Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/a0b605-56fb-4cba-8ddc-b585417910eb/1/K33j2u1G9Z3RdTC2fnkdTZ3AOmA.roa
File: K33j2u1G9Z3RdTC2fnkdTZ3AOmA.roa (raw, json)
Hash identifier: DYn4eFrIi60SQ6sZFCzt8Q1VsW1sGpak64LmQSteaNQ=
Subject key identifier: 2B:7D:E3:DA:ED:46:F5:9D:D1:75:30:B6:7E:79:1D:4D:9D:C0:3A:60
Certificate issuer: /CN=07a19f46a17b9d4869df66493cfb05d7d82894a6
Certificate serial: 018CC5002AA106D0520B237767FB22FFEE46
Authority key identifier: 07:A1:9F:46:A1:7B:9D:48:69:DF:66:49:3C:FB:05:D7:D8:28:94:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B6GfRqF7nUhp32ZJPPsF19golKY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/a0b605-56fb-4cba-8ddc-b585417910eb/1/K33j2u1G9Z3RdTC2fnkdTZ3AOmA.roa
Signing time: Mon 01 Jan 2024 12:29:31 +0000
ROA not before: Mon 01 Jan 2024 12:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44065
IP address blocks: 217.29.0.0/20 maxlen: 20
79.98.152.0/21 maxlen: 21
2a02:3c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:2a:a1:06:d0:52:0b:23:77:67:fb:22:ff:ee:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07a19f46a17b9d4869df66493cfb05d7d82894a6
Validity
Not Before: Jan 1 12:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2b7de3daed46f59dd17530b67e791d4d9dc03a60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:96:91:fc:4a:55:86:a0:66:9a:13:12:b8:05:
a4:6e:4d:03:10:8f:b8:c1:ec:8d:6d:48:6d:42:88:
9e:96:db:5c:8b:ad:93:ae:7b:78:99:fa:87:80:e0:
fe:06:72:13:0f:7b:4c:26:8c:dc:e6:81:ea:0a:59:
5d:74:8e:70:60:53:34:03:3e:65:7d:7f:84:bb:4e:
ed:4d:df:e2:40:65:f5:2a:57:ba:ff:09:6f:bf:62:
aa:60:44:cc:06:93:ef:a3:68:b9:a4:3a:97:7c:c8:
0b:3f:cd:01:c6:7f:09:3c:04:fa:45:00:7b:55:bb:
63:99:6d:db:ec:cd:5a:8d:ab:3b:68:75:9c:a6:d0:
6b:6c:3f:8d:e8:c9:1e:fb:66:4e:44:fd:cc:ce:2b:
8f:ef:a8:0d:2c:43:69:10:c7:7e:0d:56:a7:dd:67:
16:e3:21:dc:43:69:12:3d:08:66:dd:0d:92:d6:9c:
af:a0:32:90:f4:36:24:5a:c9:60:05:24:32:d3:ab:
01:63:93:71:d0:09:5d:32:26:17:19:bc:86:a6:1c:
af:2e:e0:03:73:a2:1f:e9:28:77:50:b0:f7:d5:ca:
8c:37:d4:1c:f2:bb:ba:26:6c:c7:6b:c1:fa:52:72:
32:a7:da:62:27:68:19:ae:f9:8c:64:b5:72:af:3e:
56:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:7D:E3:DA:ED:46:F5:9D:D1:75:30:B6:7E:79:1D:4D:9D:C0:3A:60
X509v3 Authority Key Identifier:
keyid:07:A1:9F:46:A1:7B:9D:48:69:DF:66:49:3C:FB:05:D7:D8:28:94:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B6GfRqF7nUhp32ZJPPsF19golKY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/a0b605-56fb-4cba-8ddc-b585417910eb/1/K33j2u1G9Z3RdTC2fnkdTZ3AOmA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/a0b605-56fb-4cba-8ddc-b585417910eb/1/B6GfRqF7nUhp32ZJPPsF19golKY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.98.152.0/21
217.29.0.0/20
IPv6:
2a02:3c0::/29
Signature Algorithm: sha256WithRSAEncryption
bb:bf:14:42:dc:ac:bc:60:e5:52:25:de:76:dc:07:0d:6d:cd:
95:b2:21:08:26:b0:2a:e0:64:99:34:48:9e:ff:fb:1e:3a:c5:
70:44:18:37:43:e1:fa:42:ac:63:c3:e3:17:03:e3:4c:4b:e0:
7d:ed:ab:f8:75:03:c7:37:5d:06:94:4d:43:21:54:b9:75:3d:
d6:58:fc:82:af:09:e8:4b:44:16:85:15:c3:b2:ac:18:f4:8d:
dd:9c:54:92:4d:2f:a1:95:e7:79:a4:b6:d1:c9:8c:4e:d3:bb:
d2:5c:54:fa:42:9c:95:b6:1b:d2:6d:79:ec:fa:44:d9:87:42:
2e:23:f5:d4:b8:a6:84:4a:5a:df:5d:d3:73:4a:9b:a4:f8:16:
fa:32:6e:3f:f5:68:15:68:b3:ff:7d:f5:f6:6b:20:3d:03:06:
9b:76:ba:b7:9c:9a:e5:8a:51:b0:00:50:e1:e8:21:13:dd:a5:
d7:4a:13:df:fd:1c:c9:63:52:c3:8d:3c:4f:6d:30:d3:cc:88:
77:4b:a2:33:61:94:84:ce:fb:33:0d:cc:aa:7d:bd:3f:10:e7:
73:f4:ee:45:81:5d:87:10:9c:62:fa:44:46:0e:99:d6:ff:ba:
54:f3:9c:f9:ed:9a:a6:da:ce:56:1c:42:4c:d1:06:98:6f:b6:
8b:eb:37:cd
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzFACqhBtBSCyN3Z/si/+5GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3YTE5ZjQ2YTE3YjlkNDg2OWRmNjY0OTNjZmIwNWQ3ZDgy
ODk0YTYwHhcNMjQwMTAxMTIyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjdkZTNkYWVkNDZmNTlkZDE3NTMwYjY3ZTc5MWQ0ZDlkYzAzYTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAupaR/EpVhqBmmhMSuAWkbk0DEI+4
weyNbUhtQoielttci62Trnt4mfqHgOD+BnITD3tMJozc5oHqCllddI5wYFM0Az5l
fX+Eu07tTd/iQGX1Kle6/wlvv2KqYETMBpPvo2i5pDqXfMgLP80Bxn8JPAT6RQB7
VbtjmW3b7M1ajas7aHWcptBrbD+N6Mke+2ZORP3MziuP76gNLENpEMd+DVan3WcW
4yHcQ2kSPQhm3Q2S1pyvoDKQ9DYkWslgBSQy06sBY5Nx0AldMiYXGbyGphyvLuAD
c6If6Sh3ULD31cqMN9Qc8ru6JmzHa8H6UnIyp9piJ2gZrvmMZLVyrz5WowIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCt949rtRvWd0XUwtn55HU2dwDpgMB8GA1UdIwQY
MBaAFAehn0ahe51Iad9mSTz7BdfYKJSmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjZHZlJxRjduVWhwMzJaSlBQc0YxOWdvbEtZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC9hMGI2MDUtNTZmYi00Y2JhLThkZGMt
YjU4NTQxNzkxMGViLzEvSzMzajJ1MUc5WjNSZFRDMmZua2RUWjNBT21BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC9hMGI2MDUtNTZmYi00Y2JhLThkZGMtYjU4NTQxNzkxMGVi
LzEvQjZHZlJxRjduVWhwMzJaSlBQc0YxOWdvbEtZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDT2KYAwQE
2R0AMA0EAgACMAcDBQMqAgPAMA0GCSqGSIb3DQEBCwUAA4IBAQC7vxRC3Ky8YOVS
Jd523AcNbc2VsiEIJrAq4GSZNEie//seOsVwRBg3Q+H6Qqxjw+MXA+NMS+B97av4
dQPHN10GlE1DIVS5dT3WWPyCrwnoS0QWhRXDsqwY9I3dnFSSTS+hled5pLbRyYxO
07vSXFT6QpyVthvSbXns+kTZh0IuI/XUuKaESlrfXdNzSpuk+Bb6Mm4/9WgVaLP/
ffX2ayA9Awabdrq3nJrlilGwAFDh6CET3aXXShPf/RzJY1LDjTxPbTDTzIh3S6Iz
YZSEzvszDcyqfb0/EOdz9O5FgV2HEJxi+kRGDpnW/7pU85z57Zqm2s5WHEJM0QaY
b7aL6zfN
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:44:08 2025 by rpki-client