Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/8e501d-c088-4895-aee3-450fe33595d1/1/sBK_fc5mTg-IaeHKHsizSpHhDHs.roa
File: sBK_fc5mTg-IaeHKHsizSpHhDHs.roa (raw, json)
Hash identifier: 4wRheGezDd4yjokKzbRkI20lVbBTCATVwU3Lwgg4NWA=
Subject key identifier: B0:12:BF:7D:CE:66:4E:0F:88:69:E1:CA:1E:C8:B3:4A:91:E1:0C:7B
Certificate issuer: /CN=380099a81b346f9abcaf26056f5b77094d1cf113
Certificate serial: 0193DF64C6BB243B87412D7B8EB429FEC219
Authority key identifier: 38:00:99:A8:1B:34:6F:9A:BC:AF:26:05:6F:5B:77:09:4D:1C:F1:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OACZqBs0b5q8ryYFb1t3CU0c8RM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/8e501d-c088-4895-aee3-450fe33595d1/1/sBK_fc5mTg-IaeHKHsizSpHhDHs.roa
Signing time: Thu 19 Dec 2024 14:49:03 +0000
ROA not before: Thu 19 Dec 2024 14:49:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43966
IP address blocks: 79.173.64.0/23 maxlen: 24
79.173.66.0/23 maxlen: 24
79.173.77.0/24 maxlen: 24
79.173.80.0/20 maxlen: 24
94.243.192.0/20 maxlen: 24
94.243.232.0/21 maxlen: 24
94.243.236.0/22 maxlen: 22
Validation: Failed, certificate revoked on Sun 29 Dec 2024 11:30:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:df:64:c6:bb:24:3b:87:41:2d:7b:8e:b4:29:fe:c2:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=380099a81b346f9abcaf26056f5b77094d1cf113
Validity
Not Before: Dec 19 14:49:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b012bf7dce664e0f8869e1ca1ec8b34a91e10c7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:30:45:83:b7:29:4c:e4:9a:d2:b7:05:b5:cd:
fd:b5:f4:a0:cc:65:8b:22:80:43:91:41:54:de:87:
10:78:57:39:58:e9:b3:5f:1a:00:d6:f2:c5:be:31:
f0:c8:72:22:1f:d2:f4:06:e4:cf:9a:fd:61:ac:4b:
fe:0f:57:99:30:60:00:ab:fd:53:ec:5b:1d:ce:63:
ad:66:8e:4d:46:36:5e:63:18:3e:3b:8c:d6:2e:55:
41:49:77:f4:88:6e:f6:bc:83:3b:f3:48:b1:0b:da:
41:00:f8:30:a9:67:27:e8:a4:ad:82:bd:0c:97:10:
25:84:c6:61:f5:17:b0:42:2f:e9:22:34:c7:47:3f:
e0:34:97:e8:0d:b4:5c:1f:a3:8f:02:3d:91:ca:84:
3b:28:75:4d:a8:84:9b:51:03:76:35:b9:e8:6a:a3:
9a:bb:fd:9d:70:59:c4:41:70:e6:81:d6:13:5b:25:
b4:5a:c4:74:4e:d5:ca:29:9d:8c:76:6c:7d:a5:6f:
09:56:c3:21:ca:c5:e0:c9:f8:4a:12:9d:be:6a:38:
64:bb:97:e5:1e:af:ba:5c:c0:ec:03:de:6e:c4:e6:
c5:aa:92:d2:ea:9e:67:ba:35:23:23:bd:c1:30:48:
30:41:16:a8:ae:b2:ff:05:99:25:b5:a0:1e:02:3e:
bc:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:12:BF:7D:CE:66:4E:0F:88:69:E1:CA:1E:C8:B3:4A:91:E1:0C:7B
X509v3 Authority Key Identifier:
keyid:38:00:99:A8:1B:34:6F:9A:BC:AF:26:05:6F:5B:77:09:4D:1C:F1:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OACZqBs0b5q8ryYFb1t3CU0c8RM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/8e501d-c088-4895-aee3-450fe33595d1/1/sBK_fc5mTg-IaeHKHsizSpHhDHs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/8e501d-c088-4895-aee3-450fe33595d1/1/OACZqBs0b5q8ryYFb1t3CU0c8RM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.173.64.0/22
79.173.77.0/24
79.173.80.0/20
94.243.192.0/20
94.243.232.0/21
Signature Algorithm: sha256WithRSAEncryption
4a:ec:5c:91:a6:63:ea:31:6d:0d:8b:38:da:ea:21:d9:02:c2:
09:da:05:89:86:2e:9e:b6:8f:f3:81:78:8e:0c:24:ac:4d:db:
1c:e4:9e:2b:33:7e:12:93:12:2b:0c:c0:70:2f:bd:4a:48:3f:
a5:92:dd:f9:68:8a:43:0a:36:53:9f:ea:c5:43:ba:d4:9d:8d:
b7:57:29:d7:75:5a:a9:84:b3:02:d4:4b:2b:50:0e:b0:4d:b5:
a1:c6:2b:87:b9:16:25:2d:ad:24:3d:64:ef:c1:12:1b:5b:7a:
7d:69:98:03:3a:6b:cb:b9:8f:25:cb:d3:75:0e:c3:19:3a:5f:
98:5a:83:60:d0:1f:8e:bb:1e:22:9f:fc:c5:10:3c:d8:9d:05:
f6:09:eb:3b:8d:71:d1:5c:45:cf:59:90:65:3c:22:96:10:20:
23:29:62:84:2e:94:87:77:99:d8:22:b3:d9:35:87:e2:b9:2e:
51:e3:5b:d1:d0:6d:1b:27:02:a5:6d:cc:fe:09:4a:49:6a:8e:
74:2e:80:98:fa:a9:de:b7:98:a7:9d:54:fa:e3:7a:74:f5:2d:
e3:f6:9a:ef:9d:28:59:94:d6:64:9b:ad:28:f5:af:f2:24:4b:
09:8d:78:31:bd:48:0c:97:02:0c:fa:83:bf:3b:90:2d:df:66:
6d:89:6b:0a
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZPfZMa7JDuHQS17jrQp/sIZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MDA5OWE4MWIzNDZmOWFiY2FmMjYwNTZmNWI3NzA5NGQx
Y2YxMTMwHhcNMjQxMjE5MTQ0OTAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDEyYmY3ZGNlNjY0ZTBmODg2OWUxY2ExZWM4YjM0YTkxZTEwYzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojBFg7cpTOSa0rcFtc39tfSgzGWL
IoBDkUFU3ocQeFc5WOmzXxoA1vLFvjHwyHIiH9L0BuTPmv1hrEv+D1eZMGAAq/1T
7FsdzmOtZo5NRjZeYxg+O4zWLlVBSXf0iG72vIM780ixC9pBAPgwqWcn6KStgr0M
lxAlhMZh9RewQi/pIjTHRz/gNJfoDbRcH6OPAj2RyoQ7KHVNqISbUQN2NbnoaqOa
u/2dcFnEQXDmgdYTWyW0WsR0TtXKKZ2Mdmx9pW8JVsMhysXgyfhKEp2+ajhku5fl
Hq+6XMDsA95uxObFqpLS6p5nujUjI73BMEgwQRaorrL/BZkltaAeAj68LQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLASv33OZk4PiGnhyh7Is0qR4Qx7MB8GA1UdIwQY
MBaAFDgAmagbNG+avK8mBW9bdwlNHPETMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0FDWnFCczBiNXE4cnlZRmIxdDNDVTBjOFJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My84ZTUwMWQtYzA4OC00ODk1LWFlZTMt
NDUwZmUzMzU5NWQxLzEvc0JLX2ZjNW1UZy1JYWVIS0hzaXpTcEhoREhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My84ZTUwMWQtYzA4OC00ODk1LWFlZTMtNDUwZmUzMzU5NWQx
LzEvT0FDWnFCczBiNXE4cnlZRmIxdDNDVTBjOFJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCT61AAwQA
T61NAwQET61QAwQEXvPAAwQDXvPoMA0GCSqGSIb3DQEBCwUAA4IBAQBK7FyRpmPq
MW0Nizja6iHZAsIJ2gWJhi6eto/zgXiODCSsTdsc5J4rM34SkxIrDMBwL71KSD+l
kt35aIpDCjZTn+rFQ7rUnY23VynXdVqphLMC1EsrUA6wTbWhxiuHuRYlLa0kPWTv
wRIbW3p9aZgDOmvLuY8ly9N1DsMZOl+YWoNg0B+Oux4in/zFEDzYnQX2Ces7jXHR
XEXPWZBlPCKWECAjKWKELpSHd5nYIrPZNYfiuS5R41vR0G0bJwKlbcz+CUpJao50
LoCY+qnet5innVT643p09S3j9prvnShZlNZkm60o9a/yJEsJjXgxvUgMlwIM+oO/
O5At32ZtiWsK
-----END CERTIFICATE-----
Generated at Wed Apr 30 12:02:20 2025 by rpki-client