Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/3a96fa-90de-460c-bea6-ec10ebe4fccf/1/J2MOazVcZPG5l6NXxF6iZZjSphg.roa
File: J2MOazVcZPG5l6NXxF6iZZjSphg.roa (raw, json)
Hash identifier: fhhfCkmreRjRgYzavTKQbMUu6Q+H28ESMNCtq9iUdyc=
Subject key identifier: 27:63:0E:6B:35:5C:64:F1:B9:97:A3:57:C4:5E:A2:65:98:D2:A6:18
Certificate issuer: /CN=22190c26894093dc64a05ef2cfd354a06cff039d
Certificate serial: 018CC4931B0459ADBBAF5DFE9C7BB8E353D5
Authority key identifier: 22:19:0C:26:89:40:93:DC:64:A0:5E:F2:CF:D3:54:A0:6C:FF:03:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IhkMJolAk9xkoF7yz9NUoGz_A50.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/3a96fa-90de-460c-bea6-ec10ebe4fccf/1/J2MOazVcZPG5l6NXxF6iZZjSphg.roa
Signing time: Mon 01 Jan 2024 10:30:24 +0000
ROA not before: Mon 01 Jan 2024 10:30:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16378
IP address blocks: 80.85.192.0/24 maxlen: 24
80.85.192.0/20 maxlen: 23
80.85.197.0/24 maxlen: 24
80.85.198.0/24 maxlen: 24
80.85.196.0/24 maxlen: 24
80.85.194.0/24 maxlen: 24
80.85.195.0/24 maxlen: 24
80.85.199.0/24 maxlen: 24
80.85.193.0/24 maxlen: 24
80.85.204.0/24 maxlen: 24
80.85.205.0/24 maxlen: 24
80.85.203.0/24 maxlen: 24
80.85.201.0/24 maxlen: 24
80.85.202.0/24 maxlen: 24
80.85.206.0/24 maxlen: 24
80.85.200.0/24 maxlen: 24
80.85.207.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 17 May 2024 06:39:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:1b:04:59:ad:bb:af:5d:fe:9c:7b:b8:e3:53:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22190c26894093dc64a05ef2cfd354a06cff039d
Validity
Not Before: Jan 1 10:30:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=27630e6b355c64f1b997a357c45ea26598d2a618
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:a6:a5:e6:9d:a5:ac:35:79:97:3a:df:72:67:
f1:57:03:b7:b9:25:af:af:6b:7b:93:ed:22:5d:93:
26:5f:0f:43:01:f3:c1:69:bb:9e:71:fc:dd:02:b7:
68:f3:1c:ba:89:f8:03:41:19:60:a1:c4:54:f0:a3:
f6:8f:48:d7:0d:9c:29:9f:8e:78:c6:33:9a:ac:e1:
25:8c:72:f2:0d:a8:19:52:62:ea:46:bb:e8:a7:89:
3a:fb:fb:46:97:85:1a:29:36:b0:06:82:90:9f:0f:
1e:9f:a3:32:c1:7c:45:93:0a:02:af:7d:f0:5e:3e:
dc:64:b7:c8:a2:db:58:e5:34:38:22:ba:f6:b4:e7:
e9:a8:15:ef:a5:29:05:a6:b3:87:ef:76:fc:37:21:
70:c3:d1:46:1a:f3:61:a6:e0:92:e6:84:d3:9b:ac:
45:f6:7e:f2:d8:a0:fa:fd:b9:02:9f:df:f2:05:ee:
48:cc:48:68:78:02:6e:8d:b3:e3:cf:49:06:99:d3:
d5:fa:cf:fc:19:68:8e:ce:0c:ec:98:ea:5f:e2:4e:
10:97:ef:0d:1a:86:17:2f:69:a1:3f:3b:ba:0f:6d:
2b:cc:14:20:de:40:2d:83:20:a5:99:cd:b5:97:f0:
5f:33:c7:38:23:de:e5:15:0f:ad:2c:6b:c0:45:5c:
6d:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:63:0E:6B:35:5C:64:F1:B9:97:A3:57:C4:5E:A2:65:98:D2:A6:18
X509v3 Authority Key Identifier:
keyid:22:19:0C:26:89:40:93:DC:64:A0:5E:F2:CF:D3:54:A0:6C:FF:03:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IhkMJolAk9xkoF7yz9NUoGz_A50.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/3a96fa-90de-460c-bea6-ec10ebe4fccf/1/J2MOazVcZPG5l6NXxF6iZZjSphg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/3a96fa-90de-460c-bea6-ec10ebe4fccf/1/IhkMJolAk9xkoF7yz9NUoGz_A50.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.85.192.0/20
Signature Algorithm: sha256WithRSAEncryption
43:24:a4:68:8f:0d:3c:1d:98:ff:86:43:b4:56:20:84:7d:4f:
23:bc:c0:91:64:4b:11:5d:e4:9d:36:e5:04:b3:89:cb:07:61:
11:2a:f5:ca:62:83:19:cb:4b:22:fd:0d:64:36:78:fd:8b:35:
d6:14:38:fb:32:c3:2a:8b:3d:aa:ab:97:87:52:b9:5c:16:d2:
3b:43:cd:24:b8:05:01:ba:2d:bb:54:d9:00:98:c0:ea:c5:07:
a2:d9:68:3b:0a:b5:47:95:db:fd:ad:06:90:83:72:0d:31:83:
23:b9:49:d8:2c:b1:d7:36:9e:0b:46:dd:b7:50:b2:b3:24:69:
b9:28:92:6c:e8:eb:fe:c4:18:ae:79:62:11:31:62:02:5c:34:
2a:e7:f8:49:7b:d3:73:44:57:3b:81:b2:f8:2c:52:27:d7:fb:
2a:73:9f:5b:01:7f:16:16:11:ca:6e:e8:d0:f3:3f:08:7c:35:
80:29:a4:88:d1:20:13:14:4e:a8:d6:c6:31:da:8f:e2:e4:f8:
93:5b:9b:27:86:a1:13:d4:d9:03:93:44:9e:29:11:f6:d8:96:
70:56:69:7f:02:f9:b4:7b:fa:08:9b:e4:1f:0a:56:cb:89:a0:
35:2d:e0:68:3b:c5:17:13:95:81:98:80:f3:7a:28:99:20:a4:
8d:a5:1b:33
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEkxsEWa27r13+nHu441PVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMTkwYzI2ODk0MDkzZGM2NGEwNWVmMmNmZDM1NGEwNmNm
ZjAzOWQwHhcNMjQwMTAxMTAzMDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzYzMGU2YjM1NWM2NGYxYjk5N2EzNTdjNDVlYTI2NTk4ZDJhNjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApqal5p2lrDV5lzrfcmfxVwO3uSWv
r2t7k+0iXZMmXw9DAfPBabuecfzdArdo8xy6ifgDQRlgocRU8KP2j0jXDZwpn454
xjOarOEljHLyDagZUmLqRrvop4k6+/tGl4UaKTawBoKQnw8en6MywXxFkwoCr33w
Xj7cZLfIottY5TQ4Irr2tOfpqBXvpSkFprOH73b8NyFww9FGGvNhpuCS5oTTm6xF
9n7y2KD6/bkCn9/yBe5IzEhoeAJujbPjz0kGmdPV+s/8GWiOzgzsmOpf4k4Ql+8N
GoYXL2mhPzu6D20rzBQg3kAtgyClmc21l/BfM8c4I97lFQ+tLGvARVxtfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCdjDms1XGTxuZejV8ReomWY0qYYMB8GA1UdIwQY
MBaAFCIZDCaJQJPcZKBe8s/TVKBs/wOdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWhrTUpvbEFrOXhrb0Y3eXo5TlVvR3pfQTUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC8zYTk2ZmEtOTBkZS00NjBjLWJlYTYt
ZWMxMGViZTRmY2NmLzEvSjJNT2F6VmNaUEc1bDZOWHhGNmlaWmpTcGhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC8zYTk2ZmEtOTBkZS00NjBjLWJlYTYtZWMxMGViZTRmY2Nm
LzEvSWhrTUpvbEFrOXhrb0Y3eXo5TlVvR3pfQTUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEUFXAMA0G
CSqGSIb3DQEBCwUAA4IBAQBDJKRojw08HZj/hkO0ViCEfU8jvMCRZEsRXeSdNuUE
s4nLB2ERKvXKYoMZy0si/Q1kNnj9izXWFDj7MsMqiz2qq5eHUrlcFtI7Q80kuAUB
ui27VNkAmMDqxQei2Wg7CrVHldv9rQaQg3INMYMjuUnYLLHXNp4LRt23ULKzJGm5
KJJs6Ov+xBiueWIRMWICXDQq5/hJe9NzRFc7gbL4LFIn1/sqc59bAX8WFhHKbujQ
8z8IfDWAKaSI0SATFE6o1sYx2o/i5PiTW5snhqET1NkDk0SeKRH22JZwVml/Avm0
e/oIm+QfClbLiaA1LeBoO8UXE5WBmIDzeiiZIKSNpRsz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:50 2024 by rpki-client on console-fra.rpki-client.org