Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/a3a311-3784-4818-abf9-e5fd6e9842ab/1/1f8o8NkPxfZHC9a-rSOWMP6wcMo.roa
File: 1f8o8NkPxfZHC9a-rSOWMP6wcMo.roa (raw, json)
Hash identifier: ALz22zJVQjfyvAm0jds+IzmIrO3LFbojeBh0mO7wWz8=
Subject key identifier: D5:FF:28:F0:D9:0F:C5:F6:47:0B:D6:BE:AD:23:96:30:FE:B0:70:CA
Certificate issuer: /CN=ebfabfa628063f6b8e9888566f5f3fcfa798c621
Certificate serial: 018CC802FC7ED002668B4BA076FE89D2AD88
Authority key identifier: EB:FA:BF:A6:28:06:3F:6B:8E:98:88:56:6F:5F:3F:CF:A7:98:C6:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6_q_pigGP2uOmIhWb18_z6eYxiE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/a3a311-3784-4818-abf9-e5fd6e9842ab/1/1f8o8NkPxfZHC9a-rSOWMP6wcMo.roa
Signing time: Tue 02 Jan 2024 02:31:28 +0000
ROA not before: Tue 02 Jan 2024 02:31:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24634
IP address blocks: 80.79.144.0/20 maxlen: 24
185.125.156.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:47:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:fc:7e:d0:02:66:8b:4b:a0:76:fe:89:d2:ad:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebfabfa628063f6b8e9888566f5f3fcfa798c621
Validity
Not Before: Jan 2 02:31:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d5ff28f0d90fc5f6470bd6bead239630feb070ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:c8:99:a5:d3:7b:51:a2:8b:0e:07:67:01:83:
74:83:9a:b5:31:15:a2:ff:7f:a8:45:de:47:9e:a0:
cb:c9:25:a9:89:e3:e6:2e:93:b4:3c:a1:a3:d1:74:
08:13:67:bd:5d:9d:44:8b:98:29:37:55:fc:56:0a:
43:fd:e0:48:eb:48:64:11:cf:70:30:e0:c0:64:5b:
75:06:56:dc:60:c8:9d:6b:bf:24:a9:9a:b1:b5:90:
1e:46:37:47:77:6e:00:0f:02:d5:85:74:49:b5:28:
92:c9:83:35:38:76:97:1a:93:2b:42:a6:f8:b9:4f:
b1:e0:ec:a1:f9:4e:01:e0:12:39:56:f2:f8:63:ef:
e7:74:5b:fe:ef:b1:42:0a:6e:cf:08:cd:2e:a7:48:
b3:b5:5c:14:35:88:b9:ff:64:81:86:f7:e9:f1:41:
fc:cc:44:06:73:30:26:43:1e:34:63:2b:27:dc:38:
33:31:bb:5c:81:58:e6:d2:f2:9e:a1:ee:dd:f6:c9:
f3:fb:aa:34:2e:4a:7d:a6:9b:64:32:1f:91:c7:30:
10:dc:7d:91:45:2f:ea:06:2d:e4:91:ba:0a:82:fc:
9b:0f:0a:4d:cd:ac:6a:1b:76:02:7c:45:55:a3:f7:
1a:8f:0f:3a:19:1b:65:33:2b:61:49:1d:fd:09:d8:
3e:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:FF:28:F0:D9:0F:C5:F6:47:0B:D6:BE:AD:23:96:30:FE:B0:70:CA
X509v3 Authority Key Identifier:
keyid:EB:FA:BF:A6:28:06:3F:6B:8E:98:88:56:6F:5F:3F:CF:A7:98:C6:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6_q_pigGP2uOmIhWb18_z6eYxiE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/a3a311-3784-4818-abf9-e5fd6e9842ab/1/1f8o8NkPxfZHC9a-rSOWMP6wcMo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/a3a311-3784-4818-abf9-e5fd6e9842ab/1/6_q_pigGP2uOmIhWb18_z6eYxiE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.79.144.0/20
185.125.156.0/22
Signature Algorithm: sha256WithRSAEncryption
0b:26:0a:b1:28:14:9a:cd:03:22:38:7e:a3:f4:fc:9a:20:13:
c2:37:65:dd:28:aa:16:5a:30:54:11:f8:90:30:3a:ec:9b:11:
37:ef:d8:d4:18:59:48:28:9c:f4:d1:8b:4f:b3:25:bc:23:74:
b5:37:6e:03:43:8d:c7:3b:61:ff:08:ca:08:1d:60:1d:f4:e4:
bb:ed:2f:0e:34:8f:65:8a:14:d6:b5:c3:35:42:12:e7:b4:fd:
a5:60:df:37:2b:82:92:c5:f9:e8:ee:b2:6f:76:7a:96:37:c8:
b8:ec:a8:e6:ec:ad:c8:b3:50:f3:22:ed:26:fb:b3:e3:9c:5b:
6e:71:7a:86:30:1d:0b:41:8f:40:fa:6d:09:d4:e7:82:ed:20:
c3:ef:ca:f9:28:d5:a2:71:3e:0d:36:03:29:9b:67:46:a0:05:
95:e6:6a:20:54:53:c7:36:bb:56:bf:00:6e:4e:f8:36:66:61:
da:28:8f:31:6b:b5:67:3b:e9:3f:cb:91:6b:99:3d:ac:df:b6:
a8:47:6f:7b:8b:b2:d4:92:1c:d6:36:c6:02:f4:d8:7d:70:94:
5a:ca:95:a3:bb:7f:60:60:3d:4e:60:7b:78:8b:61:27:08:8d:
d1:c6:8d:41:f1:3e:8b:68:a1:68:71:e2:89:f0:9b:12:0b:ed:
b8:1c:22:04
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIAvx+0AJmi0ugdv6J0q2IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViZmFiZmE2MjgwNjNmNmI4ZTk4ODg1NjZmNWYzZmNmYTc5
OGM2MjEwHhcNMjQwMTAyMDIzMTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWZmMjhmMGQ5MGZjNWY2NDcwYmQ2YmVhZDIzOTYzMGZlYjA3MGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoMiZpdN7UaKLDgdnAYN0g5q1MRWi
/3+oRd5HnqDLySWpiePmLpO0PKGj0XQIE2e9XZ1Ei5gpN1X8VgpD/eBI60hkEc9w
MODAZFt1BlbcYMida78kqZqxtZAeRjdHd24ADwLVhXRJtSiSyYM1OHaXGpMrQqb4
uU+x4Oyh+U4B4BI5VvL4Y+/ndFv+77FCCm7PCM0up0iztVwUNYi5/2SBhvfp8UH8
zEQGczAmQx40Yysn3DgzMbtcgVjm0vKeoe7d9snz+6o0Lkp9pptkMh+RxzAQ3H2R
RS/qBi3kkboKgvybDwpNzaxqG3YCfEVVo/cajw86GRtlMythSR39Cdg+YQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNX/KPDZD8X2RwvWvq0jljD+sHDKMB8GA1UdIwQY
MBaAFOv6v6YoBj9rjpiIVm9fP8+nmMYhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNl9xX3BpZ0dQMnVPbUloV2IxOF96NmVZeGlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9hM2EzMTEtMzc4NC00ODE4LWFiZjkt
ZTVmZDZlOTg0MmFiLzEvMWY4bzhOa1B4ZlpIQzlhLXJTT1dNUDZ3Y01vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9hM2EzMTEtMzc4NC00ODE4LWFiZjktZTVmZDZlOTg0MmFi
LzEvNl9xX3BpZ0dQMnVPbUloV2IxOF96NmVZeGlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEUE+QAwQC
uX2cMA0GCSqGSIb3DQEBCwUAA4IBAQALJgqxKBSazQMiOH6j9PyaIBPCN2XdKKoW
WjBUEfiQMDrsmxE379jUGFlIKJz00YtPsyW8I3S1N24DQ43HO2H/CMoIHWAd9OS7
7S8ONI9lihTWtcM1QhLntP2lYN83K4KSxfno7rJvdnqWN8i47Kjm7K3Is1DzIu0m
+7PjnFtucXqGMB0LQY9A+m0J1OeC7SDD78r5KNWicT4NNgMpm2dGoAWV5mogVFPH
NrtWvwBuTvg2ZmHaKI8xa7VnO+k/y5FrmT2s37aoR297i7LUkhzWNsYC9Nh9cJRa
ypWju39gYD1OYHt4i2EnCI3Rxo1B8T6LaKFoceKJ8JsSC+24HCIE
-----END CERTIFICATE-----
Generated at Mon Apr 7 18:35:43 2025 by rpki-client