Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/425149-9c68-41fb-8035-d76c8c739861/1/CI03qCvzkzURQPfkuSZ22owXMv8.roa
File: CI03qCvzkzURQPfkuSZ22owXMv8.roa (raw, json)
Hash identifier: jOE8dHt5uVVeqBrcdKRKBZiIHv+aRmFFeVm9iMSiq2c=
Subject key identifier: 08:8D:37:A8:2B:F3:93:35:11:40:F7:E4:B9:26:76:DA:8C:17:32:FF
Certificate issuer: /CN=8ad240603ec6ebcd62f72d46f1dc00cb7e1f0b2e
Certificate serial: 01856DEF626FDBEA713632A660A301C8E7B3
Authority key identifier: 8A:D2:40:60:3E:C6:EB:CD:62:F7:2D:46:F1:DC:00:CB:7E:1F:0B:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/itJAYD7G681i9y1G8dwAy34fCy4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/425149-9c68-41fb-8035-d76c8c739861/1/CI03qCvzkzURQPfkuSZ22owXMv8.roa
Signing time: Sun 01 Jan 2023 15:24:42 +0000
ROA not before: Sun 01 Jan 2023 15:24:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21013
IP address blocks: 80.243.160.0/20 maxlen: 20
85.31.0.0/19 maxlen: 19
185.91.80.0/22 maxlen: 22
212.52.192.0/19 maxlen: 19
2a02:940::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:31:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ef:62:6f:db:ea:71:36:32:a6:60:a3:01:c8:e7:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ad240603ec6ebcd62f72d46f1dc00cb7e1f0b2e
Validity
Not Before: Jan 1 15:24:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=088d37a82bf393351140f7e4b92676da8c1732ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:7e:d0:e7:77:b1:16:4c:16:5d:0c:da:af:ef:
05:92:8d:84:08:7e:e4:f4:ec:22:7d:a5:f6:4d:dd:
67:bb:4d:c0:18:41:ef:bb:a7:1e:00:3e:dc:a0:46:
cd:39:b3:72:25:82:13:de:19:9b:e4:0e:3e:75:28:
83:c5:03:6b:06:66:4a:e9:f3:7c:25:5a:ac:57:cb:
45:8d:ec:ac:e5:58:10:e8:55:c5:52:85:41:20:cb:
a8:12:44:18:10:42:74:10:c7:b3:d9:d0:9e:70:06:
45:f7:ac:b6:c7:99:39:46:53:b7:62:6e:4a:c5:64:
ce:b5:57:b2:dc:27:60:80:3d:18:bd:e0:3d:44:b0:
9a:45:4a:49:fc:95:4a:95:0b:22:4b:48:d9:89:3c:
63:47:34:f4:90:e4:6a:ed:d1:e3:bb:a6:76:26:cf:
92:00:14:4f:74:17:5b:ce:57:ea:87:01:f0:17:34:
b9:7f:33:f8:60:fd:da:51:0c:06:66:56:e2:9e:67:
23:a8:17:ca:29:17:57:cb:1d:01:7e:f8:c7:59:25:
c3:25:2c:d8:2d:2e:86:3e:3f:41:da:e4:72:ab:4b:
0f:af:d6:94:94:c3:83:e2:4a:41:5c:68:a0:9b:18:
7e:2c:ee:18:d9:d7:b6:a9:01:4d:92:c1:ee:a5:9f:
3f:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:8D:37:A8:2B:F3:93:35:11:40:F7:E4:B9:26:76:DA:8C:17:32:FF
X509v3 Authority Key Identifier:
keyid:8A:D2:40:60:3E:C6:EB:CD:62:F7:2D:46:F1:DC:00:CB:7E:1F:0B:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/itJAYD7G681i9y1G8dwAy34fCy4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/425149-9c68-41fb-8035-d76c8c739861/1/CI03qCvzkzURQPfkuSZ22owXMv8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/425149-9c68-41fb-8035-d76c8c739861/1/itJAYD7G681i9y1G8dwAy34fCy4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.243.160.0/20
85.31.0.0/19
185.91.80.0/22
212.52.192.0/19
IPv6:
2a02:940::/32
Signature Algorithm: sha256WithRSAEncryption
53:92:a7:3e:65:5b:54:5a:bb:40:fb:3a:85:9c:23:82:39:36:
05:c1:43:64:90:4b:4c:8a:02:65:4e:d5:45:f5:4e:0c:50:23:
25:8b:4a:4a:36:8b:a1:44:ba:5c:13:32:d3:0e:b9:bc:4a:34:
31:42:b2:2a:55:f4:d3:a3:c3:e4:29:91:f3:85:d4:e3:44:05:
84:31:84:0c:e3:b0:10:f3:29:b2:8d:ce:db:87:94:29:70:d4:
ba:3f:15:e7:cf:97:bf:c9:c5:b4:4f:c7:b0:26:e5:1d:b9:bd:
e7:b9:ed:48:bd:c5:2b:ac:f3:09:d4:9e:59:7e:f2:43:69:11:
6c:ae:d3:0a:2e:d1:f8:40:9d:03:ae:2d:c0:24:18:fd:c1:11:
10:19:0f:c4:50:42:09:9f:2f:a6:97:ff:c5:91:57:0e:8c:8d:
e9:a0:a8:83:33:b1:79:c4:7e:e6:dc:73:d4:61:2b:23:38:df:
f1:65:6a:92:68:8e:6b:a7:0a:e2:b9:7d:98:b3:ac:60:01:d5:
96:6e:d8:28:ed:48:48:58:cc:6f:26:d1:83:80:0f:1b:1d:36:
b8:64:76:37:00:06:68:59:27:41:ac:85:f4:f0:a0:d3:dc:90:
18:02:8b:3e:82:88:d5:27:e2:9f:79:23:2e:16:f4:d4:b5:ae:
38:3f:c2:cd
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVt72Jv2+pxNjKmYKMByOezMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhZDI0MDYwM2VjNmViY2Q2MmY3MmQ0NmYxZGMwMGNiN2Ux
ZjBiMmUwHhcNMjMwMTAxMTUyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODhkMzdhODJiZjM5MzM1MTE0MGY3ZTRiOTI2NzZkYThjMTczMmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA237Q53exFkwWXQzar+8Fko2ECH7k
9OwifaX2Td1nu03AGEHvu6ceAD7coEbNObNyJYIT3hmb5A4+dSiDxQNrBmZK6fN8
JVqsV8tFjeys5VgQ6FXFUoVBIMuoEkQYEEJ0EMez2dCecAZF96y2x5k5RlO3Ym5K
xWTOtVey3CdggD0YveA9RLCaRUpJ/JVKlQsiS0jZiTxjRzT0kORq7dHju6Z2Js+S
ABRPdBdbzlfqhwHwFzS5fzP4YP3aUQwGZlbinmcjqBfKKRdXyx0BfvjHWSXDJSzY
LS6GPj9B2uRyq0sPr9aUlMOD4kpBXGigmxh+LO4Y2de2qQFNksHupZ8/IQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFAiNN6gr85M1EUD35LkmdtqMFzL/MB8GA1UdIwQY
MBaAFIrSQGA+xuvNYvctRvHcAMt+HwsuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXRKQVlEN0c2ODFpOXkxRzhkd0F5MzRmQ3k0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy80MjUxNDktOWM2OC00MWZiLTgwMzUt
ZDc2YzhjNzM5ODYxLzEvQ0kwM3FDdnprelVSUVBma3VTWjIyb3dYTXY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy80MjUxNDktOWM2OC00MWZiLTgwMzUtZDc2YzhjNzM5ODYx
LzEvaXRKQVlEN0c2ODFpOXkxRzhkd0F5MzRmQ3k0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEUPOgAwQF
VR8AAwQCuVtQAwQF1DTAMA0EAgACMAcDBQAqAglAMA0GCSqGSIb3DQEBCwUAA4IB
AQBTkqc+ZVtUWrtA+zqFnCOCOTYFwUNkkEtMigJlTtVF9U4MUCMli0pKNouhRLpc
EzLTDrm8SjQxQrIqVfTTo8PkKZHzhdTjRAWEMYQM47AQ8ymyjc7bh5QpcNS6PxXn
z5e/ycW0T8ewJuUdub3nue1IvcUrrPMJ1J5ZfvJDaRFsrtMKLtH4QJ0Dri3AJBj9
wREQGQ/EUEIJny+ml//FkVcOjI3poKiDM7F5xH7m3HPUYSsjON/xZWqSaI5rpwri
uX2Ys6xgAdWWbtgo7UhIWMxvJtGDgA8bHTa4ZHY3AAZoWSdBrIX08KDT3JAYAos+
gojVJ+KfeSMuFvTUta44P8LN
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:04 2024 by rpki-client on console-fra.rpki-client.org