Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/yXooO9QGQevRRZ5KpATB0P0lbZs.roa
File: yXooO9QGQevRRZ5KpATB0P0lbZs.roa (raw, json)
Hash identifier: uL7bvPw3Va/jgyhghXT9gVHK0b7h2lAO0+vLgUv9pAs=
Subject key identifier: C9:7A:28:3B:D4:06:41:EB:D1:45:9E:4A:A4:04:C1:D0:FD:25:6D:9B
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01905F44BE6F841872B0673EBC139D9275D7
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/yXooO9QGQevRRZ5KpATB0P0lbZs.roa
Signing time: Fri 28 Jun 2024 14:34:18 +0000
ROA not before: Fri 28 Jun 2024 14:34:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42831
IP address blocks: 79.99.76.0/24 maxlen: 24
82.152.110.0/24 maxlen: 24
82.153.66.0/24 maxlen: 24
109.176.165.0/24 maxlen: 24
213.218.213.0/24 maxlen: 24
213.218.227.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 03 Oct 2024 16:18:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:5f:44:be:6f:84:18:72:b0:67:3e:bc:13:9d:92:75:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 28 14:34:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c97a283bd40641ebd1459e4aa404c1d0fd256d9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:78:fb:8d:b5:72:02:ca:ee:f8:c5:85:f3:55:
89:1c:0d:dd:de:de:33:d9:11:91:2c:7a:71:3a:4c:
7a:19:d4:cc:6f:f7:8d:6c:5b:50:6f:8c:46:4f:3e:
7a:7d:27:74:c4:6e:fd:91:3a:56:b2:1d:8c:bc:70:
86:d7:87:b0:d6:f2:a0:0a:37:80:00:d8:80:ab:38:
f8:a0:2a:6c:30:b9:7c:c3:fd:2a:27:58:f1:c1:c1:
6d:2e:ef:a9:51:4a:48:07:f3:33:7a:6f:f9:1e:c2:
6f:df:a8:63:d3:00:35:13:02:b1:95:ab:f6:8c:8d:
21:61:ad:9a:8a:fa:e6:21:b1:2c:1a:63:11:01:ca:
b5:14:c6:6e:4c:7a:ba:75:63:3b:c8:00:d1:e1:ce:
fe:fb:9d:40:e8:33:16:9c:64:79:ea:e0:3e:8f:7b:
68:3b:2e:77:de:01:20:b5:28:43:b4:1c:6f:fd:92:
39:35:bc:f4:2d:ee:74:b5:4c:6f:c2:fd:71:20:54:
67:0f:3e:3d:95:2b:42:06:fd:21:77:46:30:9a:1a:
59:30:76:23:91:5f:c3:18:7e:12:75:ce:87:bd:1c:
08:40:04:f9:35:b9:37:98:11:7a:02:fb:d2:d4:b8:
62:c7:c4:4a:19:b9:fb:ab:bd:c4:47:6f:49:f2:7b:
94:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:7A:28:3B:D4:06:41:EB:D1:45:9E:4A:A4:04:C1:D0:FD:25:6D:9B
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/yXooO9QGQevRRZ5KpATB0P0lbZs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.99.76.0/24
82.152.110.0/24
82.153.66.0/24
109.176.165.0/24
213.218.213.0/24
213.218.227.0/24
Signature Algorithm: sha256WithRSAEncryption
97:dd:7b:d2:32:d5:79:06:ef:e2:39:a5:06:6d:ff:03:d9:ef:
8e:f4:de:b9:9a:17:fc:b1:1c:d9:9c:92:d3:17:7a:25:2b:58:
4a:84:0a:f5:7e:7e:4b:82:e3:fb:8d:46:c2:50:ce:9f:a3:ad:
21:5f:1b:ff:25:43:f1:dc:8b:7d:ce:f7:2d:63:aa:6e:f0:1f:
92:38:6b:96:5e:4a:22:20:38:8f:a0:99:ff:27:f2:c0:45:b5:
b2:0f:00:c9:da:fe:13:4c:52:4a:cf:d3:a5:1b:f8:0b:f7:1f:
f6:81:1a:15:43:5e:ed:b3:a6:3d:d7:9d:df:33:9a:74:d0:08:
b0:db:a4:9f:ab:25:d9:16:1e:dc:e9:f7:e7:e4:14:62:cf:1f:
e7:66:f9:78:15:8b:af:15:ef:d4:c1:01:a4:d1:83:f3:70:57:
eb:a3:c9:96:ed:1a:2a:a0:4d:1c:22:e2:4a:07:e8:f4:ac:54:
7d:c8:e8:53:32:a6:7a:b1:6c:96:28:43:53:1a:eb:60:ff:b2:
d3:54:a7:41:cc:cc:99:fb:ff:9e:4d:dc:e4:e1:f5:d7:52:18:
e8:12:c3:4a:74:35:94:b1:92:a3:8b:46:cd:36:95:76:98:a4:
cc:65:1d:54:00:72:6d:da:91:33:02:53:1b:59:b4:05:b0:84:
8f:47:48:70
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZBfRL5vhBhysGc+vBOdknXXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNjI4MTQzNDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTdhMjgzYmQ0MDY0MWViZDE0NTllNGFhNDA0YzFkMGZkMjU2ZDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Xj7jbVyAsru+MWF81WJHA3d3t4z
2RGRLHpxOkx6GdTMb/eNbFtQb4xGTz56fSd0xG79kTpWsh2MvHCG14ew1vKgCjeA
ANiAqzj4oCpsMLl8w/0qJ1jxwcFtLu+pUUpIB/Mzem/5HsJv36hj0wA1EwKxlav2
jI0hYa2aivrmIbEsGmMRAcq1FMZuTHq6dWM7yADR4c7++51A6DMWnGR56uA+j3to
Oy533gEgtShDtBxv/ZI5Nbz0Le50tUxvwv1xIFRnDz49lStCBv0hd0YwmhpZMHYj
kV/DGH4Sdc6HvRwIQAT5Nbk3mBF6AvvS1Lhix8RKGbn7q73ER29J8nuUQwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFMl6KDvUBkHr0UWeSqQEwdD9JW2bMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEveVhvb085UUdRZXZSUlo1S3BBVEIwUDBsYlpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAT2NMAwQA
UphuAwQAUplCAwQAbbClAwQA1drVAwQA1drjMA0GCSqGSIb3DQEBCwUAA4IBAQCX
3XvSMtV5Bu/iOaUGbf8D2e+O9N65mhf8sRzZnJLTF3olK1hKhAr1fn5LguP7jUbC
UM6fo60hXxv/JUPx3It9zvctY6pu8B+SOGuWXkoiIDiPoJn/J/LARbWyDwDJ2v4T
TFJKz9OlG/gL9x/2gRoVQ17ts6Y9153fM5p00Aiw26SfqyXZFh7c6ffn5BRizx/n
Zvl4FYuvFe/UwQGk0YPzcFfro8mW7RoqoE0cIuJKB+j0rFR9yOhTMqZ6sWyWKENT
Gutg/7LTVKdBzMyZ+/+eTdzk4fXXUhjoEsNKdDWUsZKji0bNNpV2mKTMZR1UAHJt
2pEzAlMbWbQFsISPR0hw
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:07:10 2025 by rpki-client