Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/5ec7ca-a402-4c5d-a1b7-61b772d751ec/1/j68sUaNEJKqha-XEkdgsRAvKeFk.roa
File: j68sUaNEJKqha-XEkdgsRAvKeFk.roa (raw, json)
Hash identifier: uXmKjGHtojXhLlzKsPFiA+EB058KvPTxS4oGbEewbs0=
Subject key identifier: 8F:AF:2C:51:A3:44:24:AA:A1:6B:E5:C4:91:D8:2C:44:0B:CA:78:59
Certificate issuer: /CN=8f175225f386ce980119f69884f9be7c6a2b3b33
Certificate serial: 0185DDB61A8EE76A74D52C2A475C9B2872ED
Authority key identifier: 8F:17:52:25:F3:86:CE:98:01:19:F6:98:84:F9:BE:7C:6A:2B:3B:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jxdSJfOGzpgBGfaYhPm-fGorOzM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/5ec7ca-a402-4c5d-a1b7-61b772d751ec/1/j68sUaNEJKqha-XEkdgsRAvKeFk.roa
Signing time: Mon 23 Jan 2023 08:19:37 +0000
ROA not before: Mon 23 Jan 2023 08:19:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29600
IP address blocks: 80.70.29.0/24 maxlen: 24
80.70.28.0/24 maxlen: 24
95.131.112.0/21 maxlen: 21
83.136.136.0/24 maxlen: 24
83.136.136.0/21 maxlen: 21
80.70.16.0/20 maxlen: 20
85.15.193.0/24 maxlen: 24
85.15.192.0/18 maxlen: 18
80.70.19.0/24 maxlen: 24
2a01:a880::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:dd:b6:1a:8e:e7:6a:74:d5:2c:2a:47:5c:9b:28:72:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f175225f386ce980119f69884f9be7c6a2b3b33
Validity
Not Before: Jan 23 08:19:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8faf2c51a34424aaa16be5c491d82c440bca7859
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:25:87:3a:74:ea:d6:e7:7b:a1:58:a6:e7:b8:
05:70:39:f6:23:60:6c:dd:10:b3:e3:f5:2d:58:1d:
d2:53:45:7a:9e:66:2d:bf:c2:01:84:13:6f:fa:5c:
9d:c7:f0:df:58:40:9b:39:68:e3:68:11:14:7e:0d:
37:05:9e:07:03:e9:87:ae:5b:89:7f:04:88:fe:b5:
b4:52:04:e2:50:b8:2f:d4:b9:a4:35:0e:b1:12:25:
a9:42:6d:c9:f2:63:ae:b9:7a:e5:5d:6d:3c:b3:bc:
89:c2:11:5f:47:5f:f4:40:d9:d6:c4:41:62:3c:41:
59:c0:30:2d:f4:af:d3:e3:83:82:1b:72:c2:04:45:
e4:f5:00:82:a8:50:fe:56:e0:c2:9a:e9:22:7c:d5:
44:07:83:39:ca:af:f6:5f:41:ba:9d:b6:ae:1b:72:
05:4f:f7:3a:44:06:82:c5:0e:f2:65:b8:b9:65:4a:
03:b9:6a:f6:5a:be:3c:f5:2f:ea:6e:24:df:40:53:
00:7d:16:fb:a1:0d:f0:f8:0e:dc:a7:e2:8d:0e:5a:
42:01:01:0b:25:27:cb:bf:a0:e7:f4:e3:56:92:54:
62:39:a9:bd:69:ad:ab:34:88:c9:7b:cd:bb:4a:4a:
d5:b7:86:e2:0d:0d:dd:b3:2b:2e:4a:50:ef:27:b6:
1c:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:AF:2C:51:A3:44:24:AA:A1:6B:E5:C4:91:D8:2C:44:0B:CA:78:59
X509v3 Authority Key Identifier:
keyid:8F:17:52:25:F3:86:CE:98:01:19:F6:98:84:F9:BE:7C:6A:2B:3B:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jxdSJfOGzpgBGfaYhPm-fGorOzM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/5ec7ca-a402-4c5d-a1b7-61b772d751ec/1/j68sUaNEJKqha-XEkdgsRAvKeFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/5ec7ca-a402-4c5d-a1b7-61b772d751ec/1/jxdSJfOGzpgBGfaYhPm-fGorOzM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.70.16.0/20
83.136.136.0/21
85.15.192.0/18
95.131.112.0/21
IPv6:
2a01:a880::/29
Signature Algorithm: sha256WithRSAEncryption
84:f5:e9:e7:1d:05:71:7a:20:15:0e:01:aa:1e:49:c8:7a:d4:
dd:93:ce:ff:53:bf:b9:73:50:c7:26:ad:a0:40:83:10:bb:bd:
f0:46:9a:fa:e4:48:23:6b:fe:50:8c:3b:1e:6d:12:80:df:f3:
4d:1e:0e:dd:86:df:73:62:28:e5:9e:f7:bb:68:e1:d7:87:90:
f9:65:41:15:65:cc:c6:2c:b6:50:04:fa:09:71:f9:6a:65:76:
23:59:62:18:c2:2e:b2:01:92:b8:e1:75:82:77:24:c4:4f:eb:
17:61:1b:76:e4:cf:52:69:c5:8d:01:5d:0c:6b:d8:14:6d:ee:
02:b4:5a:34:34:12:53:3d:5a:6d:0b:f7:cf:2c:14:11:0f:a8:
57:af:42:72:84:d5:10:c3:4d:b6:d1:7b:5d:44:50:df:4f:17:
93:9c:ce:14:a1:bf:71:42:b5:85:5d:79:d2:14:fb:d0:7d:7b:
2d:e0:c5:87:bc:94:7a:40:9c:f0:72:c4:3a:af:c3:82:83:d7:
15:1c:00:66:3b:86:3a:2d:98:15:6f:8f:33:3b:22:1d:ea:1e:
7d:98:8c:78:fd:d6:cc:24:ab:3f:62:9e:3e:43:4d:9c:ba:c3:
7d:34:cc:75:46:9b:6b:5d:ee:5f:9c:c5:12:f0:e3:00:04:b0:
b4:c7:8b:4d
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYXdthqO52p01SwqR1ybKHLtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMTc1MjI1ZjM4NmNlOTgwMTE5ZjY5ODg0ZjliZTdjNmEy
YjNiMzMwHhcNMjMwMTIzMDgxOTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmFmMmM1MWEzNDQyNGFhYTE2YmU1YzQ5MWQ4MmM0NDBiY2E3ODU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0iWHOnTq1ud7oVim57gFcDn2I2Bs
3RCz4/UtWB3SU0V6nmYtv8IBhBNv+lydx/DfWECbOWjjaBEUfg03BZ4HA+mHrluJ
fwSI/rW0UgTiULgv1LmkNQ6xEiWpQm3J8mOuuXrlXW08s7yJwhFfR1/0QNnWxEFi
PEFZwDAt9K/T44OCG3LCBEXk9QCCqFD+VuDCmukifNVEB4M5yq/2X0G6nbauG3IF
T/c6RAaCxQ7yZbi5ZUoDuWr2Wr489S/qbiTfQFMAfRb7oQ3w+A7cp+KNDlpCAQEL
JSfLv6Dn9ONWklRiOam9aa2rNIjJe827SkrVt4biDQ3dsysuSlDvJ7YcqQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFI+vLFGjRCSqoWvlxJHYLEQLynhZMB8GA1UdIwQY
MBaAFI8XUiXzhs6YARn2mIT5vnxqKzszMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanhkU0pmT0d6cGdCR2ZhWWhQbS1mR29yT3pNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi81ZWM3Y2EtYTQwMi00YzVkLWExYjct
NjFiNzcyZDc1MWVjLzEvajY4c1VhTkVKS3FoYS1YRWtkZ3NSQXZLZUZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi81ZWM3Y2EtYTQwMi00YzVkLWExYjctNjFiNzcyZDc1MWVj
LzEvanhkU0pmT0d6cGdCR2ZhWWhQbS1mR29yT3pNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEUEYQAwQD
U4iIAwQGVQ/AAwQDX4NwMA0EAgACMAcDBQMqAaiAMA0GCSqGSIb3DQEBCwUAA4IB
AQCE9ennHQVxeiAVDgGqHknIetTdk87/U7+5c1DHJq2gQIMQu73wRpr65Egja/5Q
jDsebRKA3/NNHg7dht9zYijlnve7aOHXh5D5ZUEVZczGLLZQBPoJcflqZXYjWWIY
wi6yAZK44XWCdyTET+sXYRt25M9SacWNAV0Ma9gUbe4CtFo0NBJTPVptC/fPLBQR
D6hXr0JyhNUQw0220XtdRFDfTxeTnM4Uob9xQrWFXXnSFPvQfXst4MWHvJR6QJzw
csQ6r8OCg9cVHABmO4Y6LZgVb48zOyId6h59mIx4/dbMJKs/Yp4+Q02cusN9NMx1
RptrXe5fnMUS8OMABLC0x4tN
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:40:52 2024 by rpki-client on console-ams.rpki-client.org