Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/9wDi6i1bK9tafrc9UjQFUfh-YbM.roa
File: 9wDi6i1bK9tafrc9UjQFUfh-YbM.roa (raw, json)
Hash identifier: q97zd4me3LcB16j0aQAymfEKCCGT0mN6dUPn43T0IT8=
Subject key identifier: F7:00:E2:EA:2D:5B:2B:DB:5A:7E:B7:3D:52:34:05:51:F8:7E:61:B3
Certificate issuer: /CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Certificate serial: 018CC500B1FE1D0C4A11CAB64BC6C44767A3
Authority key identifier: 64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/9wDi6i1bK9tafrc9UjQFUfh-YbM.roa
Signing time: Mon 01 Jan 2024 12:30:06 +0000
ROA not before: Mon 01 Jan 2024 12:30:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50261
IP address blocks: 80.64.64.0/21 maxlen: 21
77.111.112.0/21 maxlen: 21
80.64.72.0/21 maxlen: 21
37.220.128.0/20 maxlen: 20
77.111.120.0/21 maxlen: 21
109.74.48.0/20 maxlen: 20
2a02:d400::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 17 Jul 2024 14:15:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:b1:fe:1d:0c:4a:11:ca:b6:4b:c6:c4:47:67:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Validity
Not Before: Jan 1 12:30:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f700e2ea2d5b2bdb5a7eb73d52340551f87e61b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:bf:e3:c2:f7:5a:b1:1c:94:db:12:41:4e:4b:
78:f5:b2:f9:63:5e:77:9a:8c:ee:30:b8:7b:20:95:
67:2c:98:b3:7d:ae:79:80:85:c5:af:86:5e:7c:d8:
13:07:30:ea:37:c2:60:59:a6:92:13:54:4c:56:0f:
f4:07:fc:89:28:cf:42:b2:cd:4c:8d:ca:e3:d5:57:
92:eb:8c:11:54:5a:a1:14:3b:81:05:82:a6:bc:a6:
76:94:e3:4f:ea:f4:6a:85:7d:a6:e3:f6:6f:ad:b8:
32:82:6e:fc:e6:10:e9:eb:d6:07:f2:7e:c8:ac:dd:
18:75:c1:56:cc:f9:c5:8f:3d:69:84:bc:bb:a9:df:
3d:e7:19:12:95:a3:1a:aa:bf:19:7e:7a:51:49:5c:
48:ef:f4:48:50:f3:62:f4:fe:b9:1f:18:41:59:55:
5d:d5:8a:fe:a1:0a:b0:72:bf:4f:18:99:bf:53:95:
79:31:84:7a:2b:e4:dd:ff:91:31:2d:2d:5d:e3:4b:
8c:3f:0e:5c:fd:08:61:9b:24:04:bd:9f:26:0a:c2:
4e:f1:d4:ec:ab:e1:e9:93:99:28:c4:20:69:81:f8:
24:b4:0e:0c:48:3b:a3:4c:94:cc:ed:02:a1:d5:90:
93:83:26:0d:ca:e8:29:5d:04:4c:17:10:05:fd:83:
e2:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:00:E2:EA:2D:5B:2B:DB:5A:7E:B7:3D:52:34:05:51:F8:7E:61:B3
X509v3 Authority Key Identifier:
keyid:64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/9wDi6i1bK9tafrc9UjQFUfh-YbM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.220.128.0/20
77.111.112.0/20
80.64.64.0/20
109.74.48.0/20
IPv6:
2a02:d400::/29
Signature Algorithm: sha256WithRSAEncryption
94:d4:03:d1:ac:8f:5d:58:60:11:f3:31:86:cb:91:6b:10:72:
be:5b:ee:8e:d3:0a:fb:d3:e4:ce:c3:ec:af:c5:5f:a4:ed:ab:
fd:8b:d8:5a:fb:76:02:5a:f9:d5:ff:89:9f:0c:a3:e3:a7:f9:
39:e4:bc:7b:0c:54:ca:a3:ae:b4:ce:6b:d7:9e:80:d5:ca:9b:
e5:5a:0a:d3:85:c6:00:b8:d0:cb:ef:3b:2b:36:38:a7:65:cc:
19:45:8e:3f:87:6f:5a:e6:68:da:ce:4f:b0:cc:b0:c8:87:97:
3f:d3:c1:b5:bf:c5:0e:22:6d:3b:b3:a6:2f:7b:60:0d:5f:5d:
c4:00:fa:e6:ec:06:dc:6d:a9:63:05:1b:00:f3:79:7f:fd:ba:
24:ab:8c:c9:e9:c3:8d:ac:af:48:52:b6:15:ac:f9:2c:8c:32:
03:ea:7e:08:23:8e:4a:d4:7b:4a:05:2e:fb:0c:b2:fc:dd:6e:
a2:97:8e:44:25:fd:02:2c:cd:33:e7:54:a1:b5:4b:c8:ea:25:
60:43:7c:19:c0:2e:07:31:86:a6:e7:07:65:00:fa:4f:38:f6:
2b:75:80:57:54:91:fb:04:b1:52:e5:79:f8:e4:7a:87:60:70:
56:79:2d:2b:34:2f:3d:f8:7e:07:0b:8b:cd:45:ec:87:7d:b6:
22:c9:82:a0
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzFALH+HQxKEcq2S8bER2ejMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MTk3NTU4M2IyNTAzNjJjODE1MGY2M2FkYjMwYTBmNmEw
YzZmYzMwHhcNMjQwMTAxMTIzMDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzAwZTJlYTJkNWIyYmRiNWE3ZWI3M2Q1MjM0MDU1MWY4N2U2MWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnL/jwvdasRyU2xJBTkt49bL5Y153
mozuMLh7IJVnLJizfa55gIXFr4ZefNgTBzDqN8JgWaaSE1RMVg/0B/yJKM9Css1M
jcrj1VeS64wRVFqhFDuBBYKmvKZ2lONP6vRqhX2m4/Zvrbgygm785hDp69YH8n7I
rN0YdcFWzPnFjz1phLy7qd895xkSlaMaqr8ZfnpRSVxI7/RIUPNi9P65HxhBWVVd
1Yr+oQqwcr9PGJm/U5V5MYR6K+Td/5ExLS1d40uMPw5c/QhhmyQEvZ8mCsJO8dTs
q+Hpk5koxCBpgfgktA4MSDujTJTM7QKh1ZCTgyYNyugpXQRMFxAF/YPiSQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFPcA4uotWyvbWn63PVI0BVH4fmGzMB8GA1UdIwQY
MBaAFGQZdVg7JQNiyBUPY62zCg9qDG/DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQt
ZjFjMzNhYTJmZDUwLzEvOXdEaTZpMWJLOXRhZnJjOVVqUUZVZmgtWWJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQtZjFjMzNhYTJmZDUw
LzEvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEJdyAAwQE
TW9wAwQEUEBAAwQEbUowMA0EAgACMAcDBQMqAtQAMA0GCSqGSIb3DQEBCwUAA4IB
AQCU1APRrI9dWGAR8zGGy5FrEHK+W+6O0wr70+TOw+yvxV+k7av9i9ha+3YCWvnV
/4mfDKPjp/k55Lx7DFTKo660zmvXnoDVypvlWgrThcYAuNDL7zsrNjinZcwZRY4/
h29a5mjazk+wzLDIh5c/08G1v8UOIm07s6Yve2ANX13EAPrm7AbcbaljBRsA83l/
/bokq4zJ6cONrK9IUrYVrPksjDID6n4II45K1HtKBS77DLL83W6il45EJf0CLM0z
51ShtUvI6iVgQ3wZwC4HMYam5wdlAPpPOPYrdYBXVJH7BLFS5Xn45HqHYHBWeS0r
NC89+H4HC4vNReyHfbYiyYKg
-----END CERTIFICATE-----
Generated at Wed Jul 17 17:08:46 2024 by rpki-client on console-ams.rpki-client.org