Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/PRsXANh3m0Yc8TGvGrptmvOROJc.roa
File: PRsXANh3m0Yc8TGvGrptmvOROJc.roa (raw, json)
Hash identifier: kGDasnWmY1bhIdrrm6Cr4vJ02mpBjj2AvPNow8gqStA=
Subject key identifier: 3D:1B:17:00:D8:77:9B:46:1C:F1:31:AF:1A:BA:6D:9A:F3:91:38:97
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 018CE990A92D82B58045A7C2090AD7BD296D
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/PRsXANh3m0Yc8TGvGrptmvOROJc.roa
Signing time: Mon 08 Jan 2024 14:53:40 +0000
ROA not before: Mon 08 Jan 2024 14:53:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 33947
IP address blocks: 79.172.232.0/22 maxlen: 22
84.21.17.0/24 maxlen: 24
84.21.14.0/24 maxlen: 24
84.21.23.0/24 maxlen: 24
84.21.24.0/24 maxlen: 24
84.21.21.0/24 maxlen: 24
84.21.22.0/24 maxlen: 24
84.21.30.0/24 maxlen: 24
84.21.28.0/24 maxlen: 24
84.21.29.0/24 maxlen: 24
84.21.27.0/24 maxlen: 24
84.21.25.0/24 maxlen: 24
84.21.26.0/24 maxlen: 24
79.172.200.0/24 maxlen: 24
79.172.202.0/24 maxlen: 24
79.172.208.0/24 maxlen: 24
87.229.2.0/24 maxlen: 24
87.229.3.0/24 maxlen: 24
87.229.1.0/24 maxlen: 24
87.229.4.0/24 maxlen: 24
87.229.5.0/24 maxlen: 24
178.238.214.0/24 maxlen: 24
178.238.219.0/24 maxlen: 24
178.238.218.0/24 maxlen: 24
87.229.109.0/24 maxlen: 24
87.229.13.0/24 maxlen: 24
87.229.28.0/22 maxlen: 22
87.229.27.0/24 maxlen: 24
87.229.25.0/24 maxlen: 24
87.229.49.0/24 maxlen: 24
87.229.46.0/23 maxlen: 23
84.21.9.0/24 maxlen: 24
2a02:730:2000::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 12 Feb 2024 07:28:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e9:90:a9:2d:82:b5:80:45:a7:c2:09:0a:d7:bd:29:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Jan 8 14:53:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3d1b1700d8779b461cf131af1aba6d9af3913897
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:dc:8c:0d:37:ec:0c:dc:0c:ac:30:4d:e8:77:
d0:62:00:b3:c5:ce:92:f3:6b:66:0d:64:21:82:92:
9e:fd:f0:ca:a9:fd:cf:f2:a8:74:a5:6e:33:b7:80:
e8:be:05:53:03:ec:74:0e:e3:66:32:a8:55:c5:72:
22:6a:fa:c2:f6:f8:ff:65:8a:f7:ef:2d:83:10:92:
b7:1f:57:d4:a8:76:f8:e8:14:cc:9a:a3:0e:0c:13:
17:39:a4:98:a3:0c:7e:d1:bf:05:39:8c:0b:07:f8:
ff:5f:57:62:ea:07:ee:e2:8f:23:fa:e8:0d:82:3a:
cb:52:eb:fb:b5:b2:20:93:58:47:33:2d:93:24:ac:
81:e9:a8:4d:81:bc:1a:2c:67:39:de:57:5e:c6:8f:
4e:e7:21:81:39:2d:b1:e7:c1:00:00:20:74:17:a7:
dd:1d:ff:c6:31:fc:fa:57:59:0f:a0:18:c4:b1:e6:
f4:ae:61:3c:e4:0c:86:ee:b3:1d:6e:f2:cd:bf:53:
13:1e:1b:98:6b:43:fd:5e:5b:2e:2f:38:4f:c8:f8:
c4:f0:de:ae:7e:0b:75:36:d2:ea:37:74:43:5c:6a:
a3:c2:cd:19:39:5e:a3:59:26:af:94:a7:14:4f:60:
2d:16:d6:3a:b9:2e:fa:c8:ee:69:fe:8a:06:5b:a8:
f2:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:1B:17:00:D8:77:9B:46:1C:F1:31:AF:1A:BA:6D:9A:F3:91:38:97
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/PRsXANh3m0Yc8TGvGrptmvOROJc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.172.200.0/24
79.172.202.0/24
79.172.208.0/24
79.172.232.0/22
84.21.9.0/24
84.21.14.0/24
84.21.17.0/24
84.21.21.0-84.21.30.255
87.229.1.0-87.229.5.255
87.229.13.0/24
87.229.25.0/24
87.229.27.0-87.229.31.255
87.229.46.0/23
87.229.49.0/24
87.229.109.0/24
178.238.214.0/24
178.238.218.0/23
IPv6:
2a02:730:2000::/48
Signature Algorithm: sha256WithRSAEncryption
5e:26:c8:8b:f2:d3:22:6e:a8:b2:42:e0:1d:56:0b:b8:d8:b1:
48:48:a3:0d:8e:26:8f:91:8b:5a:34:bc:8b:bf:73:44:d2:b1:
ac:4b:fb:67:95:ee:cd:b0:80:44:7b:55:3c:07:81:9f:96:a5:
64:33:30:95:13:e4:0d:2a:78:2f:5b:49:a0:bc:54:22:85:29:
00:23:41:38:6b:56:0d:b3:f8:dd:8c:14:05:4a:15:fe:d0:22:
04:18:e6:0f:ea:95:f3:dd:d5:ec:6e:5b:a1:38:5c:b4:83:49:
d5:8f:d7:24:0e:df:a0:cd:2b:3e:fe:ae:b3:86:23:d7:68:d7:
f2:5a:97:b6:77:f0:22:e6:0e:28:4d:9d:a8:92:1d:5c:a6:4b:
c3:08:3c:5b:95:0b:63:2d:82:db:cd:d4:a1:1d:69:d5:3c:c3:
17:35:68:82:32:9e:78:5e:b1:c7:f0:b6:34:6a:18:56:45:3f:
cb:98:c3:83:89:19:3a:a9:69:7c:93:d8:4d:18:8f:a4:5a:12:
d7:c7:80:2a:f7:e6:28:1f:f4:5d:b4:1f:e1:47:92:dd:14:66:
3a:90:6b:ac:5d:96:40:05:34:d0:8b:84:b1:f8:39:eb:cb:4e:
72:a7:f0:8c:0a:a4:c9:68:f2:c7:0e:6a:4e:f0:6a:ea:51:6d:
2f:b1:40:d2
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgISAYzpkKktgrWARafCCQrXvSltMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjQwMTA4MTQ1MzQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDFiMTcwMGQ4Nzc5YjQ2MWNmMTMxYWYxYWJhNmQ5YWYzOTEzODk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAktyMDTfsDNwMrDBN6HfQYgCzxc6S
82tmDWQhgpKe/fDKqf3P8qh0pW4zt4DovgVTA+x0DuNmMqhVxXIiavrC9vj/ZYr3
7y2DEJK3H1fUqHb46BTMmqMODBMXOaSYowx+0b8FOYwLB/j/X1di6gfu4o8j+ugN
gjrLUuv7tbIgk1hHMy2TJKyB6ahNgbwaLGc53ldexo9O5yGBOS2x58EAACB0F6fd
Hf/GMfz6V1kPoBjEseb0rmE85AyG7rMdbvLNv1MTHhuYa0P9XlsuLzhPyPjE8N6u
fgt1NtLqN3RDXGqjws0ZOV6jWSavlKcUT2AtFtY6uS76yO5p/ooGW6jyfQIDAQAB
o4ICljCCApIwHQYDVR0OBBYEFD0bFwDYd5tGHPExrxq6bZrzkTiXMB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvUFJzWEFOaDNtMFljOFRHdkdycHRtdk9ST0pjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGrBggrBgEFBQcBBwEB/wSBmzCBmDCBhAQCAAEwfgMEAE+s
yAMEAE+sygMEAE+s0AMEAk+s6AMEAFQVCQMEAFQVDgMEAFQVETAMAwQAVBUVAwQA
VBUeMAwDBABX5QEDBAFX5QQDBABX5Q0DBABX5RkwDAMEAFflGwMEBVflAAMEAVfl
LgMEAFflMQMEAFflbQMEALLu1gMEAbLu2jAPBAIAAjAJAwcAKgIHMCAAMA0GCSqG
SIb3DQEBCwUAA4IBAQBeJsiL8tMibqiyQuAdVgu42LFISKMNjiaPkYtaNLyLv3NE
0rGsS/tnle7NsIBEe1U8B4GflqVkMzCVE+QNKngvW0mgvFQihSkAI0E4a1YNs/jd
jBQFShX+0CIEGOYP6pXz3dXsbluhOFy0g0nVj9ckDt+gzSs+/q6zhiPXaNfyWpe2
d/Ai5g4oTZ2okh1cpkvDCDxblQtjLYLbzdShHWnVPMMXNWiCMp54XrHH8LY0ahhW
RT/LmMODiRk6qWl8k9hNGI+kWhLXx4Aq9+YoH/RdtB/hR5LdFGY6kGusXZZABTTQ
i4Sx+Dnry05yp/CMCqTJaPLHDmpO8GrqUW0vsUDS
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:58:27 2025 by rpki-client