Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/ed4e2c-e5ad-417a-8788-11824406bd5d/1/08Y4tOnAFj-9teyWaxDNP2Rup6E.roa
File: 08Y4tOnAFj-9teyWaxDNP2Rup6E.roa (raw, json)
Hash identifier: OkUkd3iDkkzGWOBFW9vib2flIin/k4mpVG3SRic7Uuk=
Subject key identifier: D3:C6:38:B4:E9:C0:16:3F:BD:B5:EC:96:6B:10:CD:3F:64:6E:A7:A1
Certificate issuer: /CN=9ce4e65aecc95d446a0cb640b9766fa0f8150e3c
Certificate serial: 0188611AC769D224A880D5B12BF898CC60F2
Authority key identifier: 9C:E4:E6:5A:EC:C9:5D:44:6A:0C:B6:40:B9:76:6F:A0:F8:15:0E:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nOTmWuzJXURqDLZAuXZvoPgVDjw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/ed4e2c-e5ad-417a-8788-11824406bd5d/1/08Y4tOnAFj-9teyWaxDNP2Rup6E.roa
Signing time: Sun 28 May 2023 06:45:24 +0000
ROA not before: Sun 28 May 2023 06:45:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30882
IP address blocks: 79.171.240.0/24 maxlen: 24
79.171.244.0/24 maxlen: 24
79.171.241.0/24 maxlen: 24
79.171.245.0/24 maxlen: 24
79.171.242.0/24 maxlen: 24
79.171.246.0/23 maxlen: 23
79.171.246.0/24 maxlen: 24
79.171.243.0/24 maxlen: 24
79.171.247.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:29:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:61:1a:c7:69:d2:24:a8:80:d5:b1:2b:f8:98:cc:60:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9ce4e65aecc95d446a0cb640b9766fa0f8150e3c
Validity
Not Before: May 28 06:45:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d3c638b4e9c0163fbdb5ec966b10cd3f646ea7a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:5b:b1:e6:dd:fc:7f:f7:4a:51:43:82:44:69:
45:18:75:5d:c2:ab:89:3a:a0:38:82:b7:f4:32:45:
18:81:6a:d3:3d:78:b5:23:56:dc:69:be:cf:68:f6:
67:65:fb:44:8d:1b:55:9f:b4:9c:a0:db:52:51:7b:
b7:da:36:65:93:d3:25:47:de:1c:78:0f:84:30:53:
28:62:90:dd:6f:12:11:4c:f2:cd:1c:a0:a5:83:0c:
bf:ad:b9:99:71:d0:1f:9e:84:f8:0c:fb:70:c2:f2:
2a:a3:0a:3a:ae:e9:30:23:e9:f2:7d:63:10:1b:74:
b1:58:c1:e2:e6:93:5f:06:55:d3:43:73:40:ba:f3:
5f:51:8d:17:66:5d:aa:3d:27:45:26:db:e7:f9:04:
58:52:5a:12:fc:ed:b1:56:06:c7:b1:f2:36:c9:b0:
ff:2a:d1:9f:53:45:57:fe:37:f0:2e:ea:56:5b:4f:
0b:4f:2c:5f:3a:d5:ba:58:5b:f3:55:49:33:c8:d4:
e6:38:4d:7a:5f:27:77:07:48:df:28:63:ac:01:11:
8d:55:c6:f3:df:c3:31:66:51:2d:bc:37:de:d8:69:
5d:6d:fd:e3:7d:cc:c6:70:0f:16:3e:11:a7:b5:b4:
27:8d:b5:68:0b:e9:a1:eb:60:d4:9f:24:49:53:ad:
02:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:C6:38:B4:E9:C0:16:3F:BD:B5:EC:96:6B:10:CD:3F:64:6E:A7:A1
X509v3 Authority Key Identifier:
keyid:9C:E4:E6:5A:EC:C9:5D:44:6A:0C:B6:40:B9:76:6F:A0:F8:15:0E:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nOTmWuzJXURqDLZAuXZvoPgVDjw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/ed4e2c-e5ad-417a-8788-11824406bd5d/1/08Y4tOnAFj-9teyWaxDNP2Rup6E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/ed4e2c-e5ad-417a-8788-11824406bd5d/1/nOTmWuzJXURqDLZAuXZvoPgVDjw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.171.240.0/21
Signature Algorithm: sha256WithRSAEncryption
52:65:70:41:d4:f5:84:39:eb:67:25:94:7d:c5:40:79:17:c0:
57:d0:91:d5:ae:3a:d3:69:eb:8b:ea:3e:23:e6:6f:b3:41:3c:
dd:b5:6f:01:d5:38:4f:d5:ca:51:88:f7:e4:7e:ce:33:16:f3:
a4:67:b7:e9:f8:cc:4f:87:b5:58:7c:c9:4e:7e:70:61:3f:f6:
e0:20:fc:2c:04:26:9f:de:39:ba:36:09:14:04:74:7b:b6:b2:
dd:d6:a5:be:f7:d6:2f:ef:84:4c:4e:3c:ed:77:13:a1:d4:e4:
af:bc:fe:64:0d:3f:c4:71:e8:2b:18:fa:4c:54:a9:ca:71:a4:
e4:3b:d6:51:b5:c4:3f:54:32:6e:ae:48:a7:14:7c:1a:4f:63:
55:f4:73:27:85:8c:e0:2c:b1:4e:92:8b:ff:67:a2:8a:b4:74:
93:42:35:cd:4d:01:db:62:08:3f:6d:71:37:51:93:14:67:d1:
78:14:f0:9b:0d:31:6c:fc:c7:54:34:cc:8f:04:f1:13:da:79:
cc:69:4f:7b:53:b6:67:ba:f7:3e:c0:bd:79:45:58:ed:fc:78:
55:5c:f0:92:5b:56:20:25:c8:67:c7:02:a7:7a:9b:4c:11:8a:
61:97:e3:62:2c:95:df:72:3a:8d:58:b7:3e:64:2d:8e:26:e2:
74:2a:d0:46
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYhhGsdp0iSogNWxK/iYzGDyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljZTRlNjVhZWNjOTVkNDQ2YTBjYjY0MGI5NzY2ZmEwZjgx
NTBlM2MwHhcNMjMwNTI4MDY0NTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2M2MzhiNGU5YzAxNjNmYmRiNWVjOTY2YjEwY2QzZjY0NmVhN2ExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhFux5t38f/dKUUOCRGlFGHVdwquJ
OqA4grf0MkUYgWrTPXi1I1bcab7PaPZnZftEjRtVn7ScoNtSUXu32jZlk9MlR94c
eA+EMFMoYpDdbxIRTPLNHKClgwy/rbmZcdAfnoT4DPtwwvIqowo6rukwI+nyfWMQ
G3SxWMHi5pNfBlXTQ3NAuvNfUY0XZl2qPSdFJtvn+QRYUloS/O2xVgbHsfI2ybD/
KtGfU0VX/jfwLupWW08LTyxfOtW6WFvzVUkzyNTmOE16Xyd3B0jfKGOsARGNVcbz
38MxZlEtvDfe2Gldbf3jfczGcA8WPhGntbQnjbVoC+mh62DUnyRJU60CEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNPGOLTpwBY/vbXslmsQzT9kbqehMB8GA1UdIwQY
MBaAFJzk5lrsyV1Eagy2QLl2b6D4FQ48MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbk9UbVd1ekpYVVJxRExaQXVYWnZvUGdWRGp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9lZDRlMmMtZTVhZC00MTdhLTg3ODgt
MTE4MjQ0MDZiZDVkLzEvMDhZNHRPbkFGai05dGV5V2F4RE5QMlJ1cDZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9lZDRlMmMtZTVhZC00MTdhLTg3ODgtMTE4MjQ0MDZiZDVk
LzEvbk9UbVd1ekpYVVJxRExaQXVYWnZvUGdWRGp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDT6vwMA0G
CSqGSIb3DQEBCwUAA4IBAQBSZXBB1PWEOetnJZR9xUB5F8BX0JHVrjrTaeuL6j4j
5m+zQTzdtW8B1ThP1cpRiPfkfs4zFvOkZ7fp+MxPh7VYfMlOfnBhP/bgIPwsBCaf
3jm6NgkUBHR7trLd1qW+99Yv74RMTjztdxOh1OSvvP5kDT/EcegrGPpMVKnKcaTk
O9ZRtcQ/VDJurkinFHwaT2NV9HMnhYzgLLFOkov/Z6KKtHSTQjXNTQHbYgg/bXE3
UZMUZ9F4FPCbDTFs/MdUNMyPBPET2nnMaU97U7Znuvc+wL15RVjt/HhVXPCSW1Yg
JchnxwKneptMEYphl+NiLJXfcjqNWLc+ZC2OJuJ0KtBG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:31 2024 by rpki-client on console-fra.rpki-client.org