Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/a1c6ec-c260-4ca2-887b-4bb94cbc2e73/1/3ddlCM3Mw4Nagl7ZFaC8cyDnAIM.roa
File: 3ddlCM3Mw4Nagl7ZFaC8cyDnAIM.roa (raw, json)
Hash identifier: zpn2a/TTUGJ+UJ52wYxC31VjAIawQbkDVi0CVa2/6tU=
Subject key identifier: DD:D7:65:08:CD:CC:C3:83:5A:82:5E:D9:15:A0:BC:73:20:E7:00:83
Certificate issuer: /CN=5b6d178f13851306b5634df159716319f4d82478
Certificate serial: 019097418EC530FC959FB77336EE942A9287
Authority key identifier: 5B:6D:17:8F:13:85:13:06:B5:63:4D:F1:59:71:63:19:F4:D8:24:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W20XjxOFEwa1Y03xWXFjGfTYJHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/a1c6ec-c260-4ca2-887b-4bb94cbc2e73/1/3ddlCM3Mw4Nagl7ZFaC8cyDnAIM.roa
Signing time: Tue 09 Jul 2024 11:29:34 +0000
ROA not before: Tue 09 Jul 2024 11:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207459
IP address blocks: 80.253.254.0/24 maxlen: 32
80.253.255.0/24 maxlen: 32
91.217.119.0/24 maxlen: 32
213.142.149.0/24 maxlen: 24
213.142.150.0/24 maxlen: 32
2a0e:36c0::/29 maxlen: 32
2a0e:36c0::/32 maxlen: 32
2a0e:36c1::/32 maxlen: 32
2a0e:36c2::/32 maxlen: 32
2a0e:36c3::/32 maxlen: 32
2a0e:36c4::/32 maxlen: 32
2a0e:36c5::/32 maxlen: 32
2a0e:36c6::/32 maxlen: 32
2a0e:36c6:ff80::/48 maxlen: 48
2a0e:36c7::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 29 Jul 2024 10:06:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:97:41:8e:c5:30:fc:95:9f:b7:73:36:ee:94:2a:92:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b6d178f13851306b5634df159716319f4d82478
Validity
Not Before: Jul 9 11:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ddd76508cdccc3835a825ed915a0bc7320e70083
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:0d:6c:ee:35:36:e8:f3:dc:43:71:8a:a4:4f:
5c:61:e8:c8:a1:b6:b2:04:8d:de:cd:49:20:48:0c:
c6:d5:86:9b:71:87:c2:f3:f9:11:f8:e2:16:df:7d:
82:97:7c:bd:8e:20:c6:fc:21:4a:05:2a:87:8d:9a:
0f:16:5e:0d:34:18:20:2b:d4:9f:0e:ec:56:29:9b:
c3:8c:33:a5:41:c5:0c:74:4f:34:72:72:76:ff:48:
70:b5:c4:bf:4c:b9:03:54:6d:af:c6:c6:c3:42:07:
d1:0b:73:3a:04:7d:a3:36:8c:d3:46:e1:a2:5b:36:
29:42:05:43:91:00:b0:96:c7:d2:aa:19:8f:36:f4:
ef:37:34:6d:d9:76:14:eb:23:cf:13:af:70:47:28:
fb:2c:28:c0:8a:10:58:65:ed:40:e6:dd:de:0f:42:
84:b7:d0:6f:41:bc:cb:cf:54:e0:93:d6:8f:9e:a5:
99:53:2f:ce:91:1a:2d:93:bd:57:e6:29:ed:0c:ed:
0a:6b:a7:06:f8:ce:aa:47:d7:50:b9:86:14:73:a0:
a3:c4:7d:83:01:6e:2d:1a:24:51:27:93:a3:51:d0:
ab:9c:a1:d4:ad:6d:dd:66:29:cc:68:24:2f:c8:a5:
2a:f7:2f:8c:22:02:e0:c0:75:21:55:a8:a3:d7:89:
7c:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:D7:65:08:CD:CC:C3:83:5A:82:5E:D9:15:A0:BC:73:20:E7:00:83
X509v3 Authority Key Identifier:
keyid:5B:6D:17:8F:13:85:13:06:B5:63:4D:F1:59:71:63:19:F4:D8:24:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W20XjxOFEwa1Y03xWXFjGfTYJHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/a1c6ec-c260-4ca2-887b-4bb94cbc2e73/1/3ddlCM3Mw4Nagl7ZFaC8cyDnAIM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/a1c6ec-c260-4ca2-887b-4bb94cbc2e73/1/W20XjxOFEwa1Y03xWXFjGfTYJHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.253.254.0/23
91.217.119.0/24
213.142.149.0-213.142.150.255
IPv6:
2a0e:36c0::/29
Signature Algorithm: sha256WithRSAEncryption
93:82:82:07:45:0f:11:99:c7:ef:9c:e0:89:9f:40:06:63:dc:
9c:83:4c:c6:ad:0a:52:80:3b:da:a7:14:dc:85:37:c2:c0:7f:
72:0b:0d:74:9e:0e:8b:40:8b:06:f2:2d:ca:c0:70:88:4e:3b:
51:34:11:fa:6e:00:8f:46:c6:eb:70:e3:72:87:a3:31:bd:7a:
26:73:83:fe:97:86:e9:f8:0e:b8:c3:bb:4f:db:ed:31:a8:1c:
96:12:27:63:bf:3b:46:26:33:b5:8a:c6:ab:58:a2:cc:cd:51:
bd:dd:c6:dd:88:ea:92:63:c7:65:04:fd:99:bc:9b:4a:c9:b7:
6c:aa:0c:19:a9:3b:3f:c9:77:49:32:ee:7a:e1:7a:cb:91:51:
bd:98:8f:ca:d7:db:09:c7:78:44:a8:e9:25:31:e9:37:9a:80:
1f:d2:ce:a6:ac:1f:fe:27:9a:94:38:8a:6c:77:da:5c:60:9b:
3d:d7:e0:ef:91:ed:ff:f3:33:f8:61:5b:7f:db:e5:e5:96:92:
f0:b2:ba:48:36:e1:41:18:00:0b:d0:c3:5d:b1:a8:71:a0:8b:
b7:81:55:32:83:2b:a2:29:72:cf:cc:c1:38:4b:09:83:1f:bb:
37:dd:a4:0e:b3:c7:5b:cb:6f:2a:58:86:cd:8b:50:db:59:6d:
9a:96:c2:b0
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZCXQY7FMPyVn7dzNu6UKpKHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNmQxNzhmMTM4NTEzMDZiNTYzNGRmMTU5NzE2MzE5ZjRk
ODI0NzgwHhcNMjQwNzA5MTEyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGQ3NjUwOGNkY2NjMzgzNWE4MjVlZDkxNWEwYmM3MzIwZTcwMDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmQ1s7jU26PPcQ3GKpE9cYejIobay
BI3ezUkgSAzG1YabcYfC8/kR+OIW332Cl3y9jiDG/CFKBSqHjZoPFl4NNBggK9Sf
DuxWKZvDjDOlQcUMdE80cnJ2/0hwtcS/TLkDVG2vxsbDQgfRC3M6BH2jNozTRuGi
WzYpQgVDkQCwlsfSqhmPNvTvNzRt2XYU6yPPE69wRyj7LCjAihBYZe1A5t3eD0KE
t9BvQbzLz1Tgk9aPnqWZUy/OkRotk71X5intDO0Ka6cG+M6qR9dQuYYUc6CjxH2D
AW4tGiRRJ5OjUdCrnKHUrW3dZinMaCQvyKUq9y+MIgLgwHUhVaij14l8lwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFN3XZQjNzMODWoJe2RWgvHMg5wCDMB8GA1UdIwQY
MBaAFFttF48ThRMGtWNN8VlxYxn02CR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzIwWGp4T0ZFd2ExWTAzeFdYRmpHZlRZSkhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9hMWM2ZWMtYzI2MC00Y2EyLTg4N2It
NGJiOTRjYmMyZTczLzEvM2RkbENNM013NE5hZ2w3WkZhQzhjeURuQUlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9hMWM2ZWMtYzI2MC00Y2EyLTg4N2ItNGJiOTRjYmMyZTcz
LzEvVzIwWGp4T0ZFd2ExWTAzeFdYRmpHZlRZSkhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQBUP3+AwQA
W9l3MAwDBADVjpUDBADVjpYwDQQCAAIwBwMFAyoONsAwDQYJKoZIhvcNAQELBQAD
ggEBAJOCggdFDxGZx++c4ImfQAZj3JyDTMatClKAO9qnFNyFN8LAf3ILDXSeDotA
iwbyLcrAcIhOO1E0EfpuAI9Gxutw43KHozG9eiZzg/6Xhun4DrjDu0/b7TGoHJYS
J2O/O0YmM7WKxqtYoszNUb3dxt2I6pJjx2UE/Zm8m0rJt2yqDBmpOz/Jd0ky7nrh
esuRUb2Yj8rX2wnHeESo6SUx6TeagB/SzqasH/4nmpQ4imx32lxgmz3X4O+R7f/z
M/hhW3/b5eWWkvCyukg24UEYAAvQw12xqHGgi7eBVTKDK6Ipcs/MwThLCYMfuzfd
pA6zx1vLbypYhs2LUNtZbZqWwrA=
-----END CERTIFICATE-----
Generated at Mon Jul 29 12:11:53 2024 by rpki-client on console-fra.rpki-client.org