Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/1529c6-8082-4f3a-bc92-423fca224041/1/8bekUiSTMc1jRhaI9-qapSiFqa8.roa
File: 8bekUiSTMc1jRhaI9-qapSiFqa8.roa (raw, json)
Hash identifier: Pkz1bPWIdrKs1bPObyjzzZ/aekRC7qb9DISfEfuM9VU=
Subject key identifier: F1:B7:A4:52:24:93:31:CD:63:46:16:88:F7:EA:9A:A5:28:85:A9:AF
Certificate issuer: /CN=6e9a558ad546dcc9abc0b8a131067af02e407007
Certificate serial: 018CC795745EAFB39D2D557CB47A194B82AA
Authority key identifier: 6E:9A:55:8A:D5:46:DC:C9:AB:C0:B8:A1:31:06:7A:F0:2E:40:70:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bppVitVG3MmrwLihMQZ68C5AcAc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/1529c6-8082-4f3a-bc92-423fca224041/1/8bekUiSTMc1jRhaI9-qapSiFqa8.roa
Signing time: Tue 02 Jan 2024 00:31:49 +0000
ROA not before: Tue 02 Jan 2024 00:31:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43892
IP address blocks: 185.67.182.0/24 maxlen: 24
185.67.183.0/24 maxlen: 24
185.67.180.0/22 maxlen: 22
185.130.14.0/24 maxlen: 24
185.130.12.0/23 maxlen: 23
185.130.12.0/22 maxlen: 24
185.62.60.0/22 maxlen: 24
79.171.96.0/24 maxlen: 24
79.171.96.0/22 maxlen: 22
79.171.96.0/21 maxlen: 21
79.171.100.0/22 maxlen: 22
79.171.101.0/24 maxlen: 24
2a02:3c8::/32 maxlen: 32
2a06:d700::/29 maxlen: 30
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:48:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:74:5e:af:b3:9d:2d:55:7c:b4:7a:19:4b:82:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e9a558ad546dcc9abc0b8a131067af02e407007
Validity
Not Before: Jan 2 00:31:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f1b7a452249331cd63461688f7ea9aa52885a9af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:75:74:3a:ac:90:90:79:8b:4b:bf:4e:2b:b6:
a0:d5:d1:af:ea:ad:f1:45:8d:ef:76:52:8e:3f:96:
28:7c:de:62:59:b5:a3:1c:3f:17:46:45:46:d4:94:
c3:89:1e:45:ad:7c:53:39:66:90:d9:2f:ed:8f:c1:
a5:51:38:52:98:9d:55:38:13:04:3b:6d:74:f0:3d:
85:88:69:5f:6c:ff:b1:a6:1a:83:35:4a:55:2f:22:
06:62:47:6a:5f:69:8a:c1:00:93:59:ad:68:af:59:
2b:a9:ef:25:3c:53:a9:ef:71:50:6f:24:7a:39:ee:
eb:ca:09:c5:26:37:4d:f6:71:52:83:57:a0:de:87:
1f:64:41:c6:73:25:4d:13:49:24:33:0a:f2:93:f2:
97:53:f4:8a:e8:c8:d0:3c:9e:68:ff:16:62:c2:19:
2d:32:69:7f:74:2f:29:90:5b:0c:be:59:87:5b:ec:
b7:1f:64:2a:3c:bd:d3:8e:b2:3d:b9:99:af:cc:7f:
22:19:8f:f5:16:b7:9e:74:d7:82:1c:fe:df:30:f1:
4d:d4:0c:79:a5:af:96:ec:e4:c4:2f:f6:8f:6d:34:
03:c5:d5:52:68:a7:69:08:a3:b3:89:1b:f3:09:50:
f3:35:54:bc:c9:81:a4:b6:21:e7:f4:0b:d6:d6:a1:
70:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:B7:A4:52:24:93:31:CD:63:46:16:88:F7:EA:9A:A5:28:85:A9:AF
X509v3 Authority Key Identifier:
keyid:6E:9A:55:8A:D5:46:DC:C9:AB:C0:B8:A1:31:06:7A:F0:2E:40:70:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bppVitVG3MmrwLihMQZ68C5AcAc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/1529c6-8082-4f3a-bc92-423fca224041/1/8bekUiSTMc1jRhaI9-qapSiFqa8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/1529c6-8082-4f3a-bc92-423fca224041/1/bppVitVG3MmrwLihMQZ68C5AcAc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.171.96.0/21
185.62.60.0/22
185.67.180.0/22
185.130.12.0/22
IPv6:
2a02:3c8::/32
2a06:d700::/29
Signature Algorithm: sha256WithRSAEncryption
a2:9d:90:08:20:bd:a1:17:de:9c:0e:6c:ff:44:86:2a:54:67:
41:16:e4:40:1d:57:4d:a9:30:67:14:ea:bc:b1:7b:d4:ed:1b:
15:16:41:42:b8:53:7b:12:57:f2:b9:c8:d4:f5:f8:52:e9:59:
9d:e3:48:cf:aa:02:9f:b8:76:51:63:c8:e5:28:1a:e5:00:fa:
5b:07:e9:5e:35:8f:37:61:b2:c0:07:10:27:c0:e9:e1:12:ec:
7f:f2:4a:bb:08:f9:f6:53:d8:e5:54:65:96:93:69:69:27:fc:
e9:94:c9:e7:e7:09:6f:a5:6e:fa:99:18:e5:3f:04:42:de:24:
01:e0:d4:d1:48:19:4e:11:ed:59:e6:d7:20:91:b5:da:18:7e:
f4:c6:ac:11:a9:f6:8f:7f:33:fd:2a:c4:af:f6:9d:0b:15:66:
95:bc:a9:62:ca:d8:70:35:53:6e:70:9b:a7:eb:a9:fa:4c:9c:
b3:b0:9b:4e:ff:2e:78:dc:44:83:7d:98:e9:d2:99:48:eb:fd:
37:e6:9b:7a:87:b2:34:1e:3a:63:50:cf:db:12:94:dc:89:1c:
13:24:1d:a7:c1:89:91:ff:4c:c5:e0:15:48:fd:8c:62:f2:96:
be:b1:27:7a:13:fa:74:5f:91:f5:26:79:c8:e1:c1:8f:4b:30:
6f:d4:cd:12
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYzHlXRer7OdLVV8tHoZS4KqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlOWE1NThhZDU0NmRjYzlhYmMwYjhhMTMxMDY3YWYwMmU0
MDcwMDcwHhcNMjQwMTAyMDAzMTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWI3YTQ1MjI0OTMzMWNkNjM0NjE2ODhmN2VhOWFhNTI4ODVhOWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl3V0OqyQkHmLS79OK7ag1dGv6q3x
RY3vdlKOP5YofN5iWbWjHD8XRkVG1JTDiR5FrXxTOWaQ2S/tj8GlUThSmJ1VOBME
O2108D2FiGlfbP+xphqDNUpVLyIGYkdqX2mKwQCTWa1or1krqe8lPFOp73FQbyR6
Oe7rygnFJjdN9nFSg1eg3ocfZEHGcyVNE0kkMwryk/KXU/SK6MjQPJ5o/xZiwhkt
Mml/dC8pkFsMvlmHW+y3H2QqPL3TjrI9uZmvzH8iGY/1FreedNeCHP7fMPFN1Ax5
pa+W7OTEL/aPbTQDxdVSaKdpCKOziRvzCVDzNVS8yYGktiHn9AvW1qFwbQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFPG3pFIkkzHNY0YWiPfqmqUohamvMB8GA1UdIwQY
MBaAFG6aVYrVRtzJq8C4oTEGevAuQHAHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnBwVml0VkczTW1yd0xpaE1RWjY4QzVBY0FjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC8xNTI5YzYtODA4Mi00ZjNhLWJjOTIt
NDIzZmNhMjI0MDQxLzEvOGJla1VpU1RNYzFqUmhhSTktcWFwU2lGcWE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC8xNTI5YzYtODA4Mi00ZjNhLWJjOTItNDIzZmNhMjI0MDQx
LzEvYnBwVml0VkczTW1yd0xpaE1RWjY4QzVBY0FjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQDT6tgAwQC
uT48AwQCuUO0AwQCuYIMMBQEAgACMA4DBQAqAgPIAwUDKgbXADANBgkqhkiG9w0B
AQsFAAOCAQEAop2QCCC9oRfenA5s/0SGKlRnQRbkQB1XTakwZxTqvLF71O0bFRZB
QrhTexJX8rnI1PX4UulZneNIz6oCn7h2UWPI5Sga5QD6WwfpXjWPN2GywAcQJ8Dp
4RLsf/JKuwj59lPY5VRllpNpaSf86ZTJ5+cJb6Vu+pkY5T8EQt4kAeDU0UgZThHt
WebXIJG12hh+9MasEan2j38z/SrEr/adCxVmlbypYsrYcDVTbnCbp+up+kycs7Cb
Tv8ueNxEg32Y6dKZSOv9N+abeoeyNB46Y1DP2xKU3IkcEyQdp8GJkf9MxeAVSP2M
YvKWvrEnehP6dF+R9SZ5yOHBj0swb9TNEg==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:33:02 2025 by rpki-client