Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/SphqR8Nst4Ztypy5qJezvipFDng.roa
File: SphqR8Nst4Ztypy5qJezvipFDng.roa (raw, json)
Hash identifier: WPVBYVxTKTYPpK1P/kdb3mWQYrKAOhDVTG9j48x88S8=
Subject key identifier: 4A:98:6A:47:C3:6C:B7:86:6D:CA:9C:B9:A8:97:B3:BE:2A:45:0E:78
Certificate issuer: /CN=67955b1aa1c0284d2843b96f26c5fe751e66946f
Certificate serial: 018AAD728F9DC34B8F34385F4FB43A400C6F
Authority key identifier: 67:95:5B:1A:A1:C0:28:4D:28:43:B9:6F:26:C5:FE:75:1E:66:94:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/SphqR8Nst4Ztypy5qJezvipFDng.roa
Signing time: Tue 19 Sep 2023 12:38:00 +0000
ROA not before: Tue 19 Sep 2023 12:38:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25369
IP address blocks: 80.87.206.0/24 maxlen: 24
185.162.235.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ad:72:8f:9d:c3:4b:8f:34:38:5f:4f:b4:3a:40:0c:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67955b1aa1c0284d2843b96f26c5fe751e66946f
Validity
Not Before: Sep 19 12:38:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4a986a47c36cb7866dca9cb9a897b3be2a450e78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:e0:a0:b2:ab:b3:41:59:81:ba:56:04:ee:fe:
fc:c1:d6:a3:33:b3:f2:cf:b3:d8:3d:b4:38:c7:00:
b3:2f:1c:44:19:c5:1e:e8:10:5c:f0:2d:6e:89:2e:
be:ab:80:45:27:38:a9:0c:bb:42:26:4f:86:eb:34:
23:08:f9:e1:62:ee:65:78:18:1f:7d:2e:e9:ff:75:
3e:08:7e:d7:7b:4b:5e:08:7b:d0:1b:56:a7:3f:f6:
8b:e2:5f:a3:5b:0a:73:d8:f3:9a:4f:5b:89:f4:f6:
7a:e6:34:c7:23:6b:0b:dd:73:17:9c:22:22:3f:33:
ec:cb:71:6c:c0:ca:6c:71:51:20:f9:27:24:0b:9c:
1e:42:4e:71:14:bf:3d:10:99:b8:17:fa:0e:3a:5d:
f7:60:3c:66:b3:8c:b7:b0:b3:6e:5e:57:32:eb:c1:
19:c7:35:39:40:1d:90:b5:cd:aa:12:75:6a:d5:16:
04:05:d0:bc:21:33:2d:6d:7d:5c:25:a8:dc:35:7a:
31:88:a1:ec:f0:73:99:15:57:13:95:dc:cb:65:49:
56:0d:27:f6:3e:fd:c0:58:bb:8b:de:c2:66:49:2b:
dc:2e:35:15:a5:3c:b0:98:cc:3c:11:67:ef:88:8d:
66:68:23:37:e5:13:ef:03:53:1d:4b:4d:a9:b6:42:
5c:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:98:6A:47:C3:6C:B7:86:6D:CA:9C:B9:A8:97:B3:BE:2A:45:0E:78
X509v3 Authority Key Identifier:
keyid:67:95:5B:1A:A1:C0:28:4D:28:43:B9:6F:26:C5:FE:75:1E:66:94:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/SphqR8Nst4Ztypy5qJezvipFDng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.87.206.0/24
185.162.235.0/24
Signature Algorithm: sha256WithRSAEncryption
34:0d:36:c7:93:0b:1c:8b:af:94:6d:dc:5d:fa:ac:cc:fd:e8:
e9:72:02:86:8c:31:13:16:09:5d:dc:9e:89:3a:17:4b:86:17:
34:9b:d6:d5:58:10:1e:54:26:a0:bd:75:37:d7:a9:b5:d5:a1:
81:c2:15:58:9a:5b:5c:77:79:cb:3f:37:f4:f7:d8:44:8e:e5:
13:90:d1:0e:70:55:cc:cd:66:c8:5a:2e:13:13:77:77:3f:24:
87:b4:90:eb:2c:c8:d3:39:d7:b3:82:e0:4e:c5:92:c1:58:52:
31:45:44:13:c2:ab:67:9f:f2:19:2c:0a:6c:1f:dc:2e:96:b3:
ec:b8:de:1d:5f:21:0a:b8:d1:96:28:80:74:a2:2b:72:08:3d:
25:58:2d:34:d9:b0:fa:cf:78:77:a0:f4:cb:b9:e6:36:d5:f2:
dc:09:be:6d:0f:1e:22:06:d6:c2:54:60:7f:60:f7:c5:ae:67:
0e:6e:7b:78:a0:98:3a:62:3e:94:f7:39:5e:dc:a0:73:44:2d:
b5:35:33:ff:fc:fd:87:12:f4:a9:4e:12:95:22:5b:7d:4e:d3:
c8:68:cd:ec:20:28:f1:67:3c:00:79:c5:af:8d:85:1c:20:09:
bc:dc:6c:0c:38:e5:a1:8d:a7:00:5d:14:79:e9:d3:60:69:22:
a6:c7:75:55
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYqtco+dw0uPNDhfT7Q6QAxvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3OTU1YjFhYTFjMDI4NGQyODQzYjk2ZjI2YzVmZTc1MWU2
Njk0NmYwHhcNMjMwOTE5MTIzODAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTk4NmE0N2MzNmNiNzg2NmRjYTljYjlhODk3YjNiZTJhNDUwZTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArOCgsquzQVmBulYE7v78wdajM7Py
z7PYPbQ4xwCzLxxEGcUe6BBc8C1uiS6+q4BFJzipDLtCJk+G6zQjCPnhYu5leBgf
fS7p/3U+CH7Xe0teCHvQG1anP/aL4l+jWwpz2POaT1uJ9PZ65jTHI2sL3XMXnCIi
PzPsy3FswMpscVEg+SckC5weQk5xFL89EJm4F/oOOl33YDxms4y3sLNuXlcy68EZ
xzU5QB2Qtc2qEnVq1RYEBdC8ITMtbX1cJajcNXoxiKHs8HOZFVcTldzLZUlWDSf2
Pv3AWLuL3sJmSSvcLjUVpTywmMw8EWfviI1maCM35RPvA1MdS02ptkJcCQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEqYakfDbLeGbcqcuaiXs74qRQ54MB8GA1UdIwQY
MBaAFGeVWxqhwChNKEO5bybF/nUeZpRvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjVWYkdxSEFLRTBvUTdsdkpzWC1kUjVtbEc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi82MzE5MjUtNmIwZS00ZWE1LTkxZDct
MDhhZDk0MTAxZDdlLzEvU3BocVI4TnN0NFp0eXB5NXFKZXp2aXBGRG5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi82MzE5MjUtNmIwZS00ZWE1LTkxZDctMDhhZDk0MTAxZDdl
LzEvWjVWYkdxSEFLRTBvUTdsdkpzWC1kUjVtbEc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUFfOAwQA
uaLrMA0GCSqGSIb3DQEBCwUAA4IBAQA0DTbHkwsci6+Ubdxd+qzM/ejpcgKGjDET
Fgld3J6JOhdLhhc0m9bVWBAeVCagvXU316m11aGBwhVYmltcd3nLPzf099hEjuUT
kNEOcFXMzWbIWi4TE3d3PySHtJDrLMjTOdezguBOxZLBWFIxRUQTwqtnn/IZLAps
H9wulrPsuN4dXyEKuNGWKIB0oityCD0lWC002bD6z3h3oPTLueY21fLcCb5tDx4i
BtbCVGB/YPfFrmcObnt4oJg6Yj6U9zle3KBzRC21NTP//P2HEvSpThKVIlt9TtPI
aM3sICjxZzwAecWvjYUcIAm83GwMOOWhjacAXRR56dNgaSKmx3VV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:27 2024 by rpki-client on console-fra.rpki-client.org