Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/278d5f-9ee6-4477-9fe0-8eae8b75e9ca/1/4cyWriJ51rSiHoCrTr3R-iD7GnU.roa
File: 4cyWriJ51rSiHoCrTr3R-iD7GnU.roa (raw, json)
Hash identifier: D7Ymr9ZJXVUfu0dJG/RBKZJPkilSnSR5Ccd/narO+iI=
Subject key identifier: E1:CC:96:AE:22:79:D6:B4:A2:1E:80:AB:4E:BD:D1:FA:20:FB:1A:75
Certificate issuer: /CN=568ae803b9ba38855401827b3eece14505a9c0f6
Certificate serial: 0193D9FE546826AC4279D35D86CAE6C59611
Authority key identifier: 56:8A:E8:03:B9:BA:38:85:54:01:82:7B:3E:EC:E1:45:05:A9:C0:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VoroA7m6OIVUAYJ7PuzhRQWpwPY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/278d5f-9ee6-4477-9fe0-8eae8b75e9ca/1/4cyWriJ51rSiHoCrTr3R-iD7GnU.roa
Signing time: Wed 18 Dec 2024 13:39:03 +0000
ROA not before: Wed 18 Dec 2024 13:39:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20764
IP address blocks: 79.141.208.0/20 maxlen: 20
80.64.96.0/20 maxlen: 20
80.64.97.0/24 maxlen: 24
80.64.98.28/32 maxlen: 32
80.64.99.0/24 maxlen: 24
80.64.102.0/24 maxlen: 24
80.64.103.0/24 maxlen: 24
80.64.104.0/24 maxlen: 24
80.64.105.0/24 maxlen: 24
80.64.108.0/24 maxlen: 24
80.64.109.0/24 maxlen: 24
81.27.240.0/20 maxlen: 20
81.27.241.0/24 maxlen: 24
81.27.248.0/24 maxlen: 24
81.27.252.0/24 maxlen: 24
81.27.253.0/24 maxlen: 24
185.5.160.0/22 maxlen: 22
2a00:1c28::/29 maxlen: 29
2a00:1c28::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:d9:fe:54:68:26:ac:42:79:d3:5d:86:ca:e6:c5:96:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=568ae803b9ba38855401827b3eece14505a9c0f6
Validity
Not Before: Dec 18 13:39:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e1cc96ae2279d6b4a21e80ab4ebdd1fa20fb1a75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:a2:89:5a:0c:d1:1d:f7:7b:5e:7f:6a:54:6a:
37:e3:e3:7f:78:26:ca:c2:99:66:58:67:4d:fe:5f:
da:fb:5f:25:ad:fd:7a:9a:a4:51:98:95:d2:7f:42:
64:92:5e:a6:86:d3:03:83:e1:42:be:d8:e3:95:12:
34:c7:99:c5:cb:b7:67:76:82:e0:3c:7c:cb:a0:46:
fa:b3:6e:ad:c0:f7:1a:52:64:a5:0b:3b:e3:26:0e:
01:d8:56:41:bc:a2:92:ac:d4:8c:58:ff:6d:18:7b:
86:44:10:fc:43:58:32:6c:07:68:c2:f5:8a:8c:fc:
81:a9:4f:d3:b5:97:d4:5a:4f:f0:b1:7c:53:df:2f:
0b:64:a3:f7:aa:3e:f7:fb:b1:8d:8c:7b:89:81:6b:
ec:5b:e3:d0:48:06:84:a6:a4:5c:fd:50:d2:17:cd:
09:36:ee:81:6a:da:9e:40:82:41:fb:8f:ac:41:00:
2d:aa:02:86:22:4d:12:06:63:d0:8e:68:05:36:46:
4c:6d:7d:a6:67:78:46:3f:55:44:0e:76:6e:65:bc:
3e:14:18:b5:8a:03:c9:c1:43:2d:fb:35:bd:a1:79:
de:73:9f:71:99:ef:ca:62:57:eb:17:44:f0:ad:ce:
e4:98:d7:a3:7b:bc:fb:e8:38:8a:4b:e8:a6:e4:6e:
81:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:CC:96:AE:22:79:D6:B4:A2:1E:80:AB:4E:BD:D1:FA:20:FB:1A:75
X509v3 Authority Key Identifier:
keyid:56:8A:E8:03:B9:BA:38:85:54:01:82:7B:3E:EC:E1:45:05:A9:C0:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VoroA7m6OIVUAYJ7PuzhRQWpwPY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/278d5f-9ee6-4477-9fe0-8eae8b75e9ca/1/4cyWriJ51rSiHoCrTr3R-iD7GnU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/278d5f-9ee6-4477-9fe0-8eae8b75e9ca/1/VoroA7m6OIVUAYJ7PuzhRQWpwPY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.141.208.0/20
80.64.96.0/20
81.27.240.0/20
185.5.160.0/22
IPv6:
2a00:1c28::/29
Signature Algorithm: sha256WithRSAEncryption
40:57:14:dc:cf:63:0c:83:1e:12:bd:be:c7:2f:19:79:9b:66:
70:7d:f4:ef:56:f2:2a:13:2f:76:c5:5e:f2:f8:6b:a3:14:d5:
2a:19:c2:24:b5:69:4f:78:f4:e6:63:53:98:3d:85:34:d4:f3:
15:36:d5:e8:49:55:7a:72:8f:d8:13:ed:ba:07:37:95:6d:dc:
9e:af:68:9f:fb:e7:2b:b2:b0:08:14:e3:96:47:36:f8:f9:db:
71:4b:7d:ba:3b:4a:7a:85:e5:94:a4:06:3f:9f:05:19:1e:35:
74:12:b8:e1:82:0a:ea:27:7f:d1:68:01:da:c0:c6:62:ff:aa:
d9:34:25:2c:d1:d9:b0:b1:eb:65:ed:b6:8a:fa:9a:70:ca:3b:
3d:74:89:ec:d7:f0:fe:70:b1:9d:49:91:4d:e9:d3:ae:af:5c:
88:c7:c5:b3:1a:28:cf:0a:30:67:45:e4:03:b0:6e:ba:c0:2e:
3a:ed:96:66:1c:a5:49:2b:a7:21:d4:3b:96:c9:5b:6a:2f:41:
ca:ec:ec:63:d3:d7:1c:11:bf:9a:c2:2c:d1:26:ed:9b:3c:7f:
b7:86:53:d2:fe:c3:61:74:3d:37:df:d7:b7:34:aa:59:4f:d9:
aa:ac:6a:f9:3d:74:a8:d0:95:77:74:f1:69:35:c0:7d:12:31:
f9:54:7e:9e
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZPZ/lRoJqxCedNdhsrmxZYRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2OGFlODAzYjliYTM4ODU1NDAxODI3YjNlZWNlMTQ1MDVh
OWMwZjYwHhcNMjQxMjE4MTMzOTAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWNjOTZhZTIyNzlkNmI0YTIxZTgwYWI0ZWJkZDFmYTIwZmIxYTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwaKJWgzRHfd7Xn9qVGo34+N/eCbK
wplmWGdN/l/a+18lrf16mqRRmJXSf0Jkkl6mhtMDg+FCvtjjlRI0x5nFy7dndoLg
PHzLoEb6s26twPcaUmSlCzvjJg4B2FZBvKKSrNSMWP9tGHuGRBD8Q1gybAdowvWK
jPyBqU/TtZfUWk/wsXxT3y8LZKP3qj73+7GNjHuJgWvsW+PQSAaEpqRc/VDSF80J
Nu6BatqeQIJB+4+sQQAtqgKGIk0SBmPQjmgFNkZMbX2mZ3hGP1VEDnZuZbw+FBi1
igPJwUMt+zW9oXnec59xme/KYlfrF0Twrc7kmNeje7z76DiKS+im5G6B2QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFOHMlq4ieda0oh6Aq0690fog+xp1MB8GA1UdIwQY
MBaAFFaK6AO5ujiFVAGCez7s4UUFqcD2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVm9yb0E3bTZPSVZVQVlKN1B1emhSUVdwd1BZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS8yNzhkNWYtOWVlNi00NDc3LTlmZTAt
OGVhZThiNzVlOWNhLzEvNGN5V3JpSjUxclNpSG9DclRyM1ItaUQ3R25VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS8yNzhkNWYtOWVlNi00NDc3LTlmZTAtOGVhZThiNzVlOWNh
LzEvVm9yb0E3bTZPSVZVQVlKN1B1emhSUVdwd1BZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQET43QAwQE
UEBgAwQEURvwAwQCuQWgMA0EAgACMAcDBQMqABwoMA0GCSqGSIb3DQEBCwUAA4IB
AQBAVxTcz2MMgx4Svb7HLxl5m2ZwffTvVvIqEy92xV7y+GujFNUqGcIktWlPePTm
Y1OYPYU01PMVNtXoSVV6co/YE+26BzeVbdyer2if++crsrAIFOOWRzb4+dtxS326
O0p6heWUpAY/nwUZHjV0ErjhggrqJ3/RaAHawMZi/6rZNCUs0dmwsetl7baK+ppw
yjs9dIns1/D+cLGdSZFN6dOur1yIx8WzGijPCjBnReQDsG66wC467ZZmHKVJK6ch
1DuWyVtqL0HK7Oxj09ccEb+awizRJu2bPH+3hlPS/sNhdD0339e3NKpZT9mqrGr5
PXSo0JV3dPFpNcB9EjH5VH6e
-----END CERTIFICATE-----
Generated at Sun Apr 6 20:37:08 2025 by rpki-client