Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/772d2f-d1ae-47df-b67e-15ca753fa510/1/cjuvK3-1iPCEzQdukyVjZ9F35rM.roa
File: cjuvK3-1iPCEzQdukyVjZ9F35rM.roa (raw, json)
Hash identifier: mLDNHTjtTeUA+oBavpk9u+TfUh4eui0OaaZ76wNARhE=
Subject key identifier: 72:3B:AF:2B:7F:B5:88:F0:84:CD:07:6E:93:25:63:67:D1:77:E6:B3
Certificate issuer: /CN=447b65f9f87aa8f740d5a17a72e6f8bc1e5d888f
Certificate serial: 018CC349110201D3A6EC0617DD1DF79C5001
Authority key identifier: 44:7B:65:F9:F8:7A:A8:F7:40:D5:A1:7A:72:E6:F8:BC:1E:5D:88:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RHtl-fh6qPdA1aF6cub4vB5diI8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/772d2f-d1ae-47df-b67e-15ca753fa510/1/cjuvK3-1iPCEzQdukyVjZ9F35rM.roa
Signing time: Mon 01 Jan 2024 04:29:54 +0000
ROA not before: Mon 01 Jan 2024 04:29:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29238
IP address blocks: 79.98.112.0/24 maxlen: 24
79.98.113.0/24 maxlen: 24
79.98.112.0/21 maxlen: 21
79.98.116.0/24 maxlen: 24
79.98.115.0/24 maxlen: 24
79.98.114.0/24 maxlen: 24
185.66.128.0/22 maxlen: 22
217.21.144.0/20 maxlen: 24
Validation: Failed, certificate revoked on Tue 23 Jul 2024 08:52:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:11:02:01:d3:a6:ec:06:17:dd:1d:f7:9c:50:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=447b65f9f87aa8f740d5a17a72e6f8bc1e5d888f
Validity
Not Before: Jan 1 04:29:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=723baf2b7fb588f084cd076e93256367d177e6b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:49:79:cf:b7:06:18:90:67:e2:a5:10:db:36:
24:81:9c:f1:ea:fc:8a:85:64:7a:9d:e2:66:8c:9f:
78:2b:f0:66:ca:d7:83:2c:a0:c5:9f:51:27:a2:de:
fd:3a:b9:e0:eb:af:86:45:f2:bf:8f:bc:88:bd:2c:
f3:53:d3:9b:73:ca:86:59:fa:b3:61:3f:cb:37:68:
1c:82:ff:a6:bb:9f:82:e4:0d:54:82:dc:d5:12:88:
56:3c:c3:da:7e:da:c5:60:29:ba:9f:b5:06:de:a4:
16:b9:ea:7d:88:20:99:50:0f:86:50:c3:26:03:12:
b3:16:3a:bd:79:83:d4:2f:60:2d:c6:34:3b:c7:ac:
e4:8e:3d:75:9c:85:fa:be:57:ee:90:ad:39:24:89:
1e:9b:6a:12:5d:71:a5:ee:84:89:ba:b7:04:97:b5:
eb:b6:4d:d8:82:1b:1d:5e:0c:93:18:36:88:17:c1:
db:df:49:59:a6:81:c7:e5:2c:81:e8:9c:4b:30:20:
81:84:32:43:8b:d3:94:82:cb:52:41:4a:3e:d8:96:
3a:4c:ca:1c:d3:3e:a1:d2:fe:21:28:5d:51:38:b8:
9e:9f:64:53:2f:c7:10:49:ba:84:0d:7f:57:f9:9e:
dc:17:88:dd:db:bc:c2:a7:57:6d:78:ab:8a:23:b6:
d1:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:3B:AF:2B:7F:B5:88:F0:84:CD:07:6E:93:25:63:67:D1:77:E6:B3
X509v3 Authority Key Identifier:
keyid:44:7B:65:F9:F8:7A:A8:F7:40:D5:A1:7A:72:E6:F8:BC:1E:5D:88:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RHtl-fh6qPdA1aF6cub4vB5diI8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/772d2f-d1ae-47df-b67e-15ca753fa510/1/cjuvK3-1iPCEzQdukyVjZ9F35rM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/772d2f-d1ae-47df-b67e-15ca753fa510/1/RHtl-fh6qPdA1aF6cub4vB5diI8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.98.112.0/21
185.66.128.0/22
217.21.144.0/20
Signature Algorithm: sha256WithRSAEncryption
7e:07:44:49:09:fc:5a:19:df:0d:9b:2a:79:81:29:25:4c:f3:
15:cd:37:d6:ce:fb:72:53:4d:fe:14:80:2d:6d:5f:8d:bb:a4:
66:50:49:45:99:1f:89:70:69:ba:d2:4b:68:e9:2f:22:bc:fd:
ff:de:ed:db:40:e9:4e:f4:ef:01:19:56:46:fe:18:05:8a:b1:
da:1a:9e:4c:dd:cc:2f:e2:b4:5e:45:95:48:74:bb:63:f3:3b:
8f:c1:eb:0f:d3:7d:58:40:58:c3:51:81:e2:22:7d:ce:85:41:
3e:5f:3d:59:f0:78:bc:94:15:ae:79:de:f5:dc:8d:23:e9:c9:
ab:02:17:80:1e:fd:e6:15:57:4b:f3:61:f2:fc:f9:60:c0:56:
41:aa:14:db:a8:df:82:bf:d4:d3:46:93:74:df:97:d3:5f:a3:
e6:7b:82:de:85:fb:5d:81:4b:6e:43:b8:ca:2a:bf:c3:08:a4:
c1:c1:3d:41:4d:8d:59:a9:f5:9d:b9:fb:dc:f9:af:a4:ab:85:
7f:63:43:5e:e1:10:df:03:35:df:bc:23:43:fe:f7:b3:ca:6f:
8b:60:a4:0c:5f:2a:6b:28:f9:b7:eb:85:ad:ec:6d:cd:6e:19:
8e:d9:5f:c5:0e:40:83:04:93:dc:23:b2:3f:f4:5d:82:f3:cf:
6b:13:8a:5f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzDSRECAdOm7AYX3R33nFABMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0N2I2NWY5Zjg3YWE4Zjc0MGQ1YTE3YTcyZTZmOGJjMWU1
ZDg4OGYwHhcNMjQwMTAxMDQyOTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjNiYWYyYjdmYjU4OGYwODRjZDA3NmU5MzI1NjM2N2QxNzdlNmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs0l5z7cGGJBn4qUQ2zYkgZzx6vyK
hWR6neJmjJ94K/BmyteDLKDFn1Enot79Orng66+GRfK/j7yIvSzzU9Obc8qGWfqz
YT/LN2gcgv+mu5+C5A1UgtzVEohWPMPaftrFYCm6n7UG3qQWuep9iCCZUA+GUMMm
AxKzFjq9eYPUL2AtxjQ7x6zkjj11nIX6vlfukK05JIkem2oSXXGl7oSJurcEl7Xr
tk3YghsdXgyTGDaIF8Hb30lZpoHH5SyB6JxLMCCBhDJDi9OUgstSQUo+2JY6TMoc
0z6h0v4hKF1ROLien2RTL8cQSbqEDX9X+Z7cF4jd27zCp1dteKuKI7bRiwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHI7ryt/tYjwhM0HbpMlY2fRd+azMB8GA1UdIwQY
MBaAFER7Zfn4eqj3QNWhenLm+LweXYiPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkh0bC1maDZxUGRBMWFGNmN1YjR2QjVkaUk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC83NzJkMmYtZDFhZS00N2RmLWI2N2Ut
MTVjYTc1M2ZhNTEwLzEvY2p1dkszLTFpUENFelFkdWt5VmpaOUYzNXJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC83NzJkMmYtZDFhZS00N2RmLWI2N2UtMTVjYTc1M2ZhNTEw
LzEvUkh0bC1maDZxUGRBMWFGNmN1YjR2QjVkaUk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDT2JwAwQC
uUKAAwQE2RWQMA0GCSqGSIb3DQEBCwUAA4IBAQB+B0RJCfxaGd8Nmyp5gSklTPMV
zTfWzvtyU03+FIAtbV+Nu6RmUElFmR+JcGm60kto6S8ivP3/3u3bQOlO9O8BGVZG
/hgFirHaGp5M3cwv4rReRZVIdLtj8zuPwesP031YQFjDUYHiIn3OhUE+Xz1Z8Hi8
lBWued713I0j6cmrAheAHv3mFVdL82Hy/PlgwFZBqhTbqN+Cv9TTRpN035fTX6Pm
e4LehftdgUtuQ7jKKr/DCKTBwT1BTY1ZqfWdufvc+a+kq4V/Y0Ne4RDfAzXfvCND
/vezym+LYKQMXyprKPm364Wt7G3NbhmO2V/FDkCDBJPcI7I/9F2C889rE4pf
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:51:35 2025 by rpki-client