Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/810c11-a105-4db1-a6b5-392b863c9f03/1/bIPMCwSU2shMo5Km6p3g43OdtFg.roa
File: bIPMCwSU2shMo5Km6p3g43OdtFg.roa (raw, json)
Hash identifier: Q8Pf2EM/CRMbSJzaTJeRf+LbVZcdPZDFKRa1KX+OrwE=
Subject key identifier: 6C:83:CC:0B:04:94:DA:C8:4C:A3:92:A6:EA:9D:E0:E3:73:9D:B4:58
Certificate issuer: /CN=ecba774ba82fb0427f766e783e770f4bd96416f9
Certificate serial: 01856ED4AB4FFF326CDD7AE1BF4A76600053
Authority key identifier: EC:BA:77:4B:A8:2F:B0:42:7F:76:6E:78:3E:77:0F:4B:D9:64:16:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7Lp3S6gvsEJ_dm54PncPS9lkFvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/810c11-a105-4db1-a6b5-392b863c9f03/1/bIPMCwSU2shMo5Km6p3g43OdtFg.roa
Signing time: Sun 01 Jan 2023 19:35:09 +0000
ROA not before: Sun 01 Jan 2023 19:35:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21057
IP address blocks: 80.84.128.0/22 maxlen: 22
80.84.139.0/24 maxlen: 24
80.84.138.0/23 maxlen: 23
80.84.137.0/24 maxlen: 24
80.84.141.0/24 maxlen: 24
80.84.140.0/23 maxlen: 23
80.84.140.0/24 maxlen: 24
80.84.148.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:ab:4f:ff:32:6c:dd:7a:e1:bf:4a:76:60:00:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ecba774ba82fb0427f766e783e770f4bd96416f9
Validity
Not Before: Jan 1 19:35:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6c83cc0b0494dac84ca392a6ea9de0e3739db458
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:e5:a6:be:a6:34:9e:a4:a0:f7:49:17:2f:13:
5a:bc:17:07:bf:a8:d1:01:ca:4a:15:81:6e:2b:1f:
69:a2:60:33:7d:3f:c4:a9:f3:74:03:ba:6e:d5:77:
48:d0:53:8f:95:2d:78:e2:72:df:da:20:73:49:c4:
30:56:36:7d:59:36:e2:29:c9:d0:5a:90:cf:58:b1:
ae:7c:d5:0c:12:9d:b9:c3:11:71:a7:9e:50:dd:8e:
b9:eb:ec:58:e2:ba:4f:10:d5:45:70:a4:59:d3:b0:
38:fd:8e:6f:0a:bb:33:21:1a:69:cf:06:ad:37:25:
7d:ad:83:8f:74:18:08:a3:5c:7e:cb:93:d6:c3:6a:
9d:66:98:7b:ca:fd:bc:61:97:26:6d:79:88:28:8f:
c9:ea:f5:b1:d8:9e:28:09:5d:c3:1d:af:ad:26:91:
63:6c:dc:80:55:5e:55:b9:0c:ad:a1:43:d3:54:96:
0f:e2:e2:fa:54:95:e2:a4:f3:c4:a2:81:52:6e:0c:
9e:73:ea:86:6e:1c:4c:99:31:2e:42:5a:fe:e6:65:
71:bb:ce:dd:f1:e5:75:b1:0e:f4:0d:87:75:b8:2c:
58:e3:1f:71:22:3e:b2:51:5f:48:f3:cf:7e:ea:7f:
83:47:b3:7b:bf:2e:74:32:1e:40:3c:94:7b:3f:15:
9d:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:83:CC:0B:04:94:DA:C8:4C:A3:92:A6:EA:9D:E0:E3:73:9D:B4:58
X509v3 Authority Key Identifier:
keyid:EC:BA:77:4B:A8:2F:B0:42:7F:76:6E:78:3E:77:0F:4B:D9:64:16:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7Lp3S6gvsEJ_dm54PncPS9lkFvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/810c11-a105-4db1-a6b5-392b863c9f03/1/bIPMCwSU2shMo5Km6p3g43OdtFg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/810c11-a105-4db1-a6b5-392b863c9f03/1/7Lp3S6gvsEJ_dm54PncPS9lkFvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.84.128.0/22
80.84.137.0-80.84.141.255
80.84.148.0/24
Signature Algorithm: sha256WithRSAEncryption
41:31:86:84:b8:7d:52:00:34:59:4e:b0:58:a8:25:7c:80:4b:
e9:36:3b:ce:54:26:d9:7c:8c:29:d3:36:f6:9f:b7:7a:27:89:
6c:ac:cc:ac:df:b3:6a:5f:da:a1:78:75:9e:49:cb:1c:78:73:
7a:58:01:f4:87:94:d4:50:50:c4:58:7c:49:36:16:74:52:4e:
43:79:e8:23:4d:ae:11:34:7d:4a:ec:4b:b7:6a:98:f2:f0:9d:
94:a6:e5:ea:cc:3f:7f:1b:68:c7:cf:4c:5a:67:e5:47:ab:00:
13:0d:4f:ed:18:c3:40:ba:41:84:7a:ae:be:00:4e:1f:be:63:
f3:e0:02:07:a6:53:96:08:33:84:d5:de:37:e9:4c:9f:6c:ef:
42:bc:9b:f5:95:b0:90:42:1c:c9:8a:00:e3:91:0f:33:18:b0:
eb:09:1f:39:c8:b9:ca:28:da:96:16:e4:d8:36:f2:67:27:e4:
82:20:ac:9f:18:3b:28:39:3f:1e:bc:df:d4:4d:5d:95:44:0d:
80:5e:29:a9:28:00:cc:be:ed:2c:ae:f2:1d:cd:2f:f6:b8:25:
3f:22:99:c1:37:4d:3f:ce:f9:89:5f:5b:94:85:81:4f:d6:88:
8b:f7:95:65:0d:1c:ce:f3:cc:ef:48:2f:b2:5f:1f:2f:74:7b:
51:c5:88:eb
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVu1KtP/zJs3Xrhv0p2YABTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjYmE3NzRiYTgyZmIwNDI3Zjc2NmU3ODNlNzcwZjRiZDk2
NDE2ZjkwHhcNMjMwMTAxMTkzNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzgzY2MwYjA0OTRkYWM4NGNhMzkyYTZlYTlkZTBlMzczOWRiNDU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAieWmvqY0nqSg90kXLxNavBcHv6jR
AcpKFYFuKx9pomAzfT/EqfN0A7pu1XdI0FOPlS144nLf2iBzScQwVjZ9WTbiKcnQ
WpDPWLGufNUMEp25wxFxp55Q3Y656+xY4rpPENVFcKRZ07A4/Y5vCrszIRppzwat
NyV9rYOPdBgIo1x+y5PWw2qdZph7yv28YZcmbXmIKI/J6vWx2J4oCV3DHa+tJpFj
bNyAVV5VuQytoUPTVJYP4uL6VJXipPPEooFSbgyec+qGbhxMmTEuQlr+5mVxu87d
8eV1sQ70DYd1uCxY4x9xIj6yUV9I889+6n+DR7N7vy50Mh5APJR7PxWdnQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFGyDzAsElNrITKOSpuqd4ONznbRYMB8GA1UdIwQY
MBaAFOy6d0uoL7BCf3ZueD53D0vZZBb5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0xwM1M2Z3ZzRUpfZG01NFBuY1BTOWxrRnZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi84MTBjMTEtYTEwNS00ZGIxLWE2YjUt
MzkyYjg2M2M5ZjAzLzEvYklQTUN3U1Uyc2hNbzVLbTZwM2c0M09kdEZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi84MTBjMTEtYTEwNS00ZGIxLWE2YjUtMzkyYjg2M2M5ZjAz
LzEvN0xwM1M2Z3ZzRUpfZG01NFBuY1BTOWxrRnZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCUFSAMAwD
BABQVIkDBAFQVIwDBABQVJQwDQYJKoZIhvcNAQELBQADggEBAEExhoS4fVIANFlO
sFioJXyAS+k2O85UJtl8jCnTNvaft3oniWyszKzfs2pf2qF4dZ5Jyxx4c3pYAfSH
lNRQUMRYfEk2FnRSTkN56CNNrhE0fUrsS7dqmPLwnZSm5erMP38baMfPTFpn5Uer
ABMNT+0Yw0C6QYR6rr4ATh++Y/PgAgemU5YIM4TV3jfpTJ9s70K8m/WVsJBCHMmK
AOORDzMYsOsJHznIucoo2pYW5Ng28mcn5IIgrJ8YOyg5Px6839RNXZVEDYBeKako
AMy+7Syu8h3NL/a4JT8imcE3TT/O+YlfW5SFgU/WiIv3lWUNHM7zzO9IL7JfHy90
e1HFiOs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:43 2024 by rpki-client on console-fra.rpki-client.org