Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/15fMLrOY4V80EwMcfM7BShDwAFY.roa
File: 15fMLrOY4V80EwMcfM7BShDwAFY.roa (raw, json)
Hash identifier: C7y8x9Lca+vjV734fxga5+0eYLsaMLpX9sHAW3m9Sbs=
Subject key identifier: D7:97:CC:2E:B3:98:E1:5F:34:13:03:1C:7C:CE:C1:4A:10:F0:00:56
Certificate issuer: /CN=05f3e160172ecc75c8cab1bae271be3ebf407a80
Certificate serial: 0185E8DE7E423F9E5AB53057C9A0022747F1
Authority key identifier: 05:F3:E1:60:17:2E:CC:75:C8:CA:B1:BA:E2:71:BE:3E:BF:40:7A:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BfPhYBcuzHXIyrG64nG-Pr9AeoA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/15fMLrOY4V80EwMcfM7BShDwAFY.roa
Signing time: Wed 25 Jan 2023 12:19:33 +0000
ROA not before: Wed 25 Jan 2023 12:19:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3257
IP address blocks: 80.253.96.0/19 maxlen: 24
92.60.240.0/20 maxlen: 24
89.167.128.0/17 maxlen: 24
83.245.0.0/17 maxlen: 24
217.79.160.0/20 maxlen: 24
213.228.192.0/18 maxlen: 24
2a02:9e8::/32 maxlen: 64
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e8:de:7e:42:3f:9e:5a:b5:30:57:c9:a0:02:27:47:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05f3e160172ecc75c8cab1bae271be3ebf407a80
Validity
Not Before: Jan 25 12:19:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d797cc2eb398e15f3413031c7ccec14a10f00056
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:0c:6e:59:95:b3:8f:5d:29:96:74:55:fd:a9:
5b:28:6b:b8:11:fd:65:df:55:6a:48:eb:51:9c:17:
e1:8f:ee:52:bf:96:6b:e1:f3:dd:b9:12:3a:8f:46:
d2:a5:1e:02:4f:a5:a0:68:65:a3:fd:ff:dd:c1:a6:
36:91:2a:d8:8c:68:54:a4:48:26:ca:fc:1c:74:f2:
a4:4a:20:0f:a3:8a:a4:0c:6a:54:e1:c3:62:9b:46:
d5:dd:f1:19:b0:b2:b0:80:ec:5f:f5:cc:9a:19:2e:
29:08:de:e9:16:d3:bd:94:c4:ae:14:d4:b4:69:85:
fd:f5:db:19:9b:7f:a2:4d:39:df:43:71:23:6e:7f:
1a:57:e6:80:76:a1:2b:33:dd:c1:d5:55:a5:89:f2:
b7:00:53:84:9c:f6:56:0a:7a:91:e0:ab:9e:32:17:
90:f0:2e:ee:d6:e8:15:4a:84:e0:b2:3c:b9:bb:df:
ff:0b:33:1d:fa:b1:75:46:91:ea:f2:98:ec:f5:05:
0e:5c:0a:f1:0e:8e:d8:25:80:dd:40:54:fc:db:d8:
74:34:0b:3e:08:f3:07:01:bf:68:bb:95:81:96:f5:
f7:33:e6:61:56:7f:da:4d:9f:bb:87:54:05:d7:8e:
b6:36:98:1e:3c:cb:c4:eb:d9:9a:44:b1:9c:8d:86:
12:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:97:CC:2E:B3:98:E1:5F:34:13:03:1C:7C:CE:C1:4A:10:F0:00:56
X509v3 Authority Key Identifier:
keyid:05:F3:E1:60:17:2E:CC:75:C8:CA:B1:BA:E2:71:BE:3E:BF:40:7A:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BfPhYBcuzHXIyrG64nG-Pr9AeoA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/15fMLrOY4V80EwMcfM7BShDwAFY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/BfPhYBcuzHXIyrG64nG-Pr9AeoA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.253.96.0/19
83.245.0.0/17
89.167.128.0/17
92.60.240.0/20
213.228.192.0/18
217.79.160.0/20
IPv6:
2a02:9e8::/32
Signature Algorithm: sha256WithRSAEncryption
17:14:1c:1b:3d:25:d8:0c:ab:59:06:c6:39:22:6e:e3:a2:f1:
fe:5f:c7:31:09:d6:a4:41:c5:86:56:d4:c9:83:a8:f2:dd:34:
c7:53:5d:61:19:e8:b7:b4:b0:da:08:2a:64:e7:74:f0:ea:e3:
25:4a:f6:a7:27:24:24:08:9d:f8:d3:41:39:9a:9d:7a:8c:57:
69:c6:c7:21:2d:a3:4b:95:24:ce:67:f5:e6:22:f6:d0:3f:4d:
94:e0:a8:a5:6c:e1:6d:94:04:25:2b:3b:62:6c:39:05:80:20:
21:c0:e6:bd:9e:38:f7:79:dc:27:07:1a:be:72:64:67:b1:0e:
19:cf:c5:cf:67:a9:38:9d:62:86:86:d1:72:e1:e8:43:c1:b6:
81:2c:28:a1:9c:15:9b:ff:1b:b2:19:e2:67:c7:5c:ba:8f:6e:
ac:e8:dd:9d:1b:cd:d8:7a:ed:95:0c:3c:c7:63:91:c8:a2:7e:
f5:86:02:83:1c:5d:f6:7c:11:d9:18:22:96:53:23:11:a7:8b:
59:a7:ad:34:2c:fc:88:97:63:9d:49:d3:24:5d:91:b2:4f:08:
ec:75:01:fd:86:1a:0a:13:b6:91:19:fa:e1:74:a9:a3:a4:41:
18:cb:86:de:cf:af:7b:be:7a:b3:23:0a:10:0f:f4:94:ea:31:
65:f9:a4:52
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYXo3n5CP55atTBXyaACJ0fxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1ZjNlMTYwMTcyZWNjNzVjOGNhYjFiYWUyNzFiZTNlYmY0
MDdhODAwHhcNMjMwMTI1MTIxOTMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzk3Y2MyZWIzOThlMTVmMzQxMzAzMWM3Y2NlYzE0YTEwZjAwMDU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQxuWZWzj10plnRV/albKGu4Ef1l
31VqSOtRnBfhj+5Sv5Zr4fPduRI6j0bSpR4CT6WgaGWj/f/dwaY2kSrYjGhUpEgm
yvwcdPKkSiAPo4qkDGpU4cNim0bV3fEZsLKwgOxf9cyaGS4pCN7pFtO9lMSuFNS0
aYX99dsZm3+iTTnfQ3Ejbn8aV+aAdqErM93B1VWlifK3AFOEnPZWCnqR4KueMheQ
8C7u1ugVSoTgsjy5u9//CzMd+rF1RpHq8pjs9QUOXArxDo7YJYDdQFT829h0NAs+
CPMHAb9ou5WBlvX3M+ZhVn/aTZ+7h1QF1462NpgePMvE69maRLGcjYYSPQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFNeXzC6zmOFfNBMDHHzOwUoQ8ABWMB8GA1UdIwQY
MBaAFAXz4WAXLsx1yMqxuuJxvj6/QHqAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmZQaFlCY3V6SFhJeXJHNjRuRy1QcjlBZW9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS9hYThiNDYtOTY0NS00NjIwLTg0Nzkt
NWQ1NjA5ODljZjdiLzEvMTVmTUxyT1k0VjgwRXdNY2ZNN0JTaER3QUZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS9hYThiNDYtOTY0NS00NjIwLTg0NzktNWQ1NjA5ODljZjdi
LzEvQmZQaFlCY3V6SFhJeXJHNjRuRy1QcjlBZW9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQFUP1gAwQH
U/UAAwQHWaeAAwQEXDzwAwQG1eTAAwQE2U+gMA0EAgACMAcDBQAqAgnoMA0GCSqG
SIb3DQEBCwUAA4IBAQAXFBwbPSXYDKtZBsY5Im7jovH+X8cxCdakQcWGVtTJg6jy
3TTHU11hGei3tLDaCCpk53Tw6uMlSvanJyQkCJ3400E5mp16jFdpxschLaNLlSTO
Z/XmIvbQP02U4KilbOFtlAQlKztibDkFgCAhwOa9njj3edwnBxq+cmRnsQ4Zz8XP
Z6k4nWKGhtFy4ehDwbaBLCihnBWb/xuyGeJnx1y6j26s6N2dG83Yeu2VDDzHY5HI
on71hgKDHF32fBHZGCKWUyMRp4tZp600LPyIl2OdSdMkXZGyTwjsdQH9hhoKE7aR
GfrhdKmjpEEYy4bez697vnqzIwoQD/SU6jFl+aRS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:26 2024 by rpki-client on console-fra.rpki-client.org