Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/8e501d-c088-4895-aee3-450fe33595d1/1/3flhXgZ8WzAxLW5nmvjNAV7LSsM.roa
File: 3flhXgZ8WzAxLW5nmvjNAV7LSsM.roa (raw, json)
Hash identifier: ZVuyrRDfOw0tr8gdSu0ujR/5R8B93KkwUju73UKBZRI=
Subject key identifier: DD:F9:61:5E:06:7C:5B:30:31:2D:6E:67:9A:F8:CD:01:5E:CB:4A:C3
Certificate issuer: /CN=380099a81b346f9abcaf26056f5b77094d1cf113
Certificate serial: 0194122F535E5A291F14C946D009A3D4AA83
Authority key identifier: 38:00:99:A8:1B:34:6F:9A:BC:AF:26:05:6F:5B:77:09:4D:1C:F1:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OACZqBs0b5q8ryYFb1t3CU0c8RM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/8e501d-c088-4895-aee3-450fe33595d1/1/3flhXgZ8WzAxLW5nmvjNAV7LSsM.roa
Signing time: Sun 29 Dec 2024 11:31:18 +0000
ROA not before: Sun 29 Dec 2024 11:31:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43966
IP address blocks: 79.173.64.0/23 maxlen: 24
79.173.66.0/23 maxlen: 24
79.173.77.0/24 maxlen: 24
79.173.80.0/20 maxlen: 24
94.243.192.0/20 maxlen: 24
94.243.236.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:49:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:12:2f:53:5e:5a:29:1f:14:c9:46:d0:09:a3:d4:aa:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=380099a81b346f9abcaf26056f5b77094d1cf113
Validity
Not Before: Dec 29 11:31:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ddf9615e067c5b30312d6e679af8cd015ecb4ac3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:0f:c6:c6:00:99:0a:c1:9b:d1:27:4f:5e:4e:
0a:4c:0a:60:df:61:b0:ee:53:89:e3:9a:5c:a7:72:
81:c0:7c:6c:f7:dd:22:ab:f2:cb:04:cb:51:a4:66:
fb:b9:c7:b4:1d:2e:90:61:1c:bf:c1:da:3b:32:47:
fa:e8:8f:0b:15:8f:aa:79:62:1f:89:fc:32:ec:26:
c1:f3:b8:46:fd:87:69:da:9b:f2:f2:d1:4c:6e:43:
56:9b:ee:9e:a1:80:84:de:56:99:01:48:b5:d9:88:
a6:ac:6b:7e:06:b4:23:09:c9:f7:5e:fa:5c:3a:a2:
b7:bb:b5:41:24:36:b3:ee:69:5c:2c:d3:ce:db:49:
55:93:11:8e:10:f4:d5:e0:e1:6c:a1:82:92:49:47:
ad:0f:d4:4d:a2:71:99:96:f2:94:ae:1b:23:13:a0:
a3:2b:f6:d7:30:00:5a:5c:f5:4f:f7:4b:d3:74:c2:
5a:f2:6d:9f:fa:fa:00:fa:37:5a:41:a1:90:c7:0c:
a7:39:2c:6c:4d:07:53:e6:5b:e6:80:2e:6a:df:13:
f0:6b:50:81:a7:9b:70:99:eb:19:f9:54:c4:58:3c:
a1:6e:50:2c:1a:3f:23:8b:6c:cc:b6:ec:fe:fe:74:
2c:86:47:19:27:41:4a:b0:db:38:98:45:c2:be:e5:
a7:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:F9:61:5E:06:7C:5B:30:31:2D:6E:67:9A:F8:CD:01:5E:CB:4A:C3
X509v3 Authority Key Identifier:
keyid:38:00:99:A8:1B:34:6F:9A:BC:AF:26:05:6F:5B:77:09:4D:1C:F1:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OACZqBs0b5q8ryYFb1t3CU0c8RM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/8e501d-c088-4895-aee3-450fe33595d1/1/3flhXgZ8WzAxLW5nmvjNAV7LSsM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/8e501d-c088-4895-aee3-450fe33595d1/1/OACZqBs0b5q8ryYFb1t3CU0c8RM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.173.64.0/22
79.173.77.0/24
79.173.80.0/20
94.243.192.0/20
94.243.236.0/22
Signature Algorithm: sha256WithRSAEncryption
88:fe:b4:99:a7:a0:6f:6a:84:6a:99:72:99:a4:62:c6:79:62:
3b:39:91:0d:7b:b2:9c:17:6a:aa:54:bb:b1:8c:dc:86:35:8c:
fd:49:ff:54:da:05:5d:6b:2d:17:89:f5:46:3d:96:ea:09:36:
c6:fa:20:34:95:d8:3d:cc:41:ea:33:38:96:e8:2a:06:9f:29:
74:df:81:94:9c:f5:3d:dd:2a:4a:ff:8e:e6:54:e2:6d:58:78:
99:cd:40:b0:6d:f8:80:c3:11:ba:48:5e:d5:4d:3c:1d:01:ba:
61:a4:f8:42:36:a9:10:92:5e:5f:45:e4:1b:f7:d3:47:cd:01:
12:f3:0b:b9:e6:a1:ce:00:af:f6:27:c5:81:38:35:9c:34:e7:
c8:d9:80:34:ae:58:36:7f:3e:0a:a6:7e:1b:d1:6b:0a:5d:32:
16:6e:ed:c4:8c:ac:fb:d9:5d:db:41:27:01:1c:0a:50:3b:09:
0a:b2:5e:ee:42:29:5e:86:8f:a2:6e:98:b4:45:50:5c:30:a1:
9c:2d:f3:01:51:77:3c:3c:c7:87:38:f3:20:31:27:cc:bc:6b:
df:fe:0b:fb:34:55:3b:ad:82:96:34:82:76:2b:46:37:f7:76:
95:33:9b:cd:3a:3c:9c:05:a4:8c:8f:e0:84:11:f7:c4:af:90:
76:bd:45:8f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQSL1NeWikfFMlG0Amj1KqDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MDA5OWE4MWIzNDZmOWFiY2FmMjYwNTZmNWI3NzA5NGQx
Y2YxMTMwHhcNMjQxMjI5MTEzMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGY5NjE1ZTA2N2M1YjMwMzEyZDZlNjc5YWY4Y2QwMTVlY2I0YWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsg/GxgCZCsGb0SdPXk4KTApg32Gw
7lOJ45pcp3KBwHxs990iq/LLBMtRpGb7uce0HS6QYRy/wdo7Mkf66I8LFY+qeWIf
ifwy7CbB87hG/Ydp2pvy8tFMbkNWm+6eoYCE3laZAUi12YimrGt+BrQjCcn3Xvpc
OqK3u7VBJDaz7mlcLNPO20lVkxGOEPTV4OFsoYKSSUetD9RNonGZlvKUrhsjE6Cj
K/bXMABaXPVP90vTdMJa8m2f+voA+jdaQaGQxwynOSxsTQdT5lvmgC5q3xPwa1CB
p5twmesZ+VTEWDyhblAsGj8ji2zMtuz+/nQshkcZJ0FKsNs4mEXCvuWn4QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFN35YV4GfFswMS1uZ5r4zQFey0rDMB8GA1UdIwQY
MBaAFDgAmagbNG+avK8mBW9bdwlNHPETMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0FDWnFCczBiNXE4cnlZRmIxdDNDVTBjOFJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My84ZTUwMWQtYzA4OC00ODk1LWFlZTMt
NDUwZmUzMzU5NWQxLzEvM2ZsaFhnWjhXekF4TFc1bm12ak5BVjdMU3NNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My84ZTUwMWQtYzA4OC00ODk1LWFlZTMtNDUwZmUzMzU5NWQx
LzEvT0FDWnFCczBiNXE4cnlZRmIxdDNDVTBjOFJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCT61AAwQA
T61NAwQET61QAwQEXvPAAwQCXvPsMA0GCSqGSIb3DQEBCwUAA4IBAQCI/rSZp6Bv
aoRqmXKZpGLGeWI7OZENe7KcF2qqVLuxjNyGNYz9Sf9U2gVday0XifVGPZbqCTbG
+iA0ldg9zEHqMziW6CoGnyl034GUnPU93SpK/47mVOJtWHiZzUCwbfiAwxG6SF7V
TTwdAbphpPhCNqkQkl5fReQb99NHzQES8wu55qHOAK/2J8WBODWcNOfI2YA0rlg2
fz4Kpn4b0WsKXTIWbu3EjKz72V3bQScBHApQOwkKsl7uQileho+ibpi0RVBcMKGc
LfMBUXc8PMeHOPMgMSfMvGvf/gv7NFU7rYKWNIJ2K0Y393aVM5vNOjycBaSMj+CE
EffEr5B2vUWP
-----END CERTIFICATE-----
Generated at Thu May 1 03:56:52 2025 by rpki-client