Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/6669bb-1f62-42a3-9e8d-49a6545786e6/1/0mG9hh5LdZH_wmQv18xmFEWjesM.roa
File: 0mG9hh5LdZH_wmQv18xmFEWjesM.roa (raw, json)
Hash identifier: V5E/0NjWR54bIFmsuWTO0ccKlkf99hhYlDF13KW7ViM=
Subject key identifier: D2:61:BD:86:1E:4B:75:91:FF:C2:64:2F:D7:CC:66:14:45:A3:7A:C3
Certificate issuer: /CN=c6c0fdbb65ca491cb83cc085a43e0340596ae873
Certificate serial: 0191DBFBA8CEC4488B79C6339B1D10D370E8
Authority key identifier: C6:C0:FD:BB:65:CA:49:1C:B8:3C:C0:85:A4:3E:03:40:59:6A:E8:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xsD9u2XKSRy4PMCFpD4DQFlq6HM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/6669bb-1f62-42a3-9e8d-49a6545786e6/1/0mG9hh5LdZH_wmQv18xmFEWjesM.roa
Signing time: Tue 10 Sep 2024 12:49:48 +0000
ROA not before: Tue 10 Sep 2024 12:49:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5631
IP address blocks: 79.173.128.0/18 maxlen: 18
79.173.128.0/19 maxlen: 19
79.173.128.0/20 maxlen: 20
79.173.128.0/21 maxlen: 21
79.173.136.0/21 maxlen: 21
79.173.144.0/21 maxlen: 21
79.173.152.0/21 maxlen: 21
79.173.160.0/19 maxlen: 19
79.173.160.0/21 maxlen: 21
79.173.168.0/21 maxlen: 21
79.173.176.0/21 maxlen: 21
79.173.184.0/21 maxlen: 21
83.143.224.0/21 maxlen: 21
83.143.224.0/22 maxlen: 22
83.143.228.0/22 maxlen: 22
2a00:5840::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 16 Sep 2024 12:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:db:fb:a8:ce:c4:48:8b:79:c6:33:9b:1d:10:d3:70:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6c0fdbb65ca491cb83cc085a43e0340596ae873
Validity
Not Before: Sep 10 12:49:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d261bd861e4b7591ffc2642fd7cc661445a37ac3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:b8:90:45:f6:13:51:4b:16:a5:ab:96:5b:4e:
65:0e:cd:6b:8d:31:f6:3a:24:01:f2:69:12:b8:fa:
30:83:f6:91:f5:84:00:be:d5:c7:43:3f:8f:59:6c:
17:e0:5a:37:10:64:6a:f9:1b:25:ae:c2:45:fb:cb:
cf:e2:25:ed:08:69:82:47:ad:75:99:54:02:09:f3:
e5:d4:96:c9:db:d1:56:7c:54:6c:f4:3a:c2:b8:e3:
f7:02:78:77:d0:99:26:8f:b0:c7:77:05:a2:74:0f:
5f:be:fd:a6:fb:68:87:af:a3:70:2f:6e:ed:5d:24:
63:c8:b7:00:a9:fe:66:1c:31:a0:24:d1:d3:8e:47:
c7:4c:3e:b0:fc:c8:b8:ef:d0:1f:a9:a7:9b:1b:28:
7e:d1:55:ff:95:72:4c:cc:b3:69:30:86:2f:26:79:
2e:a5:9f:1f:31:f5:e9:33:ec:36:95:fe:3e:da:9d:
06:a8:0a:68:96:c2:8c:2a:84:95:12:93:05:e4:62:
3c:d7:c0:91:80:2f:d0:55:0f:90:7e:7d:5c:95:69:
28:b6:67:5a:45:12:66:9d:2d:b6:53:e1:4e:a2:35:
42:bc:10:cf:19:41:94:9c:59:85:75:a2:68:be:4d:
b0:5a:76:53:0d:5f:a6:a6:79:d6:2d:16:91:90:79:
7c:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:61:BD:86:1E:4B:75:91:FF:C2:64:2F:D7:CC:66:14:45:A3:7A:C3
X509v3 Authority Key Identifier:
keyid:C6:C0:FD:BB:65:CA:49:1C:B8:3C:C0:85:A4:3E:03:40:59:6A:E8:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xsD9u2XKSRy4PMCFpD4DQFlq6HM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6669bb-1f62-42a3-9e8d-49a6545786e6/1/0mG9hh5LdZH_wmQv18xmFEWjesM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6669bb-1f62-42a3-9e8d-49a6545786e6/1/xsD9u2XKSRy4PMCFpD4DQFlq6HM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.173.128.0/18
83.143.224.0/21
IPv6:
2a00:5840::/32
Signature Algorithm: sha256WithRSAEncryption
a1:8b:3c:1b:69:51:a4:cb:99:21:33:7c:37:6e:78:cf:f7:bc:
e9:92:9f:b0:2e:7b:2e:16:2e:87:e9:af:a3:c9:a9:f8:ae:c0:
c5:c6:c2:b0:03:76:33:f3:58:fc:ee:b0:6a:f5:c9:b2:78:63:
e9:86:73:00:26:b3:12:b7:8d:2a:6a:fc:ca:cf:e9:cc:2f:6a:
59:a9:14:1e:ac:56:ae:46:da:04:3d:42:37:b5:d7:8c:4d:60:
01:65:2a:6c:03:a1:6d:21:91:fc:a8:c5:d8:c7:10:35:8a:9d:
1e:43:01:6c:9d:12:5f:ce:d9:42:9c:fc:bc:f6:e5:1e:17:cc:
04:31:0a:46:6e:d6:f5:3d:2b:21:38:6b:9e:04:91:7e:d6:2a:
cd:8f:54:bc:bb:8e:7d:dc:aa:2f:5f:00:bd:fe:2f:12:bf:75:
30:51:00:97:b8:2d:1a:80:26:2b:40:2c:92:dc:37:68:66:74:
ad:1b:63:7e:c5:cc:c8:66:84:bc:2f:59:86:46:7c:b8:00:cd:
b2:71:d7:6c:bf:55:6b:0e:e3:f7:0d:93:46:f2:99:92:6f:dc:
94:bb:8b:ab:39:e4:2c:da:7d:da:36:02:fb:98:f0:4e:42:8a:
a0:0f:70:7e:f7:1a:64:63:01:19:e6:cf:5a:a8:06:5d:51:bc:
21:21:da:c9
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZHb+6jOxEiLecYzmx0Q03DoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2YzBmZGJiNjVjYTQ5MWNiODNjYzA4NWE0M2UwMzQwNTk2
YWU4NzMwHhcNMjQwOTEwMTI0OTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjYxYmQ4NjFlNGI3NTkxZmZjMjY0MmZkN2NjNjYxNDQ1YTM3YWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuriQRfYTUUsWpauWW05lDs1rjTH2
OiQB8mkSuPowg/aR9YQAvtXHQz+PWWwX4Fo3EGRq+RslrsJF+8vP4iXtCGmCR611
mVQCCfPl1JbJ29FWfFRs9DrCuOP3Anh30Jkmj7DHdwWidA9fvv2m+2iHr6NwL27t
XSRjyLcAqf5mHDGgJNHTjkfHTD6w/Mi479AfqaebGyh+0VX/lXJMzLNpMIYvJnku
pZ8fMfXpM+w2lf4+2p0GqApolsKMKoSVEpMF5GI818CRgC/QVQ+Qfn1clWkotmda
RRJmnS22U+FOojVCvBDPGUGUnFmFdaJovk2wWnZTDV+mpnnWLRaRkHl8LQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNJhvYYeS3WR/8JkL9fMZhRFo3rDMB8GA1UdIwQY
MBaAFMbA/btlykkcuDzAhaQ+A0BZauhzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHNEOXUyWEtTUnk0UE1DRnBENERRRmxxNkhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi82NjY5YmItMWY2Mi00MmEzLTllOGQt
NDlhNjU0NTc4NmU2LzEvMG1HOWhoNUxkWkhfd21RdjE4eG1GRVdqZXNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi82NjY5YmItMWY2Mi00MmEzLTllOGQtNDlhNjU0NTc4NmU2
LzEveHNEOXUyWEtTUnk0UE1DRnBENERRRmxxNkhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQGT62AAwQD
U4/gMA0EAgACMAcDBQAqAFhAMA0GCSqGSIb3DQEBCwUAA4IBAQChizwbaVGky5kh
M3w3bnjP97zpkp+wLnsuFi6H6a+jyan4rsDFxsKwA3Yz81j87rBq9cmyeGPphnMA
JrMSt40qavzKz+nML2pZqRQerFauRtoEPUI3tdeMTWABZSpsA6FtIZH8qMXYxxA1
ip0eQwFsnRJfztlCnPy89uUeF8wEMQpGbtb1PSshOGueBJF+1irNj1S8u4593Kov
XwC9/i8Sv3UwUQCXuC0agCYrQCyS3DdoZnStG2N+xczIZoS8L1mGRny4AM2ycdds
v1VrDuP3DZNG8pmSb9yUu4urOeQs2n3aNgL7mPBOQoqgD3B+9xpkYwEZ5s9aqAZd
UbwhIdrJ
-----END CERTIFICATE-----
Generated at Mon Sep 16 16:37:21 2024 by rpki-client on console-fra.rpki-client.org