Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/mH9AiXyFO7YfCKv6PiYHiDa5hZk.roa
File: mH9AiXyFO7YfCKv6PiYHiDa5hZk.roa (raw, json)
Hash identifier: o7E0Y7zYED3FL8DTIAADtxYrUZxRnYdskWHoyXJrcLI=
Subject key identifier: 98:7F:40:89:7C:85:3B:B6:1F:08:AB:FA:3E:26:07:88:36:B9:85:99
Certificate issuer: /CN=618478f198fe569010c3df6219142f530c4f5e56
Certificate serial: 01928FB0F49ABFE8AFCAEFE0933ED85BA124
Authority key identifier: 61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/mH9AiXyFO7YfCKv6PiYHiDa5hZk.roa
Signing time: Tue 15 Oct 2024 10:19:51 +0000
ROA not before: Tue 15 Oct 2024 10:19:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9123
IP address blocks: 80.242.56.0/24 maxlen: 24
80.242.57.0/24 maxlen: 24
80.242.58.0/24 maxlen: 24
92.63.176.0/22 maxlen: 22
92.63.176.0/24 maxlen: 24
92.63.177.0/24 maxlen: 24
92.63.178.0/24 maxlen: 24
92.63.179.0/24 maxlen: 24
185.42.14.0/24 maxlen: 24
194.32.98.0/24 maxlen: 24
217.78.234.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 18 Nov 2024 13:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:8f:b0:f4:9a:bf:e8:af:ca:ef:e0:93:3e:d8:5b:a1:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=618478f198fe569010c3df6219142f530c4f5e56
Validity
Not Before: Oct 15 10:19:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=987f40897c853bb61f08abfa3e26078836b98599
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:ba:e0:87:2a:4d:31:d5:81:4e:44:41:c5:d3:
c4:fe:1f:64:45:47:a9:d0:b9:1b:a7:f3:2a:1d:cc:
24:64:d5:da:58:62:6c:60:69:22:e2:9c:ef:79:a7:
3b:d6:ac:96:10:4c:23:25:c5:c9:eb:19:d1:25:34:
4c:a9:ee:62:e7:6e:9f:ff:4f:15:c4:82:0e:88:9a:
fe:7d:4c:da:7b:8a:b8:79:c8:6a:62:9f:45:67:f8:
3e:fb:39:15:2c:66:5e:c4:29:51:41:fa:8b:c1:4f:
39:31:14:dd:bc:54:bc:fd:13:36:b6:70:2b:46:1f:
f1:4a:f4:ec:07:d4:49:76:52:c0:0b:ca:7d:51:27:
e7:97:27:8b:8d:56:19:2f:a8:e3:8f:5a:21:5d:b9:
25:40:18:98:0c:02:f2:02:4d:e2:a3:87:27:d7:78:
81:18:38:10:e4:59:94:58:52:c8:ed:b2:96:a2:ca:
e1:08:c7:28:3b:b8:3a:f1:84:5a:61:9f:9f:aa:67:
a9:ce:fb:df:7d:86:53:5b:1f:c2:ec:af:99:95:fc:
59:d8:d4:7d:cc:44:9c:ac:86:ea:8e:eb:ed:88:d7:
b0:cc:7a:d9:70:c1:65:ae:47:ed:45:7e:21:6a:48:
41:d5:35:4a:1d:74:9e:8e:61:66:cb:e4:46:78:b2:
33:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:7F:40:89:7C:85:3B:B6:1F:08:AB:FA:3E:26:07:88:36:B9:85:99
X509v3 Authority Key Identifier:
keyid:61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/mH9AiXyFO7YfCKv6PiYHiDa5hZk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.242.56.0-80.242.58.255
92.63.176.0/22
185.42.14.0/24
194.32.98.0/24
217.78.234.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:44:ac:20:ea:17:0d:a9:46:5c:c9:ed:4d:bc:73:fe:de:ff:
1d:a8:2d:35:cd:71:17:55:6e:7a:95:70:65:46:d5:e5:fc:9a:
cc:f0:45:53:e5:9c:6a:a8:17:dc:e4:9d:c0:1f:73:a4:f5:16:
50:57:7d:5e:dd:a7:33:de:74:59:7d:52:00:e9:85:3f:f6:d4:
93:5f:3e:a1:64:68:8d:57:99:18:c3:7e:22:8d:e8:b7:05:ea:
53:32:d1:65:e4:c8:4a:af:31:1b:22:54:0a:6c:b9:14:cd:7a:
7f:b3:9a:de:01:81:62:fa:7e:97:46:fb:85:0b:a0:d5:61:c7:
04:c0:a4:c1:d1:a4:f5:d4:57:61:3c:0f:2a:0e:e0:6d:9b:8e:
69:15:bd:10:3d:2e:cb:2c:19:4b:af:c0:9b:43:96:f9:e7:a2:
f7:de:32:01:79:0e:d8:3b:e3:86:ef:0a:9b:5e:49:c3:ce:96:
d3:df:5d:58:09:cc:f1:d3:69:e5:5d:1f:fd:f7:56:df:24:69:
06:08:9f:5b:18:2e:7b:40:aa:36:32:bb:83:cc:70:4c:09:2d:
48:d2:e9:c2:6c:88:7a:5a:e5:41:04:79:a2:2f:61:43:8f:8f:
4a:1d:3b:3a:0e:01:ef:57:bc:b2:5d:b4:02:1a:00:62:68:68:
13:fc:5f:cd
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZKPsPSav+ivyu/gkz7YW6EkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxODQ3OGYxOThmZTU2OTAxMGMzZGY2MjE5MTQyZjUzMGM0
ZjVlNTYwHhcNMjQxMDE1MTAxOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODdmNDA4OTdjODUzYmI2MWYwOGFiZmEzZTI2MDc4ODM2Yjk4NTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0rrghypNMdWBTkRBxdPE/h9kRUep
0Lkbp/MqHcwkZNXaWGJsYGki4pzveac71qyWEEwjJcXJ6xnRJTRMqe5i526f/08V
xIIOiJr+fUzae4q4echqYp9FZ/g++zkVLGZexClRQfqLwU85MRTdvFS8/RM2tnAr
Rh/xSvTsB9RJdlLAC8p9USfnlyeLjVYZL6jjj1ohXbklQBiYDALyAk3io4cn13iB
GDgQ5FmUWFLI7bKWosrhCMcoO7g68YRaYZ+fqmepzvvffYZTWx/C7K+ZlfxZ2NR9
zEScrIbqjuvtiNewzHrZcMFlrkftRX4hakhB1TVKHXSejmFmy+RGeLIzmQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFJh/QIl8hTu2Hwir+j4mB4g2uYWZMB8GA1UdIwQY
MBaAFGGEePGY/laQEMPfYhkUL1MMT15WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEt
YmE5OGYxMTIyMTIxLzEvbUg5QWlYeUZPN1lmQ0t2NlBpWUhpRGE1aFprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEtYmE5OGYxMTIyMTIx
LzEvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBANQ8jgD
BABQ8joDBAJcP7ADBAC5Kg4DBADCIGIDBADZTuowDQYJKoZIhvcNAQELBQADggEB
AKlErCDqFw2pRlzJ7U28c/7e/x2oLTXNcRdVbnqVcGVG1eX8mszwRVPlnGqoF9zk
ncAfc6T1FlBXfV7dpzPedFl9UgDphT/21JNfPqFkaI1XmRjDfiKN6LcF6lMy0WXk
yEqvMRsiVApsuRTNen+zmt4BgWL6fpdG+4ULoNVhxwTApMHRpPXUV2E8DyoO4G2b
jmkVvRA9LsssGUuvwJtDlvnnovfeMgF5Dtg744bvCpteScPOltPfXVgJzPHTaeVd
H/33Vt8kaQYIn1sYLntAqjYyu4PMcEwJLUjS6cJsiHpa5UEEeaIvYUOPj0odOzoO
Ae9XvLJdtAIaAGJoaBP8X80=
-----END CERTIFICATE-----
Generated at Mon Nov 18 16:25:51 2024 by rpki-client on console-fra.rpki-client.org