCliCSw+Lt1/TNRWOOpKr6rmTJubIKbvIT1Y2pXBkmF0wpIqwj57CnZo
dOIMpTwX0UH0ctWvV4zNEQraP6ITjsMFldCbB1q4P8XJ2VOg1GzlimM6FZnH5xX3
xAmJgNxV5yPreKUI8b+3queQmOi+8L+B+gbEr7GuMm3qQrqqvsUBP7piAw/fNEHD
GJIty0tSxCAoezCMXUNM/xM6Si9k7lMr8Q9vhfg+YyBfkRjT9UPxRBqEhOCMLPit
Oa5x039kAEF/kzpWybkF/v3hNZf5FAwk9xtFW3/W
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:29:29 2025 by rpki-client