Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/tI8bg-e4BZm33AmLsN6M6zusaQg.roa
File: tI8bg-e4BZm33AmLsN6M6zusaQg.roa (raw, json)
Hash identifier: nmiyQXoYXTFG9lFLBpJO3szynWM3eANMidp8H51rvAU=
Subject key identifier: B4:8F:1B:83:E7:B8:05:99:B7:DC:09:8B:B0:DE:8C:EB:3B:AC:69:08
Certificate issuer: /CN=67955b1aa1c0284d2843b96f26c5fe751e66946f
Certificate serial: 018CC7275CBA7D8A095609ABB813C9E61E44
Authority key identifier: 67:95:5B:1A:A1:C0:28:4D:28:43:B9:6F:26:C5:FE:75:1E:66:94:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/tI8bg-e4BZm33AmLsN6M6zusaQg.roa
Signing time: Mon 01 Jan 2024 22:31:34 +0000
ROA not before: Mon 01 Jan 2024 22:31:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25369
IP address blocks: 80.87.206.0/24 maxlen: 24
185.162.235.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 29 Feb 2024 01:58:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:5c:ba:7d:8a:09:56:09:ab:b8:13:c9:e6:1e:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67955b1aa1c0284d2843b96f26c5fe751e66946f
Validity
Not Before: Jan 1 22:31:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b48f1b83e7b80599b7dc098bb0de8ceb3bac6908
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:ca:10:21:b4:db:8a:b0:69:94:58:31:3a:fd:
93:01:08:e3:b9:17:46:a9:d1:90:7d:14:b5:c3:64:
90:a5:fd:1d:f8:42:66:e7:18:24:df:4f:5b:11:cb:
d7:68:bc:22:f6:61:f8:a0:6d:b5:5d:28:f7:bb:7e:
aa:d8:f6:15:ec:eb:2e:ef:2e:a2:52:5f:0c:f1:a3:
fc:30:83:12:c0:9e:25:4b:e4:bb:d7:e8:e4:11:98:
ea:9c:31:66:5c:7c:5f:b2:44:07:bf:4b:07:ea:5f:
dd:25:0c:68:ce:6f:5b:04:44:58:fa:c3:25:ab:52:
0f:3d:eb:e6:c1:96:8b:58:a1:38:e4:57:74:20:0b:
27:ba:7b:5c:c8:ca:6f:77:8e:7d:8d:90:4d:13:a0:
69:8a:a1:f3:90:91:e2:a8:04:fb:9a:9f:8d:0c:a2:
e9:25:a6:8d:fb:34:08:22:45:5c:8e:2b:35:7b:13:
e4:5f:41:a9:9e:69:8b:a2:90:f7:c8:ff:2c:b8:f2:
50:93:2d:b7:4a:35:c9:48:9e:2c:67:b7:93:a5:cd:
dc:01:ae:e9:a4:e1:a6:92:ec:1e:45:af:9f:16:87:
e1:c8:3b:3e:65:97:47:21:aa:1c:0e:22:1d:f7:b3:
d2:d3:1d:5a:51:ec:69:a3:3d:de:3c:43:31:f2:ba:
11:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:8F:1B:83:E7:B8:05:99:B7:DC:09:8B:B0:DE:8C:EB:3B:AC:69:08
X509v3 Authority Key Identifier:
keyid:67:95:5B:1A:A1:C0:28:4D:28:43:B9:6F:26:C5:FE:75:1E:66:94:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/tI8bg-e4BZm33AmLsN6M6zusaQg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.87.206.0/24
185.162.235.0/24
Signature Algorithm: sha256WithRSAEncryption
01:ee:05:03:33:77:74:8c:b8:64:fd:2a:dc:f3:6a:4e:35:e6:
6d:89:93:12:b9:81:0a:8d:55:07:ed:1f:13:1f:4e:92:19:61:
ef:d5:d9:9c:eb:9f:3c:64:ce:a2:b5:a2:11:96:c1:72:b3:7b:
a9:ac:39:af:76:ff:ee:1a:1d:c1:7d:52:d6:69:f4:b4:80:14:
a8:d8:d4:73:03:66:38:46:df:e3:1c:8c:48:ec:54:7a:33:28:
b7:a5:4f:d0:0e:8f:55:0c:c5:8e:57:29:b4:e5:c3:83:c9:b4:
f7:ce:b0:11:ab:4b:71:38:f7:4d:f7:8e:b1:01:88:3b:cf:9e:
c8:0b:54:4e:53:2f:ab:0a:65:2a:4d:19:04:f0:c1:e2:9d:1a:
8e:74:41:41:9b:19:4d:c7:fd:48:f6:e8:47:28:9b:41:a4:89:
15:d7:eb:3c:8b:bb:1b:d7:1e:ee:83:75:0f:4a:7b:42:92:0c:
64:d7:1b:4a:52:dd:51:7d:8e:1c:e7:be:9f:6c:9f:23:8e:a1:
f7:86:2b:c1:7c:48:1d:e0:00:5f:f7:2a:78:22:35:5d:9c:19:
7c:d3:a3:ee:cf:43:2c:9c:d7:8f:fc:15:84:22:b3:f1:99:00:
60:30:ac:b2:2c:57:ec:16:ab:76:62:5f:e9:6c:81:f2:0b:d4:
5a:bc:9d:d6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzHJ1y6fYoJVgmruBPJ5h5EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3OTU1YjFhYTFjMDI4NGQyODQzYjk2ZjI2YzVmZTc1MWU2
Njk0NmYwHhcNMjQwMTAxMjIzMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDhmMWI4M2U3YjgwNTk5YjdkYzA5OGJiMGRlOGNlYjNiYWM2OTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo8oQIbTbirBplFgxOv2TAQjjuRdG
qdGQfRS1w2SQpf0d+EJm5xgk309bEcvXaLwi9mH4oG21XSj3u36q2PYV7Osu7y6i
Ul8M8aP8MIMSwJ4lS+S71+jkEZjqnDFmXHxfskQHv0sH6l/dJQxozm9bBERY+sMl
q1IPPevmwZaLWKE45Fd0IAsnuntcyMpvd459jZBNE6BpiqHzkJHiqAT7mp+NDKLp
JaaN+zQIIkVcjis1exPkX0GpnmmLopD3yP8suPJQky23SjXJSJ4sZ7eTpc3cAa7p
pOGmkuweRa+fFofhyDs+ZZdHIaocDiId97PS0x1aUexpoz3ePEMx8roRswIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLSPG4PnuAWZt9wJi7DejOs7rGkIMB8GA1UdIwQY
MBaAFGeVWxqhwChNKEO5bybF/nUeZpRvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjVWYkdxSEFLRTBvUTdsdkpzWC1kUjVtbEc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi82MzE5MjUtNmIwZS00ZWE1LTkxZDct
MDhhZDk0MTAxZDdlLzEvdEk4YmctZTRCWm0zM0FtTHNONk02enVzYVFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi82MzE5MjUtNmIwZS00ZWE1LTkxZDctMDhhZDk0MTAxZDdl
LzEvWjVWYkdxSEFLRTBvUTdsdkpzWC1kUjVtbEc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUFfOAwQA
uaLrMA0GCSqGSIb3DQEBCwUAA4IBAQAB7gUDM3d0jLhk/Src82pONeZtiZMSuYEK
jVUH7R8TH06SGWHv1dmc6588ZM6itaIRlsFys3uprDmvdv/uGh3BfVLWafS0gBSo
2NRzA2Y4Rt/jHIxI7FR6Myi3pU/QDo9VDMWOVym05cODybT3zrARq0txOPdN946x
AYg7z57IC1ROUy+rCmUqTRkE8MHinRqOdEFBmxlNx/1I9uhHKJtBpIkV1+s8i7sb
1x7ug3UPSntCkgxk1xtKUt1RfY4c576fbJ8jjqH3hivBfEgd4ABf9yp4IjVdnBl8
06Puz0MsnNeP/BWEIrPxmQBgMKyyLFfsFqt2Yl/pbIHyC9RavJ3W
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:27 2024 by rpki-client on console-fra.rpki-client.org