Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/c4b7a0-1e50-403c-b24e-13ed633f922a/1/maFZf96VZhdkfD8LDNFywJl0-Yc.roa
File: maFZf96VZhdkfD8LDNFywJl0-Yc.roa (raw, json)
Hash identifier: q/LvrL2uQ4HzMszyF5GxBzW2fSWCa6k1CTRcnvyhVnE=
Subject key identifier: 99:A1:59:7F:DE:95:66:17:64:7C:3F:0B:0C:D1:72:C0:99:74:F9:87
Certificate issuer: /CN=52a5c90ca928313bc70d2683bb0f64d632b273a1
Certificate serial: 0185C7E8C7B2AF83421ADC16C16A82FF0498
Authority key identifier: 52:A5:C9:0C:A9:28:31:3B:C7:0D:26:83:BB:0F:64:D6:32:B2:73:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UqXJDKkoMTvHDSaDuw9k1jKyc6E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/c4b7a0-1e50-403c-b24e-13ed633f922a/1/maFZf96VZhdkfD8LDNFywJl0-Yc.roa
Signing time: Thu 19 Jan 2023 02:43:19 +0000
ROA not before: Thu 19 Jan 2023 02:43:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20902
IP address blocks: 80.88.64.0/20 maxlen: 24
194.0.184.0/24 maxlen: 24
46.229.0.0/20 maxlen: 24
109.239.160.0/20 maxlen: 24
80.73.96.0/19 maxlen: 24
80.73.96.0/20 maxlen: 24
80.73.112.0/21 maxlen: 24
2001:67c:2088::/48 maxlen: 48
2a00:1230::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:32:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:c7:e8:c7:b2:af:83:42:1a:dc:16:c1:6a:82:ff:04:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52a5c90ca928313bc70d2683bb0f64d632b273a1
Validity
Not Before: Jan 19 02:43:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=99a1597fde956617647c3f0b0cd172c09974f987
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:91:8c:c5:0b:c8:03:ea:bf:02:85:c4:34:d5:
37:ad:9e:24:d7:da:e0:1d:e2:90:82:53:81:58:90:
65:e8:07:00:3a:57:28:fb:56:4e:ab:fd:68:71:87:
cc:9b:69:ed:4b:79:5c:28:dd:28:23:36:ec:2d:6d:
a6:c4:af:e6:50:3d:f0:fb:e3:be:5b:9a:01:01:0e:
78:21:f0:95:23:53:b2:bb:fc:4d:71:62:84:7f:07:
2d:20:02:7d:81:97:f4:91:9d:be:c8:98:cc:2c:be:
48:41:7a:a0:fd:26:1d:50:3d:9b:20:6a:ff:53:06:
18:0e:25:37:fc:8e:3e:63:de:46:5f:0a:dc:b5:3a:
e9:47:e5:70:7e:b5:6a:fb:01:9b:52:89:1f:c2:c9:
04:59:d3:06:08:a9:36:b0:86:68:ac:2a:45:9f:1f:
d6:98:98:6d:21:0b:73:87:1f:00:7a:b3:cc:31:50:
af:21:1e:3b:ce:7c:e7:f5:88:d8:93:5e:a8:7b:58:
df:2a:32:a7:e7:34:2f:2d:3c:20:dc:af:6a:a2:a3:
e0:87:fe:65:3c:21:7f:b8:d0:e2:8d:a3:a1:c1:61:
3f:8f:25:c3:d0:b3:18:d8:59:3f:d6:38:f9:7f:ab:
a9:a7:7b:57:d6:f2:65:62:8b:81:d9:40:8e:d7:32:
d1:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:A1:59:7F:DE:95:66:17:64:7C:3F:0B:0C:D1:72:C0:99:74:F9:87
X509v3 Authority Key Identifier:
keyid:52:A5:C9:0C:A9:28:31:3B:C7:0D:26:83:BB:0F:64:D6:32:B2:73:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UqXJDKkoMTvHDSaDuw9k1jKyc6E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/c4b7a0-1e50-403c-b24e-13ed633f922a/1/maFZf96VZhdkfD8LDNFywJl0-Yc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/c4b7a0-1e50-403c-b24e-13ed633f922a/1/UqXJDKkoMTvHDSaDuw9k1jKyc6E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.229.0.0/20
80.73.96.0/19
80.88.64.0/20
109.239.160.0/20
194.0.184.0/24
IPv6:
2001:67c:2088::/48
2a00:1230::/29
Signature Algorithm: sha256WithRSAEncryption
82:f2:c9:26:d9:f7:38:0e:50:b6:8b:64:1b:4b:ca:81:b2:37:
b3:b2:ab:2e:85:45:34:3e:4c:30:e0:88:76:f3:58:e8:3b:c4:
43:c3:ee:7b:04:30:f9:e7:05:9b:a3:01:91:62:5d:0b:fa:ea:
5d:57:0e:9c:7b:bc:c4:e2:03:39:43:90:d1:3a:d1:21:24:53:
a8:56:b2:bc:f4:62:c2:09:85:ca:01:23:eb:61:2f:b9:16:a3:
43:3b:df:b5:e3:ee:65:1b:aa:f5:70:0f:96:94:20:2f:31:14:
d8:f6:4f:f0:bc:79:23:38:eb:f5:a6:c0:64:04:3f:4b:7e:c1:
71:a8:16:e2:b5:8f:8a:ed:b4:e8:2f:92:8d:d8:d6:57:04:04:
7b:ee:93:2d:c2:c7:4a:33:33:83:2f:7f:aa:9c:04:66:a8:a4:
23:72:ed:7d:7f:8a:09:16:8c:cf:79:d7:53:8d:84:42:c4:40:
63:77:26:df:4a:cd:6c:06:61:6f:16:87:68:7b:26:e5:99:c5:
73:f8:5b:10:46:69:94:68:fa:ba:f7:8f:d2:b2:70:4d:0d:52:
44:1c:b6:b9:3a:67:3b:7a:d8:28:b7:23:bd:56:5c:c5:6c:b5:
17:0d:d9:21:2f:20:2b:13:06:c2:e1:f1:66:65:8a:02:0a:fe:
23:29:e0:cb
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYXH6Meyr4NCGtwWwWqC/wSYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyYTVjOTBjYTkyODMxM2JjNzBkMjY4M2JiMGY2NGQ2MzJi
MjczYTEwHhcNMjMwMTE5MDI0MzE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWExNTk3ZmRlOTU2NjE3NjQ3YzNmMGIwY2QxNzJjMDk5NzRmOTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkpGMxQvIA+q/AoXENNU3rZ4k19rg
HeKQglOBWJBl6AcAOlco+1ZOq/1ocYfMm2ntS3lcKN0oIzbsLW2mxK/mUD3w++O+
W5oBAQ54IfCVI1Oyu/xNcWKEfwctIAJ9gZf0kZ2+yJjMLL5IQXqg/SYdUD2bIGr/
UwYYDiU3/I4+Y95GXwrctTrpR+VwfrVq+wGbUokfwskEWdMGCKk2sIZorCpFnx/W
mJhtIQtzhx8AerPMMVCvIR47znzn9YjYk16oe1jfKjKn5zQvLTwg3K9qoqPgh/5l
PCF/uNDijaOhwWE/jyXD0LMY2Fk/1jj5f6upp3tX1vJlYouB2UCO1zLROwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFJmhWX/elWYXZHw/CwzRcsCZdPmHMB8GA1UdIwQY
MBaAFFKlyQypKDE7xw0mg7sPZNYysnOhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXFYSkRLa29NVHZIRFNhRHV3OWsxakt5YzZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9jNGI3YTAtMWU1MC00MDNjLWIyNGUt
MTNlZDYzM2Y5MjJhLzEvbWFGWmY5NlZaaGRrZkQ4TERORnl3SmwwLVljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9jNGI3YTAtMWU1MC00MDNjLWIyNGUtMTNlZDYzM2Y5MjJh
LzEvVXFYSkRLa29NVHZIRFNhRHV3OWsxakt5YzZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjAkBAIAATAeAwQELuUAAwQF
UElgAwQEUFhAAwQEbe+gAwQAwgC4MBYEAgACMBADBwAgAQZ8IIgDBQMqABIwMA0G
CSqGSIb3DQEBCwUAA4IBAQCC8skm2fc4DlC2i2QbS8qBsjezsqsuhUU0Pkww4Ih2
81joO8RDw+57BDD55wWbowGRYl0L+updVw6ce7zE4gM5Q5DROtEhJFOoVrK89GLC
CYXKASPrYS+5FqNDO9+14+5lG6r1cA+WlCAvMRTY9k/wvHkjOOv1psBkBD9LfsFx
qBbitY+K7bToL5KN2NZXBAR77pMtwsdKMzODL3+qnARmqKQjcu19f4oJFozPeddT
jYRCxEBjdybfSs1sBmFvFodoeyblmcVz+FsQRmmUaPq694/SsnBNDVJEHLa5Omc7
etgotyO9VlzFbLUXDdkhLyArEwbC4fFmZYoCCv4jKeDL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:00 2024 by rpki-client on console-fra.rpki-client.org