Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/de1db4-ec78-4e41-9570-097c3c1c2540/1/THRIZKL6u0lm2d1hIxlcmGLS_nA.roa
File: THRIZKL6u0lm2d1hIxlcmGLS_nA.roa (raw, json)
Hash identifier: dP0X4mKRgYtpODauNPxMP6x+H4Wsm+ZmUauZxOclWnM=
Subject key identifier: 4C:74:48:64:A2:FA:BB:49:66:D9:DD:61:23:19:5C:98:62:D2:FE:70
Certificate issuer: /CN=2ac64dc21cb5fd4d0bcb02cc2b43fd751fd91e1e
Certificate serial: 018F09DCAF49E02AA3B7029AD70768CDC2B8
Authority key identifier: 2A:C6:4D:C2:1C:B5:FD:4D:0B:CB:02:CC:2B:43:FD:75:1F:D9:1E:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsZNwhy1_U0LywLMK0P9dR_ZHh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/de1db4-ec78-4e41-9570-097c3c1c2540/1/THRIZKL6u0lm2d1hIxlcmGLS_nA.roa
Signing time: Tue 23 Apr 2024 07:30:08 +0000
ROA not before: Tue 23 Apr 2024 07:30:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13119
IP address blocks: 80.94.16.0/20 maxlen: 20
109.69.88.0/21 maxlen: 24
212.14.48.0/20 maxlen: 20
213.155.160.0/19 maxlen: 19
2001:4c5c::/30 maxlen: 30
Validation: Failed, certificate revoked on Thu 16 May 2024 07:02:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:09:dc:af:49:e0:2a:a3:b7:02:9a:d7:07:68:cd:c2:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac64dc21cb5fd4d0bcb02cc2b43fd751fd91e1e
Validity
Not Before: Apr 23 07:30:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4c744864a2fabb4966d9dd6123195c9862d2fe70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:9d:f4:3c:c7:63:d2:94:9a:e6:dd:ca:43:59:
2a:38:85:3c:26:f9:b4:7a:ce:21:46:cb:c2:b7:b8:
cc:27:da:26:28:91:36:c8:a9:6f:4c:1f:ee:9b:9f:
d6:e6:48:dc:7f:38:9d:ac:7b:27:25:5f:ac:2f:ec:
37:f5:52:b1:7b:33:26:cf:1a:e0:a2:d5:52:5b:2d:
f0:86:bf:c9:eb:1f:d8:0c:82:f9:0f:76:02:1e:b0:
53:bf:9e:f8:10:e2:03:02:fd:be:f3:e3:74:53:cd:
d5:7c:af:26:ea:c0:e0:c8:0c:a5:d7:0b:7a:6d:8d:
7f:60:bc:3f:6b:e6:2d:8a:aa:69:51:29:96:74:73:
5c:8f:f6:4e:7f:e4:f3:6c:4d:50:6c:69:c3:74:03:
67:03:32:59:7d:08:e9:09:ea:2a:3e:85:29:12:33:
1e:49:fb:8f:9a:62:ef:74:cc:50:95:01:72:a0:91:
c1:f0:06:ca:f2:03:c0:8b:18:16:97:fd:f1:f4:4a:
ef:db:51:18:ba:25:ca:c3:49:39:6f:72:86:bb:c6:
b1:a9:12:fa:37:68:75:a0:a3:b7:1d:b4:3c:74:0f:
a5:c3:c4:06:d0:61:7b:6d:e7:cc:e5:5b:d1:f0:70:
19:55:be:b8:be:e9:f5:64:d3:cf:ec:c5:28:9d:8d:
87:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:74:48:64:A2:FA:BB:49:66:D9:DD:61:23:19:5C:98:62:D2:FE:70
X509v3 Authority Key Identifier:
keyid:2A:C6:4D:C2:1C:B5:FD:4D:0B:CB:02:CC:2B:43:FD:75:1F:D9:1E:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsZNwhy1_U0LywLMK0P9dR_ZHh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/de1db4-ec78-4e41-9570-097c3c1c2540/1/THRIZKL6u0lm2d1hIxlcmGLS_nA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/de1db4-ec78-4e41-9570-097c3c1c2540/1/KsZNwhy1_U0LywLMK0P9dR_ZHh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.94.16.0/20
109.69.88.0/21
212.14.48.0/20
213.155.160.0/19
IPv6:
2001:4c5c::/30
Signature Algorithm: sha256WithRSAEncryption
5b:d8:66:91:d2:87:e3:27:f2:ce:62:72:b9:b6:62:40:f3:88:
12:bb:55:70:da:62:7a:45:3b:b8:5e:60:02:74:0b:ae:28:47:
a0:00:f6:7e:5a:e1:4f:a9:e7:8d:37:a5:cf:61:85:77:27:2d:
b9:63:17:7e:62:b7:85:d2:bc:29:7c:29:bf:72:a4:99:9e:9e:
58:fc:37:df:74:97:12:8d:15:04:a8:6b:1c:de:bb:f0:04:6c:
d6:2c:ae:1c:9e:dc:af:fa:67:48:50:66:db:fe:f5:c7:3f:73:
22:db:d5:a4:9f:43:2a:a0:12:fa:0e:d9:b8:1e:10:a4:c9:98:
f6:e3:4a:cc:9a:24:d9:ba:27:7f:58:fc:dd:4d:dc:10:98:76:
af:6f:f9:54:f8:93:84:1c:df:a0:e5:66:e7:16:84:6f:95:82:
af:5e:d5:cf:19:fd:2a:e9:17:3e:ff:ec:36:58:22:de:16:45:
d8:d3:e8:30:76:49:49:c1:39:99:03:3a:85:48:45:26:f0:3e:
30:d6:7a:3e:7a:18:13:ee:ca:c2:3e:c3:84:e2:ca:86:56:83:
c7:e6:0c:3b:2f:10:76:84:fa:a9:6c:cb:6d:9b:38:4f:a5:55:
0e:21:7d:fe:8f:c8:68:68:76:e7:67:d5:a8:6d:13:22:5d:bb:
99:09:90:a9
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAY8J3K9J4CqjtwKa1wdozcK4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzY0ZGMyMWNiNWZkNGQwYmNiMDJjYzJiNDNmZDc1MWZk
OTFlMWUwHhcNMjQwNDIzMDczMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Yzc0NDg2NGEyZmFiYjQ5NjZkOWRkNjEyMzE5NWM5ODYyZDJmZTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJ30PMdj0pSa5t3KQ1kqOIU8Jvm0
es4hRsvCt7jMJ9omKJE2yKlvTB/um5/W5kjcfzidrHsnJV+sL+w39VKxezMmzxrg
otVSWy3whr/J6x/YDIL5D3YCHrBTv574EOIDAv2+8+N0U83VfK8m6sDgyAyl1wt6
bY1/YLw/a+YtiqppUSmWdHNcj/ZOf+TzbE1QbGnDdANnAzJZfQjpCeoqPoUpEjMe
SfuPmmLvdMxQlQFyoJHB8AbK8gPAixgWl/3x9Erv21EYuiXKw0k5b3KGu8axqRL6
N2h1oKO3HbQ8dA+lw8QG0GF7befM5VvR8HAZVb64vun1ZNPP7MUonY2HjQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFEx0SGSi+rtJZtndYSMZXJhi0v5wMB8GA1UdIwQY
MBaAFCrGTcIctf1NC8sCzCtD/XUf2R4eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NaTndoeTFfVTBMeXdMTUswUDlkUl9aSGg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9kZTFkYjQtZWM3OC00ZTQxLTk1NzAt
MDk3YzNjMWMyNTQwLzEvVEhSSVpLTDZ1MGxtMmQxaEl4bGNtR0xTX25BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9kZTFkYjQtZWM3OC00ZTQxLTk1NzAtMDk3YzNjMWMyNTQw
LzEvS3NaTndoeTFfVTBMeXdMTUswUDlkUl9aSGg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEUF4QAwQD
bUVYAwQE1A4wAwQF1ZugMA0EAgACMAcDBQIgAUxcMA0GCSqGSIb3DQEBCwUAA4IB
AQBb2GaR0ofjJ/LOYnK5tmJA84gSu1Vw2mJ6RTu4XmACdAuuKEegAPZ+WuFPqeeN
N6XPYYV3Jy25Yxd+YreF0rwpfCm/cqSZnp5Y/DffdJcSjRUEqGsc3rvwBGzWLK4c
ntyv+mdIUGbb/vXHP3Mi29Wkn0MqoBL6Dtm4HhCkyZj240rMmiTZuid/WPzdTdwQ
mHavb/lU+JOEHN+g5WbnFoRvlYKvXtXPGf0q6Rc+/+w2WCLeFkXY0+gwdklJwTmZ
AzqFSEUm8D4w1no+ehgT7srCPsOE4sqGVoPH5gw7LxB2hPqpbMttmzhPpVUOIX3+
j8hoaHbnZ9WobRMiXbuZCZCp
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:20 2025 by rpki-client