Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/7a11b5-a405-41cb-81cb-f6bccf1e531f/1/7I1C6mS_ZG5gbPV_mkgCM3P4WfA.roa
File: 7I1C6mS_ZG5gbPV_mkgCM3P4WfA.roa (raw, json)
Hash identifier: ohjQvNjMVsXMCfeo9mPFDObxb79b7leIwftg/i6TvRs=
Subject key identifier: EC:8D:42:EA:64:BF:64:6E:60:6C:F5:7F:9A:48:02:33:73:F8:59:F0
Certificate issuer: /CN=d914da56e1a934649da02964ac12eba34c5cb84f
Certificate serial: 01936DB8D4F61DF3147B198B55B03D378164
Authority key identifier: D9:14:DA:56:E1:A9:34:64:9D:A0:29:64:AC:12:EB:A3:4C:5C:B8:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2RTaVuGpNGSdoClkrBLro0xcuE8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/7a11b5-a405-41cb-81cb-f6bccf1e531f/1/7I1C6mS_ZG5gbPV_mkgCM3P4WfA.roa
Signing time: Wed 27 Nov 2024 13:04:09 +0000
ROA not before: Wed 27 Nov 2024 13:04:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212586
IP address blocks: 79.174.0.0/24 maxlen: 24
79.174.1.0/24 maxlen: 24
79.174.2.0/24 maxlen: 24
185.231.234.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:47:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:6d:b8:d4:f6:1d:f3:14:7b:19:8b:55:b0:3d:37:81:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d914da56e1a934649da02964ac12eba34c5cb84f
Validity
Not Before: Nov 27 13:04:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ec8d42ea64bf646e606cf57f9a48023373f859f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:52:8a:82:61:49:b6:14:70:a4:e5:39:d2:2d:
43:67:b2:b8:0b:63:0a:2b:d5:02:04:79:a3:2f:ef:
67:e4:56:a8:d3:31:ea:61:c1:54:81:0f:f3:5b:54:
2f:74:38:74:9a:38:fa:c2:2f:24:9c:4d:1b:3c:17:
5d:db:a9:23:eb:81:c1:6d:0b:87:1c:96:54:fc:13:
62:65:e1:20:8f:5b:a7:61:5b:ad:d3:e3:29:48:55:
13:84:ce:0d:dc:bd:de:11:1c:11:7d:b0:19:91:75:
3c:e6:0a:af:9f:87:13:82:ec:80:4b:e7:85:0e:7b:
7c:e1:6a:aa:92:b8:c8:06:5f:a6:c9:ac:16:d8:a2:
fc:a7:44:b8:16:55:4e:c2:f3:88:5a:8f:44:d6:39:
69:51:00:50:ae:6a:da:bd:4d:45:43:3c:2e:3c:bd:
37:5e:ae:a0:68:b2:35:9b:5e:e2:0a:dc:0c:66:ec:
32:83:9e:1b:47:2e:8a:94:90:3d:e6:bb:56:30:f4:
5a:4d:29:9b:bf:2b:d5:9b:5b:15:73:6f:c9:70:d1:
1d:df:e3:8f:20:cb:ad:b2:c0:30:0c:0d:21:50:b4:
35:15:6b:52:d2:23:60:2a:98:ca:0b:d8:03:c9:79:
53:13:03:2b:3e:fc:6b:79:ce:ea:4c:28:81:1f:01:
45:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:8D:42:EA:64:BF:64:6E:60:6C:F5:7F:9A:48:02:33:73:F8:59:F0
X509v3 Authority Key Identifier:
keyid:D9:14:DA:56:E1:A9:34:64:9D:A0:29:64:AC:12:EB:A3:4C:5C:B8:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2RTaVuGpNGSdoClkrBLro0xcuE8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/7a11b5-a405-41cb-81cb-f6bccf1e531f/1/7I1C6mS_ZG5gbPV_mkgCM3P4WfA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/7a11b5-a405-41cb-81cb-f6bccf1e531f/1/2RTaVuGpNGSdoClkrBLro0xcuE8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.174.0.0-79.174.2.255
185.231.234.0/24
Signature Algorithm: sha256WithRSAEncryption
31:75:d8:99:29:48:93:1c:1e:96:f7:6b:5c:9f:d5:de:4a:0f:
bc:89:ca:b7:a1:38:a9:3c:a9:f4:b6:39:be:54:21:98:97:93:
06:76:0d:c7:7d:18:f5:1f:77:28:fa:3e:71:5e:19:15:dd:dc:
eb:22:68:d1:a9:f4:ec:93:a7:fe:1e:d2:9a:25:b6:d6:34:a0:
c9:f4:1f:0f:54:c4:b9:51:74:36:15:14:41:c8:b7:e1:71:4d:
bf:e9:f8:92:1a:75:a9:f3:0d:ac:a0:d7:73:e1:65:42:ec:e9:
55:2b:7b:66:09:14:ea:16:ac:43:97:ac:c2:6f:11:05:35:a1:
b1:fa:b3:e8:b0:b5:16:b7:cb:37:82:4f:8c:7b:bc:54:08:80:
74:35:32:1d:0e:c9:3f:48:8a:5a:2f:b5:43:0c:f5:ce:98:78:
bf:9d:d0:65:57:01:33:11:46:4e:9b:bb:4d:0d:e1:30:cc:27:
73:db:03:3d:f3:fa:1d:90:11:bc:52:42:35:79:65:96:e5:3d:
0e:fe:aa:5c:ce:cf:57:60:b2:8f:ae:4e:b2:d5:50:23:aa:88:
cf:1f:f2:ae:ff:24:94:4d:6c:de:aa:bb:bc:82:b9:09:19:5f:
8d:99:a3:ad:1b:05:5d:e3:5c:fa:27:0e:70:fb:98:1a:6b:3f:
3c:0c:a0:97
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZNtuNT2HfMUexmLVbA9N4FkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5MTRkYTU2ZTFhOTM0NjQ5ZGEwMjk2NGFjMTJlYmEzNGM1
Y2I4NGYwHhcNMjQxMTI3MTMwNDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzhkNDJlYTY0YmY2NDZlNjA2Y2Y1N2Y5YTQ4MDIzMzczZjg1OWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1KKgmFJthRwpOU50i1DZ7K4C2MK
K9UCBHmjL+9n5Fao0zHqYcFUgQ/zW1QvdDh0mjj6wi8knE0bPBdd26kj64HBbQuH
HJZU/BNiZeEgj1unYVut0+MpSFUThM4N3L3eERwRfbAZkXU85gqvn4cTguyAS+eF
Dnt84WqqkrjIBl+myawW2KL8p0S4FlVOwvOIWo9E1jlpUQBQrmravU1FQzwuPL03
Xq6gaLI1m17iCtwMZuwyg54bRy6KlJA95rtWMPRaTSmbvyvVm1sVc2/JcNEd3+OP
IMutssAwDA0hULQ1FWtS0iNgKpjKC9gDyXlTEwMrPvxrec7qTCiBHwFF4wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFOyNQupkv2RuYGz1f5pIAjNz+FnwMB8GA1UdIwQY
MBaAFNkU2lbhqTRknaApZKwS66NMXLhPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlJUYVZ1R3BOR1Nkb0Nsa3JCTHJvMHhjdUU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS83YTExYjUtYTQwNS00MWNiLTgxY2It
ZjZiY2NmMWU1MzFmLzEvN0kxQzZtU19aRzVnYlBWX21rZ0NNM1A0V2ZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS83YTExYjUtYTQwNS00MWNiLTgxY2ItZjZiY2NmMWU1MzFm
LzEvMlJUYVZ1R3BOR1Nkb0Nsa3JCTHJvMHhjdUU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAATATMAsDAwFPrgME
AE+uAgMEALnn6jANBgkqhkiG9w0BAQsFAAOCAQEAMXXYmSlIkxwelvdrXJ/V3koP
vInKt6E4qTyp9LY5vlQhmJeTBnYNx30Y9R93KPo+cV4ZFd3c6yJo0an07JOn/h7S
miW21jSgyfQfD1TEuVF0NhUUQci34XFNv+n4khp1qfMNrKDXc+FlQuzpVSt7ZgkU
6hasQ5eswm8RBTWhsfqz6LC1FrfLN4JPjHu8VAiAdDUyHQ7JP0iKWi+1Qwz1zph4
v53QZVcBMxFGTpu7TQ3hMMwnc9sDPfP6HZARvFJCNXllluU9Dv6qXM7PV2Cyj65O
stVQI6qIzx/yrv8klE1s3qq7vIK5CRlfjZmjrRsFXeNc+icOcPuYGms/PAyglw==
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:31:52 2025 by rpki-client