Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/66xr5mTUCoKkXfkMScduCP96CTs.roa
File: 66xr5mTUCoKkXfkMScduCP96CTs.roa (raw, json)
Hash identifier: gVTiNAvNAcQV4xUkumfzaYK8zALYzL5TJf/52sfr7RQ=
Subject key identifier: EB:AC:6B:E6:64:D4:0A:82:A4:5D:F9:0C:49:C7:6E:08:FF:7A:09:3B
Certificate issuer: /CN=a849204ca4f0eb4e56e08e099fe3785ce06ffeaa
Certificate serial: 018A6A166895F0D3BBEAD3219D5AE0D92133
Authority key identifier: A8:49:20:4C:A4:F0:EB:4E:56:E0:8E:09:9F:E3:78:5C:E0:6F:FE:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qEkgTKTw605W4I4Jn-N4XOBv_qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/66xr5mTUCoKkXfkMScduCP96CTs.roa
Signing time: Wed 06 Sep 2023 10:42:47 +0000
ROA not before: Wed 06 Sep 2023 10:42:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204175
IP address blocks: 185.177.43.0/24 maxlen: 24
185.177.42.0/24 maxlen: 24
185.220.166.0/24 maxlen: 24
185.220.167.0/24 maxlen: 24
185.220.166.0/23 maxlen: 23
185.232.132.0/24 maxlen: 24
185.232.133.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:6a:16:68:95:f0:d3:bb:ea:d3:21:9d:5a:e0:d9:21:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a849204ca4f0eb4e56e08e099fe3785ce06ffeaa
Validity
Not Before: Sep 6 10:42:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ebac6be664d40a82a45df90c49c76e08ff7a093b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:0d:4b:b9:30:fa:bd:13:57:7d:e1:a9:d0:34:
cc:aa:9f:ed:12:9e:ed:e4:5f:5c:68:66:36:c6:5f:
34:fb:14:8a:23:bd:06:fe:ba:51:f2:d8:52:4d:9d:
7b:95:e1:ea:90:c7:8c:f4:5e:fa:9d:28:e2:24:01:
2d:17:bc:03:81:78:44:6d:43:0f:60:3b:4d:1f:57:
aa:cc:7b:80:24:5d:7d:37:cd:f5:bc:86:e8:96:13:
07:89:f2:42:29:b2:7c:47:c9:34:cf:ae:5e:83:07:
4b:b0:ee:27:c7:ef:b7:91:e6:a1:04:9a:6b:cd:07:
f6:33:2e:88:68:e5:35:3e:6f:33:69:fe:1c:70:4e:
36:84:c7:17:be:ea:6d:20:f6:69:a8:42:af:e8:a7:
cd:67:72:b3:7f:7f:d1:54:ac:cd:00:a5:a8:4b:03:
57:22:df:31:0c:9b:e9:84:00:a9:29:45:a3:2b:f5:
78:fb:47:ff:25:0c:17:95:0d:5d:05:ad:00:69:bd:
b6:89:4b:49:d7:e7:de:0d:13:2c:29:d2:cc:25:8b:
62:2c:ba:37:bc:80:b7:8c:63:d8:c0:3e:64:fd:47:
31:ec:8a:54:f0:55:4e:ce:d7:b4:f6:22:7b:1f:84:
e9:71:c8:b2:b2:4f:59:7b:2e:25:d3:a1:82:3f:9c:
c2:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:AC:6B:E6:64:D4:0A:82:A4:5D:F9:0C:49:C7:6E:08:FF:7A:09:3B
X509v3 Authority Key Identifier:
keyid:A8:49:20:4C:A4:F0:EB:4E:56:E0:8E:09:9F:E3:78:5C:E0:6F:FE:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qEkgTKTw605W4I4Jn-N4XOBv_qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/66xr5mTUCoKkXfkMScduCP96CTs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/qEkgTKTw605W4I4Jn-N4XOBv_qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.177.42.0/23
185.220.166.0/23
185.232.132.0/23
Signature Algorithm: sha256WithRSAEncryption
24:fb:6b:56:c4:1d:f0:fa:70:8c:e3:1f:4a:17:56:4e:f4:95:
68:42:a0:77:80:63:aa:e2:88:4e:20:35:4c:3c:73:40:4d:ac:
af:c9:e6:0d:e0:e0:eb:20:e0:db:57:a8:b0:43:fa:3b:54:ee:
8d:3c:00:97:4c:1f:d4:20:b9:30:29:38:1f:21:65:1d:5a:b2:
23:05:6b:27:d5:1c:ec:ab:28:56:7b:6e:d9:36:28:cb:45:d4:
48:67:a0:6d:4d:ec:b6:19:47:f9:77:66:57:98:0e:4a:a7:2a:
1e:ef:da:ab:17:f7:9a:f9:c6:53:a2:37:7e:2a:41:7c:ad:28:
ee:24:57:ff:46:21:7c:dd:62:68:48:56:07:0c:fb:fa:ce:74:
7f:69:b2:ac:15:3e:75:1b:d4:b4:5a:a6:52:24:6e:6e:1a:23:
39:5c:75:8e:93:79:a5:7c:22:69:0c:f6:48:ac:79:27:06:79:
fd:7b:5b:01:3f:79:19:74:13:ff:00:1a:a9:31:af:f9:28:ed:
52:94:ee:5a:31:69:88:46:02:af:93:e1:1e:d6:c7:b8:48:c1:
03:7c:2d:14:73:f1:ac:ec:7d:e1:c0:73:55:87:d6:b0:b9:2c:
04:73:69:b7:d0:d2:dd:ef:06:b1:95:a2:de:67:e9:37:9a:74:
b9:31:7b:6a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYpqFmiV8NO76tMhnVrg2SEzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NDkyMDRjYTRmMGViNGU1NmUwOGUwOTlmZTM3ODVjZTA2
ZmZlYWEwHhcNMjMwOTA2MTA0MjQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmFjNmJlNjY0ZDQwYTgyYTQ1ZGY5MGM0OWM3NmUwOGZmN2EwOTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiA1LuTD6vRNXfeGp0DTMqp/tEp7t
5F9caGY2xl80+xSKI70G/rpR8thSTZ17leHqkMeM9F76nSjiJAEtF7wDgXhEbUMP
YDtNH1eqzHuAJF19N831vIbolhMHifJCKbJ8R8k0z65egwdLsO4nx++3keahBJpr
zQf2My6IaOU1Pm8zaf4ccE42hMcXvuptIPZpqEKv6KfNZ3Kzf3/RVKzNAKWoSwNX
It8xDJvphACpKUWjK/V4+0f/JQwXlQ1dBa0Aab22iUtJ1+feDRMsKdLMJYtiLLo3
vIC3jGPYwD5k/Ucx7IpU8FVOzte09iJ7H4Tpcciysk9Zey4l06GCP5zC4QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOusa+Zk1AqCpF35DEnHbgj/egk7MB8GA1UdIwQY
MBaAFKhJIEyk8OtOVuCOCZ/jeFzgb/6qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUVrZ1RLVHc2MDVXNEk0Sm4tTjRYT0J2X3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi80NWIyM2YtMzAyYi00MWYyLTk0OTYt
OWNjYmIwODQyOGZhLzEvNjZ4cjVtVFVDb0trWGZrTVNjZHVDUDk2Q1RzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi80NWIyM2YtMzAyYi00MWYyLTk0OTYtOWNjYmIwODQyOGZh
LzEvcUVrZ1RLVHc2MDVXNEk0Sm4tTjRYT0J2X3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBubEqAwQB
udymAwQBueiEMA0GCSqGSIb3DQEBCwUAA4IBAQAk+2tWxB3w+nCM4x9KF1ZO9JVo
QqB3gGOq4ohOIDVMPHNATayvyeYN4ODrIODbV6iwQ/o7VO6NPACXTB/UILkwKTgf
IWUdWrIjBWsn1RzsqyhWe27ZNijLRdRIZ6BtTey2GUf5d2ZXmA5Kpyoe79qrF/ea
+cZTojd+KkF8rSjuJFf/RiF83WJoSFYHDPv6znR/abKsFT51G9S0WqZSJG5uGiM5
XHWOk3mlfCJpDPZIrHknBnn9e1sBP3kZdBP/ABqpMa/5KO1SlO5aMWmIRgKvk+Ee
1se4SMEDfC0Uc/Gs7H3hwHNVh9awuSwEc2m30NLd7waxlaLeZ+k3mnS5MXtq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:02 2024 by rpki-client on console-fra.rpki-client.org