Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/3362c6-a03a-4f9f-a091-b762c0175f27/1/0UuZe4PiUDzgPLjVS-6KL06hNg0.roa
File: 0UuZe4PiUDzgPLjVS-6KL06hNg0.roa (raw, json)
Hash identifier: Rv51rDK5v3eYU2rsDthysFVSpk7nzYd4D+BQ/xoqBko=
Subject key identifier: D1:4B:99:7B:83:E2:50:3C:E0:3C:B8:D5:4B:EE:8A:2F:4E:A1:36:0D
Certificate issuer: /CN=ca1c7571596e444aa32371cbab724d46d3c3c52c
Certificate serial: 01917A48E2A74F1F036053BDF7759EBD3CDA
Authority key identifier: CA:1C:75:71:59:6E:44:4A:A3:23:71:CB:AB:72:4D:46:D3:C3:C5:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yhx1cVluREqjI3HLq3JNRtPDxSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/3362c6-a03a-4f9f-a091-b762c0175f27/1/0UuZe4PiUDzgPLjVS-6KL06hNg0.roa
Signing time: Thu 22 Aug 2024 13:31:22 +0000
ROA not before: Thu 22 Aug 2024 13:31:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210644
IP address blocks: 79.137.194.0/23 maxlen: 23
79.137.196.0/22 maxlen: 22
79.137.202.0/23 maxlen: 23
79.137.204.0/23 maxlen: 23
79.137.206.0/24 maxlen: 24
79.137.207.0/24 maxlen: 24
79.137.248.0/24 maxlen: 24
85.192.40.0/23 maxlen: 23
85.192.56.0/24 maxlen: 24
85.192.60.0/24 maxlen: 24
85.192.61.0/24 maxlen: 24
85.192.63.0/24 maxlen: 24
89.208.96.0/24 maxlen: 24
89.208.97.0/24 maxlen: 24
89.208.103.0/24 maxlen: 24
89.208.104.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 26 Aug 2024 14:41:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:7a:48:e2:a7:4f:1f:03:60:53:bd:f7:75:9e:bd:3c:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca1c7571596e444aa32371cbab724d46d3c3c52c
Validity
Not Before: Aug 22 13:31:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d14b997b83e2503ce03cb8d54bee8a2f4ea1360d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:43:54:f4:b0:b0:80:70:1e:08:98:fe:f2:91:
87:05:7f:dc:63:76:13:ff:d6:d2:7b:4e:61:3d:ec:
8d:de:ec:d2:cb:5d:e1:fe:c8:ee:b7:27:7c:d3:8b:
d8:e3:99:0f:d0:b8:fa:53:e4:4f:41:81:1f:fb:0e:
39:4b:de:f5:18:d4:ed:ac:fe:52:ad:b6:78:b9:dd:
61:62:e2:25:20:d4:e1:f9:1a:19:b7:28:fa:54:bb:
66:7c:e1:97:bf:0c:a4:20:ce:b7:54:64:21:49:10:
fd:fd:4b:37:8b:79:fe:17:fd:79:0d:5e:be:a9:15:
4b:70:51:5c:84:82:97:a9:f7:26:ac:1c:e8:43:51:
a7:c2:6b:f5:b9:6c:f2:0e:ba:8e:04:a7:64:15:11:
35:f1:c4:38:27:f5:40:54:e4:25:99:d1:44:79:ba:
b8:6e:15:10:0c:0d:32:fd:ac:1e:1c:5b:ab:cf:8e:
d6:ce:d4:34:85:ca:b4:f0:76:5d:fc:da:af:04:d6:
78:b7:f0:9b:f6:57:36:3f:65:51:b1:08:71:ca:a5:
f8:16:b7:35:d3:4f:26:e9:07:92:a8:8c:9c:60:3d:
11:62:1b:78:a0:98:b1:3e:64:36:65:4a:8f:d5:65:
42:9d:28:cb:45:dd:6e:fd:af:b4:18:52:0d:ef:f1:
03:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:4B:99:7B:83:E2:50:3C:E0:3C:B8:D5:4B:EE:8A:2F:4E:A1:36:0D
X509v3 Authority Key Identifier:
keyid:CA:1C:75:71:59:6E:44:4A:A3:23:71:CB:AB:72:4D:46:D3:C3:C5:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yhx1cVluREqjI3HLq3JNRtPDxSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3362c6-a03a-4f9f-a091-b762c0175f27/1/0UuZe4PiUDzgPLjVS-6KL06hNg0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3362c6-a03a-4f9f-a091-b762c0175f27/1/yhx1cVluREqjI3HLq3JNRtPDxSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.137.194.0-79.137.199.255
79.137.202.0-79.137.207.255
79.137.248.0/24
85.192.40.0/23
85.192.56.0/24
85.192.60.0/23
85.192.63.0/24
89.208.96.0/23
89.208.103.0-89.208.107.255
Signature Algorithm: sha256WithRSAEncryption
98:a9:51:9f:f9:89:a8:40:35:0a:24:5b:d4:3f:25:1b:29:48:
96:fc:58:09:08:a5:0d:9f:be:42:ab:15:52:fb:c4:66:f0:d2:
25:f6:1c:ee:99:9e:64:01:78:29:6a:97:4c:d0:e7:7e:47:76:
99:40:b0:d9:db:a8:6c:41:4d:35:83:a2:9d:7c:81:d3:6a:04:
4e:6a:34:74:dd:c5:05:a7:e5:3e:8e:3b:df:26:2c:9d:14:0d:
5a:15:6d:ad:28:2a:bf:8f:d0:2a:6a:89:27:a5:c9:56:af:84:
5b:ae:c9:a4:25:d4:87:c5:5e:64:e5:b6:36:d8:b4:19:0d:8f:
e2:72:3e:7f:c5:1c:90:82:53:43:e7:ac:df:48:64:49:92:70:
ae:9b:36:2f:09:3d:e5:9f:14:d7:1b:e1:15:24:5e:7f:39:f8:
18:9b:e9:d1:1d:f5:e0:a4:cd:95:12:70:51:ce:b7:a1:fe:ca:
ff:d4:78:47:61:2d:34:45:cb:a7:55:07:6e:c6:0f:ea:f0:be:
b5:18:1b:62:17:bc:02:f0:f2:b8:6b:9a:7e:1a:38:2c:2a:13:
29:ae:04:14:0f:a5:c4:6d:49:a5:69:5c:cf:74:4b:58:0f:66:
ee:ab:2c:05:a7:63:16:34:cf:f1:5c:a0:32:6e:e2:cd:3f:c4:
dc:6d:72:16
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZF6SOKnTx8DYFO993WevTzaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMWM3NTcxNTk2ZTQ0NGFhMzIzNzFjYmFiNzI0ZDQ2ZDNj
M2M1MmMwHhcNMjQwODIyMTMzMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTRiOTk3YjgzZTI1MDNjZTAzY2I4ZDU0YmVlOGEyZjRlYTEzNjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqUNU9LCwgHAeCJj+8pGHBX/cY3YT
/9bSe05hPeyN3uzSy13h/sjutyd804vY45kP0Lj6U+RPQYEf+w45S971GNTtrP5S
rbZ4ud1hYuIlINTh+RoZtyj6VLtmfOGXvwykIM63VGQhSRD9/Us3i3n+F/15DV6+
qRVLcFFchIKXqfcmrBzoQ1Gnwmv1uWzyDrqOBKdkFRE18cQ4J/VAVOQlmdFEebq4
bhUQDA0y/aweHFurz47WztQ0hcq08HZd/NqvBNZ4t/Cb9lc2P2VRsQhxyqX4Frc1
008m6QeSqIycYD0RYht4oJixPmQ2ZUqP1WVCnSjLRd1u/a+0GFIN7/EDkwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFNFLmXuD4lA84Dy41Uvuii9OoTYNMB8GA1UdIwQY
MBaAFMocdXFZbkRKoyNxy6tyTUbTw8UsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWh4MWNWbHVSRXFqSTNITHEzSk5SdFBEeFN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8zMzYyYzYtYTAzYS00ZjlmLWEwOTEt
Yjc2MmMwMTc1ZjI3LzEvMFV1WmU0UGlVRHpnUExqVlMtNktMMDZoTmcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8zMzYyYzYtYTAzYS00ZjlmLWEwOTEtYjc2MmMwMTc1ZjI3
LzEveWh4MWNWbHVSRXFqSTNITHEzSk5SdFBEeFN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOMAwDBAFPicID
BANPicAwDAMEAU+JygMEBE+JwAMEAE+J+AMEAVXAKAMEAFXAOAMEAVXAPAMEAFXA
PwMEAVnQYDAMAwQAWdBnAwQCWdBoMA0GCSqGSIb3DQEBCwUAA4IBAQCYqVGf+Ymo
QDUKJFvUPyUbKUiW/FgJCKUNn75CqxVS+8Rm8NIl9hzumZ5kAXgpapdM0Od+R3aZ
QLDZ26hsQU01g6KdfIHTagROajR03cUFp+U+jjvfJiydFA1aFW2tKCq/j9Aqaokn
pclWr4RbrsmkJdSHxV5k5bY22LQZDY/icj5/xRyQglND56zfSGRJknCumzYvCT3l
nxTXG+EVJF5/OfgYm+nRHfXgpM2VEnBRzreh/sr/1HhHYS00RcunVQduxg/q8L61
GBtiF7wC8PK4a5p+GjgsKhMprgQUD6XEbUmlaVzPdEtYD2buqywFp2MWNM/xXKAy
buLNP8TcbXIW
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:21:52 2025 by rpki-client