Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/052118-c46b-48b4-87dc-5ed5270edf23/1/b-FRL0_LGWsMqkLk7S8B-hKMiW8.roa
File: b-FRL0_LGWsMqkLk7S8B-hKMiW8.roa (raw, json)
Hash identifier: Frb7wbTXR6LoJPewuaOZqB3d6+hgZM3cfijzyx+1X+c=
Subject key identifier: 6F:E1:51:2F:4F:CB:19:6B:0C:AA:42:E4:ED:2F:01:FA:12:8C:89:6F
Certificate issuer: /CN=90b5bb80feef344650a9a773f61f0b2cfbf7ce8c
Certificate serial: 018570398B40183B10ACDC9346B6FD9AB917
Authority key identifier: 90:B5:BB:80:FE:EF:34:46:50:A9:A7:73:F6:1F:0B:2C:FB:F7:CE:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kLW7gP7vNEZQqadz9h8LLPv3zow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/052118-c46b-48b4-87dc-5ed5270edf23/1/b-FRL0_LGWsMqkLk7S8B-hKMiW8.roa
Signing time: Mon 02 Jan 2023 02:04:57 +0000
ROA not before: Mon 02 Jan 2023 02:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43191
IP address blocks: 185.80.70.0/24 maxlen: 24
185.80.70.0/23 maxlen: 23
185.80.69.0/24 maxlen: 24
185.80.68.0/23 maxlen: 23
185.80.68.0/24 maxlen: 24
185.80.71.0/24 maxlen: 24
79.170.118.0/24 maxlen: 24
79.170.119.0/24 maxlen: 24
2a03:5fe1::/32 maxlen: 32
2a03:5fe0::/32 maxlen: 32
2a03:5fe2::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:39:8b:40:18:3b:10:ac:dc:93:46:b6:fd:9a:b9:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90b5bb80feef344650a9a773f61f0b2cfbf7ce8c
Validity
Not Before: Jan 2 02:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6fe1512f4fcb196b0caa42e4ed2f01fa128c896f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:6e:ac:06:54:64:cb:38:32:f3:fb:af:d4:b6:
13:bb:6a:7b:b8:43:2f:bb:40:2c:e7:0f:aa:c5:ad:
ea:bc:da:f4:20:95:48:d4:97:60:a6:55:ab:30:0d:
48:55:69:5c:87:18:c6:32:b7:b6:25:fc:6f:71:bc:
ea:04:c0:d4:64:a7:ad:4d:bc:0c:29:07:aa:fd:31:
d6:c5:fb:30:d5:3f:f0:b0:d5:3f:a3:8f:3b:54:04:
6a:34:25:85:88:a7:d1:fe:18:4c:40:46:e0:73:92:
af:2c:c9:c8:8f:df:ff:b5:d3:3f:6b:c5:76:79:30:
0e:10:1c:65:9f:54:24:cc:c7:32:d2:36:a1:d6:e7:
84:bf:b1:8d:07:a5:7d:3d:f2:ca:65:55:02:9a:ee:
c8:79:bd:e4:62:0b:6a:e7:e5:65:a3:b3:54:fa:90:
7e:ae:d7:96:3a:cb:60:ce:9e:b3:14:54:c7:55:1e:
e8:b9:fe:60:16:11:85:24:19:15:50:82:b3:6c:d9:
b6:d2:c6:5f:2c:9a:8f:55:fd:62:a4:e2:c1:89:c6:
f9:ed:1c:7f:06:78:2d:0a:79:f6:1a:f7:32:3c:93:
fd:fb:a1:f6:2d:14:13:71:ac:46:60:44:4d:9d:30:
8f:e7:fc:9f:81:26:dc:f4:08:3b:62:82:f3:67:1a:
1c:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:E1:51:2F:4F:CB:19:6B:0C:AA:42:E4:ED:2F:01:FA:12:8C:89:6F
X509v3 Authority Key Identifier:
keyid:90:B5:BB:80:FE:EF:34:46:50:A9:A7:73:F6:1F:0B:2C:FB:F7:CE:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kLW7gP7vNEZQqadz9h8LLPv3zow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/052118-c46b-48b4-87dc-5ed5270edf23/1/b-FRL0_LGWsMqkLk7S8B-hKMiW8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/052118-c46b-48b4-87dc-5ed5270edf23/1/kLW7gP7vNEZQqadz9h8LLPv3zow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.170.118.0/23
185.80.68.0/22
IPv6:
2a03:5fe0::-2a03:5fe2:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
11:f8:bf:d5:16:a8:7a:3c:64:e5:82:bc:65:b2:61:bd:d7:67:
8d:01:c3:16:33:5f:da:73:af:48:1d:f0:fa:5d:07:8a:b7:66:
f5:95:8b:40:99:ea:8e:5d:2d:1c:9e:14:18:a9:cc:20:80:33:
ac:4f:49:38:d9:79:d4:ef:0e:36:6c:95:b7:3d:e6:26:ad:41:
1b:71:ef:8d:5e:d3:0e:59:58:c0:6f:56:8f:8f:ae:69:57:9b:
30:8d:d2:10:cc:73:49:53:f5:90:a6:ed:8d:bf:ae:62:f5:6b:
17:2c:25:59:c6:44:34:49:1e:78:74:2c:a2:47:b0:30:99:1b:
a9:cf:36:07:49:ec:ed:ec:a4:37:1e:fe:12:13:5d:9b:35:f2:
fa:e1:6e:e3:99:36:a1:79:ca:08:05:31:5f:04:e0:82:55:6f:
65:84:45:aa:51:f3:12:a2:93:0e:61:50:61:d0:6c:98:b9:ca:
75:1e:a5:5a:38:07:5c:b6:ac:c7:fa:eb:89:79:81:c7:ac:bb:
a1:9a:a9:1c:8e:64:ca:a2:be:a7:41:ca:e6:bc:17:dd:fa:f9:
31:e3:45:81:47:89:fc:01:ad:ed:c0:93:6c:3f:05:ce:61:a9:
2a:2f:14:1d:a5:0f:5a:e4:3f:2c:db:e7:41:99:aa:99:a2:5f:
ce:c1:a1:24
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVwOYtAGDsQrNyTRrb9mrkXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwYjViYjgwZmVlZjM0NDY1MGE5YTc3M2Y2MWYwYjJjZmJm
N2NlOGMwHhcNMjMwMTAyMDIwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmUxNTEyZjRmY2IxOTZiMGNhYTQyZTRlZDJmMDFmYTEyOGM4OTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgW6sBlRkyzgy8/uv1LYTu2p7uEMv
u0As5w+qxa3qvNr0IJVI1JdgplWrMA1IVWlchxjGMre2JfxvcbzqBMDUZKetTbwM
KQeq/THWxfsw1T/wsNU/o487VARqNCWFiKfR/hhMQEbgc5KvLMnIj9//tdM/a8V2
eTAOEBxln1QkzMcy0jah1ueEv7GNB6V9PfLKZVUCmu7Ieb3kYgtq5+Vlo7NU+pB+
rteWOstgzp6zFFTHVR7ouf5gFhGFJBkVUIKzbNm20sZfLJqPVf1ipOLBicb57Rx/
BngtCnn2GvcyPJP9+6H2LRQTcaxGYERNnTCP5/yfgSbc9Ag7YoLzZxocKQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFG/hUS9PyxlrDKpC5O0vAfoSjIlvMB8GA1UdIwQY
MBaAFJC1u4D+7zRGUKmnc/YfCyz7986MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0xXN2dQN3ZORVpRcWFkejloOExMUHYzem93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC8wNTIxMTgtYzQ2Yi00OGI0LTg3ZGMt
NWVkNTI3MGVkZjIzLzEvYi1GUkwwX0xHV3NNcWtMazdTOEItaEtNaVc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC8wNTIxMTgtYzQ2Yi00OGI0LTg3ZGMtNWVkNTI3MGVkZjIz
LzEva0xXN2dQN3ZORVpRcWFkejloOExMUHYzem93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQBT6p2AwQC
uVBEMBYEAgACMBAwDgMFBSoDX+ADBQAqA1/iMA0GCSqGSIb3DQEBCwUAA4IBAQAR
+L/VFqh6PGTlgrxlsmG912eNAcMWM1/ac69IHfD6XQeKt2b1lYtAmeqOXS0cnhQY
qcwggDOsT0k42XnU7w42bJW3PeYmrUEbce+NXtMOWVjAb1aPj65pV5swjdIQzHNJ
U/WQpu2Nv65i9WsXLCVZxkQ0SR54dCyiR7AwmRupzzYHSezt7KQ3Hv4SE12bNfL6
4W7jmTahecoIBTFfBOCCVW9lhEWqUfMSopMOYVBh0GyYucp1HqVaOAdctqzH+uuJ
eYHHrLuhmqkcjmTKor6nQcrmvBfd+vkx40WBR4n8Aa3twJNsPwXOYakqLxQdpQ9a
5D8s2+dBmaqZol/OwaEk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:42 2024 by rpki-client on console-fra.rpki-client.org