Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/97e1e2-567f-414e-9b03-c18ad36a7b30/1/lBw2BctLmySgw4HULGNF9Svml3Q.roa
File: lBw2BctLmySgw4HULGNF9Svml3Q.roa (raw, json)
Hash identifier: 4hOkiEh7jtECuFVr/gF4pCqANNDHsaXmyrVhbX60tPU=
Subject key identifier: 94:1C:36:05:CB:4B:9B:24:A0:C3:81:D4:2C:63:45:F5:2B:E6:97:74
Certificate issuer: /CN=63082d6d3a1dc501795737537ca74d27a80265a2
Certificate serial: 018CCA2A5E23C2BF1C352A530DE5B86441BE
Authority key identifier: 63:08:2D:6D:3A:1D:C5:01:79:57:37:53:7C:A7:4D:27:A8:02:65:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YwgtbTodxQF5VzdTfKdNJ6gCZaI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/97e1e2-567f-414e-9b03-c18ad36a7b30/1/lBw2BctLmySgw4HULGNF9Svml3Q.roa
Signing time: Tue 02 Jan 2024 12:33:43 +0000
ROA not before: Tue 02 Jan 2024 12:33:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62205
IP address blocks: 79.174.184.0/21 maxlen: 21
185.44.164.0/22 maxlen: 24
185.77.228.0/22 maxlen: 22
185.77.240.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 15 May 2024 11:20:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:5e:23:c2:bf:1c:35:2a:53:0d:e5:b8:64:41:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63082d6d3a1dc501795737537ca74d27a80265a2
Validity
Not Before: Jan 2 12:33:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=941c3605cb4b9b24a0c381d42c6345f52be69774
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:2f:05:c6:d2:a7:38:bf:25:25:3f:a0:66:be:
c2:4f:69:81:4e:aa:40:88:01:cb:10:65:41:df:ed:
4b:9e:52:6b:a6:b6:c5:5d:e8:c5:41:f3:2c:f7:49:
af:5f:e3:fa:22:fd:a9:ea:17:32:02:4e:1b:e5:12:
da:77:76:f2:ed:11:48:60:ea:c2:92:ca:9d:5a:92:
6c:5d:b0:ba:53:46:10:09:e9:74:e4:7a:85:31:2a:
f0:41:dc:1c:45:05:aa:63:fc:ea:12:cc:9b:56:f3:
50:c4:6c:21:9b:6f:83:6e:07:77:22:59:4a:e8:e2:
03:66:a0:a1:70:6d:a3:26:bd:81:78:c2:db:18:b1:
22:5c:83:b8:56:9d:bb:4c:f1:5a:f8:9e:19:6d:ee:
28:42:46:be:46:a7:b6:87:5a:22:7c:87:d9:2e:4d:
50:fa:1a:ef:a8:84:4c:66:b9:73:2d:a0:58:f5:bc:
fb:72:76:3d:7e:e1:35:eb:f5:d8:28:1a:c3:a7:68:
67:2c:2a:d9:e0:46:00:34:0e:c8:94:07:cb:d5:b8:
cd:5f:56:69:f0:1f:b4:59:7f:98:fa:0e:6d:cf:d2:
bd:d6:b5:2e:c8:b4:62:01:7f:39:d0:b5:ff:ca:d3:
3e:99:3c:fc:b7:6a:71:19:6f:32:3f:a2:b2:b6:e9:
3e:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:1C:36:05:CB:4B:9B:24:A0:C3:81:D4:2C:63:45:F5:2B:E6:97:74
X509v3 Authority Key Identifier:
keyid:63:08:2D:6D:3A:1D:C5:01:79:57:37:53:7C:A7:4D:27:A8:02:65:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YwgtbTodxQF5VzdTfKdNJ6gCZaI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/97e1e2-567f-414e-9b03-c18ad36a7b30/1/lBw2BctLmySgw4HULGNF9Svml3Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/97e1e2-567f-414e-9b03-c18ad36a7b30/1/YwgtbTodxQF5VzdTfKdNJ6gCZaI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.174.184.0/21
185.44.164.0/22
185.77.228.0/22
185.77.240.0/22
Signature Algorithm: sha256WithRSAEncryption
2d:de:d2:fc:96:06:52:ed:55:6b:f1:4e:b0:dd:5b:b2:df:39:
6c:52:fb:64:f0:9d:0e:d4:a9:02:ed:cd:f2:4f:53:64:a8:d7:
6d:c2:59:c9:0b:f5:94:f7:c1:83:a1:89:25:25:2c:d9:85:2a:
9f:50:25:d8:10:35:52:f0:1c:f7:75:37:41:d5:71:84:3f:e8:
fb:71:7d:c5:a4:5f:92:75:81:f2:ef:69:0f:f8:46:62:ae:d9:
f0:17:5e:17:1e:c7:1c:a9:61:ca:90:77:fc:3d:f6:07:7f:b6:
c1:e7:d3:69:53:c7:dc:6a:1b:1d:b7:91:4e:94:e3:cd:6e:a4:
22:8a:f5:72:55:54:61:3b:11:c7:42:e5:21:4a:43:9c:4e:4a:
eb:8e:a1:40:72:22:0a:a0:ce:3d:85:65:77:ee:34:c4:2c:3f:
43:04:ce:d9:68:f3:3a:fe:ac:24:cd:11:28:96:55:6f:77:42:
b9:a2:95:4a:41:3a:00:62:67:2e:21:0d:b7:af:10:79:41:14:
2f:bf:10:24:b5:49:49:61:c8:77:70:d7:65:f6:4a:28:bd:23:
1f:f8:aa:cd:2f:9b:1f:f7:0c:00:e4:f3:fe:d6:60:71:aa:3e:
bb:d9:ea:ae:9b:68:a6:96:67:da:b7:c9:23:79:45:82:9b:88:
21:6e:ec:21
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzKKl4jwr8cNSpTDeW4ZEG+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMDgyZDZkM2ExZGM1MDE3OTU3Mzc1MzdjYTc0ZDI3YTgw
MjY1YTIwHhcNMjQwMTAyMTIzMzQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDFjMzYwNWNiNGI5YjI0YTBjMzgxZDQyYzYzNDVmNTJiZTY5Nzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiS8FxtKnOL8lJT+gZr7CT2mBTqpA
iAHLEGVB3+1LnlJrprbFXejFQfMs90mvX+P6Iv2p6hcyAk4b5RLad3by7RFIYOrC
ksqdWpJsXbC6U0YQCel05HqFMSrwQdwcRQWqY/zqEsybVvNQxGwhm2+Dbgd3IllK
6OIDZqChcG2jJr2BeMLbGLEiXIO4Vp27TPFa+J4Zbe4oQka+Rqe2h1oifIfZLk1Q
+hrvqIRMZrlzLaBY9bz7cnY9fuE16/XYKBrDp2hnLCrZ4EYANA7IlAfL1bjNX1Zp
8B+0WX+Y+g5tz9K91rUuyLRiAX850LX/ytM+mTz8t2pxGW8yP6Kytuk+WwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJQcNgXLS5skoMOB1CxjRfUr5pd0MB8GA1UdIwQY
MBaAFGMILW06HcUBeVc3U3ynTSeoAmWiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXdndGJUb2R4UUY1VnpkVGZLZE5KNmdDWmFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85N2UxZTItNTY3Zi00MTRlLTliMDMt
YzE4YWQzNmE3YjMwLzEvbEJ3MkJjdExteVNndzRIVUxHTkY5U3ZtbDNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85N2UxZTItNTY3Zi00MTRlLTliMDMtYzE4YWQzNmE3YjMw
LzEvWXdndGJUb2R4UUY1VnpkVGZLZE5KNmdDWmFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDT664AwQC
uSykAwQCuU3kAwQCuU3wMA0GCSqGSIb3DQEBCwUAA4IBAQAt3tL8lgZS7VVr8U6w
3Vuy3zlsUvtk8J0O1KkC7c3yT1NkqNdtwlnJC/WU98GDoYklJSzZhSqfUCXYEDVS
8Bz3dTdB1XGEP+j7cX3FpF+SdYHy72kP+EZirtnwF14XHsccqWHKkHf8PfYHf7bB
59NpU8fcahsdt5FOlOPNbqQiivVyVVRhOxHHQuUhSkOcTkrrjqFAciIKoM49hWV3
7jTELD9DBM7ZaPM6/qwkzREollVvd0K5opVKQToAYmcuIQ23rxB5QRQvvxAktUlJ
Ych3cNdl9koovSMf+KrNL5sf9wwA5PP+1mBxqj672equm2imlmfat8kjeUWCm4gh
buwh
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:27:47 2025 by rpki-client