Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/vHU-rRjAmdZRZueb1oQWEEUlM08.roa
File: vHU-rRjAmdZRZueb1oQWEEUlM08.roa (raw, json)
Hash identifier: lU2CHtW5PmT5IBuZlAquXCuy3f72rrcir93J/RAkgvg=
Subject key identifier: BC:75:3E:AD:18:C0:99:D6:51:66:E7:9B:D6:84:16:10:45:25:33:4F
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 018CE9A41027E788352E2CFBB7CD6CA218FB
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/vHU-rRjAmdZRZueb1oQWEEUlM08.roa
Signing time: Mon 08 Jan 2024 15:14:52 +0000
ROA not before: Mon 08 Jan 2024 15:14:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42964
IP address blocks: 79.172.217.0/24 maxlen: 24
79.172.215.0/24 maxlen: 24
217.144.61.0/24 maxlen: 24
79.172.237.0/24 maxlen: 24
87.229.98.0/23 maxlen: 23
87.229.102.0/24 maxlen: 24
213.181.222.0/24 maxlen: 24
178.238.223.0/24 maxlen: 24
79.172.206.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 13 Feb 2024 13:37:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e9:a4:10:27:e7:88:35:2e:2c:fb:b7:cd:6c:a2:18:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Jan 8 15:14:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bc753ead18c099d65166e79bd68416104525334f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:66:cd:0c:29:46:d1:45:df:ab:1f:03:b1:24:
df:d5:ae:73:30:bb:ab:9a:5c:01:ff:db:62:c5:6f:
4d:54:61:ee:e6:fd:f9:71:58:09:18:af:e7:a5:94:
24:67:22:d6:a4:fd:c6:5c:3e:04:39:67:fa:67:d8:
2e:76:f0:05:1d:4c:5c:37:f3:d9:ba:61:14:b2:b4:
87:46:d7:1d:03:df:b9:bd:f8:4a:ca:93:87:e1:07:
4b:5e:eb:9a:78:c7:55:c4:42:e5:5d:c3:28:a6:9f:
eb:d9:6d:dd:90:eb:a5:83:3d:60:43:35:d0:df:6c:
60:7e:90:22:e7:59:50:6d:1d:04:b1:48:be:bb:d6:
7c:e2:4a:5e:b7:20:dd:a0:fd:f7:84:67:f5:b7:fe:
25:07:a1:34:f5:29:e6:18:ce:9d:33:2d:d0:dd:c2:
b2:df:6a:dd:31:0f:11:f1:91:e5:d4:93:ce:e6:f8:
7e:03:a9:ed:4f:d3:7c:0a:18:aa:a8:2f:03:92:f5:
5a:65:96:93:91:e1:e2:1b:bf:b6:86:38:13:08:a5:
21:d1:c4:c6:ec:12:95:8c:1a:0b:92:65:4b:c8:a6:
79:ce:0f:a8:49:06:f2:72:54:ab:a4:9c:21:ff:84:
b1:0f:fa:13:b2:a7:95:a6:06:63:c6:cc:30:90:0e:
1b:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:75:3E:AD:18:C0:99:D6:51:66:E7:9B:D6:84:16:10:45:25:33:4F
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/vHU-rRjAmdZRZueb1oQWEEUlM08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.172.206.0/24
79.172.215.0/24
79.172.217.0/24
79.172.237.0/24
87.229.98.0/23
87.229.102.0/24
178.238.223.0/24
213.181.222.0/24
217.144.61.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:6f:b5:d2:13:f7:10:dd:f6:ec:c9:2e:bc:01:3d:7a:22:de:
10:9c:b9:ef:14:2c:8e:22:73:e1:0e:29:84:ee:ea:a4:27:53:
28:96:e5:a6:40:d3:5a:6e:ba:f8:db:08:a5:ae:67:f6:4e:8e:
7c:10:9d:e2:d0:6a:96:55:94:e6:12:4a:f4:03:44:93:15:bd:
4e:1d:a9:b6:9b:c7:5e:c7:a9:0c:a8:f3:3b:05:c4:6b:0b:af:
d5:9a:e8:0c:f7:dd:a0:0e:8b:28:2b:e4:5b:2f:1f:4d:58:5c:
47:1e:db:1d:ba:87:5d:70:c1:d5:d6:86:12:72:8d:27:ea:d3:
47:c7:db:b9:e7:1d:72:10:ff:d6:eb:6d:27:53:e8:c6:0b:4f:
50:49:f3:1b:d0:10:16:b3:20:3e:03:0b:af:b3:82:13:2d:34:
e3:25:fe:5f:7c:d6:b5:49:f8:1e:4b:12:cd:57:60:df:3b:9b:
c1:64:91:b4:40:d1:17:88:14:6e:07:8b:6b:9d:1d:71:80:3c:
02:90:2e:0e:60:bb:8d:1a:d3:0c:58:72:b8:a7:63:5e:15:32:
bf:cf:8c:11:f6:91:95:55:9d:d4:06:6b:f1:a5:00:9f:71:1d:
a6:49:a3:82:5f:70:65:51:b8:6d:9d:9f:38:10:cc:e1:ba:cf:
64:2d:a8:2e
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYzppBAn54g1Liz7t81sohj7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjQwMTA4MTUxNDUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzc1M2VhZDE4YzA5OWQ2NTE2NmU3OWJkNjg0MTYxMDQ1MjUzMzRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmGbNDClG0UXfqx8DsSTf1a5zMLur
mlwB/9tixW9NVGHu5v35cVgJGK/npZQkZyLWpP3GXD4EOWf6Z9gudvAFHUxcN/PZ
umEUsrSHRtcdA9+5vfhKypOH4QdLXuuaeMdVxELlXcMopp/r2W3dkOulgz1gQzXQ
32xgfpAi51lQbR0EsUi+u9Z84kpetyDdoP33hGf1t/4lB6E09SnmGM6dMy3Q3cKy
32rdMQ8R8ZHl1JPO5vh+A6ntT9N8ChiqqC8DkvVaZZaTkeHiG7+2hjgTCKUh0cTG
7BKVjBoLkmVLyKZ5zg+oSQbyclSrpJwh/4SxD/oTsqeVpgZjxswwkA4bXQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFLx1Pq0YwJnWUWbnm9aEFhBFJTNPMB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvdkhVLXJSakFtZFpSWnVlYjFvUVdFRVVsTTA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAT6zOAwQA
T6zXAwQAT6zZAwQAT6ztAwQBV+ViAwQAV+VmAwQAsu7fAwQA1bXeAwQA2ZA9MA0G
CSqGSIb3DQEBCwUAA4IBAQCcb7XSE/cQ3fbsyS68AT16It4QnLnvFCyOInPhDimE
7uqkJ1MoluWmQNNabrr42wilrmf2To58EJ3i0GqWVZTmEkr0A0STFb1OHam2m8de
x6kMqPM7BcRrC6/VmugM992gDosoK+RbLx9NWFxHHtsduoddcMHV1oYSco0n6tNH
x9u55x1yEP/W620nU+jGC09QSfMb0BAWsyA+Awuvs4ITLTTjJf5ffNa1SfgeSxLN
V2DfO5vBZJG0QNEXiBRuB4trnR1xgDwCkC4OYLuNGtMMWHK4p2NeFTK/z4wR9pGV
VZ3UBmvxpQCfcR2mSaOCX3BlUbhtnZ84EMzhus9kLagu
-----END CERTIFICATE-----
Generated at Tue Feb 13 17:34:57 2024 by rpki-client on console-fra.rpki-client.org