Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/Xb98KmJfMZMsbK9nKP3JMbbqlfI.roa
File: Xb98KmJfMZMsbK9nKP3JMbbqlfI.roa (raw, json)
Hash identifier: GVRaiNtBHLM2hQ9kFKMBx7ctA6Hv0HXp9hhma990jq8=
Subject key identifier: 5D:BF:7C:2A:62:5F:31:93:2C:6C:AF:67:28:FD:C9:31:B6:EA:95:F2
Certificate issuer: /CN=098f7ba34bc6567bd3616d574f7285dd7556dbfd
Certificate serial: 0193C5460E70A534F52476396CCAC839168D
Authority key identifier: 09:8F:7B:A3:4B:C6:56:7B:D3:61:6D:57:4F:72:85:DD:75:56:DB:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CY97o0vGVnvTYW1XT3KF3XVW2_0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/Xb98KmJfMZMsbK9nKP3JMbbqlfI.roa
Signing time: Sat 14 Dec 2024 13:05:22 +0000
ROA not before: Sat 14 Dec 2024 13:05:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 80.93.192.0/24 maxlen: 24
80.93.202.0/24 maxlen: 24
80.93.206.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 27 Dec 2024 09:05:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:c5:46:0e:70:a5:34:f5:24:76:39:6c:ca:c8:39:16:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=098f7ba34bc6567bd3616d574f7285dd7556dbfd
Validity
Not Before: Dec 14 13:05:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5dbf7c2a625f31932c6caf6728fdc931b6ea95f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:49:81:d1:14:c4:1f:72:37:7f:9f:e3:de:4c:
97:4c:dc:e7:48:4b:06:57:fc:75:96:df:c4:df:92:
53:3c:27:24:53:a1:17:f8:0a:80:74:10:c0:97:cf:
30:17:db:01:5f:56:a7:34:a0:5e:db:4a:9d:86:b9:
55:96:29:db:10:3c:4e:19:c7:a6:6d:0e:2d:c0:79:
8d:ce:52:d8:c0:24:c6:c7:99:ff:3a:b2:ad:cc:9e:
bf:2b:5d:f6:35:84:26:ff:8c:f1:0d:4f:18:4d:c2:
ef:30:92:03:57:4c:73:2c:b4:e6:b3:86:0a:62:7e:
42:6a:8d:6c:40:d4:8d:a3:fe:a3:f1:ac:51:bf:88:
50:df:05:93:e3:04:cd:81:30:d8:27:86:25:0b:f6:
87:ba:cb:5f:f3:de:31:71:46:d2:d4:3d:03:6d:0e:
4a:1d:7a:43:54:38:1a:aa:f8:f9:e7:23:54:d8:32:
2b:91:7e:31:93:16:1e:18:e9:d6:71:67:80:4a:6a:
c7:7e:a3:a6:12:2b:2b:83:5f:35:47:4c:79:68:25:
f0:e4:5b:60:c6:2a:c0:b7:f2:9e:8a:b3:59:7a:1a:
38:28:89:4c:5b:6f:06:4a:c7:c7:12:15:81:95:9b:
6b:5a:54:e4:d9:2b:59:fa:b9:57:6d:80:3e:11:26:
04:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:BF:7C:2A:62:5F:31:93:2C:6C:AF:67:28:FD:C9:31:B6:EA:95:F2
X509v3 Authority Key Identifier:
keyid:09:8F:7B:A3:4B:C6:56:7B:D3:61:6D:57:4F:72:85:DD:75:56:DB:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CY97o0vGVnvTYW1XT3KF3XVW2_0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/Xb98KmJfMZMsbK9nKP3JMbbqlfI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.93.192.0/24
80.93.202.0/24
80.93.206.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:0b:73:b4:5b:b1:af:80:ba:f3:24:7d:43:25:9f:88:94:68:
11:fd:08:a2:e8:19:69:dd:19:db:18:55:bc:ee:b2:a6:6c:b3:
b7:04:05:c1:88:97:4b:c8:0b:05:7b:39:a5:c4:fc:47:04:de:
d6:bf:5c:3c:9c:5f:5e:1e:c9:e0:61:65:2b:d9:91:a3:76:bc:
e3:50:5b:6a:b3:f6:49:18:0a:08:19:de:44:eb:01:30:c6:b3:
09:5a:40:e9:a4:e3:32:26:a3:b3:3c:72:d7:88:70:c9:1f:52:
cf:08:a1:64:80:27:95:db:6c:51:fd:be:88:4c:d6:ad:6d:eb:
d5:8e:6c:bc:c0:83:c8:e9:4f:67:ce:c6:e0:4f:9d:0e:ea:cd:
f5:d5:4f:b3:ce:81:67:2c:0a:e1:3b:da:35:90:f8:fc:83:77:
1d:19:81:b2:d5:b9:10:67:fa:82:89:44:98:29:30:1e:39:31:
ee:dc:f7:81:59:69:15:10:60:a5:b7:a2:b1:de:b5:6d:27:a0:
24:fb:15:ff:7c:90:7e:16:43:01:fb:1a:fa:fe:84:1e:29:68:
97:7a:61:8c:e3:91:6e:41:bb:76:7c:41:c3:7c:74:dc:44:29:
c4:ea:3d:9b:66:c2:ec:bd:56:83:50:74:cb:af:25:ab:b7:ee:
11:56:ff:df
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZPFRg5wpTT1JHY5bMrIORaNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5OGY3YmEzNGJjNjU2N2JkMzYxNmQ1NzRmNzI4NWRkNzU1
NmRiZmQwHhcNMjQxMjE0MTMwNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGJmN2MyYTYyNWYzMTkzMmM2Y2FmNjcyOGZkYzkzMWI2ZWE5NWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAikmB0RTEH3I3f5/j3kyXTNznSEsG
V/x1lt/E35JTPCckU6EX+AqAdBDAl88wF9sBX1anNKBe20qdhrlVlinbEDxOGcem
bQ4twHmNzlLYwCTGx5n/OrKtzJ6/K132NYQm/4zxDU8YTcLvMJIDV0xzLLTms4YK
Yn5Cao1sQNSNo/6j8axRv4hQ3wWT4wTNgTDYJ4YlC/aHustf894xcUbS1D0DbQ5K
HXpDVDgaqvj55yNU2DIrkX4xkxYeGOnWcWeASmrHfqOmEisrg181R0x5aCXw5Ftg
xirAt/KeirNZeho4KIlMW28GSsfHEhWBlZtrWlTk2StZ+rlXbYA+ESYEAwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFF2/fCpiXzGTLGyvZyj9yTG26pXyMB8GA1UdIwQY
MBaAFAmPe6NLxlZ702FtV09yhd11Vtv9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1k5N28wdkdWbnZUWVcxWFQzS0YzWFZXMl8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8zOGM1YWMtYjdlNy00MGRkLTk4ZDMt
ZTIxNjZhZDc0ZTNmLzEvWGI5OEttSmZNWk1zYks5bktQM0pNYmJxbGZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC8zOGM1YWMtYjdlNy00MGRkLTk4ZDMtZTIxNjZhZDc0ZTNm
LzEvQ1k5N28wdkdWbnZUWVcxWFQzS0YzWFZXMl8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUF3AAwQA
UF3KAwQAUF3OMA0GCSqGSIb3DQEBCwUAA4IBAQBsC3O0W7GvgLrzJH1DJZ+IlGgR
/Qii6Blp3RnbGFW87rKmbLO3BAXBiJdLyAsFezmlxPxHBN7Wv1w8nF9eHsngYWUr
2ZGjdrzjUFtqs/ZJGAoIGd5E6wEwxrMJWkDppOMyJqOzPHLXiHDJH1LPCKFkgCeV
22xR/b6ITNatbevVjmy8wIPI6U9nzsbgT50O6s311U+zzoFnLArhO9o1kPj8g3cd
GYGy1bkQZ/qCiUSYKTAeOTHu3PeBWWkVEGClt6Kx3rVtJ6Ak+xX/fJB+FkMB+xr6
/oQeKWiXemGM45FuQbt2fEHDfHTcRCnE6j2bZsLsvVaDUHTLryWrt+4RVv/f
-----END CERTIFICATE-----
Generated at Sun Apr 6 07:13:36 2025 by rpki-client