Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/0ee2ab-07d9-4a81-abf0-e0e4be6696f9/1/QtgcRVBOHSln-_WKDDKKPt17NGE.roa
File: QtgcRVBOHSln-_WKDDKKPt17NGE.roa (raw, json)
Hash identifier: eGjc77/ENATtGVJqFNbApjWvzEh6nqR/QxF67bzZFv8=
Subject key identifier: 42:D8:1C:45:50:4E:1D:29:67:FB:F5:8A:0C:32:8A:3E:DD:7B:34:61
Certificate issuer: /CN=586329f307b98285b71d22c7197ec19b701ded67
Certificate serial: 0188914B880BEA259DD84630A0B7B9E4C45C
Authority key identifier: 58:63:29:F3:07:B9:82:85:B7:1D:22:C7:19:7E:C1:9B:70:1D:ED:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WGMp8we5goW3HSLHGX7Bm3Ad7Wc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/0ee2ab-07d9-4a81-abf0-e0e4be6696f9/1/QtgcRVBOHSln-_WKDDKKPt17NGE.roa
Signing time: Tue 06 Jun 2023 15:20:26 +0000
ROA not before: Tue 06 Jun 2023 15:20:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42586
IP address blocks: 77.36.128.0/17 maxlen: 17
77.36.128.0/19 maxlen: 19
77.36.128.0/20 maxlen: 20
77.36.128.0/18 maxlen: 18
77.36.144.0/20 maxlen: 20
77.36.224.0/20 maxlen: 20
77.36.224.0/19 maxlen: 19
77.36.240.0/20 maxlen: 20
77.36.160.0/20 maxlen: 20
77.36.160.0/19 maxlen: 19
77.36.165.0/24 maxlen: 24
185.194.244.0/22 maxlen: 22
77.36.166.0/24 maxlen: 24
77.36.163.0/24 maxlen: 24
77.36.164.0/24 maxlen: 24
77.36.176.0/20 maxlen: 20
77.36.192.0/20 maxlen: 20
77.36.192.0/19 maxlen: 19
77.36.192.0/18 maxlen: 18
77.36.208.0/20 maxlen: 20
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:91:4b:88:0b:ea:25:9d:d8:46:30:a0:b7:b9:e4:c4:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=586329f307b98285b71d22c7197ec19b701ded67
Validity
Not Before: Jun 6 15:20:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=42d81c45504e1d2967fbf58a0c328a3edd7b3461
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:79:b1:da:63:31:81:b8:5e:81:f5:b1:35:f2:
07:eb:18:82:c7:10:23:eb:7a:99:d1:60:7c:6f:d0:
61:19:00:2f:89:0c:5b:03:3b:a2:55:94:c3:82:bf:
1b:69:0b:89:a7:be:5c:0f:52:28:a5:bd:46:31:ab:
3a:4e:9a:19:a2:76:59:a5:1c:49:cf:6d:bf:fd:5c:
54:8e:44:53:c7:fd:d2:7f:c6:34:02:60:25:7a:ed:
3f:5c:af:f4:d7:c4:1e:b2:f6:4b:9b:36:ea:f9:3e:
88:08:64:ff:e3:5b:b4:87:f0:12:fd:89:c1:15:b6:
a9:71:d0:5c:d3:81:10:c1:92:4f:f7:a5:82:04:5b:
a6:06:c9:76:cd:d8:62:23:ba:08:79:d6:03:86:9e:
a1:c0:60:70:86:5e:3a:e5:24:69:2e:da:f2:f5:21:
99:e7:e2:7b:b9:97:f6:9a:d0:aa:b2:bc:d7:91:7d:
0a:f1:35:ec:39:90:98:2f:8f:d5:f5:b1:ff:41:6a:
78:d2:b3:35:9f:0a:d5:de:97:7a:52:c9:78:f4:8c:
ac:72:d9:db:b9:05:1a:64:43:98:cd:cb:07:43:57:
73:88:be:59:4e:55:48:b3:a8:46:20:e4:1e:c0:d8:
26:ea:91:ac:d2:ac:e5:20:47:09:7f:ea:6f:40:33:
98:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:D8:1C:45:50:4E:1D:29:67:FB:F5:8A:0C:32:8A:3E:DD:7B:34:61
X509v3 Authority Key Identifier:
keyid:58:63:29:F3:07:B9:82:85:B7:1D:22:C7:19:7E:C1:9B:70:1D:ED:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WGMp8we5goW3HSLHGX7Bm3Ad7Wc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/0ee2ab-07d9-4a81-abf0-e0e4be6696f9/1/QtgcRVBOHSln-_WKDDKKPt17NGE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/0ee2ab-07d9-4a81-abf0-e0e4be6696f9/1/WGMp8we5goW3HSLHGX7Bm3Ad7Wc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.36.128.0/17
185.194.244.0/22
Signature Algorithm: sha256WithRSAEncryption
8f:4f:34:c6:6a:f7:df:1b:c2:f0:7e:0d:d9:61:d9:b2:fe:81:
3c:19:57:6e:c7:36:5e:80:f8:d4:09:a4:ec:e0:5a:82:7e:98:
be:f0:7d:5c:a2:16:60:6a:1a:80:e7:ce:bc:70:f7:93:f3:b8:
32:a2:6f:bd:f5:a4:7d:54:06:37:ad:de:80:51:de:55:5d:c9:
ce:44:cc:db:81:a6:9e:c2:10:65:9a:34:56:5b:6c:22:58:56:
c7:82:15:cb:ef:f6:44:f5:35:70:60:f7:7a:41:77:b6:e9:15:
cf:6f:40:9b:70:43:45:5a:3f:e5:d1:24:ab:b5:54:7b:48:dc:
30:90:0b:fd:47:f2:c2:3a:b0:b5:d0:22:88:f5:a9:a7:d5:b3:
8c:f4:d0:ef:0c:19:1a:a5:ff:d1:10:9a:d2:7d:9f:c8:e4:cf:
3e:5d:f4:b0:17:4d:38:a9:97:23:66:ba:4c:bc:eb:3e:c2:69:
4a:81:4b:2a:87:ce:3f:8d:98:de:9f:7a:58:66:9f:d4:8a:c6:
05:fe:cf:85:a6:af:4a:8c:5d:26:4b:f1:b5:a3:c5:60:11:7c:
ed:23:e3:fd:ae:9d:f0:ac:ae:de:57:a8:c7:74:f7:f3:c8:88:
e9:57:68:aa:13:92:57:48:6f:b3:ac:35:22:60:b3:fb:e0:51:
7c:d5:00:85
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYiRS4gL6iWd2EYwoLe55MRcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4NjMyOWYzMDdiOTgyODViNzFkMjJjNzE5N2VjMTliNzAx
ZGVkNjcwHhcNMjMwNjA2MTUyMDI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmQ4MWM0NTUwNGUxZDI5NjdmYmY1OGEwYzMyOGEzZWRkN2IzNDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjXmx2mMxgbhegfWxNfIH6xiCxxAj
63qZ0WB8b9BhGQAviQxbAzuiVZTDgr8baQuJp75cD1Iopb1GMas6TpoZonZZpRxJ
z22//VxUjkRTx/3Sf8Y0AmAleu0/XK/018QesvZLmzbq+T6ICGT/41u0h/AS/YnB
FbapcdBc04EQwZJP96WCBFumBsl2zdhiI7oIedYDhp6hwGBwhl465SRpLtry9SGZ
5+J7uZf2mtCqsrzXkX0K8TXsOZCYL4/V9bH/QWp40rM1nwrV3pd6Usl49Iysctnb
uQUaZEOYzcsHQ1dziL5ZTlVIs6hGIOQewNgm6pGs0qzlIEcJf+pvQDOYIwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFELYHEVQTh0pZ/v1igwyij7dezRhMB8GA1UdIwQY
MBaAFFhjKfMHuYKFtx0ixxl+wZtwHe1nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0dNcDh3ZTVnb1czSFNMSEdYN0JtM0FkN1djLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8wZWUyYWItMDdkOS00YTgxLWFiZjAt
ZTBlNGJlNjY5NmY5LzEvUXRnY1JWQk9IU2xuLV9XS0RES0tQdDE3TkdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8wZWUyYWItMDdkOS00YTgxLWFiZjAtZTBlNGJlNjY5NmY5
LzEvV0dNcDh3ZTVnb1czSFNMSEdYN0JtM0FkN1djLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQHTSSAAwQC
ucL0MA0GCSqGSIb3DQEBCwUAA4IBAQCPTzTGavffG8Lwfg3ZYdmy/oE8GVduxzZe
gPjUCaTs4FqCfpi+8H1cohZgahqA5868cPeT87gyom+99aR9VAY3rd6AUd5VXcnO
RMzbgaaewhBlmjRWW2wiWFbHghXL7/ZE9TVwYPd6QXe26RXPb0CbcENFWj/l0SSr
tVR7SNwwkAv9R/LCOrC10CKI9amn1bOM9NDvDBkapf/REJrSfZ/I5M8+XfSwF004
qZcjZrpMvOs+wmlKgUsqh84/jZjen3pYZp/UisYF/s+Fpq9KjF0mS/G1o8VgEXzt
I+P9rp3wrK7eV6jHdPfzyIjpV2iqE5JXSG+zrDUiYLP74FF81QCF
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:27 2023 by rpki-client on console.sobornost.net