Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/cbacce-efbf-4f32-8d88-4e85dabd6474/1/zI55Uz9Iz1UZPgK__wLQU4giq60.roa
File: zI55Uz9Iz1UZPgK__wLQU4giq60.roa (raw, json)
Hash identifier: FGqobh2oo+94/TyVZUlSaoqGoCk1QMdqT6lxCpgV/eI=
Subject key identifier: CC:8E:79:53:3F:48:CF:55:19:3E:02:BF:FF:02:D0:53:88:22:AB:AD
Certificate issuer: /CN=ded353e2f5d318c348772a8ff105aa70719e4135
Certificate serial: 018CC348F51CC04CEFA7BDE86E61FDE3D193
Authority key identifier: DE:D3:53:E2:F5:D3:18:C3:48:77:2A:8F:F1:05:AA:70:71:9E:41:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3tNT4vXTGMNIdyqP8QWqcHGeQTU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/cbacce-efbf-4f32-8d88-4e85dabd6474/1/zI55Uz9Iz1UZPgK__wLQU4giq60.roa
Signing time: Mon 01 Jan 2024 04:29:47 +0000
ROA not before: Mon 01 Jan 2024 04:29:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25627
IP address blocks: 79.170.64.0/23 maxlen: 23
79.170.64.0/22 maxlen: 22
79.170.70.0/23 maxlen: 23
79.170.68.0/22 maxlen: 22
79.170.68.0/23 maxlen: 23
79.170.66.0/23 maxlen: 23
87.237.81.0/24 maxlen: 24
87.237.82.0/24 maxlen: 24
87.237.82.0/23 maxlen: 23
87.237.80.0/23 maxlen: 23
87.237.80.0/24 maxlen: 24
87.237.84.0/22 maxlen: 22
87.237.83.0/24 maxlen: 24
87.237.84.0/24 maxlen: 24
87.237.86.0/24 maxlen: 24
87.237.87.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 25 Jan 2024 10:42:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:f5:1c:c0:4c:ef:a7:bd:e8:6e:61:fd:e3:d1:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ded353e2f5d318c348772a8ff105aa70719e4135
Validity
Not Before: Jan 1 04:29:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cc8e79533f48cf55193e02bfff02d0538822abad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:12:ae:7b:54:70:ec:90:41:25:ec:80:00:fe:
54:a3:34:67:cd:16:d7:94:00:d1:29:db:02:e3:35:
b0:27:c3:43:fb:42:0d:34:11:35:3b:7e:f3:b0:d1:
10:b8:b1:78:e3:ff:f0:fe:17:40:5d:7f:60:68:e0:
34:6e:ec:5a:c1:7e:e4:50:20:cc:9f:bf:0d:7b:1c:
f0:06:9a:dc:35:60:28:96:af:47:2a:de:9b:47:b3:
f5:ea:a2:bf:2b:29:5c:92:6e:39:a4:bb:80:18:f7:
c9:a8:b6:83:80:01:5f:69:f5:95:d7:01:d1:ac:14:
11:8a:f5:d5:21:24:5f:79:42:88:08:15:fc:a2:6c:
a5:d3:6b:af:5e:40:f0:67:5e:4f:ee:fc:1c:5e:e9:
28:f3:2a:2d:9a:c8:5c:12:eb:f3:ca:cb:81:88:55:
7d:41:bf:60:c5:07:60:51:0d:56:21:ea:63:93:34:
a3:0f:58:c7:98:5c:1f:fa:0c:4b:d4:36:93:93:b8:
a4:f9:20:5c:55:40:e4:97:18:3c:1a:5f:70:4c:bf:
1f:fd:6e:cf:e8:49:57:80:9c:70:fa:c9:e2:49:51:
93:a2:89:06:01:a5:b2:1a:d0:5b:d9:51:c8:fe:d7:
6c:66:af:7b:5e:bd:17:ce:2b:33:70:94:31:1a:d5:
40:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:8E:79:53:3F:48:CF:55:19:3E:02:BF:FF:02:D0:53:88:22:AB:AD
X509v3 Authority Key Identifier:
keyid:DE:D3:53:E2:F5:D3:18:C3:48:77:2A:8F:F1:05:AA:70:71:9E:41:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3tNT4vXTGMNIdyqP8QWqcHGeQTU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/cbacce-efbf-4f32-8d88-4e85dabd6474/1/zI55Uz9Iz1UZPgK__wLQU4giq60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/cbacce-efbf-4f32-8d88-4e85dabd6474/1/3tNT4vXTGMNIdyqP8QWqcHGeQTU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.170.64.0/21
87.237.80.0/21
Signature Algorithm: sha256WithRSAEncryption
d9:e0:e1:33:0f:f0:9e:67:95:75:b1:7c:2c:0b:f0:d9:1e:82:
b4:bf:36:92:fb:af:48:52:92:11:4f:6a:df:10:9b:ae:90:8e:
d8:2d:9e:e3:30:70:ae:60:9f:f6:a3:6d:e4:24:c7:11:38:dd:
0a:fa:55:84:bd:12:65:26:37:ef:ee:68:f7:27:40:9c:17:1c:
58:84:18:34:01:17:ff:38:e6:82:d6:ff:e6:68:f8:cf:ce:58:
28:61:c8:b4:bb:ee:c2:75:79:ec:6a:39:89:2e:35:f9:d1:42:
c3:a0:f3:f2:e5:ab:d5:85:28:07:2c:02:ce:ed:89:16:b3:1e:
30:4d:47:ed:8d:67:6d:36:74:30:59:8f:c9:fd:56:ca:74:8d:
1f:96:06:34:51:c2:3b:ba:98:05:e7:bf:32:41:a4:fe:59:fc:
d1:21:c8:7f:3e:4c:a1:aa:dd:1f:5c:4c:b7:e4:e4:24:18:9c:
6f:c0:e0:60:2e:82:fc:a2:81:fb:4a:c0:04:bb:1b:b4:84:5d:
54:5a:7a:15:a5:a2:af:e1:12:93:f2:e5:a8:43:39:95:bc:79:
ee:ca:de:16:9e:dc:49:c1:32:d0:d8:29:a2:1f:2c:ac:11:ed:
ea:83:24:4b:b3:77:a7:ad:e7:a2:3f:18:57:5f:6f:82:1f:9f:
19:5a:53:8d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzDSPUcwEzvp73obmH949GTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlZDM1M2UyZjVkMzE4YzM0ODc3MmE4ZmYxMDVhYTcwNzE5
ZTQxMzUwHhcNMjQwMTAxMDQyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzhlNzk1MzNmNDhjZjU1MTkzZTAyYmZmZjAyZDA1Mzg4MjJhYmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoRKue1Rw7JBBJeyAAP5UozRnzRbX
lADRKdsC4zWwJ8ND+0INNBE1O37zsNEQuLF44//w/hdAXX9gaOA0buxawX7kUCDM
n78NexzwBprcNWAolq9HKt6bR7P16qK/Kylckm45pLuAGPfJqLaDgAFfafWV1wHR
rBQRivXVISRfeUKICBX8omyl02uvXkDwZ15P7vwcXuko8yotmshcEuvzysuBiFV9
Qb9gxQdgUQ1WIepjkzSjD1jHmFwf+gxL1DaTk7ik+SBcVUDklxg8Gl9wTL8f/W7P
6ElXgJxw+sniSVGTookGAaWyGtBb2VHI/tdsZq97Xr0XziszcJQxGtVA2QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMyOeVM/SM9VGT4Cv/8C0FOIIqutMB8GA1UdIwQY
MBaAFN7TU+L10xjDSHcqj/EFqnBxnkE1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3ROVDR2WFRHTU5JZHlxUDhRV3FjSEdlUVRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9jYmFjY2UtZWZiZi00ZjMyLThkODgt
NGU4NWRhYmQ2NDc0LzEvekk1NVV6OUl6MVVaUGdLX193TFFVNGdpcTYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9jYmFjY2UtZWZiZi00ZjMyLThkODgtNGU4NWRhYmQ2NDc0
LzEvM3ROVDR2WFRHTU5JZHlxUDhRV3FjSEdlUVRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDT6pAAwQD
V+1QMA0GCSqGSIb3DQEBCwUAA4IBAQDZ4OEzD/CeZ5V1sXwsC/DZHoK0vzaS+69I
UpIRT2rfEJuukI7YLZ7jMHCuYJ/2o23kJMcRON0K+lWEvRJlJjfv7mj3J0CcFxxY
hBg0ARf/OOaC1v/maPjPzlgoYci0u+7CdXnsajmJLjX50ULDoPPy5avVhSgHLALO
7YkWsx4wTUftjWdtNnQwWY/J/VbKdI0flgY0UcI7upgF578yQaT+WfzRIch/Pkyh
qt0fXEy35OQkGJxvwOBgLoL8ooH7SsAEuxu0hF1UWnoVpaKv4RKT8uWoQzmVvHnu
yt4WntxJwTLQ2CmiHyysEe3qgyRLs3enreeiPxhXX2+CH58ZWlON
-----END CERTIFICATE-----
Generated at Thu Jan 25 14:57:31 2024 by rpki-client on console-fra.rpki-client.org