Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/772d2f-d1ae-47df-b67e-15ca753fa510/1/QDGyw4m05QLQmi4J3bM_XsM6c_I.roa
File: QDGyw4m05QLQmi4J3bM_XsM6c_I.roa (raw, json)
Hash identifier: NwHR9n6nUTaFInwLBOLoyI//kvHaoVuUN0qi4/99zVo=
Subject key identifier: 40:31:B2:C3:89:B4:E5:02:D0:9A:2E:09:DD:B3:3F:5E:C3:3A:73:F2
Certificate issuer: /CN=447b65f9f87aa8f740d5a17a72e6f8bc1e5d888f
Certificate serial: 0185F79B9A65120C4936FA56632478AB4A09
Authority key identifier: 44:7B:65:F9:F8:7A:A8:F7:40:D5:A1:7A:72:E6:F8:BC:1E:5D:88:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RHtl-fh6qPdA1aF6cub4vB5diI8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/772d2f-d1ae-47df-b67e-15ca753fa510/1/QDGyw4m05QLQmi4J3bM_XsM6c_I.roa
Signing time: Sat 28 Jan 2023 09:00:48 +0000
ROA not before: Sat 28 Jan 2023 09:00:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29238
IP address blocks: 79.98.112.0/24 maxlen: 24
79.98.113.0/24 maxlen: 24
79.98.112.0/21 maxlen: 21
79.98.116.0/24 maxlen: 24
79.98.115.0/24 maxlen: 24
79.98.114.0/24 maxlen: 24
185.66.128.0/22 maxlen: 22
217.21.144.0/20 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:f7:9b:9a:65:12:0c:49:36:fa:56:63:24:78:ab:4a:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=447b65f9f87aa8f740d5a17a72e6f8bc1e5d888f
Validity
Not Before: Jan 28 09:00:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4031b2c389b4e502d09a2e09ddb33f5ec33a73f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:ed:14:cb:76:bd:b4:ef:fb:a4:80:31:a7:5f:
b3:74:f4:c4:d8:b8:8c:07:1a:c1:2f:37:9d:ce:ed:
0a:4f:1a:90:20:c7:9a:70:91:00:63:19:3d:9a:52:
55:ed:fb:2e:12:ad:c3:eb:1d:84:ec:39:f1:f9:26:
14:c3:95:27:1e:88:5a:3e:5b:c6:c4:69:44:94:2f:
a1:86:de:6d:f2:a2:b8:56:1f:fc:0b:fd:66:ea:b4:
e0:1d:fd:78:dc:fe:0a:67:c1:fc:7d:73:80:f5:d8:
b0:8f:f9:2b:2f:5b:f3:c9:19:cb:51:f1:07:63:b7:
0c:80:87:ff:3a:0f:d3:df:d1:b7:91:30:59:00:59:
88:94:95:ed:d0:1f:c6:36:c9:54:6d:10:97:a5:41:
e0:2a:3a:dd:d4:4d:f9:5c:b1:d8:45:3b:85:73:f6:
8c:69:41:b7:5b:2f:bb:24:1e:d0:f6:6c:a4:0a:4e:
31:7f:92:d3:a0:ff:3e:70:3c:d9:bd:2f:2e:12:aa:
63:3a:df:25:2d:ac:57:84:3a:be:ca:20:b0:b0:8f:
7d:a3:03:41:1c:53:0c:36:f7:7c:6a:d9:cb:3a:92:
75:ce:84:1e:36:27:73:fc:a9:52:44:91:9a:1a:15:
3d:73:93:0b:67:b5:77:3f:a9:a4:74:ec:6c:1f:56:
7b:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:31:B2:C3:89:B4:E5:02:D0:9A:2E:09:DD:B3:3F:5E:C3:3A:73:F2
X509v3 Authority Key Identifier:
keyid:44:7B:65:F9:F8:7A:A8:F7:40:D5:A1:7A:72:E6:F8:BC:1E:5D:88:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RHtl-fh6qPdA1aF6cub4vB5diI8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/772d2f-d1ae-47df-b67e-15ca753fa510/1/QDGyw4m05QLQmi4J3bM_XsM6c_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/772d2f-d1ae-47df-b67e-15ca753fa510/1/RHtl-fh6qPdA1aF6cub4vB5diI8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.98.112.0/21
185.66.128.0/22
217.21.144.0/20
Signature Algorithm: sha256WithRSAEncryption
27:14:2e:00:6b:47:2c:b2:e3:bc:07:eb:26:e4:be:15:bf:85:
ac:85:56:27:08:79:d0:21:87:66:4e:49:eb:96:76:af:46:9e:
85:a6:ea:25:e5:7a:15:38:72:09:5e:d9:37:d6:fe:f3:7b:c1:
bc:f7:9a:fc:86:6b:e8:6c:44:10:65:10:96:f3:ff:38:bf:4c:
53:95:ff:77:83:80:2b:45:3c:9e:97:ef:ad:b1:f6:06:48:15:
ba:84:ea:8c:8f:05:05:09:77:84:c6:68:04:ac:29:a3:95:72:
ec:3d:32:98:cc:77:e5:26:2a:b3:d4:c5:3d:53:47:95:c4:ca:
ad:4d:0e:88:a7:ef:13:ef:d7:10:86:39:d9:8a:b2:61:07:28:
d5:e0:12:8c:66:a2:82:52:30:bd:c5:72:36:36:46:ef:b0:1a:
02:b9:e8:da:d5:36:05:12:08:90:fe:08:c5:13:af:a5:59:78:
1b:8c:02:97:3b:32:af:15:d8:29:2e:9b:8e:7b:55:b2:5d:b4:
fe:5d:32:61:4c:7c:05:e8:19:98:6e:18:83:64:d0:f4:de:76:
a3:3f:b9:0c:3a:15:7d:69:50:4f:d2:d4:ba:be:82:c9:9f:a3:
fc:f8:fd:10:ba:9f:c2:17:0e:39:d7:1f:8a:95:c3:c5:53:7a:
b3:43:71:6a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYX3m5plEgxJNvpWYyR4q0oJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0N2I2NWY5Zjg3YWE4Zjc0MGQ1YTE3YTcyZTZmOGJjMWU1
ZDg4OGYwHhcNMjMwMTI4MDkwMDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDMxYjJjMzg5YjRlNTAyZDA5YTJlMDlkZGIzM2Y1ZWMzM2E3M2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl+0Uy3a9tO/7pIAxp1+zdPTE2LiM
BxrBLzedzu0KTxqQIMeacJEAYxk9mlJV7fsuEq3D6x2E7Dnx+SYUw5UnHohaPlvG
xGlElC+hht5t8qK4Vh/8C/1m6rTgHf143P4KZ8H8fXOA9diwj/krL1vzyRnLUfEH
Y7cMgIf/Og/T39G3kTBZAFmIlJXt0B/GNslUbRCXpUHgKjrd1E35XLHYRTuFc/aM
aUG3Wy+7JB7Q9mykCk4xf5LToP8+cDzZvS8uEqpjOt8lLaxXhDq+yiCwsI99owNB
HFMMNvd8atnLOpJ1zoQeNidz/KlSRJGaGhU9c5MLZ7V3P6mkdOxsH1Z7ewIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEAxssOJtOUC0JouCd2zP17DOnPyMB8GA1UdIwQY
MBaAFER7Zfn4eqj3QNWhenLm+LweXYiPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkh0bC1maDZxUGRBMWFGNmN1YjR2QjVkaUk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC83NzJkMmYtZDFhZS00N2RmLWI2N2Ut
MTVjYTc1M2ZhNTEwLzEvUURHeXc0bTA1UUxRbWk0SjNiTV9Yc002Y19JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC83NzJkMmYtZDFhZS00N2RmLWI2N2UtMTVjYTc1M2ZhNTEw
LzEvUkh0bC1maDZxUGRBMWFGNmN1YjR2QjVkaUk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDT2JwAwQC
uUKAAwQE2RWQMA0GCSqGSIb3DQEBCwUAA4IBAQAnFC4Aa0cssuO8B+sm5L4Vv4Ws
hVYnCHnQIYdmTknrlnavRp6Fpuol5XoVOHIJXtk31v7ze8G895r8hmvobEQQZRCW
8/84v0xTlf93g4ArRTyel++tsfYGSBW6hOqMjwUFCXeExmgErCmjlXLsPTKYzHfl
Jiqz1MU9U0eVxMqtTQ6Ip+8T79cQhjnZirJhByjV4BKMZqKCUjC9xXI2NkbvsBoC
ueja1TYFEgiQ/gjFE6+lWXgbjAKXOzKvFdgpLpuOe1WyXbT+XTJhTHwF6BmYbhiD
ZND03najP7kMOhV9aVBP0tS6voLJn6P8+P0Qup/CFw451x+KlcPFU3qzQ3Fq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:41 2024 by rpki-client on console-fra.rpki-client.org