Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/5521f7-2f71-4bf9-a148-2e9de252d1f6/1/bQ9n1tHaAaT06esn5qgEFXGdohw.roa
File: bQ9n1tHaAaT06esn5qgEFXGdohw.roa (raw, json)
Hash identifier: 1CUmLP5PM1P3XgHHRxtaak2OE3oHV7R/feBuQp5EfHs=
Subject key identifier: 6D:0F:67:D6:D1:DA:01:A4:F4:E9:EB:27:E6:A8:04:15:71:9D:A2:1C
Certificate issuer: /CN=5d6f2e49a31e8df9c5aa08aaf240b5c832b9cb93
Certificate serial: 018CC9BB30B0297298ED1B9CFD70C7B3BC3F
Authority key identifier: 5D:6F:2E:49:A3:1E:8D:F9:C5:AA:08:AA:F2:40:B5:C8:32:B9:CB:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XW8uSaMejfnFqgiq8kC1yDK5y5M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/5521f7-2f71-4bf9-a148-2e9de252d1f6/1/bQ9n1tHaAaT06esn5qgEFXGdohw.roa
Signing time: Tue 02 Jan 2024 10:32:17 +0000
ROA not before: Tue 02 Jan 2024 10:32:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200751
IP address blocks: 80.247.92.0/23 maxlen: 23
80.247.94.0/24 maxlen: 24
80.247.80.0/21 maxlen: 21
80.247.88.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:47:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:30:b0:29:72:98:ed:1b:9c:fd:70:c7:b3:bc:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d6f2e49a31e8df9c5aa08aaf240b5c832b9cb93
Validity
Not Before: Jan 2 10:32:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6d0f67d6d1da01a4f4e9eb27e6a80415719da21c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:a0:24:0e:84:7f:52:36:eb:47:77:58:4d:6d:
0a:4a:4e:00:04:f6:c4:2e:86:46:63:0b:b8:06:ed:
b9:70:21:eb:b2:25:20:6b:0a:9f:8b:46:0f:74:41:
6c:9e:87:17:97:54:0b:6e:af:c8:07:af:3e:48:23:
0a:0e:66:66:07:51:56:27:02:61:2d:07:a2:9a:c2:
30:f3:3f:bb:fd:71:1c:18:b0:bc:9d:3f:5e:86:6c:
12:d0:3c:32:92:11:b6:f8:99:b4:15:5a:03:cd:e3:
aa:d1:a5:75:49:27:91:97:27:10:ae:6c:a7:ad:ac:
47:c8:3b:0c:c2:e0:84:8e:52:5f:ac:71:05:8e:7f:
88:c3:e8:7d:6c:cd:99:78:0d:0d:35:d1:70:b6:ea:
7d:2d:16:2d:c2:e0:3b:dd:d3:5a:c8:3a:35:89:46:
20:66:28:69:08:f4:36:8e:91:e0:2b:27:96:63:3b:
39:75:0e:a0:b8:53:a4:b3:91:6e:38:0a:f5:26:0a:
68:fe:d3:2a:bc:b4:47:09:a9:0d:ad:dd:24:f3:ad:
2d:96:5e:65:48:6b:17:bc:04:5e:84:6c:58:31:3d:
ba:ef:b0:17:67:a9:c1:08:1e:d5:94:8a:5f:6e:c7:
a3:75:e3:23:42:10:b9:cb:8d:b0:f4:e2:97:14:14:
84:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:0F:67:D6:D1:DA:01:A4:F4:E9:EB:27:E6:A8:04:15:71:9D:A2:1C
X509v3 Authority Key Identifier:
keyid:5D:6F:2E:49:A3:1E:8D:F9:C5:AA:08:AA:F2:40:B5:C8:32:B9:CB:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XW8uSaMejfnFqgiq8kC1yDK5y5M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/5521f7-2f71-4bf9-a148-2e9de252d1f6/1/bQ9n1tHaAaT06esn5qgEFXGdohw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/5521f7-2f71-4bf9-a148-2e9de252d1f6/1/XW8uSaMejfnFqgiq8kC1yDK5y5M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.247.80.0-80.247.94.255
Signature Algorithm: sha256WithRSAEncryption
3b:9f:52:1c:44:b1:34:e6:40:d5:33:f4:8d:fb:be:08:f7:7a:
37:23:0a:64:ff:52:b1:c7:78:0c:bd:23:f0:1a:70:68:71:2b:
33:e3:81:fd:06:56:be:55:d4:70:ec:12:2d:d0:f8:a1:f1:5b:
e9:a3:c6:83:93:e6:8f:89:9e:5b:e9:11:e9:9c:65:73:40:ce:
54:8e:90:63:c4:30:fb:cd:76:58:14:be:43:ce:48:80:46:45:
22:15:e9:8c:78:1d:3e:df:24:ff:c7:70:a1:53:24:b2:69:26:
00:30:38:93:7b:81:f7:4d:aa:12:67:77:c7:a0:e0:ad:7e:7d:
5f:d2:31:e1:2e:f8:0c:ad:79:f4:1d:0a:ef:a1:c0:ed:eb:00:
7c:5c:db:7a:16:7a:47:52:ad:b6:f3:08:ca:48:d5:8c:db:3b:
75:b0:f0:11:19:be:c9:72:ff:19:b0:68:8f:9d:9e:89:c2:2b:
e8:72:b1:b7:a5:92:bb:7d:64:5f:15:b9:c5:b7:5f:99:c3:2b:
a7:5a:aa:81:54:79:46:35:2d:a8:04:ad:2b:55:da:e1:48:06:
0f:fe:05:b8:69:f5:3e:64:2e:6a:70:f7:d1:a1:b3:79:c3:aa:
3d:b1:a1:ec:c3:a9:c9:47:ae:8c:22:d5:87:b6:1d:e7:68:86:
fa:42:84:66
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzJuzCwKXKY7Ruc/XDHs7w/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkNmYyZTQ5YTMxZThkZjljNWFhMDhhYWYyNDBiNWM4MzJi
OWNiOTMwHhcNMjQwMTAyMTAzMjE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDBmNjdkNmQxZGEwMWE0ZjRlOWViMjdlNmE4MDQxNTcxOWRhMjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhaAkDoR/UjbrR3dYTW0KSk4ABPbE
LoZGYwu4Bu25cCHrsiUgawqfi0YPdEFsnocXl1QLbq/IB68+SCMKDmZmB1FWJwJh
LQeimsIw8z+7/XEcGLC8nT9ehmwS0DwykhG2+Jm0FVoDzeOq0aV1SSeRlycQrmyn
raxHyDsMwuCEjlJfrHEFjn+Iw+h9bM2ZeA0NNdFwtup9LRYtwuA73dNayDo1iUYg
ZihpCPQ2jpHgKyeWYzs5dQ6guFOks5FuOAr1Jgpo/tMqvLRHCakNrd0k860tll5l
SGsXvARehGxYMT2677AXZ6nBCB7VlIpfbsejdeMjQhC5y42w9OKXFBSEiwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFG0PZ9bR2gGk9OnrJ+aoBBVxnaIcMB8GA1UdIwQY
MBaAFF1vLkmjHo35xaoIqvJAtcgyucuTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFc4dVNhTWVqZm5GcWdpcThrQzF5REs1eTVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi81NTIxZjctMmY3MS00YmY5LWExNDgt
MmU5ZGUyNTJkMWY2LzEvYlE5bjF0SGFBYVQwNmVzbjVxZ0VGWEdkb2h3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi81NTIxZjctMmY3MS00YmY5LWExNDgtMmU5ZGUyNTJkMWY2
LzEvWFc4dVNhTWVqZm5GcWdpcThrQzF5REs1eTVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBARQ91AD
BABQ914wDQYJKoZIhvcNAQELBQADggEBADufUhxEsTTmQNUz9I37vgj3ejcjCmT/
UrHHeAy9I/AacGhxKzPjgf0GVr5V1HDsEi3Q+KHxW+mjxoOT5o+JnlvpEemcZXNA
zlSOkGPEMPvNdlgUvkPOSIBGRSIV6Yx4HT7fJP/HcKFTJLJpJgAwOJN7gfdNqhJn
d8eg4K1+fV/SMeEu+AytefQdCu+hwO3rAHxc23oWekdSrbbzCMpI1YzbO3Ww8BEZ
vsly/xmwaI+dnonCK+hysbelkrt9ZF8VucW3X5nDK6daqoFUeUY1LagErStV2uFI
Bg/+Bbhp9T5kLmpw99Ghs3nDqj2xoezDqclHrowi1Ye2HedohvpChGY=
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:22:21 2025 by rpki-client