Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/c6b906-9150-443d-ba30-739c198c513f/1/ecNc7XB0kUivsKnjV38oC17EYKA.roa
File: ecNc7XB0kUivsKnjV38oC17EYKA.roa (raw, json)
Hash identifier: JNS6xA/R5MlvGljug+0lsj70gjpKUZFvCwY8+RrLCcM=
Subject key identifier: 79:C3:5C:ED:70:74:91:48:AF:B0:A9:E3:57:7F:28:0B:5E:C4:60:A0
Certificate issuer: /CN=1ad5d174cbb46aaf86555b80e1773331b870b568
Certificate serial: 018F2E9A1C05328952C37CF1F329035AD657
Authority key identifier: 1A:D5:D1:74:CB:B4:6A:AF:86:55:5B:80:E1:77:33:31:B8:70:B5:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GtXRdMu0aq-GVVuA4XczMbhwtWg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/c6b906-9150-443d-ba30-739c198c513f/1/ecNc7XB0kUivsKnjV38oC17EYKA.roa
Signing time: Tue 30 Apr 2024 10:43:22 +0000
ROA not before: Tue 30 Apr 2024 10:43:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41004
IP address blocks: 79.171.0.0/22 maxlen: 22
193.32.37.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:47:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:2e:9a:1c:05:32:89:52:c3:7c:f1:f3:29:03:5a:d6:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ad5d174cbb46aaf86555b80e1773331b870b568
Validity
Not Before: Apr 30 10:43:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=79c35ced70749148afb0a9e3577f280b5ec460a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:01:af:b6:c2:54:94:19:ca:ea:48:ae:ce:86:
23:7a:0a:f7:21:02:e9:c5:92:01:fa:b0:a9:c0:50:
93:fe:fc:17:cf:96:67:24:f2:cc:e7:cd:0b:6c:c8:
8b:22:9a:10:d8:28:ef:22:28:f6:83:8a:91:88:49:
65:8b:e9:4b:ce:7a:d3:65:80:3c:2e:63:a3:87:f8:
3c:26:36:ad:b7:cf:fe:d0:5b:ee:69:18:bd:4d:c1:
94:95:ab:06:ab:cd:8a:e4:7f:9c:c6:6b:28:91:ca:
1d:d8:a0:26:31:a5:f9:48:19:20:02:16:63:57:ed:
a3:07:47:1d:be:c8:77:71:ae:f9:f2:27:0d:4e:d0:
45:20:4c:17:b0:bf:46:c8:14:24:a5:fd:05:03:83:
70:08:9e:7b:24:52:33:09:df:86:83:4f:0d:53:09:
27:fd:ea:f0:10:0a:a6:aa:35:df:1e:7a:ef:94:48:
37:d4:24:c9:10:f7:66:26:b4:32:3e:18:d4:e1:86:
18:3b:57:a7:43:51:ce:29:1f:a0:d6:2b:c8:d0:01:
3f:f9:51:41:04:32:f1:5b:b9:0c:7e:03:3c:c7:2b:
58:fe:f9:80:fd:8e:df:3a:70:a2:5d:98:42:40:b9:
54:1f:4e:48:31:4e:0d:b7:0f:d8:cd:ff:69:b7:a8:
28:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:C3:5C:ED:70:74:91:48:AF:B0:A9:E3:57:7F:28:0B:5E:C4:60:A0
X509v3 Authority Key Identifier:
keyid:1A:D5:D1:74:CB:B4:6A:AF:86:55:5B:80:E1:77:33:31:B8:70:B5:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GtXRdMu0aq-GVVuA4XczMbhwtWg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/c6b906-9150-443d-ba30-739c198c513f/1/ecNc7XB0kUivsKnjV38oC17EYKA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/c6b906-9150-443d-ba30-739c198c513f/1/GtXRdMu0aq-GVVuA4XczMbhwtWg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.171.0.0/22
193.32.37.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:22:25:62:84:c7:1c:e4:c6:ce:55:a4:24:53:4d:bf:d3:95:
5a:e8:46:78:9e:d0:78:1b:e2:43:fd:09:58:59:cf:c0:3b:32:
25:0d:86:58:28:7d:65:f9:08:19:54:e1:b6:f9:ba:ca:b8:4a:
51:ba:72:87:a7:cd:a2:ef:17:94:6a:d8:13:eb:58:2c:22:e6:
4f:83:52:73:9b:68:49:f6:7c:62:ff:38:c5:1b:08:a6:c0:0e:
d5:85:9d:2e:ae:40:9d:81:7a:2c:fe:46:55:48:91:46:63:af:
d6:de:09:05:05:af:d6:ca:e6:c1:7d:91:d1:d9:59:7c:00:cb:
28:db:1c:36:e7:37:d2:d3:65:ed:6c:0a:c4:76:38:0e:ad:50:
0c:9b:44:af:b3:21:dd:aa:65:65:42:5c:08:9e:1c:db:81:3f:
51:d0:cd:db:3d:ba:43:a9:68:ed:29:80:83:55:b9:ba:3f:c5:
30:bc:2f:14:c5:d6:38:3c:74:fa:cd:22:90:fa:df:c7:e9:df:
a0:54:32:a0:e3:4e:b8:93:48:5c:4b:ad:4f:3d:46:cf:43:e5:
1b:df:70:a4:c5:13:89:bb:32:01:5f:3b:09:8d:9a:82:f4:2f:
f2:d1:3e:53:03:2a:7f:36:b8:73:7e:2f:81:30:ce:8f:a2:63:
cc:a5:f4:f5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY8umhwFMolSw3zx8ykDWtZXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhZDVkMTc0Y2JiNDZhYWY4NjU1NWI4MGUxNzczMzMxYjg3
MGI1NjgwHhcNMjQwNDMwMTA0MzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OWMzNWNlZDcwNzQ5MTQ4YWZiMGE5ZTM1NzdmMjgwYjVlYzQ2MGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArAGvtsJUlBnK6kiuzoYjegr3IQLp
xZIB+rCpwFCT/vwXz5ZnJPLM580LbMiLIpoQ2CjvIij2g4qRiElli+lLznrTZYA8
LmOjh/g8Jjatt8/+0FvuaRi9TcGUlasGq82K5H+cxmsokcod2KAmMaX5SBkgAhZj
V+2jB0cdvsh3ca758icNTtBFIEwXsL9GyBQkpf0FA4NwCJ57JFIzCd+Gg08NUwkn
/erwEAqmqjXfHnrvlEg31CTJEPdmJrQyPhjU4YYYO1enQ1HOKR+g1ivI0AE/+VFB
BDLxW7kMfgM8xytY/vmA/Y7fOnCiXZhCQLlUH05IMU4Ntw/Yzf9pt6goCQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHnDXO1wdJFIr7Cp41d/KAtexGCgMB8GA1UdIwQY
MBaAFBrV0XTLtGqvhlVbgOF3MzG4cLVoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3RYUmRNdTBhcS1HVlZ1QTRYY3pNYmh3dFdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi9jNmI5MDYtOTE1MC00NDNkLWJhMzAt
NzM5YzE5OGM1MTNmLzEvZWNOYzdYQjBrVWl2c0tualYzOG9DMTdFWUtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi9jNmI5MDYtOTE1MC00NDNkLWJhMzAtNzM5YzE5OGM1MTNm
LzEvR3RYUmRNdTBhcS1HVlZ1QTRYY3pNYmh3dFdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCT6sAAwQA
wSAlMA0GCSqGSIb3DQEBCwUAA4IBAQBPIiVihMcc5MbOVaQkU02/05Va6EZ4ntB4
G+JD/QlYWc/AOzIlDYZYKH1l+QgZVOG2+brKuEpRunKHp82i7xeUatgT61gsIuZP
g1Jzm2hJ9nxi/zjFGwimwA7VhZ0urkCdgXos/kZVSJFGY6/W3gkFBa/WyubBfZHR
2Vl8AMso2xw25zfS02XtbArEdjgOrVAMm0SvsyHdqmVlQlwInhzbgT9R0M3bPbpD
qWjtKYCDVbm6P8UwvC8UxdY4PHT6zSKQ+t/H6d+gVDKg4064k0hcS61PPUbPQ+Ub
33CkxROJuzIBXzsJjZqC9C/y0T5TAyp/Nrhzfi+BMM6PomPMpfT1
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:35:13 2025 by rpki-client