Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/052118-c46b-48b4-87dc-5ed5270edf23/1/xNxVAo9vurlABCKsQiWz1vXaXuo.roa
File: xNxVAo9vurlABCKsQiWz1vXaXuo.roa (raw, json)
Hash identifier: kKgVwoxtG/BQ2f9Hkfm1sw7CorO+YBlpWcaG3fjrXqc=
Subject key identifier: C4:DC:55:02:8F:6F:BA:B9:40:04:22:AC:42:25:B3:D6:F5:DA:5E:EA
Certificate issuer: /CN=90b5bb80feef344650a9a773f61f0b2cfbf7ce8c
Certificate serial: 018EE197D11FE93DD9595BF8540D1B07B1A2
Authority key identifier: 90:B5:BB:80:FE:EF:34:46:50:A9:A7:73:F6:1F:0B:2C:FB:F7:CE:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kLW7gP7vNEZQqadz9h8LLPv3zow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/052118-c46b-48b4-87dc-5ed5270edf23/1/xNxVAo9vurlABCKsQiWz1vXaXuo.roa
Signing time: Mon 15 Apr 2024 11:50:06 +0000
ROA not before: Mon 15 Apr 2024 11:50:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43191
IP address blocks: 79.170.118.0/23 maxlen: 23
79.170.118.0/24 maxlen: 24
79.170.119.0/24 maxlen: 24
185.80.68.0/23 maxlen: 23
185.80.68.0/24 maxlen: 24
185.80.69.0/24 maxlen: 24
185.80.70.0/23 maxlen: 23
185.80.70.0/24 maxlen: 24
185.80.71.0/24 maxlen: 24
2a03:5fe0::/32 maxlen: 32
2a03:5fe1::/32 maxlen: 32
2a03:5fe2::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:48:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e1:97:d1:1f:e9:3d:d9:59:5b:f8:54:0d:1b:07:b1:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90b5bb80feef344650a9a773f61f0b2cfbf7ce8c
Validity
Not Before: Apr 15 11:50:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c4dc55028f6fbab9400422ac4225b3d6f5da5eea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:14:0c:e2:09:8d:70:4f:32:1f:5f:3e:91:a3:
54:60:eb:8e:e3:84:d5:91:c8:34:db:08:ad:92:ab:
8c:43:81:47:11:a6:f7:fa:13:9b:47:1b:1a:23:2c:
8a:ad:dc:02:11:5a:fd:25:4d:9c:a8:29:53:a1:4b:
80:ca:ad:b1:0e:26:24:97:7e:3f:80:c6:55:52:72:
1d:4f:b3:04:79:9f:5d:78:22:c5:6b:0d:61:a4:63:
80:ee:05:02:fe:4f:9f:30:64:f9:b3:4d:d9:be:2e:
85:56:a5:2d:33:67:dd:1c:1c:25:d5:fa:4e:fe:2a:
2a:21:b8:ca:e5:4c:fc:9f:e6:3c:85:e9:b7:dc:6f:
ce:5a:71:f6:22:7f:d3:7e:6a:04:7c:c7:5d:2f:b6:
2d:a4:8c:ed:a4:d2:98:4c:09:54:e4:a0:9f:cf:db:
56:0e:4b:01:bc:b6:ed:58:db:e0:04:be:ed:bf:66:
6b:36:09:94:c4:54:4a:49:f1:0a:5b:86:f4:16:4b:
15:9b:56:90:44:5f:f6:8d:0c:c8:e3:aa:43:4c:9d:
d8:89:92:e0:84:09:95:01:f7:af:e3:ee:3f:36:20:
4b:ba:a2:12:c6:a6:80:0a:04:c2:d5:60:3a:9f:4d:
80:1f:7c:6c:6b:3a:04:07:3c:a0:c9:c4:9d:99:f7:
5e:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:DC:55:02:8F:6F:BA:B9:40:04:22:AC:42:25:B3:D6:F5:DA:5E:EA
X509v3 Authority Key Identifier:
keyid:90:B5:BB:80:FE:EF:34:46:50:A9:A7:73:F6:1F:0B:2C:FB:F7:CE:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kLW7gP7vNEZQqadz9h8LLPv3zow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/052118-c46b-48b4-87dc-5ed5270edf23/1/xNxVAo9vurlABCKsQiWz1vXaXuo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/052118-c46b-48b4-87dc-5ed5270edf23/1/kLW7gP7vNEZQqadz9h8LLPv3zow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.170.118.0/23
185.80.68.0/22
IPv6:
2a03:5fe0::-2a03:5fe2:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
36:f5:21:25:54:1e:f9:93:6b:8c:68:99:9f:bc:b7:1a:f1:a2:
39:bd:94:f1:ab:85:0f:14:51:6e:42:0c:2d:6a:5e:90:32:14:
73:11:92:de:c0:cc:96:86:12:e1:7f:06:2d:5e:33:50:8e:b9:
cb:ff:fb:ae:f1:af:12:d8:a2:08:e6:19:09:dc:88:05:ad:0e:
c5:3e:d1:33:a3:89:6f:41:df:a7:de:e1:f7:9c:be:e5:59:17:
fa:19:bf:4d:b5:8a:b3:b7:7a:58:6b:f4:a3:61:83:27:82:6e:
86:50:b4:55:cd:6b:ac:06:ef:f2:35:5a:38:f0:c8:05:a9:b0:
b3:35:2f:a8:50:63:07:78:e7:7e:f3:bd:24:b0:90:8b:f2:43:
88:58:1f:04:10:6d:dd:92:4e:b2:25:0e:a0:3d:d2:ea:95:90:
4d:e6:4e:31:67:0e:9a:55:3d:e2:38:05:ae:aa:16:9f:61:c1:
b1:6a:5d:49:b3:47:b0:aa:9d:85:d0:6f:0f:bd:72:3d:5e:ae:
05:b7:fe:da:fe:4b:b2:0d:ab:60:95:9e:60:17:b4:71:66:39:
42:4f:ec:db:04:4d:75:72:d1:1b:98:ac:8d:aa:a9:93:14:e4:
00:27:53:11:5d:ec:25:c0:e9:91:e3:58:95:26:e3:be:40:a6:
a9:4d:46:f3
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY7hl9Ef6T3ZWVv4VA0bB7GiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwYjViYjgwZmVlZjM0NDY1MGE5YTc3M2Y2MWYwYjJjZmJm
N2NlOGMwHhcNMjQwNDE1MTE1MDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGRjNTUwMjhmNmZiYWI5NDAwNDIyYWM0MjI1YjNkNmY1ZGE1ZWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhRQM4gmNcE8yH18+kaNUYOuO44TV
kcg02witkquMQ4FHEab3+hObRxsaIyyKrdwCEVr9JU2cqClToUuAyq2xDiYkl34/
gMZVUnIdT7MEeZ9deCLFaw1hpGOA7gUC/k+fMGT5s03Zvi6FVqUtM2fdHBwl1fpO
/ioqIbjK5Uz8n+Y8hem33G/OWnH2In/TfmoEfMddL7YtpIztpNKYTAlU5KCfz9tW
DksBvLbtWNvgBL7tv2ZrNgmUxFRKSfEKW4b0FksVm1aQRF/2jQzI46pDTJ3YiZLg
hAmVAfev4+4/NiBLuqISxqaACgTC1WA6n02AH3xsazoEBzygycSdmfdekQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFMTcVQKPb7q5QAQirEIls9b12l7qMB8GA1UdIwQY
MBaAFJC1u4D+7zRGUKmnc/YfCyz7986MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0xXN2dQN3ZORVpRcWFkejloOExMUHYzem93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC8wNTIxMTgtYzQ2Yi00OGI0LTg3ZGMt
NWVkNTI3MGVkZjIzLzEveE54VkFvOXZ1cmxBQkNLc1FpV3oxdlhhWHVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC8wNTIxMTgtYzQ2Yi00OGI0LTg3ZGMtNWVkNTI3MGVkZjIz
LzEva0xXN2dQN3ZORVpRcWFkejloOExMUHYzem93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQBT6p2AwQC
uVBEMBYEAgACMBAwDgMFBSoDX+ADBQAqA1/iMA0GCSqGSIb3DQEBCwUAA4IBAQA2
9SElVB75k2uMaJmfvLca8aI5vZTxq4UPFFFuQgwtal6QMhRzEZLewMyWhhLhfwYt
XjNQjrnL//uu8a8S2KII5hkJ3IgFrQ7FPtEzo4lvQd+n3uH3nL7lWRf6Gb9NtYqz
t3pYa/SjYYMngm6GULRVzWusBu/yNVo48MgFqbCzNS+oUGMHeOd+870ksJCL8kOI
WB8EEG3dkk6yJQ6gPdLqlZBN5k4xZw6aVT3iOAWuqhafYcGxal1Js0ewqp2F0G8P
vXI9Xq4Ft/7a/kuyDatglZ5gF7RxZjlCT+zbBE11ctEbmKyNqqmTFOQAJ1MRXewl
wOmR41iVJuO+QKapTUbz
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:28:08 2025 by rpki-client