Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/t8299m0-o-GY81I1XCKp_CulYzY.roa
File: t8299m0-o-GY81I1XCKp_CulYzY.roa (raw, json)
Hash identifier: XBp6TlLhLkpN+hVCBLM0Bl3+hkT/KclObaLDhtDbbdA=
Subject key identifier: B7:CD:BD:F6:6D:3E:A3:E1:98:F3:52:35:5C:22:A9:FC:2B:A5:63:36
Certificate issuer: /CN=fe8199e8345567d8516b788fe2e1d397e27c73a4
Certificate serial: 019153232E13C3D0C0CCD85E5B037774CD3B
Authority key identifier: FE:81:99:E8:34:55:67:D8:51:6B:78:8F:E2:E1:D3:97:E2:7C:73:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_oGZ6DRVZ9hRa3iP4uHTl-J8c6Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/t8299m0-o-GY81I1XCKp_CulYzY.roa
Signing time: Wed 14 Aug 2024 23:04:59 +0000
ROA not before: Wed 14 Aug 2024 23:04:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 176.67.80.0/23 maxlen: 23
185.91.122.0/23 maxlen: 23
2a05:e9c0:5600::/40 maxlen: 40
2a05:e9c0:6200::/40 maxlen: 40
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:50:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:53:23:2e:13:c3:d0:c0:cc:d8:5e:5b:03:77:74:cd:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe8199e8345567d8516b788fe2e1d397e27c73a4
Validity
Not Before: Aug 14 23:04:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b7cdbdf66d3ea3e198f352355c22a9fc2ba56336
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:fe:2e:78:e3:02:2d:10:38:34:0f:71:d0:e5:
a3:76:7a:99:b0:35:d8:1b:d3:0b:91:84:93:6d:51:
39:d5:18:4b:07:ca:4d:ee:99:58:38:e8:e2:70:e9:
6f:d2:41:ae:50:5f:62:09:7b:78:40:d4:61:2e:20:
3e:30:9f:d8:7d:7e:dc:98:50:35:73:a6:e5:3e:12:
bb:48:42:66:c6:f6:8c:14:ff:5e:a2:e2:fb:bd:94:
05:ca:0c:98:eb:6d:8a:50:5d:c4:e3:02:f9:0a:dc:
ff:55:1c:d5:1f:c2:06:a3:c4:f5:71:ab:e6:0a:dd:
16:46:25:a9:2f:06:05:c6:02:40:8b:2a:e1:da:c6:
99:40:4c:b2:9b:69:11:73:f2:4b:1c:bd:ab:75:7d:
44:99:fd:49:ce:de:b4:f0:16:a3:c3:4d:5c:93:a3:
17:27:f8:7c:68:d9:26:b2:cd:40:a7:40:19:b2:87:
49:fd:1b:6b:57:08:2f:40:d8:2b:85:fd:e0:22:fa:
aa:63:58:49:e0:de:eb:3a:e1:f0:cc:74:0e:ff:6e:
e4:81:ca:e3:fd:61:69:95:ec:ed:d3:a4:7c:79:03:
43:7e:5c:df:21:b5:33:42:80:34:95:d7:ca:00:61:
60:92:fb:fa:86:b3:cd:2e:c0:48:92:91:20:57:8a:
fa:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:CD:BD:F6:6D:3E:A3:E1:98:F3:52:35:5C:22:A9:FC:2B:A5:63:36
X509v3 Authority Key Identifier:
keyid:FE:81:99:E8:34:55:67:D8:51:6B:78:8F:E2:E1:D3:97:E2:7C:73:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_oGZ6DRVZ9hRa3iP4uHTl-J8c6Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/t8299m0-o-GY81I1XCKp_CulYzY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/_oGZ6DRVZ9hRa3iP4uHTl-J8c6Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.67.80.0/23
185.91.122.0/23
IPv6:
2a05:e9c0:5600::/40
2a05:e9c0:6200::/40
Signature Algorithm: sha256WithRSAEncryption
a4:68:43:1d:ef:56:92:c4:9c:ce:79:d0:2f:4d:e6:35:d3:95:
e4:8f:b5:cd:07:fa:ec:60:97:82:d3:07:dd:2a:47:a1:5b:3d:
03:bd:ac:e6:4f:71:af:82:74:ed:bf:19:12:c6:e9:44:94:2f:
06:7c:42:48:b3:43:d9:e3:c2:ef:58:8e:75:b6:9f:c7:9e:0c:
ab:e8:a3:23:ad:37:8f:e5:fc:ad:0c:57:89:d1:dd:be:42:b5:
bc:23:4c:f8:8c:cf:57:0b:4b:51:73:a7:7a:13:eb:f5:90:37:
48:dc:61:2b:18:9d:fc:11:03:91:b9:b9:48:de:e1:d9:91:a4:
a6:cf:43:ea:11:f9:a2:c8:24:55:20:14:13:ac:16:aa:b3:94:
2c:37:4f:36:a6:a7:d3:72:b8:98:b9:ab:13:9c:e0:e5:d7:97:
50:97:7a:07:cc:02:3d:e0:4b:ca:d8:c2:dc:7c:4b:f4:95:77:
db:08:36:51:1f:13:22:0b:30:0a:55:15:16:5b:81:18:c1:06:
cc:4b:d5:3a:78:95:dd:e2:8a:3c:6d:f1:03:98:09:5d:85:8d:
7d:62:96:6c:55:47:a5:4d:11:5c:68:47:6f:aa:b7:4e:d0:62:
0c:5b:12:fd:47:15:bc:ab:1b:fc:87:98:7e:10:dd:ee:7a:ca:
0f:ef:92:cc
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZFTIy4Tw9DAzNheWwN3dM07MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlODE5OWU4MzQ1NTY3ZDg1MTZiNzg4ZmUyZTFkMzk3ZTI3
YzczYTQwHhcNMjQwODE0MjMwNDU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2NkYmRmNjZkM2VhM2UxOThmMzUyMzU1YzIyYTlmYzJiYTU2MzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnv4ueOMCLRA4NA9x0OWjdnqZsDXY
G9MLkYSTbVE51RhLB8pN7plYOOjicOlv0kGuUF9iCXt4QNRhLiA+MJ/YfX7cmFA1
c6blPhK7SEJmxvaMFP9eouL7vZQFygyY622KUF3E4wL5Ctz/VRzVH8IGo8T1cavm
Ct0WRiWpLwYFxgJAiyrh2saZQEyym2kRc/JLHL2rdX1Emf1Jzt608Bajw01ck6MX
J/h8aNkmss1Ap0AZsodJ/RtrVwgvQNgrhf3gIvqqY1hJ4N7rOuHwzHQO/27kgcrj
/WFplezt06R8eQNDflzfIbUzQoA0ldfKAGFgkvv6hrPNLsBIkpEgV4r62QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFLfNvfZtPqPhmPNSNVwiqfwrpWM2MB8GA1UdIwQY
MBaAFP6Bmeg0VWfYUWt4j+Lh05fifHOkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX29HWjZEUlZaOWhSYTNpUDR1SFRsLUo4YzZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9kMDllMzQtY2MxMS00Mzk0LTkwNGQt
ODQwY2NiMzRiM2Y1LzEvdDgyOTltMC1vLUdZODFJMVhDS3BfQ3VsWXpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9kMDllMzQtY2MxMS00Mzk0LTkwNGQtODQwY2NiMzRiM2Y1
LzEvX29HWjZEUlZaOWhSYTNpUDR1SFRsLUo4YzZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQBsENQAwQB
uVt6MBYEAgACMBADBgAqBenAVgMGACoF6cBiMA0GCSqGSIb3DQEBCwUAA4IBAQCk
aEMd71aSxJzOedAvTeY105Xkj7XNB/rsYJeC0wfdKkehWz0DvazmT3GvgnTtvxkS
xulElC8GfEJIs0PZ48LvWI51tp/Hngyr6KMjrTeP5fytDFeJ0d2+QrW8I0z4jM9X
C0tRc6d6E+v1kDdI3GErGJ38EQORublI3uHZkaSmz0PqEfmiyCRVIBQTrBaqs5Qs
N082pqfTcriYuasTnODl15dQl3oHzAI94EvK2MLcfEv0lXfbCDZRHxMiCzAKVRUW
W4EYwQbMS9U6eJXd4oo8bfEDmAldhY19YpZsVUelTRFcaEdvqrdO0GIMWxL9RxW8
qxv8h5h+EN3uesoP75LM
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:13:30 2025 by rpki-client