Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/QPitnSHg2LQGUnn60BtSm_ZZAjk.roa
File: QPitnSHg2LQGUnn60BtSm_ZZAjk.roa (raw, json)
Hash identifier: YhFNpUFvrFjGFCHeQiCMxdnAB+gwBPpHIPpSs7Az3Hw=
Subject key identifier: 40:F8:AD:9D:21:E0:D8:B4:06:52:79:FA:D0:1B:52:9B:F6:59:02:39
Certificate issuer: /CN=458d12f095053c35876b88b47685d6435421fcf2
Certificate serial: 01859D6BB14203F49A281CFC752079F1322C
Authority key identifier: 45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/QPitnSHg2LQGUnn60BtSm_ZZAjk.roa
Signing time: Tue 10 Jan 2023 20:42:38 +0000
ROA not before: Tue 10 Jan 2023 20:42:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39378
IP address blocks: 194.76.226.0/24 maxlen: 24
79.132.130.0/24 maxlen: 24
79.132.131.0/24 maxlen: 24
79.132.134.0/24 maxlen: 24
185.219.220.0/23 maxlen: 23
185.219.222.0/24 maxlen: 24
185.219.223.0/24 maxlen: 24
185.158.251.0/24 maxlen: 24
185.212.44.0/24 maxlen: 24
185.212.45.0/24 maxlen: 24
185.212.46.0/24 maxlen: 24
185.212.47.0/24 maxlen: 24
91.241.93.0/24 maxlen: 24
2a0b:7140::/48 maxlen: 48
2a07:fc00::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:9d:6b:b1:42:03:f4:9a:28:1c:fc:75:20:79:f1:32:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=458d12f095053c35876b88b47685d6435421fcf2
Validity
Not Before: Jan 10 20:42:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=40f8ad9d21e0d8b4065279fad01b529bf6590239
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:25:a4:ac:7e:7a:b3:8a:94:ef:b3:33:4a:93:
ec:7e:13:a8:99:6b:49:58:d6:77:ce:de:ab:15:d6:
db:bd:08:fc:79:77:60:36:f4:f7:82:1b:03:e7:f3:
5e:fe:e8:2c:20:64:45:c8:ae:58:cb:a4:4c:31:46:
2e:71:15:65:fb:a7:a5:3a:97:28:b6:ef:60:9d:47:
b0:43:9d:67:96:f0:8b:94:72:e2:14:29:ce:5f:03:
41:06:55:5e:0b:d2:37:9b:fb:57:2a:31:10:e2:25:
e7:55:79:41:cb:60:83:63:8b:01:ec:f6:65:f2:a1:
31:09:ba:ba:03:92:26:3c:d2:20:03:b7:26:13:8c:
2b:83:27:ba:aa:c3:6f:f7:3e:d9:d6:38:ac:9e:cc:
6f:e8:09:b9:2d:35:7f:cf:32:83:68:7e:d4:c2:a6:
9f:1f:e2:27:76:54:13:c5:e2:75:b0:5a:96:f9:20:
b4:59:0f:50:c8:4f:b8:8e:87:e6:e3:e2:f2:ef:c1:
df:98:f2:7c:c5:09:29:98:69:a8:ad:8c:92:6a:b9:
db:02:09:d1:af:94:a6:4e:df:de:f7:db:a1:f8:ae:
bd:bb:96:4e:e1:ff:a2:e8:c0:76:f9:ff:a6:c9:88:
ff:f9:03:d4:b5:cf:f9:8f:16:f7:25:75:3d:9d:a3:
7e:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:F8:AD:9D:21:E0:D8:B4:06:52:79:FA:D0:1B:52:9B:F6:59:02:39
X509v3 Authority Key Identifier:
keyid:45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/QPitnSHg2LQGUnn60BtSm_ZZAjk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.132.130.0/23
79.132.134.0/24
91.241.93.0/24
185.158.251.0/24
185.212.44.0/22
185.219.220.0/22
194.76.226.0/24
IPv6:
2a07:fc00::/48
2a0b:7140::/48
Signature Algorithm: sha256WithRSAEncryption
68:c9:5b:5c:fc:79:0b:c4:96:82:ac:1b:9d:7f:45:d3:e3:0e:
f9:ef:f7:97:00:3d:ed:1a:2b:df:6e:c7:76:ac:fc:97:f2:1b:
e9:10:6b:e9:85:45:ce:61:30:78:2d:a6:99:ac:a0:04:d6:fd:
ed:4d:f1:56:a3:23:81:e8:e8:7e:90:6d:c3:32:5d:d7:f6:bb:
14:20:2d:a1:4f:e7:f5:78:f8:21:c2:d8:0f:07:f2:69:00:3d:
c1:87:82:96:d9:47:83:9d:f9:3c:66:76:0c:80:98:e8:e4:43:
bc:24:17:c7:28:c7:c3:33:8a:cf:31:bb:3d:4b:69:7d:fe:f6:
db:93:24:e9:29:4c:65:ae:e2:57:33:a7:f4:02:11:14:a2:58:
c4:85:1b:8d:e5:65:c6:80:9e:b2:95:2b:71:de:24:5f:7e:c2:
27:45:b9:28:4c:71:b8:71:96:0d:02:36:99:44:05:03:a4:b9:
d0:70:ad:91:8b:cc:83:6b:a2:a2:b6:cd:73:de:2a:d3:33:e1:
ee:50:9d:60:18:0a:bc:55:8b:d4:4a:4e:75:0b:0c:f1:9b:15:
62:17:53:04:07:df:ed:c3:06:cf:42:d9:47:88:14:3e:d2:8e:
7c:cb:45:86:49:31:b3:55:0d:cc:81:cf:2d:44:5e:24:76:92:
6e:7d:93:6b
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYWda7FCA/SaKBz8dSB58TIsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1OGQxMmYwOTUwNTNjMzU4NzZiODhiNDc2ODVkNjQzNTQy
MWZjZjIwHhcNMjMwMTEwMjA0MjM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGY4YWQ5ZDIxZTBkOGI0MDY1Mjc5ZmFkMDFiNTI5YmY2NTkwMjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtSWkrH56s4qU77MzSpPsfhOomWtJ
WNZ3zt6rFdbbvQj8eXdgNvT3ghsD5/Ne/ugsIGRFyK5Yy6RMMUYucRVl+6elOpco
tu9gnUewQ51nlvCLlHLiFCnOXwNBBlVeC9I3m/tXKjEQ4iXnVXlBy2CDY4sB7PZl
8qExCbq6A5ImPNIgA7cmE4wrgye6qsNv9z7Z1jisnsxv6Am5LTV/zzKDaH7Uwqaf
H+IndlQTxeJ1sFqW+SC0WQ9QyE+4jofm4+Ly78HfmPJ8xQkpmGmorYySarnbAgnR
r5SmTt/e99uh+K69u5ZO4f+i6MB2+f+myYj/+QPUtc/5jxb3JXU9naN+CwIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFED4rZ0h4Ni0BlJ5+tAbUpv2WQI5MB8GA1UdIwQY
MBaAFEWNEvCVBTw1h2uItHaF1kNUIfzyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTkt
Mzk1NTk1OWVhZjgxLzEvUVBpdG5TSGcyTFFHVW5uNjBCdFNtX1paQWprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTktMzk1NTk1OWVhZjgx
LzEvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDAwBAIAATAqAwQBT4SCAwQA
T4SGAwQAW/FdAwQAuZ77AwQCudQsAwQCudvcAwQAwkziMBgEAgACMBIDBwAqB/wA
AAADBwAqC3FAAAAwDQYJKoZIhvcNAQELBQADggEBAGjJW1z8eQvEloKsG51/RdPj
Dvnv95cAPe0aK99ux3as/JfyG+kQa+mFRc5hMHgtppmsoATW/e1N8VajI4Ho6H6Q
bcMyXdf2uxQgLaFP5/V4+CHC2A8H8mkAPcGHgpbZR4Od+TxmdgyAmOjkQ7wkF8co
x8Mzis8xuz1LaX3+9tuTJOkpTGWu4lczp/QCERSiWMSFG43lZcaAnrKVK3HeJF9+
widFuShMcbhxlg0CNplEBQOkudBwrZGLzINroqK2zXPeKtMz4e5QnWAYCrxVi9RK
TnULDPGbFWIXUwQH3+3DBs9C2UeIFD7SjnzLRYZJMbNVDcyBzy1EXiR2km59k2s=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:31 2023 by rpki-client on console-ams.rpki-client.org