Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/d21d60-210f-40b3-9d89-25455a8ddd45/1/QBnDh8eHaQfK_TejAfYk6tYBXxw.roa
File: QBnDh8eHaQfK_TejAfYk6tYBXxw.roa (raw, json)
Hash identifier: Wjts93xWr1tGLNdx53jJauNpfqMYl+BVBrrHh5LW5v0=
Subject key identifier: 40:19:C3:87:C7:87:69:07:CA:FD:37:A3:01:F6:24:EA:D6:01:5F:1C
Certificate issuer: /CN=df8877f3c55b528e1a29db3d79920656f0c66aeb
Certificate serial: 0189447B7EFBAC5565F4635280ED82AFC71B
Authority key identifier: DF:88:77:F3:C5:5B:52:8E:1A:29:DB:3D:79:92:06:56:F0:C6:6A:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/34h388VbUo4aKds9eZIGVvDGaus.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/d21d60-210f-40b3-9d89-25455a8ddd45/1/QBnDh8eHaQfK_TejAfYk6tYBXxw.roa
Signing time: Tue 11 Jul 2023 10:24:51 +0000
ROA not before: Tue 11 Jul 2023 10:24:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50973
IP address blocks: 79.171.50.0/24 maxlen: 24
79.171.49.0/24 maxlen: 24
79.171.48.0/21 maxlen: 21
79.171.48.0/24 maxlen: 24
79.171.52.0/24 maxlen: 24
188.172.97.0/24 maxlen: 24
188.172.96.0/24 maxlen: 24
188.172.98.0/24 maxlen: 24
188.172.103.0/24 maxlen: 24
188.172.104.0/22 maxlen: 22
188.172.102.0/24 maxlen: 24
188.172.101.0/24 maxlen: 24
188.172.100.0/24 maxlen: 24
188.172.99.0/24 maxlen: 24
2a0a:a0c0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:44:7b:7e:fb:ac:55:65:f4:63:52:80:ed:82:af:c7:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df8877f3c55b528e1a29db3d79920656f0c66aeb
Validity
Not Before: Jul 11 10:24:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4019c387c7876907cafd37a301f624ead6015f1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:fb:09:fc:0d:98:c9:0f:63:99:b9:a7:fe:a3:
0a:db:a2:13:96:bc:71:51:7f:79:6f:47:06:55:ac:
78:00:e7:38:4b:b4:58:a2:e3:e8:63:ed:c9:c2:e9:
de:04:de:4c:6a:6c:b1:a3:ab:a2:47:8a:9d:fb:4c:
3e:80:cb:33:c1:a0:26:52:43:03:19:95:a8:c0:ee:
c5:29:f1:c0:40:09:f3:ca:a2:b2:f7:07:d8:6a:0e:
f1:46:bc:6e:d3:89:34:8e:db:a7:95:fb:41:70:51:
aa:cf:b6:a9:e7:72:d1:c1:63:25:52:74:f9:07:a5:
57:35:bd:32:a2:03:55:45:ea:3b:d1:71:6b:1b:c6:
b9:47:85:b0:9a:34:28:45:00:8f:0f:ce:b5:9a:12:
32:66:8a:14:1d:fc:1d:77:85:26:b6:ea:3a:ca:40:
48:5a:b5:31:bf:e4:1d:d3:97:f2:05:13:2c:e5:55:
c9:4e:8f:39:b3:31:9f:bc:f2:83:8c:f3:9a:4d:29:
e5:fc:db:dc:da:74:3e:a4:58:d6:81:ec:95:db:f8:
33:c3:5d:59:7b:05:58:d1:f3:f5:d7:d2:7f:98:8f:
6e:a8:a4:b1:c1:73:66:21:cd:26:a3:45:e6:91:65:
09:eb:cd:23:20:42:30:52:3e:a7:68:66:a1:b4:7b:
8c:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:19:C3:87:C7:87:69:07:CA:FD:37:A3:01:F6:24:EA:D6:01:5F:1C
X509v3 Authority Key Identifier:
keyid:DF:88:77:F3:C5:5B:52:8E:1A:29:DB:3D:79:92:06:56:F0:C6:6A:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/34h388VbUo4aKds9eZIGVvDGaus.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/d21d60-210f-40b3-9d89-25455a8ddd45/1/QBnDh8eHaQfK_TejAfYk6tYBXxw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/d21d60-210f-40b3-9d89-25455a8ddd45/1/34h388VbUo4aKds9eZIGVvDGaus.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.171.48.0/21
188.172.96.0-188.172.107.255
IPv6:
2a0a:a0c0::/29
Signature Algorithm: sha256WithRSAEncryption
61:84:c1:a5:0b:ac:00:d8:e4:23:ea:76:66:06:a1:c3:c5:dc:
89:5a:05:9c:e0:b8:24:d2:5e:b4:98:05:d3:9c:cf:2c:b2:5a:
39:b6:45:0a:87:7f:0b:e5:fa:84:21:25:36:99:82:f9:e6:ac:
ab:b1:44:b7:46:63:21:59:1d:46:bb:57:68:dd:a4:3e:14:0b:
32:64:08:c5:7e:82:ba:58:f0:ef:0e:b5:76:eb:d5:f4:75:92:
b4:08:2b:07:43:32:70:39:dc:2d:94:30:2e:0b:4f:c6:25:69:
af:d5:f7:89:87:6d:0b:a8:c7:5e:c6:53:12:8e:49:30:ca:cc:
b5:65:15:99:65:2b:03:a4:99:ec:d5:39:e8:14:0f:69:ae:1a:
b0:a7:d3:a8:54:55:59:00:de:6f:20:ba:13:2b:a1:a3:67:57:
50:d6:c0:18:91:d3:59:a0:0d:83:90:de:de:cc:1c:c3:68:32:
1b:7d:46:5c:ca:24:cb:b4:84:92:65:56:42:69:fc:e9:11:cf:
ee:ef:ef:17:69:02:6e:96:dc:aa:cb:93:a1:5e:bf:20:91:39:
05:20:bb:7d:d8:be:7d:73:f9:f7:c8:f0:b5:75:3a:ae:28:4e:
03:e7:29:c1:fe:d7:50:69:07:a2:26:99:20:33:cc:ef:d0:06:
ba:dc:1f:1c
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYlEe377rFVl9GNSgO2Cr8cbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmODg3N2YzYzU1YjUyOGUxYTI5ZGIzZDc5OTIwNjU2ZjBj
NjZhZWIwHhcNMjMwNzExMTAyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDE5YzM4N2M3ODc2OTA3Y2FmZDM3YTMwMWY2MjRlYWQ2MDE1ZjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvfsJ/A2YyQ9jmbmn/qMK26ITlrxx
UX95b0cGVax4AOc4S7RYouPoY+3JwuneBN5Mamyxo6uiR4qd+0w+gMszwaAmUkMD
GZWowO7FKfHAQAnzyqKy9wfYag7xRrxu04k0jtunlftBcFGqz7ap53LRwWMlUnT5
B6VXNb0yogNVReo70XFrG8a5R4WwmjQoRQCPD861mhIyZooUHfwdd4Umtuo6ykBI
WrUxv+Qd05fyBRMs5VXJTo85szGfvPKDjPOaTSnl/Nvc2nQ+pFjWgeyV2/gzw11Z
ewVY0fP119J/mI9uqKSxwXNmIc0mo0XmkWUJ680jIEIwUj6naGahtHuMXQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFEAZw4fHh2kHyv03owH2JOrWAV8cMB8GA1UdIwQY
MBaAFN+Id/PFW1KOGinbPXmSBlbwxmrrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzRoMzg4VmJVbzRhS2RzOWVaSUdWdkRHYXVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9kMjFkNjAtMjEwZi00MGIzLTlkODkt
MjU0NTVhOGRkZDQ1LzEvUUJuRGg4ZUhhUWZLX1RlakFmWWs2dFlCWHh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9kMjFkNjAtMjEwZi00MGIzLTlkODktMjU0NTVhOGRkZDQ1
LzEvMzRoMzg4VmJVbzRhS2RzOWVaSUdWdkRHYXVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQDT6swMAwD
BAW8rGADBAK8rGgwDQQCAAIwBwMFAyoKoMAwDQYJKoZIhvcNAQELBQADggEBAGGE
waULrADY5CPqdmYGocPF3IlaBZzguCTSXrSYBdOczyyyWjm2RQqHfwvl+oQhJTaZ
gvnmrKuxRLdGYyFZHUa7V2jdpD4UCzJkCMV+grpY8O8OtXbr1fR1krQIKwdDMnA5
3C2UMC4LT8Ylaa/V94mHbQuox17GUxKOSTDKzLVlFZllKwOkmezVOegUD2muGrCn
06hUVVkA3m8guhMroaNnV1DWwBiR01mgDYOQ3t7MHMNoMht9RlzKJMu0hJJlVkJp
/OkRz+7v7xdpAm6W3KrLk6FevyCROQUgu33Yvn1z+ffI8LV1Oq4oTgPnKcH+11Bp
B6ImmSAzzO/QBrrcHxw=
-----END CERTIFICATE-----
Generated at Thu Sep 21 14:34:47 2023 by rpki-client on console-ams.rpki-client.org