Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/dd55e8-febd-49d0-a5a7-1cf15b2ba7be/1/8zIMvG0WIAMFxrL_kBewrqZuYEc.roa
File: 8zIMvG0WIAMFxrL_kBewrqZuYEc.roa (raw, json)
Hash identifier: GF57gy1bsfq3+QOkalWSmEe4GvR1dSNEMY3HzyW6r8U=
Subject key identifier: F3:32:0C:BC:6D:16:20:03:05:C6:B2:FF:90:17:B0:AE:A6:6E:60:47
Certificate issuer: /CN=ac7cc334f51d2b6eb4e27d6d56b9bce3e85560cc
Certificate serial: 018CC64B454C905589F8E97B1649AE225621
Authority key identifier: AC:7C:C3:34:F5:1D:2B:6E:B4:E2:7D:6D:56:B9:BC:E3:E8:55:60:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rHzDNPUdK2604n1tVrm84-hVYMw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/dd55e8-febd-49d0-a5a7-1cf15b2ba7be/1/8zIMvG0WIAMFxrL_kBewrqZuYEc.roa
Signing time: Mon 01 Jan 2024 18:31:10 +0000
ROA not before: Mon 01 Jan 2024 18:31:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48544
IP address blocks: 92.245.174.0/23 maxlen: 24
79.143.112.0/22 maxlen: 24
79.143.116.0/24 maxlen: 24
79.143.118.0/24 maxlen: 24
79.143.117.0/24 maxlen: 24
79.143.119.0/24 maxlen: 24
79.143.122.0/23 maxlen: 24
79.143.120.0/23 maxlen: 24
89.189.48.0/22 maxlen: 24
92.245.172.0/23 maxlen: 24
92.245.170.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:45:4c:90:55:89:f8:e9:7b:16:49:ae:22:56:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac7cc334f51d2b6eb4e27d6d56b9bce3e85560cc
Validity
Not Before: Jan 1 18:31:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f3320cbc6d16200305c6b2ff9017b0aea66e6047
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:8a:64:94:7b:ce:a4:c5:80:cb:bb:4c:12:53:
c0:2d:f4:8a:73:e8:b5:cb:a5:98:24:57:d6:a9:d2:
78:54:54:b5:68:cf:71:3a:c8:2f:e9:ed:78:4b:fb:
1c:04:2f:68:b9:7d:80:c0:27:79:06:42:56:d9:96:
e4:f6:97:18:34:1d:85:83:d1:2c:25:cd:8f:20:3b:
45:27:e5:c2:e6:6a:33:91:56:23:74:8b:95:05:5d:
1c:1b:1e:e5:09:94:0d:bc:80:46:be:f5:b2:0f:28:
4f:12:bf:b2:dd:91:be:52:ac:5e:bb:d1:d4:5d:c0:
31:07:25:b8:b4:8b:62:41:95:54:54:1e:dc:58:57:
c6:7f:d4:ca:97:d6:59:65:1d:93:bf:6d:36:17:35:
c8:95:23:28:47:2f:dd:1a:c8:ef:29:57:bf:9f:a6:
92:8e:86:c0:ef:31:a8:ac:47:28:e2:b6:46:1d:56:
a8:ae:a9:cb:c2:ae:4d:a7:05:fc:4a:53:a3:fb:33:
0e:98:af:c1:44:cb:bb:e0:7b:3d:b8:03:fb:aa:b5:
9c:94:5f:4c:49:3b:2e:87:b3:ec:e6:d7:24:42:27:
18:3e:9f:76:74:df:01:3b:42:25:59:a5:13:bf:e8:
8f:e5:ad:84:94:3c:4c:cf:4f:20:72:79:64:60:89:
7e:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:32:0C:BC:6D:16:20:03:05:C6:B2:FF:90:17:B0:AE:A6:6E:60:47
X509v3 Authority Key Identifier:
keyid:AC:7C:C3:34:F5:1D:2B:6E:B4:E2:7D:6D:56:B9:BC:E3:E8:55:60:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rHzDNPUdK2604n1tVrm84-hVYMw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/dd55e8-febd-49d0-a5a7-1cf15b2ba7be/1/8zIMvG0WIAMFxrL_kBewrqZuYEc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/dd55e8-febd-49d0-a5a7-1cf15b2ba7be/1/rHzDNPUdK2604n1tVrm84-hVYMw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.143.112.0-79.143.123.255
89.189.48.0/22
92.245.170.0-92.245.175.255
Signature Algorithm: sha256WithRSAEncryption
75:96:f8:4f:d7:aa:b9:49:37:b4:22:78:25:79:c4:65:21:3c:
c3:af:23:99:4c:f0:de:40:f3:74:05:60:d7:20:f5:fb:ef:58:
57:af:44:65:43:ff:d4:2f:92:33:ad:3f:f8:3c:6c:29:29:9c:
7d:11:b1:62:48:a4:84:e8:ae:0d:48:5c:1b:99:e6:6e:b0:f9:
ba:fb:67:bd:3a:d3:aa:f3:11:39:2e:81:51:34:2c:cc:e4:c2:
e1:bb:44:b7:8e:75:8c:4c:03:dc:83:c5:c6:2e:90:67:67:4f:
2b:75:ad:0c:bb:4c:94:02:72:1f:64:fb:f1:19:38:f7:42:b4:
12:53:46:a8:fc:2a:e9:e8:56:e2:58:8c:ab:cb:f3:78:7d:5b:
62:25:bf:ea:de:01:76:82:84:49:19:65:56:d6:03:b3:f1:67:
b0:f3:d3:36:c3:c8:88:7a:73:4c:47:3d:86:db:8a:ca:94:08:
56:d2:72:a1:16:fc:07:01:9e:6e:83:1c:98:b0:f9:4f:86:aa:
b3:06:aa:c5:6d:93:9d:b0:bd:7e:28:47:01:7a:5a:b4:5e:97:
3d:ed:fc:b2:de:b6:c5:09:62:ff:24:0e:f8:ea:d5:89:24:bf:
11:dc:5a:ac:31:3c:d6:ee:7e:d3:6b:1c:d5:9d:c3:dc:e7:8f:
57:41:49:e9
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzGS0VMkFWJ+Ol7FkmuIlYhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjN2NjMzM0ZjUxZDJiNmViNGUyN2Q2ZDU2YjliY2UzZTg1
NTYwY2MwHhcNMjQwMTAxMTgzMTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzMyMGNiYzZkMTYyMDAzMDVjNmIyZmY5MDE3YjBhZWE2NmU2MDQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgYpklHvOpMWAy7tMElPALfSKc+i1
y6WYJFfWqdJ4VFS1aM9xOsgv6e14S/scBC9ouX2AwCd5BkJW2Zbk9pcYNB2Fg9Es
Jc2PIDtFJ+XC5mozkVYjdIuVBV0cGx7lCZQNvIBGvvWyDyhPEr+y3ZG+Uqxeu9HU
XcAxByW4tItiQZVUVB7cWFfGf9TKl9ZZZR2Tv202FzXIlSMoRy/dGsjvKVe/n6aS
jobA7zGorEco4rZGHVaorqnLwq5NpwX8SlOj+zMOmK/BRMu74Hs9uAP7qrWclF9M
STsuh7Ps5tckQicYPp92dN8BO0IlWaUTv+iP5a2ElDxMz08gcnlkYIl+bwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFPMyDLxtFiADBcay/5AXsK6mbmBHMB8GA1UdIwQY
MBaAFKx8wzT1HStutOJ9bVa5vOPoVWDMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckh6RE5QVWRLMjYwNG4xdFZybTg0LWhWWU13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9kZDU1ZTgtZmViZC00OWQwLWE1YTct
MWNmMTViMmJhN2JlLzEvOHpJTXZHMFdJQU1GeHJMX2tCZXdycVp1WUVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9kZDU1ZTgtZmViZC00OWQwLWE1YTctMWNmMTViMmJhN2Jl
LzEvckh6RE5QVWRLMjYwNG4xdFZybTg0LWhWWU13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBARPj3AD
BAJPj3gDBAJZvTAwDAMEAVz1qgMEBFz1oDANBgkqhkiG9w0BAQsFAAOCAQEAdZb4
T9equUk3tCJ4JXnEZSE8w68jmUzw3kDzdAVg1yD1++9YV69EZUP/1C+SM60/+Dxs
KSmcfRGxYkikhOiuDUhcG5nmbrD5uvtnvTrTqvMROS6BUTQszOTC4btEt451jEwD
3IPFxi6QZ2dPK3WtDLtMlAJyH2T78Rk490K0ElNGqPwq6ehW4liMq8vzeH1bYiW/
6t4BdoKESRllVtYDs/FnsPPTNsPIiHpzTEc9htuKypQIVtJyoRb8BwGeboMcmLD5
T4aqswaqxW2TnbC9fihHAXpatF6XPe38st62xQli/yQO+OrViSS/EdxarDE81u5+
02sc1Z3D3OePV0FJ6Q==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:40:43 2025 by rpki-client