Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/1b1272-83c1-4864-9cd3-027c7f7dc6d5/1/sXjNYfQKjmAz8zd84Jcs7bI0fTU.roa
File: sXjNYfQKjmAz8zd84Jcs7bI0fTU.roa (raw, json)
Hash identifier: xizD7M7TWT10zqPHtmOuk4iyjQUXb5EfoowvKeGG/rc=
Subject key identifier: B1:78:CD:61:F4:0A:8E:60:33:F3:37:7C:E0:97:2C:ED:B2:34:7D:35
Certificate issuer: /CN=4f617d6b03e2fe5f8911cbeb5fae2dca3bd6677f
Certificate serial: 01929EF87A717A3FE12166561173350A4943
Authority key identifier: 4F:61:7D:6B:03:E2:FE:5F:89:11:CB:EB:5F:AE:2D:CA:3B:D6:67:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T2F9awPi_l-JEcvrX64tyjvWZ38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/1b1272-83c1-4864-9cd3-027c7f7dc6d5/1/sXjNYfQKjmAz8zd84Jcs7bI0fTU.roa
Signing time: Fri 18 Oct 2024 09:32:17 +0000
ROA not before: Fri 18 Oct 2024 09:32:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44034
IP address blocks: 2.64.0.0/13 maxlen: 13
37.250.0.0/16 maxlen: 16
77.241.128.0/20 maxlen: 20
77.241.128.0/21 maxlen: 21
78.156.192.0/19 maxlen: 19
79.138.128.0/17 maxlen: 17
80.251.192.0/20 maxlen: 20
80.251.202.128/25 maxlen: 25
94.191.128.0/17 maxlen: 17
95.209.0.0/16 maxlen: 16
109.56.0.0/14 maxlen: 14
212.27.0.0/19 maxlen: 19
2a02:aa0::/29 maxlen: 32
2a02:aa0::/30 maxlen: 30
2a02:aa4::/30 maxlen: 30
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:48:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:9e:f8:7a:71:7a:3f:e1:21:66:56:11:73:35:0a:49:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f617d6b03e2fe5f8911cbeb5fae2dca3bd6677f
Validity
Not Before: Oct 18 09:32:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b178cd61f40a8e6033f3377ce0972cedb2347d35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fd:5c:70:20:42:3c:d8:00:3f:9b:59:ff:9e:ec:
f4:b5:25:af:15:01:c0:06:cc:2a:cb:e0:3b:59:1e:
91:7d:e9:d3:6f:8f:02:6b:2d:4b:d4:f8:2f:75:ce:
79:e2:ea:ba:ed:6d:5d:d3:1c:57:ba:a9:46:4e:3b:
f6:91:70:d7:9a:e3:1c:f4:e7:9b:cc:6d:36:d1:79:
30:61:09:c2:db:ce:68:51:7e:38:38:d7:23:14:40:
5c:48:ea:7b:97:25:b1:25:73:70:f9:78:ee:e9:10:
12:9b:ae:51:b3:8a:b9:e9:9a:49:7e:db:85:5a:9f:
af:bc:5f:31:58:6e:81:9c:4e:d4:71:02:1b:fd:5d:
e3:a1:93:1b:f2:36:9b:b0:cb:30:1d:42:ea:4f:b5:
9a:52:f0:1a:d0:6f:87:38:51:bf:e3:87:05:d3:b4:
d6:6d:a9:29:0c:98:24:a2:7b:51:80:2f:e2:bb:89:
42:64:7a:d7:10:f1:af:13:96:93:50:71:bd:e7:b8:
be:f3:9b:a3:17:47:fd:18:37:cb:2e:d2:09:89:33:
3e:09:48:03:33:b1:a5:d1:5a:1e:92:c0:b1:c4:2d:
a1:ff:60:20:6d:d3:56:f9:1f:de:ba:13:e7:70:b8:
72:a5:a6:c4:23:d7:14:42:64:04:68:78:12:a3:0f:
c1:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:78:CD:61:F4:0A:8E:60:33:F3:37:7C:E0:97:2C:ED:B2:34:7D:35
X509v3 Authority Key Identifier:
keyid:4F:61:7D:6B:03:E2:FE:5F:89:11:CB:EB:5F:AE:2D:CA:3B:D6:67:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T2F9awPi_l-JEcvrX64tyjvWZ38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/1b1272-83c1-4864-9cd3-027c7f7dc6d5/1/sXjNYfQKjmAz8zd84Jcs7bI0fTU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/1b1272-83c1-4864-9cd3-027c7f7dc6d5/1/T2F9awPi_l-JEcvrX64tyjvWZ38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.64.0.0/13
37.250.0.0/16
77.241.128.0/20
78.156.192.0/19
79.138.128.0/17
80.251.192.0/20
94.191.128.0/17
95.209.0.0/16
109.56.0.0/14
212.27.0.0/19
IPv6:
2a02:aa0::/29
Signature Algorithm: sha256WithRSAEncryption
04:34:75:26:f0:0f:61:a6:23:6d:d2:fa:22:8c:11:2f:bc:69:
ae:1a:da:d7:74:8b:1f:2c:89:86:80:d3:eb:28:99:91:b9:76:
9d:6d:f6:d4:9c:ab:31:2d:e7:3e:03:5a:b8:e8:12:e2:80:ee:
8b:29:8e:69:14:c0:ca:e7:76:fc:75:5e:6b:60:ff:46:86:fc:
2f:0c:35:c7:ce:2d:7f:07:24:67:3b:e3:32:0d:7c:3b:fd:04:
89:ac:b4:12:e2:15:26:74:78:32:f5:27:17:32:fe:fe:f7:69:
ec:b4:4f:38:43:07:dd:12:83:ee:a3:32:56:60:d6:09:88:d3:
7c:a2:31:15:cb:ad:0d:a7:cf:20:1a:1a:fc:f4:e5:6f:02:ac:
16:c1:0f:c0:b0:8f:73:2b:e1:10:26:29:8c:64:99:74:47:1c:
ad:2d:ca:0c:14:77:bf:59:fd:51:a4:2a:95:ba:0d:83:6c:9d:
c7:d2:75:64:17:01:0f:bb:da:e3:ed:40:a1:31:8c:1e:1b:17:
66:f6:48:5b:54:3e:8c:6c:04:99:24:b5:a9:c8:42:f3:90:f5:
49:12:e9:64:24:5e:4b:6f:75:5f:f5:33:a5:04:b6:cc:c9:01:
d9:52:af:75:72:e2:9e:3f:9b:e9:19:cc:4a:9b:a2:73:ee:9c:
64:a8:5d:c5
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAZKe+Hpxej/hIWZWEXM1CklDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmNjE3ZDZiMDNlMmZlNWY4OTExY2JlYjVmYWUyZGNhM2Jk
NjY3N2YwHhcNMjQxMDE4MDkzMjE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTc4Y2Q2MWY0MGE4ZTYwMzNmMzM3N2NlMDk3MmNlZGIyMzQ3ZDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/VxwIEI82AA/m1n/nuz0tSWvFQHA
Bswqy+A7WR6RfenTb48Cay1L1Pgvdc554uq67W1d0xxXuqlGTjv2kXDXmuMc9Oeb
zG020XkwYQnC285oUX44ONcjFEBcSOp7lyWxJXNw+Xju6RASm65Rs4q56ZpJftuF
Wp+vvF8xWG6BnE7UcQIb/V3joZMb8jabsMswHULqT7WaUvAa0G+HOFG/44cF07TW
bakpDJgkontRgC/iu4lCZHrXEPGvE5aTUHG957i+85ujF0f9GDfLLtIJiTM+CUgD
M7Gl0VoeksCxxC2h/2AgbdNW+R/euhPncLhypabEI9cUQmQEaHgSow/B5QIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFLF4zWH0Co5gM/M3fOCXLO2yNH01MB8GA1UdIwQY
MBaAFE9hfWsD4v5fiRHL61+uLco71md/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDJGOWF3UGlfbC1KRWN2clg2NHR5anZXWjM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xYjEyNzItODNjMS00ODY0LTljZDMt
MDI3YzdmN2RjNmQ1LzEvc1hqTllmUUtqbUF6OHpkODRKY3M3YkkwZlRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xYjEyNzItODNjMS00ODY0LTljZDMtMDI3YzdmN2RjNmQ1
LzEvVDJGOWF3UGlfbC1KRWN2clg2NHR5anZXWjM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzA+BAIAATA4AwMDAkADAwAl
+gMEBE3xgAMEBU6cwAMEB0+KgAMEBFD7wAMEB16/gAMDAF/RAwMCbTgDBAXUGwAw
DQQCAAIwBwMFAyoCCqAwDQYJKoZIhvcNAQELBQADggEBAAQ0dSbwD2GmI23S+iKM
ES+8aa4a2td0ix8siYaA0+somZG5dp1t9tScqzEt5z4DWrjoEuKA7ospjmkUwMrn
dvx1Xmtg/0aG/C8MNcfOLX8HJGc74zINfDv9BImstBLiFSZ0eDL1Jxcy/v73aey0
TzhDB90Sg+6jMlZg1gmI03yiMRXLrQ2nzyAaGvz05W8CrBbBD8Cwj3Mr4RAmKYxk
mXRHHK0tygwUd79Z/VGkKpW6DYNsncfSdWQXAQ+72uPtQKExjB4bF2b2SFtUPoxs
BJkktanIQvOQ9UkS6WQkXktvdV/1M6UEtszJAdlSr3Vy4p4/m+kZzEqbonPunGSo
XcU=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:28:52 2025 by rpki-client