Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/5df16b-bc66-40dd-a731-35b56ccca849/1/rSomT4yz766M1IE1_L3YQKUsekk.roa
File: rSomT4yz766M1IE1_L3YQKUsekk.roa (raw, json)
Hash identifier: wq2pUhjcQXOsh/0liLne6WVNfwokgiYft/6MIK+GCgY=
Subject key identifier: AD:2A:26:4F:8C:B3:EF:AE:8C:D4:81:35:FC:BD:D8:40:A5:2C:7A:49
Certificate issuer: /CN=eecf3f75ef8306b6c593a423cda1986bde3de948
Certificate serial: 018570FBBB10B4ABBD5A470488A3DE2ED99D
Authority key identifier: EE:CF:3F:75:EF:83:06:B6:C5:93:A4:23:CD:A1:98:6B:DE:3D:E9:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7s8_de-DBrbFk6QjzaGYa9496Ug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/5df16b-bc66-40dd-a731-35b56ccca849/1/rSomT4yz766M1IE1_L3YQKUsekk.roa
Signing time: Mon 02 Jan 2023 05:37:03 +0000
ROA not before: Mon 02 Jan 2023 05:37:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43845
IP address blocks: 79.170.202.0/24 maxlen: 24
79.170.206.0/24 maxlen: 24
79.170.205.0/24 maxlen: 24
79.170.204.0/24 maxlen: 24
79.170.201.0/24 maxlen: 24
79.170.203.0/24 maxlen: 24
79.170.200.0/24 maxlen: 24
79.170.207.0/24 maxlen: 24
2a09:6c80::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fb:bb:10:b4:ab:bd:5a:47:04:88:a3:de:2e:d9:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eecf3f75ef8306b6c593a423cda1986bde3de948
Validity
Not Before: Jan 2 05:37:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ad2a264f8cb3efae8cd48135fcbdd840a52c7a49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:46:fb:74:4d:80:eb:f8:0e:da:05:3c:85:65:
a9:62:dc:1f:d5:3f:21:01:d0:d7:2e:e0:39:6d:83:
f8:44:c4:32:e1:fa:5a:0e:4e:31:43:2a:51:9f:96:
c6:73:9c:8b:e6:ff:59:b3:58:4a:8c:60:53:3f:90:
04:18:7d:1d:d2:9e:c9:a0:b6:84:cd:cd:23:b7:bf:
4c:df:28:ac:8d:26:20:89:3f:94:8f:2c:ab:1b:0d:
26:d4:1a:89:76:5f:fb:50:c7:2a:b8:49:2f:98:55:
14:0f:45:a7:cb:9b:19:7d:df:29:e7:08:d6:78:75:
e6:ae:e4:a7:de:3f:07:26:9f:f7:bc:16:26:76:3a:
ad:0f:20:59:b0:05:89:16:59:56:8e:2a:ee:5a:e2:
6e:00:af:68:47:3c:b1:03:d4:b3:de:02:5e:9e:13:
22:93:50:63:1f:65:6a:3f:e8:27:09:80:d8:55:25:
6e:71:02:b7:04:38:f7:b4:bf:2a:e1:b8:07:14:4c:
8f:f1:d2:a0:28:81:94:e0:82:e3:9d:49:10:27:38:
c9:1c:43:1a:13:a0:63:32:08:eb:d9:01:26:1f:be:
1e:bd:00:78:34:8a:14:e2:ad:97:75:3f:c3:3b:3f:
33:6d:95:24:28:56:19:be:55:19:2d:89:2c:2c:04:
4c:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:2A:26:4F:8C:B3:EF:AE:8C:D4:81:35:FC:BD:D8:40:A5:2C:7A:49
X509v3 Authority Key Identifier:
keyid:EE:CF:3F:75:EF:83:06:B6:C5:93:A4:23:CD:A1:98:6B:DE:3D:E9:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7s8_de-DBrbFk6QjzaGYa9496Ug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/5df16b-bc66-40dd-a731-35b56ccca849/1/rSomT4yz766M1IE1_L3YQKUsekk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/5df16b-bc66-40dd-a731-35b56ccca849/1/7s8_de-DBrbFk6QjzaGYa9496Ug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.170.200.0/21
IPv6:
2a09:6c80::/32
Signature Algorithm: sha256WithRSAEncryption
8d:27:49:63:dd:bd:d0:2a:b3:6c:5b:5b:fe:20:af:8e:cb:52:
1e:f3:9a:06:7b:45:19:6c:8f:7b:cc:57:81:cd:47:1e:90:5f:
99:50:0c:ee:ce:65:74:6e:15:fb:38:a6:bb:54:27:03:53:51:
df:b1:90:da:b0:13:f4:d2:b9:70:01:79:97:ef:a1:20:41:81:
ee:eb:c8:1c:0c:7b:25:36:c1:9f:e3:10:8f:a0:3c:03:59:06:
b4:e6:bd:ed:93:10:37:d1:ae:3c:13:08:93:ad:66:a9:d0:27:
0b:f1:6f:e7:b4:1d:fc:cb:70:fb:22:20:6e:3e:ae:d8:76:ee:
08:52:e6:1f:16:a2:0d:cf:34:46:c4:d4:ed:36:14:e1:14:fd:
0f:01:38:e6:a1:a7:5c:bb:71:f3:97:61:6d:ea:f1:8f:f6:66:
09:b6:3f:f5:2b:43:b3:fd:dd:e7:6b:41:33:68:af:19:43:d0:
63:a5:df:c0:43:65:a4:e1:3f:5f:af:34:4a:de:58:ba:ba:d5:
e5:22:1c:03:97:ae:13:f6:f8:e9:90:f0:53:28:a8:b7:fc:28:
ce:1f:71:24:17:17:12:12:62:cf:32:cc:03:c1:01:d5:7d:76:
a8:40:b7:59:c0:88:b3:17:1f:fa:1a:86:db:b4:41:7c:db:72:
8f:e8:54:b4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVw+7sQtKu9WkcEiKPeLtmdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlY2YzZjc1ZWY4MzA2YjZjNTkzYTQyM2NkYTE5ODZiZGUz
ZGU5NDgwHhcNMjMwMTAyMDUzNzAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDJhMjY0ZjhjYjNlZmFlOGNkNDgxMzVmY2JkZDg0MGE1MmM3YTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg0b7dE2A6/gO2gU8hWWpYtwf1T8h
AdDXLuA5bYP4RMQy4fpaDk4xQypRn5bGc5yL5v9Zs1hKjGBTP5AEGH0d0p7JoLaE
zc0jt79M3yisjSYgiT+UjyyrGw0m1BqJdl/7UMcquEkvmFUUD0Wny5sZfd8p5wjW
eHXmruSn3j8HJp/3vBYmdjqtDyBZsAWJFllWjiruWuJuAK9oRzyxA9Sz3gJenhMi
k1BjH2VqP+gnCYDYVSVucQK3BDj3tL8q4bgHFEyP8dKgKIGU4ILjnUkQJzjJHEMa
E6BjMgjr2QEmH74evQB4NIoU4q2XdT/DOz8zbZUkKFYZvlUZLYksLARMTQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFK0qJk+Ms++ujNSBNfy92EClLHpJMB8GA1UdIwQY
MBaAFO7PP3Xvgwa2xZOkI82hmGvePelIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3M4X2RlLURCcmJGazZRanphR1lhOTQ5NlVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS81ZGYxNmItYmM2Ni00MGRkLWE3MzEt
MzViNTZjY2NhODQ5LzEvclNvbVQ0eXo3NjZNMUlFMV9MM1lRS1VzZWtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS81ZGYxNmItYmM2Ni00MGRkLWE3MzEtMzViNTZjY2NhODQ5
LzEvN3M4X2RlLURCcmJGazZRanphR1lhOTQ5NlVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDT6rIMA0E
AgACMAcDBQAqCWyAMA0GCSqGSIb3DQEBCwUAA4IBAQCNJ0lj3b3QKrNsW1v+IK+O
y1Ie85oGe0UZbI97zFeBzUcekF+ZUAzuzmV0bhX7OKa7VCcDU1HfsZDasBP00rlw
AXmX76EgQYHu68gcDHslNsGf4xCPoDwDWQa05r3tkxA30a48EwiTrWap0CcL8W/n
tB38y3D7IiBuPq7Ydu4IUuYfFqINzzRGxNTtNhThFP0PATjmoadcu3Hzl2Ft6vGP
9mYJtj/1K0Oz/d3na0EzaK8ZQ9Bjpd/AQ2Wk4T9frzRK3li6utXlIhwDl64T9vjp
kPBTKKi3/CjOH3EkFxcSEmLPMswDwQHVfXaoQLdZwIizFx/6GobbtEF823KP6FS0
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:28:16 2024 by rpki-client on console-fra.rpki-client.org