Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/1-PpSJPKjpXngKul8QSG2wJWOmOs.roa
File: 1-PpSJPKjpXngKul8QSG2wJWOmOs.roa (raw, json)
Hash identifier: 5ZWX0dz++94tkmc9+60o7Tdg50trbGilsTCR0Lefsuo=
Subject key identifier: F8:FA:52:24:F2:A3:A5:79:E0:2A:E9:7C:41:21:B6:C0:95:8E:98:EB
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 018D0CFEE1A0FE6219F437FF99E70DC5A75C
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/1-PpSJPKjpXngKul8QSG2wJWOmOs.roa
Signing time: Mon 15 Jan 2024 12:00:46 +0000
ROA not before: Mon 15 Jan 2024 12:00:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39679
IP address blocks: 87.229.71.0/24 maxlen: 24
95.138.194.0/23 maxlen: 23
79.172.220.0/24 maxlen: 24
217.144.62.0/24 maxlen: 24
217.144.63.0/24 maxlen: 24
87.229.81.0/24 maxlen: 24
213.181.201.0/24 maxlen: 24
79.172.251.0/24 maxlen: 24
79.172.250.0/24 maxlen: 24
87.229.50.0/24 maxlen: 24
87.229.48.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 13 Feb 2024 10:20:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:0c:fe:e1:a0:fe:62:19:f4:37:ff:99:e7:0d:c5:a7:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Jan 15 12:00:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f8fa5224f2a3a579e02ae97c4121b6c0958e98eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:72:aa:99:68:a4:e6:5f:12:7c:10:d8:8d:f6:
8b:d9:cc:8c:6f:22:92:28:fb:4c:ef:ae:ae:f5:7e:
e4:a2:e6:55:c2:9e:7e:96:56:50:25:74:09:c7:7c:
0f:f8:d4:c3:77:44:ce:4f:ca:80:0f:bb:80:2c:d5:
c0:a8:aa:52:49:c4:71:6b:2b:15:e6:5a:fa:0b:d9:
35:6a:fa:ff:65:5a:f9:28:a1:ef:bf:a0:bc:e8:82:
26:48:3f:a6:d1:11:04:3e:6a:42:1f:98:ae:46:68:
1c:27:bc:8b:4a:be:8d:2b:58:14:a5:88:ff:99:d4:
a8:03:26:d2:b1:d8:e6:77:ae:b8:b5:79:6d:dd:11:
16:18:7c:e2:ab:bb:36:6a:18:c3:16:cd:13:ce:9a:
9e:ff:d7:17:c7:2d:7f:c7:08:4f:7a:9c:e0:af:18:
fd:93:4c:2b:f3:3d:a1:30:65:79:04:de:f0:2d:a3:
87:fd:e8:3e:1e:62:61:a4:2e:5f:bb:3e:2a:51:e5:
aa:d5:a3:b3:7d:4e:38:a7:f6:6c:f8:78:60:72:8b:
8f:15:f9:46:6c:e8:5f:93:28:23:6b:9a:ae:91:bc:
a5:36:a5:99:8f:22:d7:3e:4a:ad:be:79:bb:e8:83:
98:f7:ca:20:45:61:74:3a:d1:c4:b5:09:71:9b:3c:
6c:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:FA:52:24:F2:A3:A5:79:E0:2A:E9:7C:41:21:B6:C0:95:8E:98:EB
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/1-PpSJPKjpXngKul8QSG2wJWOmOs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.172.220.0/24
79.172.250.0/23
87.229.48.0/24
87.229.50.0/24
87.229.71.0/24
87.229.81.0/24
95.138.194.0/23
213.181.201.0/24
217.144.62.0/23
Signature Algorithm: sha256WithRSAEncryption
5e:7e:29:0b:12:b3:05:55:db:47:31:99:92:bd:fd:d7:f5:2f:
d1:55:8c:c2:d7:1c:b5:77:0c:94:8f:96:d9:17:d5:e8:11:8f:
3b:df:ad:93:e7:53:d9:9e:03:0d:85:2e:54:18:8d:2e:88:0d:
01:22:b4:29:eb:32:be:b6:7a:1e:31:d6:1f:bc:53:ae:cd:7a:
35:64:7b:f2:48:73:2b:7a:d7:fb:a1:c0:78:be:fc:9f:fa:f5:
72:97:75:59:5e:64:d4:35:3a:e1:4a:30:4d:b2:75:2d:d2:c6:
e2:b8:b8:b3:2f:8a:3c:64:7f:bf:f9:43:b0:fc:f1:d5:eb:d2:
a4:23:18:14:0b:9f:32:b1:eb:dc:1d:47:85:8f:6e:ed:61:64:
4f:b6:5d:16:01:c6:96:52:11:56:58:6d:33:f3:57:e2:a1:a8:
ee:98:f0:02:74:5e:00:41:4b:ba:20:49:66:37:79:37:84:b3:
3c:90:19:dc:c6:2b:31:0e:31:44:3c:49:e2:04:19:00:21:26:
6b:3d:3c:9f:b6:e0:ba:e9:6e:aa:cd:db:52:48:49:f5:7d:6e:
88:05:76:7a:d2:8b:4c:08:ef:00:e0:61:2b:8c:43:a8:3c:29:
d8:39:ed:cb:8b:54:e8:e7:4d:ac:0b:c0:0a:d6:9a:4a:ef:88:
8e:8d:e1:a2
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAY0M/uGg/mIZ9Df/mecNxadcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjQwMTE1MTIwMDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGZhNTIyNGYyYTNhNTc5ZTAyYWU5N2M0MTIxYjZjMDk1OGU5OGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhnKqmWik5l8SfBDYjfaL2cyMbyKS
KPtM766u9X7kouZVwp5+llZQJXQJx3wP+NTDd0TOT8qAD7uALNXAqKpSScRxaysV
5lr6C9k1avr/ZVr5KKHvv6C86IImSD+m0REEPmpCH5iuRmgcJ7yLSr6NK1gUpYj/
mdSoAybSsdjmd664tXlt3REWGHziq7s2ahjDFs0Tzpqe/9cXxy1/xwhPepzgrxj9
k0wr8z2hMGV5BN7wLaOH/eg+HmJhpC5fuz4qUeWq1aOzfU44p/Zs+HhgcouPFflG
bOhfkygja5qukbylNqWZjyLXPkqtvnm76IOY98ogRWF0OtHEtQlxmzxsnQIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFPj6UiTyo6V54CrpfEEhtsCVjpjrMB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvMS1QcFNKUEtqcFhuZ0t1bDhRU0cyd0pXT21Pcy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTcvMjY3MjhlLWRkYzctNGIwZi05ZDFlLTk1OTNhNDg4YWZj
Yy8xL2UxNDM5dU81dlJ6emFFdWNBOEE2MGNwa0pKYy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBPBggrBgEFBQcBBwEB/wRAMD4wPAQCAAEwNgMEAE+s3AME
AU+s+gMEAFflMAMEAFflMgMEAFflRwMEAFflUQMEAV+KwgMEANW1yQMEAdmQPjAN
BgkqhkiG9w0BAQsFAAOCAQEAXn4pCxKzBVXbRzGZkr391/Uv0VWMwtcctXcMlI+W
2RfV6BGPO9+tk+dT2Z4DDYUuVBiNLogNASK0KesyvrZ6HjHWH7xTrs16NWR78khz
K3rX+6HAeL78n/r1cpd1WV5k1DU64UowTbJ1LdLG4ri4sy+KPGR/v/lDsPzx1evS
pCMYFAufMrHr3B1HhY9u7WFkT7ZdFgHGllIRVlhtM/NX4qGo7pjwAnReAEFLuiBJ
Zjd5N4SzPJAZ3MYrMQ4xRDxJ4gQZACEmaz08n7bguuluqs3bUkhJ9X1uiAV2etKL
TAjvAOBhK4xDqDwp2Dnty4tU6OdNrAvACtaaSu+Ijo3hog==
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:20:22 2025 by rpki-client