Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/772d2f-d1ae-47df-b67e-15ca753fa510/1/NhryoGj1PPXl2mybYykoZamNWG8.roa
File: NhryoGj1PPXl2mybYykoZamNWG8.roa (raw, json)
Hash identifier: 56oKGNJ0sYo7DZ3W7E8Zp74uRc4vvukH6KGK19HdqOI=
Subject key identifier: 36:1A:F2:A0:68:F5:3C:F5:E5:DA:6C:9B:63:29:28:65:A9:8D:58:6F
Certificate issuer: /CN=447b65f9f87aa8f740d5a17a72e6f8bc1e5d888f
Certificate serial: 0190DECAECE7B03F7B2C053399FEBEC7E82D
Authority key identifier: 44:7B:65:F9:F8:7A:A8:F7:40:D5:A1:7A:72:E6:F8:BC:1E:5D:88:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RHtl-fh6qPdA1aF6cub4vB5diI8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/772d2f-d1ae-47df-b67e-15ca753fa510/1/NhryoGj1PPXl2mybYykoZamNWG8.roa
Signing time: Tue 23 Jul 2024 08:52:39 +0000
ROA not before: Tue 23 Jul 2024 08:52:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29238
IP address blocks: 79.98.112.0/21 maxlen: 21
79.98.112.0/24 maxlen: 24
79.98.113.0/24 maxlen: 24
79.98.114.0/24 maxlen: 24
79.98.115.0/24 maxlen: 24
79.98.116.0/24 maxlen: 24
79.98.117.0/24 maxlen: 24
185.66.128.0/22 maxlen: 22
217.21.144.0/20 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:de:ca:ec:e7:b0:3f:7b:2c:05:33:99:fe:be:c7:e8:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=447b65f9f87aa8f740d5a17a72e6f8bc1e5d888f
Validity
Not Before: Jul 23 08:52:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=361af2a068f53cf5e5da6c9b63292865a98d586f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:6d:d0:cb:ce:09:72:e7:bc:8b:c7:06:2c:99:
d8:d2:af:99:a8:e1:a1:7f:d5:1b:30:57:22:d9:d1:
47:99:df:ed:4f:aa:ea:b0:72:19:17:7c:af:7e:8c:
c5:b4:ee:81:0c:b5:5d:a1:9d:c9:66:e4:c6:81:08:
d4:dd:c0:7e:d4:eb:ce:40:2b:0b:4c:5d:39:ad:2e:
27:2a:50:a9:c5:59:9b:a0:cf:1f:94:fc:35:8d:e1:
2f:88:d4:13:ad:6e:3a:b1:7c:4a:de:b8:2c:69:65:
b8:bb:2b:9a:50:e5:29:df:5c:f9:4d:49:10:78:72:
89:66:7c:de:53:ea:b3:93:38:dc:fb:b3:46:f0:64:
73:4b:94:a8:0e:e0:92:50:c4:1c:47:f8:1d:ec:08:
0b:d2:05:a1:d0:5a:8f:68:dc:d9:b1:dd:2d:a1:52:
34:13:49:a5:f5:ff:e8:ab:41:73:71:9f:49:84:66:
ea:9d:73:e0:0e:a3:d1:0c:0b:a3:e3:50:86:c0:54:
c8:68:d1:c3:d9:49:29:cf:6d:50:d2:e5:09:8d:d8:
98:40:7b:8e:e8:07:ff:45:f4:9e:a4:40:d9:98:72:
33:bd:e4:75:d1:69:82:0a:26:1e:cc:b2:67:14:cf:
40:03:3b:89:c2:06:1d:98:1c:b9:94:20:57:54:ae:
54:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:1A:F2:A0:68:F5:3C:F5:E5:DA:6C:9B:63:29:28:65:A9:8D:58:6F
X509v3 Authority Key Identifier:
keyid:44:7B:65:F9:F8:7A:A8:F7:40:D5:A1:7A:72:E6:F8:BC:1E:5D:88:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RHtl-fh6qPdA1aF6cub4vB5diI8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/772d2f-d1ae-47df-b67e-15ca753fa510/1/NhryoGj1PPXl2mybYykoZamNWG8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/772d2f-d1ae-47df-b67e-15ca753fa510/1/RHtl-fh6qPdA1aF6cub4vB5diI8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.98.112.0/21
185.66.128.0/22
217.21.144.0/20
Signature Algorithm: sha256WithRSAEncryption
25:af:1b:9b:be:03:5a:dd:1f:fd:1d:9c:7e:49:8d:cb:c3:1b:
94:5c:9b:3c:3d:68:0e:53:95:a4:7f:d5:1b:96:64:1a:6e:fb:
10:5d:7e:5c:eb:1b:bf:c8:a9:35:30:0b:cd:38:95:36:8c:e8:
55:c4:e3:5a:45:4d:6c:c2:90:6e:69:b8:b1:99:49:2e:e4:64:
78:a8:29:ed:93:e1:7a:c8:ea:11:92:3e:01:c2:03:08:18:85:
d0:a4:2f:0c:91:cb:c5:fd:34:e3:cf:a8:07:da:e4:52:c1:dc:
21:00:51:49:e9:0f:a6:a6:d1:0f:ea:85:6d:41:9a:92:65:81:
d7:86:01:91:8d:dc:70:c6:ee:43:2f:db:61:af:36:c8:59:c5:
5c:ad:29:b8:cd:f1:81:4c:4a:26:25:3f:b1:b6:ea:f4:ca:41:
35:22:91:ba:a9:70:de:42:25:33:e1:64:bc:4b:13:9b:dd:76:
af:7c:f6:58:5d:50:a6:58:79:bc:b5:25:4a:19:fa:60:f0:b1:
36:7f:dc:d7:a3:4a:6d:18:4a:f0:83:f8:a2:0b:6a:54:e2:9c:
c2:37:a6:dd:c5:e1:ee:67:da:03:65:a1:16:10:38:26:90:17:
81:cd:f4:ad:66:54:78:f6:74:36:c6:34:df:95:22:96:7a:1b:
b1:9a:63:59
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZDeyuznsD97LAUzmf6+x+gtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0N2I2NWY5Zjg3YWE4Zjc0MGQ1YTE3YTcyZTZmOGJjMWU1
ZDg4OGYwHhcNMjQwNzIzMDg1MjM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjFhZjJhMDY4ZjUzY2Y1ZTVkYTZjOWI2MzI5Mjg2NWE5OGQ1ODZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxW3Qy84Jcue8i8cGLJnY0q+ZqOGh
f9UbMFci2dFHmd/tT6rqsHIZF3yvfozFtO6BDLVdoZ3JZuTGgQjU3cB+1OvOQCsL
TF05rS4nKlCpxVmboM8flPw1jeEviNQTrW46sXxK3rgsaWW4uyuaUOUp31z5TUkQ
eHKJZnzeU+qzkzjc+7NG8GRzS5SoDuCSUMQcR/gd7AgL0gWh0FqPaNzZsd0toVI0
E0ml9f/oq0FzcZ9JhGbqnXPgDqPRDAuj41CGwFTIaNHD2Ukpz21Q0uUJjdiYQHuO
6Af/RfSepEDZmHIzveR10WmCCiYezLJnFM9AAzuJwgYdmBy5lCBXVK5UUwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDYa8qBo9Tz15dpsm2MpKGWpjVhvMB8GA1UdIwQY
MBaAFER7Zfn4eqj3QNWhenLm+LweXYiPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkh0bC1maDZxUGRBMWFGNmN1YjR2QjVkaUk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC83NzJkMmYtZDFhZS00N2RmLWI2N2Ut
MTVjYTc1M2ZhNTEwLzEvTmhyeW9HajFQUFhsMm15Yll5a29aYW1OV0c4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC83NzJkMmYtZDFhZS00N2RmLWI2N2UtMTVjYTc1M2ZhNTEw
LzEvUkh0bC1maDZxUGRBMWFGNmN1YjR2QjVkaUk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDT2JwAwQC
uUKAAwQE2RWQMA0GCSqGSIb3DQEBCwUAA4IBAQAlrxubvgNa3R/9HZx+SY3LwxuU
XJs8PWgOU5Wkf9UblmQabvsQXX5c6xu/yKk1MAvNOJU2jOhVxONaRU1swpBuabix
mUku5GR4qCntk+F6yOoRkj4BwgMIGIXQpC8MkcvF/TTjz6gH2uRSwdwhAFFJ6Q+m
ptEP6oVtQZqSZYHXhgGRjdxwxu5DL9thrzbIWcVcrSm4zfGBTEomJT+xtur0ykE1
IpG6qXDeQiUz4WS8SxOb3XavfPZYXVCmWHm8tSVKGfpg8LE2f9zXo0ptGErwg/ii
C2pU4pzCN6bdxeHuZ9oDZaEWEDgmkBeBzfStZlR49nQ2xjTflSKWehuxmmNZ
-----END CERTIFICATE-----
Generated at Wed Apr 23 04:06:16 2025 by rpki-client