Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/461685-073e-41af-9bb6-cf6c305212eb/1/sS0okFZ_0jantt-RgbAgfFKpM5A.roa
File: sS0okFZ_0jantt-RgbAgfFKpM5A.roa (raw, json)
Hash identifier: +Zm0lumikRgs16GYm0b5vcrBNxSv2bA80p1XEqwW+Ks=
Subject key identifier: B1:2D:28:90:56:7F:D2:36:A7:B6:DF:91:81:B0:20:7C:52:A9:33:90
Certificate issuer: /CN=b14aba8b60749393478e83c360e6cbd75d156f89
Certificate serial: 01920EFCEA00FE37404086F6DEC940979A90
Authority key identifier: B1:4A:BA:8B:60:74:93:93:47:8E:83:C3:60:E6:CB:D7:5D:15:6F:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sUq6i2B0k5NHjoPDYObL110Vb4k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/461685-073e-41af-9bb6-cf6c305212eb/1/sS0okFZ_0jantt-RgbAgfFKpM5A.roa
Signing time: Fri 20 Sep 2024 10:31:48 +0000
ROA not before: Fri 20 Sep 2024 10:31:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44565
IP address blocks: 79.171.16.0/24 maxlen: 24
79.171.17.0/24 maxlen: 24
79.171.18.0/24 maxlen: 24
79.171.19.0/24 maxlen: 24
79.171.20.0/24 maxlen: 24
79.171.21.0/24 maxlen: 24
93.186.112.0/24 maxlen: 24
93.186.113.0/24 maxlen: 24
93.186.114.0/24 maxlen: 24
93.186.115.0/24 maxlen: 24
93.186.116.0/24 maxlen: 24
93.186.117.0/24 maxlen: 24
93.186.118.0/24 maxlen: 24
93.186.119.0/24 maxlen: 24
93.186.120.0/24 maxlen: 24
93.186.121.0/24 maxlen: 24
93.186.122.0/24 maxlen: 24
93.186.123.0/24 maxlen: 24
93.186.124.0/24 maxlen: 24
93.186.126.0/24 maxlen: 24
93.186.127.0/24 maxlen: 24
188.124.1.0/24 maxlen: 24
188.124.2.0/24 maxlen: 24
188.124.4.0/24 maxlen: 24
188.124.6.0/24 maxlen: 24
188.124.7.0/24 maxlen: 24
188.124.8.0/24 maxlen: 24
188.124.9.0/24 maxlen: 24
188.124.10.0/24 maxlen: 24
188.124.11.0/24 maxlen: 24
188.124.12.0/24 maxlen: 24
188.124.13.0/24 maxlen: 24
188.124.14.0/24 maxlen: 24
188.124.15.0/24 maxlen: 24
188.124.16.0/24 maxlen: 24
188.124.17.0/24 maxlen: 24
188.124.18.0/24 maxlen: 24
188.124.19.0/24 maxlen: 24
188.124.20.0/24 maxlen: 24
188.124.21.0/24 maxlen: 24
188.124.22.0/24 maxlen: 24
188.124.23.0/24 maxlen: 24
188.124.24.0/24 maxlen: 24
188.124.25.0/24 maxlen: 24
188.124.26.0/24 maxlen: 24
188.124.27.0/24 maxlen: 24
188.124.28.0/24 maxlen: 24
188.124.29.0/24 maxlen: 24
188.124.30.0/24 maxlen: 24
188.124.31.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:0e:fc:ea:00:fe:37:40:40:86:f6:de:c9:40:97:9a:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b14aba8b60749393478e83c360e6cbd75d156f89
Validity
Not Before: Sep 20 10:31:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b12d2890567fd236a7b6df9181b0207c52a93390
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:20:6b:66:91:55:b0:69:d1:a3:d4:22:26:67:
80:42:90:eb:32:c1:91:5d:cf:62:7b:95:91:a7:dc:
fc:cc:a5:43:27:ed:63:94:cf:b9:59:bf:83:7b:94:
4f:44:8c:1b:b2:04:e4:09:ed:46:65:63:5a:09:94:
55:30:00:eb:48:ae:11:75:96:ca:21:d4:91:d6:e3:
18:55:85:dc:27:d0:a7:40:59:80:9d:32:da:a7:7a:
f0:f4:e2:66:fc:49:f3:bc:47:4f:8f:1c:fe:d8:f5:
0e:e4:1c:a3:e6:5c:20:c4:d9:01:47:9e:38:36:80:
37:12:f8:b4:48:49:38:c9:a8:e2:54:d0:8f:68:25:
12:32:ff:e9:1c:71:aa:1b:9c:12:1c:63:03:97:9b:
72:0e:6b:9f:19:cb:9c:91:4e:11:1f:f9:73:c8:19:
32:d3:5d:a8:a8:d9:4f:4b:21:80:64:8a:5b:fd:6e:
6e:75:25:10:ad:1e:8b:70:39:e3:11:df:96:79:d6:
90:e3:35:67:e9:61:38:35:05:b9:36:15:5d:a2:ae:
8e:81:96:fb:c8:a3:92:fc:b4:b5:b9:69:e9:2e:19:
74:33:71:0d:88:8b:7f:f1:42:10:4b:3e:fa:16:7a:
4a:8b:5d:da:01:87:44:29:59:d2:cc:4b:33:1d:80:
92:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:2D:28:90:56:7F:D2:36:A7:B6:DF:91:81:B0:20:7C:52:A9:33:90
X509v3 Authority Key Identifier:
keyid:B1:4A:BA:8B:60:74:93:93:47:8E:83:C3:60:E6:CB:D7:5D:15:6F:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sUq6i2B0k5NHjoPDYObL110Vb4k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/461685-073e-41af-9bb6-cf6c305212eb/1/sS0okFZ_0jantt-RgbAgfFKpM5A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/461685-073e-41af-9bb6-cf6c305212eb/1/sUq6i2B0k5NHjoPDYObL110Vb4k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.171.16.0-79.171.21.255
93.186.112.0-93.186.124.255
93.186.126.0/23
188.124.1.0-188.124.2.255
188.124.4.0/24
188.124.6.0-188.124.31.255
Signature Algorithm: sha256WithRSAEncryption
8a:39:e2:c0:73:4c:72:46:fc:b5:1b:f6:29:7a:a3:9b:a5:e4:
16:10:e9:de:48:60:81:7a:c6:4c:17:f3:9b:14:4e:81:e8:85:
30:71:81:9e:5a:d0:06:27:5d:ae:e0:c5:da:50:8c:13:6b:01:
a0:d3:28:90:91:67:2a:eb:f3:77:39:07:ca:ab:20:5c:91:29:
c6:5d:17:32:25:bb:f9:9b:b3:16:f7:a9:48:42:4a:8f:31:cb:
ab:8e:7a:0c:03:7e:32:43:76:23:98:ca:30:db:da:7c:9d:78:
c3:d2:5f:a2:76:ab:5b:01:d2:a3:1e:bc:e7:8e:91:b2:7e:36:
cb:4a:9b:4a:8b:3e:38:fa:a4:a0:72:09:5a:ad:a0:fa:39:82:
07:c6:39:dc:4a:92:0b:46:dd:0e:32:57:1c:d5:da:2c:51:5a:
6b:14:f3:8c:fd:4e:33:d4:b6:f3:7e:42:81:16:7a:ea:68:02:
2c:b3:77:b0:37:7b:99:ba:b2:96:8a:6e:45:b4:28:02:b5:7d:
25:ff:17:e8:72:a8:2c:21:40:77:44:43:09:2a:8c:4f:88:25:
c3:36:36:0d:ae:78:77:55:3d:63:e9:dc:f4:00:49:62:8e:2b:
40:1a:cb:11:eb:8b:06:31:b9:86:da:94:2b:ef:e4:64:69:2e:
50:89:c9:3f
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAZIO/OoA/jdAQIb23slAl5qQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNGFiYThiNjA3NDkzOTM0NzhlODNjMzYwZTZjYmQ3NWQx
NTZmODkwHhcNMjQwOTIwMTAzMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTJkMjg5MDU2N2ZkMjM2YTdiNmRmOTE4MWIwMjA3YzUyYTkzMzkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuSBrZpFVsGnRo9QiJmeAQpDrMsGR
Xc9ie5WRp9z8zKVDJ+1jlM+5Wb+De5RPRIwbsgTkCe1GZWNaCZRVMADrSK4RdZbK
IdSR1uMYVYXcJ9CnQFmAnTLap3rw9OJm/EnzvEdPjxz+2PUO5Byj5lwgxNkBR544
NoA3Evi0SEk4yajiVNCPaCUSMv/pHHGqG5wSHGMDl5tyDmufGcuckU4RH/lzyBky
012oqNlPSyGAZIpb/W5udSUQrR6LcDnjEd+WedaQ4zVn6WE4NQW5NhVdoq6OgZb7
yKOS/LS1uWnpLhl0M3ENiIt/8UIQSz76FnpKi13aAYdEKVnSzEszHYCS8QIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFLEtKJBWf9I2p7bfkYGwIHxSqTOQMB8GA1UdIwQY
MBaAFLFKuotgdJOTR46Dw2Dmy9ddFW+JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1VxNmkyQjBrNU5Iam9QRFlPYkwxMTBWYjRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi80NjE2ODUtMDczZS00MWFmLTliYjYt
Y2Y2YzMwNTIxMmViLzEvc1Mwb2tGWl8wamFudHQtUmdiQWdmRktwTTVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi80NjE2ODUtMDczZS00MWFmLTliYjYtY2Y2YzMwNTIxMmVi
LzEvc1VxNmkyQjBrNU5Iam9QRFlPYkwxMTBWYjRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEMAwDBARPqxAD
BAFPqxQwDAMEBF26cAMEAF26fAMEAV26fjAMAwQAvHwBAwQAvHwCAwQAvHwEMAwD
BAG8fAYDBAW8fAAwDQYJKoZIhvcNAQELBQADggEBAIo54sBzTHJG/LUb9il6o5ul
5BYQ6d5IYIF6xkwX85sUToHohTBxgZ5a0AYnXa7gxdpQjBNrAaDTKJCRZyrr83c5
B8qrIFyRKcZdFzIlu/mbsxb3qUhCSo8xy6uOegwDfjJDdiOYyjDb2nydeMPSX6J2
q1sB0qMevOeOkbJ+NstKm0qLPjj6pKByCVqtoPo5ggfGOdxKkgtG3Q4yVxzV2ixR
WmsU84z9TjPUtvN+QoEWeupoAiyzd7A3e5m6spaKbkW0KAK1fSX/F+hyqCwhQHdE
QwkqjE+IJcM2Ng2ueHdVPWPp3PQASWKOK0AayxHriwYxuYbalCvv5GRpLlCJyT8=
-----END CERTIFICATE-----
Generated at Wed Apr 23 03:41:32 2025 by rpki-client