Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/1-kPvy5v6Eifmbn9-p0ptCIOXT0I.roa
File: 1-kPvy5v6Eifmbn9-p0ptCIOXT0I.roa (raw, json)
Hash identifier: h8CLQ8LtAjzkf5AHESOgsaJn6Lgn9NeCwEF2yurpB9k=
Subject key identifier: FA:43:EF:CB:9B:FA:12:27:E6:6E:7F:7E:A7:4A:6D:08:83:97:4F:42
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 01922406F62FEB6EEA9A18B6E23AB875D13C
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/1-kPvy5v6Eifmbn9-p0ptCIOXT0I.roa
Signing time: Tue 24 Sep 2024 12:34:48 +0000
ROA not before: Tue 24 Sep 2024 12:34:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 53356
IP address blocks: 79.135.128.0/19 maxlen: 22
Validation: Failed, certificate revoked on Mon 28 Oct 2024 10:20:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:24:06:f6:2f:eb:6e:ea:9a:18:b6:e2:3a:b8:75:d1:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Sep 24 12:34:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fa43efcb9bfa1227e66e7f7ea74a6d0883974f42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:37:e3:28:fb:1b:4a:23:3b:9d:71:82:e9:e9:
58:40:fa:26:c8:1f:95:0c:bf:fc:b8:5f:7a:09:95:
30:72:48:1a:3b:cc:6c:d0:09:5f:8c:20:3e:a7:d4:
ca:20:a0:80:a0:3d:92:ed:63:dc:d6:ba:6f:73:b8:
2f:50:e0:ba:be:17:af:c1:e8:b1:ad:3f:eb:a5:84:
a8:59:e9:fe:88:53:39:b1:ac:71:1d:87:da:45:65:
93:60:84:78:e0:73:58:5e:a1:f5:51:0d:01:25:c7:
c0:55:39:aa:3a:bd:32:cb:d1:d3:44:9a:c9:87:a4:
b8:dc:e5:0a:8f:0a:9c:72:a8:db:d7:10:31:12:92:
39:ee:11:a8:a6:3c:74:26:36:6d:f2:e1:ce:97:a9:
af:67:bc:11:0e:04:bf:65:cf:19:fd:47:ae:33:43:
52:ac:47:db:47:32:de:d9:3c:30:9b:48:a3:9a:d2:
88:1b:27:de:ba:96:cd:4d:fb:a2:0d:a9:3a:49:5d:
89:ab:8c:4d:68:9b:42:d4:20:00:f3:24:91:08:53:
72:a4:b1:e2:c0:37:a7:4c:b8:75:f4:79:6a:2a:b3:
a7:90:3f:be:ba:0d:1d:fc:ed:88:22:06:83:02:5f:
d3:8d:30:dc:fb:bb:68:52:1f:6b:d8:04:71:ba:a9:
ae:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:43:EF:CB:9B:FA:12:27:E6:6E:7F:7E:A7:4A:6D:08:83:97:4F:42
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/1-kPvy5v6Eifmbn9-p0ptCIOXT0I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.135.128.0/19
Signature Algorithm: sha256WithRSAEncryption
67:37:5f:30:25:c8:8a:7e:fc:49:36:01:98:d8:c2:23:44:99:
48:72:b9:d0:8a:99:1d:4a:46:6a:18:3c:cc:81:f6:26:e2:7c:
a2:7b:0a:b4:29:35:78:1b:fc:b3:a7:b6:36:10:72:05:ee:81:
0f:8a:02:3b:a5:02:b9:3a:4b:32:dd:74:5d:03:cf:e7:67:f3:
94:0d:22:6c:fa:33:bf:c6:9b:3d:10:b5:75:b3:e0:1a:1a:03:
da:83:59:81:51:30:3c:85:8d:9c:34:e2:c6:55:64:14:0d:b1:
05:12:36:4c:59:69:7c:b8:ff:e1:18:f2:37:f0:a0:c7:d5:e4:
5a:6a:8f:00:5e:2b:ef:44:fe:c9:1c:0c:58:44:7f:aa:6d:25:
58:ba:06:60:c8:60:bd:6a:d3:32:6b:88:ed:15:6c:5c:bf:9d:
6d:09:6c:17:3c:22:ab:7c:20:99:6e:96:10:e4:ae:6e:34:b4:
10:da:1b:fa:33:28:8b:29:46:c0:3d:77:04:93:e8:82:f0:5d:
ca:78:b1:cb:b3:95:be:9d:d8:9e:88:e4:f8:bd:4d:0c:41:3a:
bc:75:95:2e:86:38:cd:a0:e8:cd:35:16:d6:cd:60:5e:78:05:
6f:45:9a:3a:e5:01:7c:9e:84:02:4f:a5:08:d9:ab:b1:0e:d7:
6d:d8:7a:b4
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZIkBvYv627qmhi24jq4ddE8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjQwOTI0MTIzNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTQzZWZjYjliZmExMjI3ZTY2ZTdmN2VhNzRhNmQwODgzOTc0ZjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyDfjKPsbSiM7nXGC6elYQPomyB+V
DL/8uF96CZUwckgaO8xs0AlfjCA+p9TKIKCAoD2S7WPc1rpvc7gvUOC6vhevweix
rT/rpYSoWen+iFM5saxxHYfaRWWTYIR44HNYXqH1UQ0BJcfAVTmqOr0yy9HTRJrJ
h6S43OUKjwqccqjb1xAxEpI57hGopjx0JjZt8uHOl6mvZ7wRDgS/Zc8Z/UeuM0NS
rEfbRzLe2Twwm0ijmtKIGyfeupbNTfuiDak6SV2Jq4xNaJtC1CAA8ySRCFNypLHi
wDenTLh19HlqKrOnkD++ug0d/O2IIgaDAl/TjTDc+7toUh9r2ARxuqmuMQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPpD78ub+hIn5m5/fqdKbQiDl09CMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvMS1rUHZ5NXY2RWlmbWJuOS1wMHB0Q0lPWFQwSS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMGUvMzU1NWZlLTEyY2QtNDAyYS1hODEwLTU1NTRkNmUxNjg2
Zi8xL3F3bFN5THFOcmJIVFRlYkdxVGhrcGduOFFldy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBU+HgDAN
BgkqhkiG9w0BAQsFAAOCAQEAZzdfMCXIin78STYBmNjCI0SZSHK50IqZHUpGahg8
zIH2JuJ8onsKtCk1eBv8s6e2NhByBe6BD4oCO6UCuTpLMt10XQPP52fzlA0ibPoz
v8abPRC1dbPgGhoD2oNZgVEwPIWNnDTixlVkFA2xBRI2TFlpfLj/4RjyN/Cgx9Xk
WmqPAF4r70T+yRwMWER/qm0lWLoGYMhgvWrTMmuI7RVsXL+dbQlsFzwiq3wgmW6W
EOSubjS0ENob+jMoiylGwD13BJPogvBdynixy7OVvp3Ynojk+L1NDEE6vHWVLoY4
zaDozTUW1s1gXngFb0WaOuUBfJ6EAk+lCNmrsQ7Xbdh6tA==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:23:26 2025 by rpki-client