Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/z3rOQ-F-CgTc2oQLSitADPBLY3k.roa
File: z3rOQ-F-CgTc2oQLSitADPBLY3k.roa (raw, json)
Hash identifier: yQQvnS5vvubBNsqG2V9NbpxsQi73pzFmPmrrN7/5lXg=
Subject key identifier: CF:7A:CE:43:E1:7E:0A:04:DC:DA:84:0B:4A:2B:40:0C:F0:4B:63:79
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 018CE8FB6D71E9DB717F6F06D0C9F282779F
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/z3rOQ-F-CgTc2oQLSitADPBLY3k.roa
Signing time: Mon 08 Jan 2024 12:10:40 +0000
ROA not before: Mon 08 Jan 2024 12:10:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12301
IP address blocks: 79.172.226.0/24 maxlen: 24
79.172.230.0/23 maxlen: 23
79.172.254.0/24 maxlen: 24
87.229.117.0/24 maxlen: 24
87.229.51.0/24 maxlen: 24
87.229.56.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 13 Feb 2024 15:40:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e8:fb:6d:71:e9:db:71:7f:6f:06:d0:c9:f2:82:77:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Jan 8 12:10:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cf7ace43e17e0a04dcda840b4a2b400cf04b6379
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:55:7b:b9:e2:ed:a2:2c:62:5b:97:40:8d:6a:
26:36:a7:50:2d:85:1d:aa:58:63:89:6a:8d:aa:22:
19:2b:cf:93:b2:db:b2:f8:c3:a3:00:e7:fc:f3:b9:
f3:db:f3:c5:0f:5c:81:5e:19:c3:fc:62:24:c6:40:
5f:df:05:38:b3:72:62:1d:59:44:f3:27:27:55:a1:
bc:13:f3:02:6d:2a:9a:59:e4:40:33:58:4c:8b:d0:
6e:d2:83:91:a4:af:d8:df:e4:ab:20:7e:0e:34:b6:
f3:1c:c4:f3:29:aa:3f:f8:0b:88:f2:a3:73:58:15:
ee:7d:4d:38:a7:29:77:3b:d6:22:5d:f9:3c:6d:ab:
d8:1b:f2:f7:8f:f3:6b:75:3a:a9:8d:e5:3e:36:8c:
f1:0f:91:87:01:4c:5f:a7:3c:4b:0a:53:91:6f:5d:
2c:6a:57:92:c5:37:33:fd:3e:39:f0:84:90:9f:ad:
70:bb:a1:37:4a:1f:56:cd:f8:a9:1c:4c:fd:6c:11:
43:4d:9b:9d:ec:51:b9:5c:39:0f:dc:a6:49:7b:7f:
23:37:01:f0:17:60:44:e4:95:7a:3f:73:0e:cc:a4:
20:c8:dc:c0:cd:56:15:63:bc:81:39:07:9b:b4:63:
74:6a:88:a1:fd:49:16:55:30:cf:a0:e9:5f:9b:cb:
f6:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:7A:CE:43:E1:7E:0A:04:DC:DA:84:0B:4A:2B:40:0C:F0:4B:63:79
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/z3rOQ-F-CgTc2oQLSitADPBLY3k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.172.226.0/24
79.172.230.0/23
79.172.254.0/24
87.229.51.0/24
87.229.56.0/24
87.229.117.0/24
Signature Algorithm: sha256WithRSAEncryption
23:62:b5:05:8e:2d:0d:8b:fc:e6:13:10:85:86:30:32:34:05:
c5:48:b5:00:8b:e6:47:c4:9b:58:01:2d:ae:df:9a:93:4f:77:
81:fb:37:5a:74:60:1d:3a:99:69:f1:ba:1f:a1:a5:ee:4e:62:
25:c2:43:c8:aa:2b:e6:3a:17:fc:f3:06:00:1b:49:65:24:63:
11:10:46:c8:2d:cf:00:a2:de:58:12:bd:47:6d:bd:49:bf:1f:
ac:04:b1:ef:21:d9:3f:85:b6:6f:b2:7d:01:86:3a:1f:2b:23:
e0:b7:21:73:e3:40:aa:45:a4:a8:f2:22:b9:27:7e:82:cc:ac:
97:1c:73:5f:95:2b:ca:52:4b:af:e8:ce:44:70:1d:54:11:a9:
d9:69:e6:d5:6e:ec:de:aa:a5:d5:5e:cf:89:7c:45:a2:89:3c:
63:d1:24:a0:72:a3:40:bd:a0:aa:36:e7:43:0a:f8:31:94:4f:
8d:28:fd:a7:11:9e:52:2c:fb:81:84:7d:a6:8b:20:0f:bf:e6:
af:9b:64:03:d3:77:10:57:54:d3:29:03:16:bc:d6:f1:4c:5c:
7f:1f:e2:58:af:a7:6e:54:b8:7f:14:e7:6b:5e:71:28:e0:49:
78:4e:84:a5:16:c6:ea:6a:3e:29:8d:86:8c:2b:c1:85:ae:c8:
29:4b:8c:db
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzo+21x6dtxf28G0MnygnefMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjQwMTA4MTIxMDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjdhY2U0M2UxN2UwYTA0ZGNkYTg0MGI0YTJiNDAwY2YwNGI2Mzc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAylV7ueLtoixiW5dAjWomNqdQLYUd
qlhjiWqNqiIZK8+Tstuy+MOjAOf887nz2/PFD1yBXhnD/GIkxkBf3wU4s3JiHVlE
8ycnVaG8E/MCbSqaWeRAM1hMi9Bu0oORpK/Y3+SrIH4ONLbzHMTzKao/+AuI8qNz
WBXufU04pyl3O9YiXfk8bavYG/L3j/NrdTqpjeU+NozxD5GHAUxfpzxLClORb10s
aleSxTcz/T458ISQn61wu6E3Sh9WzfipHEz9bBFDTZud7FG5XDkP3KZJe38jNwHw
F2BE5JV6P3MOzKQgyNzAzVYVY7yBOQebtGN0aoih/UkWVTDPoOlfm8v2kwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFM96zkPhfgoE3NqEC0orQAzwS2N5MB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvejNyT1EtRi1DZ1RjMm9RTFNpdEFEUEJMWTNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAT6ziAwQB
T6zmAwQAT6z+AwQAV+UzAwQAV+U4AwQAV+V1MA0GCSqGSIb3DQEBCwUAA4IBAQAj
YrUFji0Ni/zmExCFhjAyNAXFSLUAi+ZHxJtYAS2u35qTT3eB+zdadGAdOplp8bof
oaXuTmIlwkPIqivmOhf88wYAG0llJGMREEbILc8Aot5YEr1Hbb1Jvx+sBLHvIdk/
hbZvsn0BhjofKyPgtyFz40CqRaSo8iK5J36CzKyXHHNflSvKUkuv6M5EcB1UEanZ
aebVbuzeqqXVXs+JfEWiiTxj0SSgcqNAvaCqNudDCvgxlE+NKP2nEZ5SLPuBhH2m
iyAPv+avm2QD03cQV1TTKQMWvNbxTFx/H+JYr6duVLh/FOdrXnEo4El4ToSlFsbq
aj4pjYaMK8GFrsgpS4zb
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:56:00 2025 by rpki-client