Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/a3a311-3784-4818-abf9-e5fd6e9842ab/1/d72IM6z88Uje7lVvyETdD9aTpsg.roa
File: d72IM6z88Uje7lVvyETdD9aTpsg.roa (raw, json)
Hash identifier: bvUJRvCOCCVq8XChHrh1N4BbGamYAWVZeiyCwCqIaPU=
Subject key identifier: 77:BD:88:33:AC:FC:F1:48:DE:EE:55:6F:C8:44:DD:0F:D6:93:A6:C8
Certificate issuer: /CN=ebfabfa628063f6b8e9888566f5f3fcfa798c621
Certificate serial: 018CC802FCAD07CA1F72BFE478BD5FA5536D
Authority key identifier: EB:FA:BF:A6:28:06:3F:6B:8E:98:88:56:6F:5F:3F:CF:A7:98:C6:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6_q_pigGP2uOmIhWb18_z6eYxiE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/a3a311-3784-4818-abf9-e5fd6e9842ab/1/d72IM6z88Uje7lVvyETdD9aTpsg.roa
Signing time: Tue 02 Jan 2024 02:31:28 +0000
ROA not before: Tue 02 Jan 2024 02:31:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39275
IP address blocks: 80.79.153.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:47:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:fc:ad:07:ca:1f:72:bf:e4:78:bd:5f:a5:53:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebfabfa628063f6b8e9888566f5f3fcfa798c621
Validity
Not Before: Jan 2 02:31:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=77bd8833acfcf148deee556fc844dd0fd693a6c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:75:1f:de:60:f7:c4:da:e5:53:b5:cc:d3:8b:
3c:c0:d7:23:95:34:68:96:fa:f4:1f:6b:72:95:89:
cc:8f:4b:29:87:93:c9:d0:22:b1:e2:dd:50:21:5b:
40:90:3b:0f:45:58:e0:76:33:e7:fb:25:d5:17:7f:
31:4b:46:5c:e0:0e:70:d3:f7:02:74:83:01:43:70:
fb:de:1d:8f:e0:15:4c:4e:a3:a3:b3:5d:ff:ee:29:
8d:04:a3:38:e6:ed:bb:91:75:7d:6c:d7:d4:81:b1:
fe:39:fe:a1:5b:0d:4a:34:5d:f9:07:cc:74:5a:92:
81:c1:17:98:92:89:52:3e:60:2f:79:04:3c:b5:9b:
51:a5:d1:76:5e:20:11:a6:c4:4d:4c:bd:4f:39:c0:
79:e0:23:a9:db:05:37:d3:ca:b7:37:f5:d4:24:4c:
94:45:f8:93:d2:03:c3:18:0a:be:5e:5c:83:d0:b5:
09:b9:95:9d:f0:08:c6:99:94:6c:49:41:a4:97:c9:
e1:78:08:66:32:8c:33:e9:1a:5a:de:87:01:50:6e:
6a:68:30:d9:18:cc:84:df:91:30:d9:15:6d:2d:23:
64:eb:f9:1b:64:77:35:a2:1d:17:26:0c:b0:50:88:
83:1b:3d:2b:6f:fc:cb:e4:46:78:15:b4:c0:e8:79:
85:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:BD:88:33:AC:FC:F1:48:DE:EE:55:6F:C8:44:DD:0F:D6:93:A6:C8
X509v3 Authority Key Identifier:
keyid:EB:FA:BF:A6:28:06:3F:6B:8E:98:88:56:6F:5F:3F:CF:A7:98:C6:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6_q_pigGP2uOmIhWb18_z6eYxiE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/a3a311-3784-4818-abf9-e5fd6e9842ab/1/d72IM6z88Uje7lVvyETdD9aTpsg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/a3a311-3784-4818-abf9-e5fd6e9842ab/1/6_q_pigGP2uOmIhWb18_z6eYxiE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.79.153.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:e9:4d:9f:81:36:37:8e:bf:14:10:ac:25:97:fc:a7:61:9a:
9d:5e:9c:f2:9d:12:65:e2:8e:4d:8f:61:b0:7b:0b:cb:f3:c7:
d6:0a:31:ad:48:13:68:1e:74:97:92:6d:17:85:e4:5e:34:42:
55:2d:1a:e3:92:b2:a3:a0:09:70:13:6d:32:f1:32:53:98:7c:
83:4a:fb:b3:45:83:b9:41:1e:4f:ff:2a:b5:c7:a1:95:fc:17:
32:26:c7:97:44:c5:94:64:dd:9d:06:5e:e0:95:eb:43:1e:ef:
0f:d9:ad:6a:ae:f0:9c:b5:5c:b0:30:f9:cc:d5:d8:6b:17:24:
c6:29:25:c4:fc:eb:7e:5e:e7:59:a4:60:83:99:27:46:2a:20:
6a:89:8b:fa:14:72:cc:a7:75:78:93:55:de:06:fb:08:e4:02:
2d:c7:b0:71:6c:d0:be:ab:4b:ab:ad:f9:ff:82:96:6a:06:d9:
69:40:89:32:39:f6:40:31:53:8b:75:1b:50:8e:e6:07:ce:f0:
88:c1:40:06:dd:41:84:43:16:3b:6b:3a:a2:46:94:9c:80:c6:
3a:af:0e:d2:5f:d0:af:fd:00:6a:e5:3f:fe:75:c3:44:5d:c3:
f6:5a:5c:fa:27:fb:6f:60:9b:50:03:d1:1a:67:6d:43:72:16:
89:ef:c1:f2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAvytB8ofcr/keL1fpVNtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViZmFiZmE2MjgwNjNmNmI4ZTk4ODg1NjZmNWYzZmNmYTc5
OGM2MjEwHhcNMjQwMTAyMDIzMTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2JkODgzM2FjZmNmMTQ4ZGVlZTU1NmZjODQ0ZGQwZmQ2OTNhNmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl3Uf3mD3xNrlU7XM04s8wNcjlTRo
lvr0H2tylYnMj0sph5PJ0CKx4t1QIVtAkDsPRVjgdjPn+yXVF38xS0Zc4A5w0/cC
dIMBQ3D73h2P4BVMTqOjs13/7imNBKM45u27kXV9bNfUgbH+Of6hWw1KNF35B8x0
WpKBwReYkolSPmAveQQ8tZtRpdF2XiARpsRNTL1POcB54COp2wU308q3N/XUJEyU
RfiT0gPDGAq+XlyD0LUJuZWd8AjGmZRsSUGkl8nheAhmMowz6Rpa3ocBUG5qaDDZ
GMyE35Ew2RVtLSNk6/kbZHc1oh0XJgywUIiDGz0rb/zL5EZ4FbTA6HmFGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHe9iDOs/PFI3u5Vb8hE3Q/Wk6bIMB8GA1UdIwQY
MBaAFOv6v6YoBj9rjpiIVm9fP8+nmMYhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNl9xX3BpZ0dQMnVPbUloV2IxOF96NmVZeGlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9hM2EzMTEtMzc4NC00ODE4LWFiZjkt
ZTVmZDZlOTg0MmFiLzEvZDcySU02ejg4VWplN2xWdnlFVGREOWFUcHNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9hM2EzMTEtMzc4NC00ODE4LWFiZjktZTVmZDZlOTg0MmFi
LzEvNl9xX3BpZ0dQMnVPbUloV2IxOF96NmVZeGlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUE+ZMA0G
CSqGSIb3DQEBCwUAA4IBAQCO6U2fgTY3jr8UEKwll/ynYZqdXpzynRJl4o5Nj2Gw
ewvL88fWCjGtSBNoHnSXkm0XheReNEJVLRrjkrKjoAlwE20y8TJTmHyDSvuzRYO5
QR5P/yq1x6GV/BcyJseXRMWUZN2dBl7gletDHu8P2a1qrvCctVywMPnM1dhrFyTG
KSXE/Ot+XudZpGCDmSdGKiBqiYv6FHLMp3V4k1XeBvsI5AItx7BxbNC+q0urrfn/
gpZqBtlpQIkyOfZAMVOLdRtQjuYHzvCIwUAG3UGEQxY7azqiRpScgMY6rw7SX9Cv
/QBq5T/+dcNEXcP2Wlz6J/tvYJtQA9EaZ21DchaJ78Hy
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:31:07 2025 by rpki-client