Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/8e501d-c088-4895-aee3-450fe33595d1/1/K9UsIDdEVAoBOMM-6-I5AP9pfWU.roa
File: K9UsIDdEVAoBOMM-6-I5AP9pfWU.roa (raw, json)
Hash identifier: YO6IWzN3V/aA+z+sPgnlXm//PFSSrT4jTeLUOC5r0Ds=
Subject key identifier: 2B:D5:2C:20:37:44:54:0A:01:38:C3:3E:EB:E2:39:00:FF:69:7D:65
Certificate issuer: /CN=380099a81b346f9abcaf26056f5b77094d1cf113
Certificate serial: 018CCA96E916C677388A4EF0C660DB5B270A
Authority key identifier: 38:00:99:A8:1B:34:6F:9A:BC:AF:26:05:6F:5B:77:09:4D:1C:F1:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OACZqBs0b5q8ryYFb1t3CU0c8RM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/8e501d-c088-4895-aee3-450fe33595d1/1/K9UsIDdEVAoBOMM-6-I5AP9pfWU.roa
Signing time: Tue 02 Jan 2024 14:32:16 +0000
ROA not before: Tue 02 Jan 2024 14:32:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43966
IP address blocks: 79.173.66.0/23 maxlen: 24
79.173.77.0/24 maxlen: 24
79.173.80.0/20 maxlen: 24
94.243.192.0/20 maxlen: 24
94.243.232.0/21 maxlen: 24
79.173.64.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 19 Dec 2024 14:49:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:96:e9:16:c6:77:38:8a:4e:f0:c6:60:db:5b:27:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=380099a81b346f9abcaf26056f5b77094d1cf113
Validity
Not Before: Jan 2 14:32:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2bd52c203744540a0138c33eebe23900ff697d65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:61:29:a8:7a:dd:f3:de:29:02:a5:2d:8f:56:
70:d1:19:a5:fe:fd:65:3d:5d:0c:24:8e:c2:15:f4:
1b:e6:b2:7d:62:07:85:cd:09:88:7c:c7:0e:a3:80:
10:f6:6d:81:4d:29:37:45:58:9b:8f:08:d5:8b:47:
ab:8d:d4:16:89:d7:64:c3:53:66:4c:06:34:d9:7f:
de:06:bb:a9:22:13:e1:10:fb:f8:87:2d:b8:ee:d0:
d9:ca:c4:6e:4e:38:af:20:cd:e9:c8:2b:1e:a7:65:
38:4d:2c:0d:c5:1c:9d:ac:18:be:75:f1:1e:04:80:
92:28:14:74:e4:c4:fe:5f:07:17:a9:6c:0c:9f:3d:
61:c8:d4:5f:db:4f:e7:68:a9:2f:49:4b:e0:0a:75:
c5:e0:51:14:94:68:3b:6c:b9:e6:da:2c:dd:7b:3d:
de:f7:53:6e:41:ed:7d:ce:77:32:17:9f:4f:26:0b:
ce:7a:09:c8:8b:dc:e1:d5:b2:47:b9:36:b8:69:1c:
68:1a:40:00:1e:06:67:e9:b3:c8:57:28:b5:0c:e1:
36:87:24:9b:47:5c:d5:33:8a:72:0f:94:47:b7:40:
00:d8:66:ba:fb:79:63:81:9a:86:60:13:d8:2a:9f:
e9:98:76:f3:78:08:44:ef:21:04:e1:5b:7e:66:8e:
3a:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:D5:2C:20:37:44:54:0A:01:38:C3:3E:EB:E2:39:00:FF:69:7D:65
X509v3 Authority Key Identifier:
keyid:38:00:99:A8:1B:34:6F:9A:BC:AF:26:05:6F:5B:77:09:4D:1C:F1:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OACZqBs0b5q8ryYFb1t3CU0c8RM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/8e501d-c088-4895-aee3-450fe33595d1/1/K9UsIDdEVAoBOMM-6-I5AP9pfWU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/8e501d-c088-4895-aee3-450fe33595d1/1/OACZqBs0b5q8ryYFb1t3CU0c8RM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.173.64.0/22
79.173.77.0/24
79.173.80.0/20
94.243.192.0/20
94.243.232.0/21
Signature Algorithm: sha256WithRSAEncryption
55:0d:6c:e5:7b:6c:15:c3:0b:d5:e0:2b:f2:43:53:2b:4d:88:
c6:23:2e:42:bd:27:13:a0:13:a9:e4:ad:bd:79:fe:49:44:5a:
c9:a0:3c:58:c6:ff:ce:44:d4:59:3a:23:77:65:25:d3:f8:9c:
69:c7:db:3e:ea:ee:7f:75:23:a2:f6:2a:42:dc:78:6c:b6:94:
bc:14:ef:ba:d0:be:66:56:be:0e:d2:77:41:3c:7f:65:a8:19:
af:b5:29:a4:30:bc:d5:76:61:69:ed:28:86:69:bf:e6:4f:92:
97:f2:6e:12:9b:bf:96:ca:f9:ca:ed:c4:1e:1b:c2:37:f3:00:
ee:ca:b4:55:79:e6:84:52:96:1e:a4:71:fc:e8:d9:59:76:c9:
dc:92:74:ad:1f:f9:8c:17:c6:4f:8c:a3:13:d3:ed:a2:16:df:
fd:f2:44:16:15:8c:85:b8:c9:72:0b:e2:6b:8c:c0:b9:d6:b1:
48:ac:16:8e:88:96:c3:25:72:81:a1:5c:b7:87:48:7b:e9:f9:
b7:28:02:fa:fc:d7:41:17:d1:70:94:3b:44:1d:48:39:3c:7a:
04:75:da:31:be:fa:ce:53:9a:ac:12:21:5e:c2:25:f8:dc:03:
87:c8:70:b7:70:12:a0:83:b6:a8:6f:45:98:30:4b:9d:44:76:
57:78:55:48
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzKlukWxnc4ik7wxmDbWycKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MDA5OWE4MWIzNDZmOWFiY2FmMjYwNTZmNWI3NzA5NGQx
Y2YxMTMwHhcNMjQwMTAyMTQzMjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmQ1MmMyMDM3NDQ1NDBhMDEzOGMzM2VlYmUyMzkwMGZmNjk3ZDY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiGEpqHrd894pAqUtj1Zw0Rml/v1l
PV0MJI7CFfQb5rJ9YgeFzQmIfMcOo4AQ9m2BTSk3RVibjwjVi0erjdQWiddkw1Nm
TAY02X/eBrupIhPhEPv4hy247tDZysRuTjivIM3pyCsep2U4TSwNxRydrBi+dfEe
BICSKBR05MT+XwcXqWwMnz1hyNRf20/naKkvSUvgCnXF4FEUlGg7bLnm2izdez3e
91NuQe19zncyF59PJgvOegnIi9zh1bJHuTa4aRxoGkAAHgZn6bPIVyi1DOE2hySb
R1zVM4pyD5RHt0AA2Ga6+3ljgZqGYBPYKp/pmHbzeAhE7yEE4Vt+Zo46KwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCvVLCA3RFQKATjDPuviOQD/aX1lMB8GA1UdIwQY
MBaAFDgAmagbNG+avK8mBW9bdwlNHPETMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0FDWnFCczBiNXE4cnlZRmIxdDNDVTBjOFJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My84ZTUwMWQtYzA4OC00ODk1LWFlZTMt
NDUwZmUzMzU5NWQxLzEvSzlVc0lEZEVWQW9CT01NLTYtSTVBUDlwZldVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My84ZTUwMWQtYzA4OC00ODk1LWFlZTMtNDUwZmUzMzU5NWQx
LzEvT0FDWnFCczBiNXE4cnlZRmIxdDNDVTBjOFJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCT61AAwQA
T61NAwQET61QAwQEXvPAAwQDXvPoMA0GCSqGSIb3DQEBCwUAA4IBAQBVDWzle2wV
wwvV4CvyQ1MrTYjGIy5CvScToBOp5K29ef5JRFrJoDxYxv/ORNRZOiN3ZSXT+Jxp
x9s+6u5/dSOi9ipC3HhstpS8FO+60L5mVr4O0ndBPH9lqBmvtSmkMLzVdmFp7SiG
ab/mT5KX8m4Sm7+WyvnK7cQeG8I38wDuyrRVeeaEUpYepHH86NlZdsncknStH/mM
F8ZPjKMT0+2iFt/98kQWFYyFuMlyC+JrjMC51rFIrBaOiJbDJXKBoVy3h0h76fm3
KAL6/NdBF9FwlDtEHUg5PHoEddoxvvrOU5qsEiFewiX43AOHyHC3cBKgg7aob0WY
MEudRHZXeFVI
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:59:47 2025 by rpki-client