Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/_QFLTjfZzTFlIAqECbg1hnMp7Wk.roa
File: _QFLTjfZzTFlIAqECbg1hnMp7Wk.roa (raw, json)
Hash identifier: Ln448pR5pWhVZH0rY2UlUS8kPTf6VqACTYSV8tUAi+o=
Subject key identifier: FD:01:4B:4E:37:D9:CD:31:65:20:0A:84:09:B8:35:86:73:29:ED:69
Certificate issuer: /CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Certificate serial: 01856D0AEA053C34A4D02F3260E217772370
Authority key identifier: 38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/_QFLTjfZzTFlIAqECbg1hnMp7Wk.roa
Signing time: Sun 01 Jan 2023 11:15:09 +0000
ROA not before: Sun 01 Jan 2023 11:15:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34707
IP address blocks: 82.179.0.0/20 maxlen: 24
82.179.0.0/21 maxlen: 21
82.179.8.0/22 maxlen: 22
82.179.12.0/24 maxlen: 24
82.179.13.0/24 maxlen: 24
82.179.14.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:ea:05:3c:34:a4:d0:2f:32:60:e2:17:77:23:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Validity
Not Before: Jan 1 11:15:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fd014b4e37d9cd3165200a8409b835867329ed69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:6d:41:66:98:74:f8:6d:13:a4:f1:73:8b:9e:
4f:57:0f:87:61:87:2d:fc:15:86:23:5d:b5:f4:1b:
be:30:d4:1a:a5:b7:14:1f:0f:b0:38:e8:26:90:8c:
2b:d0:a1:a6:7d:e6:95:aa:45:d6:dd:3e:d3:90:a2:
2e:92:da:ad:f5:15:fc:0d:4c:ef:11:39:56:f9:55:
97:38:86:a0:af:b3:75:1d:e6:c7:bb:11:e1:0c:0c:
11:95:67:07:5b:63:2f:dd:45:74:ad:26:bf:c4:83:
5a:7e:a8:e1:f2:8c:aa:0c:9d:cb:80:c5:44:c4:fe:
a0:58:5b:6d:50:36:f3:1b:ed:60:78:ca:24:47:c9:
af:46:5c:9f:3f:71:aa:26:b2:d8:d4:aa:b0:cc:14:
00:b2:bd:b9:7c:1b:ff:4d:3e:0f:88:cc:4d:9d:ed:
1a:c0:a1:67:ef:dc:5c:38:af:81:b5:80:d8:6d:58:
e8:2b:ae:91:ac:15:db:69:75:52:7b:f0:8f:74:37:
68:6f:cc:2a:b5:ed:13:f4:6e:a7:a9:de:09:16:fb:
7c:e8:50:88:a1:f7:15:48:1e:34:6b:0e:86:9b:96:
3a:2d:cf:c5:f1:4a:d1:d4:4c:d3:b0:11:6b:fd:35:
a8:34:94:41:fe:7a:4e:5c:0e:83:c3:2c:68:54:fc:
3c:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:01:4B:4E:37:D9:CD:31:65:20:0A:84:09:B8:35:86:73:29:ED:69
X509v3 Authority Key Identifier:
keyid:38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/_QFLTjfZzTFlIAqECbg1hnMp7Wk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.179.0.0/20
Signature Algorithm: sha256WithRSAEncryption
3e:c1:0a:ba:a1:a6:db:56:2d:a9:3c:49:07:52:a6:89:ba:3e:
25:3f:30:e3:78:34:e7:60:6e:e6:c4:cb:3c:6c:6d:34:9c:ac:
b0:1d:0d:d7:73:32:ba:27:a0:54:55:ff:27:b7:79:11:d2:00:
7d:2b:58:eb:e2:af:21:e7:2c:55:96:51:eb:e4:ea:ff:48:4d:
bc:b3:4e:8f:46:b4:bd:68:07:75:08:a8:aa:28:36:d3:ff:24:
95:02:1b:9c:c6:91:75:82:f0:5a:50:96:22:13:ac:51:91:b0:
46:61:b5:65:76:be:f6:88:18:f9:8b:fe:72:21:db:1c:34:48:
b8:98:49:cb:74:e2:09:60:be:5b:28:50:61:d5:75:23:77:66:
a5:e9:d7:e8:aa:a8:50:85:7a:59:23:ca:c7:a9:59:df:5b:a1:
54:71:ee:a2:b3:68:c7:27:14:bc:38:7b:11:64:19:ab:b4:df:
50:6d:a3:15:48:58:2e:0f:51:ba:04:c9:50:3e:de:e5:85:cd:
36:25:54:15:a5:14:48:18:63:c7:30:79:bf:cd:13:44:e8:5f:
82:dd:0c:65:17:20:a6:94:da:36:77:84:94:40:ee:b4:d9:ea:
34:ec:ce:ea:d5:bf:40:5e:bb:dd:25:0b:35:23:b0:c3:9a:1e:
8e:ac:ab:13
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtCuoFPDSk0C8yYOIXdyNwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YjIyMDIzYjZlYWQ0YzI5NjgzYTlmZWQ0NDkzZDAzZGVl
MmM2ODUwHhcNMjMwMTAxMTExNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDAxNGI0ZTM3ZDljZDMxNjUyMDBhODQwOWI4MzU4NjczMjllZDY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArG1BZph0+G0TpPFzi55PVw+HYYct
/BWGI1219Bu+MNQapbcUHw+wOOgmkIwr0KGmfeaVqkXW3T7TkKIuktqt9RX8DUzv
ETlW+VWXOIagr7N1HebHuxHhDAwRlWcHW2Mv3UV0rSa/xINafqjh8oyqDJ3LgMVE
xP6gWFttUDbzG+1geMokR8mvRlyfP3GqJrLY1KqwzBQAsr25fBv/TT4PiMxNne0a
wKFn79xcOK+BtYDYbVjoK66RrBXbaXVSe/CPdDdob8wqte0T9G6nqd4JFvt86FCI
ofcVSB40aw6Gm5Y6Lc/F8UrR1EzTsBFr/TWoNJRB/npOXA6DwyxoVPw8LQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP0BS0432c0xZSAKhAm4NYZzKe1pMB8GA1UdIwQY
MBaAFDiyICO26tTCloOp/tRJPQPe4saFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMt
NDBkOTViZDMzZmNiLzEvX1FGTFRqZlp6VEZsSUFxRUNiZzFobk1wN1drLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMtNDBkOTViZDMzZmNi
LzEvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEUrMAMA0G
CSqGSIb3DQEBCwUAA4IBAQA+wQq6oabbVi2pPEkHUqaJuj4lPzDjeDTnYG7mxMs8
bG00nKywHQ3XczK6J6BUVf8nt3kR0gB9K1jr4q8h5yxVllHr5Or/SE28s06PRrS9
aAd1CKiqKDbT/ySVAhucxpF1gvBaUJYiE6xRkbBGYbVldr72iBj5i/5yIdscNEi4
mEnLdOIJYL5bKFBh1XUjd2al6dfoqqhQhXpZI8rHqVnfW6FUce6is2jHJxS8OHsR
ZBmrtN9QbaMVSFguD1G6BMlQPt7lhc02JVQVpRRIGGPHMHm/zRNE6F+C3QxlFyCm
lNo2d4SUQO602eo07M7q1b9AXrvdJQs1I7DDmh6OrKsT
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:01 2024 by rpki-client on console-ams.rpki-client.org