Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/QcE-JNgNt3dsNw-Wir6-mUQeWvE.roa
File: QcE-JNgNt3dsNw-Wir6-mUQeWvE.roa (raw, json)
Hash identifier: N+JqDHDr0zJ3iR2Zhs6nhUJZpW8zcacIIH7OddLazqs=
Subject key identifier: 41:C1:3E:24:D8:0D:B7:77:6C:37:0F:96:8A:BE:BE:99:44:1E:5A:F1
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 0193521FB58EC894D218531A4F273264BD3A
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/QcE-JNgNt3dsNw-Wir6-mUQeWvE.roa
Signing time: Fri 22 Nov 2024 04:27:09 +0000
ROA not before: Fri 22 Nov 2024 04:27:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16589
IP address blocks: 77.223.192.0/21 maxlen: 21
77.223.200.0/23 maxlen: 24
79.139.64.0/23 maxlen: 24
83.142.200.0/21 maxlen: 24
86.104.8.0/24 maxlen: 24
94.26.110.0/23 maxlen: 24
94.101.103.0/24 maxlen: 24
176.222.48.0/22 maxlen: 24
178.216.184.0/21 maxlen: 24
198.14.16.0/20 maxlen: 24
198.145.112.0/22 maxlen: 24
205.134.244.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Dec 2024 19:12:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:52:1f:b5:8e:c8:94:d2:18:53:1a:4f:27:32:64:bd:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Nov 22 04:27:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=41c13e24d80db7776c370f968abebe99441e5af1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:51:6b:64:f3:7a:91:65:b6:67:81:0c:b9:94:
fd:25:05:58:10:31:0a:e9:4b:77:6d:c4:ae:77:0c:
60:20:ed:49:27:dd:84:37:81:dd:bf:77:8d:27:b0:
9b:cb:31:99:d1:16:c8:f6:27:f5:9f:76:9c:16:34:
d0:46:cf:28:80:22:a7:8f:5b:66:8b:da:c9:1b:cb:
6b:a6:6a:14:03:fd:6e:02:35:14:5c:1b:21:f3:65:
26:8f:e8:e2:0e:7d:b5:42:c3:18:01:24:81:47:df:
1c:06:b4:4f:09:63:14:bf:f4:2a:60:62:83:de:bf:
b7:e9:b8:b1:36:29:d1:00:fa:3b:79:af:81:dc:ed:
25:b1:cc:e3:d8:7d:e0:95:0e:2f:a7:02:4e:c0:2e:
ba:c8:73:2c:ca:4f:02:90:be:ec:35:3f:62:15:83:
b6:a6:16:51:8c:78:2b:43:23:38:8c:88:56:8e:4c:
ef:91:54:2d:b8:f7:31:12:ba:3b:4f:e8:5f:13:10:
4e:02:3b:10:91:c1:58:43:08:71:36:cb:94:5f:98:
cf:a6:16:77:ed:f5:e5:f5:91:82:55:1d:d3:72:21:
da:90:4c:d0:b1:ae:ba:af:49:9f:ba:e6:38:84:99:
02:4b:68:19:d0:99:4a:8e:36:3c:65:c2:a1:6e:2c:
5f:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:C1:3E:24:D8:0D:B7:77:6C:37:0F:96:8A:BE:BE:99:44:1E:5A:F1
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/QcE-JNgNt3dsNw-Wir6-mUQeWvE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.223.192.0-77.223.201.255
79.139.64.0/23
83.142.200.0/21
86.104.8.0/24
94.26.110.0/23
94.101.103.0/24
176.222.48.0/22
178.216.184.0/21
198.14.16.0/20
198.145.112.0/22
205.134.244.0/22
Signature Algorithm: sha256WithRSAEncryption
8b:f2:21:83:b7:8b:e9:88:87:ab:ba:d3:f1:7e:8c:8d:fc:45:
55:9f:76:b9:ae:f8:d9:5e:90:f9:31:dc:74:81:8c:45:24:49:
ab:8b:56:cd:e8:6b:87:eb:bd:d2:e9:42:7a:c7:12:b6:94:94:
b8:08:3a:6d:8c:79:1b:9f:77:2d:6a:48:3c:37:03:e4:66:12:
0b:60:e4:9a:fc:c8:99:72:80:ce:b1:10:61:23:66:0e:58:6d:
0e:77:2f:0d:5c:1a:44:84:77:ca:f4:21:23:ce:7c:17:1d:95:
60:e3:37:e0:d1:4b:20:d9:01:38:a4:90:cc:94:f9:28:09:6f:
1a:19:06:a7:44:bb:24:ed:f5:70:92:a9:3b:09:be:39:95:bd:
b8:74:35:f5:14:d0:75:63:bc:8c:40:f6:a9:a4:b0:be:d5:56:
92:95:69:c2:74:5a:70:e8:17:4f:7d:f1:ae:5e:e4:ca:01:7f:
84:fa:8a:9b:c3:ea:f6:dd:e3:f8:8a:ae:53:f5:a3:b7:bb:70:
56:08:48:fd:dc:b4:90:46:32:e7:df:87:59:44:ae:e1:7a:05:
cf:e0:bb:73:46:eb:a4:0f:4b:50:24:a6:85:fa:20:3e:9d:b9:
c7:08:db:a7:0c:c0:b8:21:43:c8:dd:45:23:25:82:72:f5:63:
4f:07:f5:e2
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAZNSH7WOyJTSGFMaTycyZL06MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjQxMTIyMDQyNzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWMxM2UyNGQ4MGRiNzc3NmMzNzBmOTY4YWJlYmU5OTQ0MWU1YWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtlFrZPN6kWW2Z4EMuZT9JQVYEDEK
6Ut3bcSudwxgIO1JJ92EN4Hdv3eNJ7CbyzGZ0RbI9if1n3acFjTQRs8ogCKnj1tm
i9rJG8trpmoUA/1uAjUUXBsh82Umj+jiDn21QsMYASSBR98cBrRPCWMUv/QqYGKD
3r+36bixNinRAPo7ea+B3O0lsczj2H3glQ4vpwJOwC66yHMsyk8CkL7sNT9iFYO2
phZRjHgrQyM4jIhWjkzvkVQtuPcxEro7T+hfExBOAjsQkcFYQwhxNsuUX5jPphZ3
7fXl9ZGCVR3TciHakEzQsa66r0mfuuY4hJkCS2gZ0JlKjjY8ZcKhbixfKQIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFEHBPiTYDbd3bDcPloq+vplEHlrxMB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvUWNFLUpOZ050M2RzTnctV2lyNi1tVVFlV3ZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKMAwDBAZN38AD
BAFN38gDBAFPi0ADBANTjsgDBABWaAgDBAFeGm4DBABeZWcDBAKw3jADBAOy2LgD
BATGDhADBALGkXADBALNhvQwDQYJKoZIhvcNAQELBQADggEBAIvyIYO3i+mIh6u6
0/F+jI38RVWfdrmu+NlekPkx3HSBjEUkSauLVs3oa4frvdLpQnrHEraUlLgIOm2M
eRufdy1qSDw3A+RmEgtg5Jr8yJlygM6xEGEjZg5YbQ53Lw1cGkSEd8r0ISPOfBcd
lWDjN+DRSyDZATikkMyU+SgJbxoZBqdEuyTt9XCSqTsJvjmVvbh0NfUU0HVjvIxA
9qmksL7VVpKVacJ0WnDoF0998a5e5MoBf4T6ipvD6vbd4/iKrlP1o7e7cFYISP3c
tJBGMuffh1lEruF6Bc/gu3NG66QPS1AkpoX6ID6duccI26cMwLghQ8jdRSMlgnL1
Y08H9eI=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:13:03 2025 by rpki-client