Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/2b8b2d-c023-4dfb-a504-41f62da4edab/1/PyAKYVSicKvkylCE-YNZuEfxY0k.roa
File: PyAKYVSicKvkylCE-YNZuEfxY0k.roa (raw, json)
Hash identifier: pzp1i6rnPpoGcAUagba0AFLjxJ/O4QFDR8S0Vyxpz78=
Subject key identifier: 3F:20:0A:61:54:A2:70:AB:E4:CA:50:84:F9:83:59:B8:47:F1:63:49
Certificate issuer: /CN=796d29ee381b51f645e05415668d92a9ce7a8dd2
Certificate serial: 018CC7260D572FD39A08571F10BE01182497
Authority key identifier: 79:6D:29:EE:38:1B:51:F6:45:E0:54:15:66:8D:92:A9:CE:7A:8D:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eW0p7jgbUfZF4FQVZo2Sqc56jdI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/2b8b2d-c023-4dfb-a504-41f62da4edab/1/PyAKYVSicKvkylCE-YNZuEfxY0k.roa
Signing time: Mon 01 Jan 2024 22:30:08 +0000
ROA not before: Mon 01 Jan 2024 22:30:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44763
IP address blocks: 176.241.232.0/21 maxlen: 24
93.93.72.0/21 maxlen: 21
185.79.85.0/24 maxlen: 24
185.79.84.0/24 maxlen: 24
2a00:1548::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:47:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:0d:57:2f:d3:9a:08:57:1f:10:be:01:18:24:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=796d29ee381b51f645e05415668d92a9ce7a8dd2
Validity
Not Before: Jan 1 22:30:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3f200a6154a270abe4ca5084f98359b847f16349
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:e6:8b:6e:c3:a1:4d:c9:f4:c5:40:6f:8b:d4:
cb:d6:09:c8:c9:af:6a:79:de:22:b7:eb:c8:b9:11:
4c:94:10:68:6f:b8:f7:ce:3f:43:3d:e1:71:da:e4:
a9:1b:a2:11:1d:d9:e5:94:e5:4c:a0:e2:33:2f:56:
c7:4b:ed:50:2a:fc:11:f1:40:31:96:b7:fc:6f:e4:
1a:6c:07:7d:45:70:d4:10:b2:d5:45:23:86:e4:0b:
fd:41:00:12:2f:64:61:fa:26:2c:38:46:4b:e9:a3:
eb:60:f1:33:71:35:dd:ba:3f:13:a8:71:96:60:4e:
76:64:ca:5e:73:a4:28:d3:82:1e:fc:c6:9b:7d:3f:
c0:ef:b7:af:90:0a:bc:3b:f4:07:85:80:16:1e:c8:
fd:2b:8e:af:23:d1:d6:df:d2:d6:ec:77:f3:8c:64:
40:26:30:a1:68:3e:2a:1c:17:85:99:e3:8d:3d:22:
de:e7:24:64:d1:a3:db:45:b8:a0:56:90:b2:1f:53:
b0:bf:8c:dd:f7:90:a3:4a:2c:03:95:4e:e5:47:9f:
78:bb:34:4e:a3:27:7c:d5:39:19:10:1b:6d:7c:80:
d4:68:d5:be:48:b0:3c:67:23:d1:fb:3c:e4:ad:b5:
ee:73:30:9c:f3:95:28:d6:43:03:c5:a0:cd:d7:45:
3f:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:20:0A:61:54:A2:70:AB:E4:CA:50:84:F9:83:59:B8:47:F1:63:49
X509v3 Authority Key Identifier:
keyid:79:6D:29:EE:38:1B:51:F6:45:E0:54:15:66:8D:92:A9:CE:7A:8D:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eW0p7jgbUfZF4FQVZo2Sqc56jdI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/2b8b2d-c023-4dfb-a504-41f62da4edab/1/PyAKYVSicKvkylCE-YNZuEfxY0k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/2b8b2d-c023-4dfb-a504-41f62da4edab/1/eW0p7jgbUfZF4FQVZo2Sqc56jdI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.93.72.0/21
176.241.232.0/21
185.79.84.0/23
IPv6:
2a00:1548::/32
Signature Algorithm: sha256WithRSAEncryption
20:30:34:cc:84:29:23:98:69:6e:ef:f6:e1:79:2a:49:1c:1f:
30:38:dc:cb:70:01:1f:30:70:13:b5:a7:35:42:09:32:ba:31:
b4:1b:16:72:7e:ab:f4:1e:be:ee:47:97:9f:02:ad:b7:e7:1f:
97:41:cc:b0:fa:a8:3c:2b:a8:aa:84:0e:ba:df:36:86:9c:96:
2a:b9:d2:69:e6:45:10:b1:1c:99:86:b2:eb:8f:04:04:5a:0e:
cc:9a:fc:a6:7f:34:7a:a4:75:26:8e:79:88:02:b9:09:8f:ed:
93:b7:90:69:18:43:e2:ac:4f:49:9a:45:b4:84:89:36:6b:ae:
eb:4d:f5:26:3d:9c:bd:43:31:62:a6:bf:d0:f8:98:91:6e:ea:
92:1d:63:e8:93:d8:fb:41:07:52:d1:cd:48:cb:39:d0:49:48:
8a:b6:17:0f:e0:bd:39:d9:8d:aa:76:d9:70:16:1f:ad:ac:44:
00:50:13:6c:ae:90:8a:db:af:3a:36:ec:7a:ca:3c:0e:b4:75:
e2:dd:a8:b4:a9:5c:f5:72:7b:db:5e:42:33:80:67:78:b5:6d:
39:4e:09:f9:9c:8c:f8:20:c4:33:b0:61:37:3c:33:47:e0:87:
0e:e5:8e:70:32:8e:e8:a0:6e:4b:38:55:f3:6a:80:9c:ae:ad:
05:5b:54:29
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzHJg1XL9OaCFcfEL4BGCSXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5NmQyOWVlMzgxYjUxZjY0NWUwNTQxNTY2OGQ5MmE5Y2U3
YThkZDIwHhcNMjQwMTAxMjIzMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjIwMGE2MTU0YTI3MGFiZTRjYTUwODRmOTgzNTliODQ3ZjE2MzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhOaLbsOhTcn0xUBvi9TL1gnIya9q
ed4it+vIuRFMlBBob7j3zj9DPeFx2uSpG6IRHdnllOVMoOIzL1bHS+1QKvwR8UAx
lrf8b+QabAd9RXDUELLVRSOG5Av9QQASL2Rh+iYsOEZL6aPrYPEzcTXduj8TqHGW
YE52ZMpec6Qo04Ie/MabfT/A77evkAq8O/QHhYAWHsj9K46vI9HW39LW7HfzjGRA
JjChaD4qHBeFmeONPSLe5yRk0aPbRbigVpCyH1Owv4zd95CjSiwDlU7lR594uzRO
oyd81TkZEBttfIDUaNW+SLA8ZyPR+zzkrbXuczCc85Uo1kMDxaDN10U/WwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFD8gCmFUonCr5MpQhPmDWbhH8WNJMB8GA1UdIwQY
MBaAFHltKe44G1H2ReBUFWaNkqnOeo3SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVcwcDdqZ2JVZlpGNEZRVlpvMlNxYzU2amRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My8yYjhiMmQtYzAyMy00ZGZiLWE1MDQt
NDFmNjJkYTRlZGFiLzEvUHlBS1lWU2ljS3ZreWxDRS1ZTlp1RWZ4WTBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My8yYjhiMmQtYzAyMy00ZGZiLWE1MDQtNDFmNjJkYTRlZGFi
LzEvZVcwcDdqZ2JVZlpGNEZRVlpvMlNxYzU2amRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDXV1IAwQD
sPHoAwQBuU9UMA0EAgACMAcDBQAqABVIMA0GCSqGSIb3DQEBCwUAA4IBAQAgMDTM
hCkjmGlu7/bheSpJHB8wONzLcAEfMHATtac1QgkyujG0GxZyfqv0Hr7uR5efAq23
5x+XQcyw+qg8K6iqhA663zaGnJYqudJp5kUQsRyZhrLrjwQEWg7MmvymfzR6pHUm
jnmIArkJj+2Tt5BpGEPirE9JmkW0hIk2a67rTfUmPZy9QzFipr/Q+JiRbuqSHWPo
k9j7QQdS0c1IyznQSUiKthcP4L052Y2qdtlwFh+trEQAUBNsrpCK2686Nux6yjwO
tHXi3ai0qVz1cnvbXkIzgGd4tW05Tgn5nIz4IMQzsGE3PDNH4IcO5Y5wMo7ooG5L
OFXzaoCcrq0FW1Qp
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:48:10 2025 by rpki-client