Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/67c21d-0e92-4242-994e-fb40d6da2468/1/iC8244bddVq52QkW0mmPlYjhLG8.roa
File: iC8244bddVq52QkW0mmPlYjhLG8.roa (raw, json)
Hash identifier: 6+kTMvqBDwl6R7Uk2UVcbCYoOB2yVAJREBQmHtkHZbY=
Subject key identifier: 88:2F:36:E3:86:DD:75:5A:B9:D9:09:16:D2:69:8F:95:88:E1:2C:6F
Certificate issuer: /CN=21cb2ac377fc603f95faecc54ac7d590f2cc319d
Certificate serial: 018BB34F406B59DDA9A8559C4516601B56A0
Authority key identifier: 21:CB:2A:C3:77:FC:60:3F:95:FA:EC:C5:4A:C7:D5:90:F2:CC:31:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Icsqw3f8YD-V-uzFSsfVkPLMMZ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/67c21d-0e92-4242-994e-fb40d6da2468/1/iC8244bddVq52QkW0mmPlYjhLG8.roa
Signing time: Thu 09 Nov 2023 08:59:57 +0000
ROA not before: Thu 09 Nov 2023 08:59:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49434
IP address blocks: 185.177.45.0/24 maxlen: 24
185.177.46.0/24 maxlen: 24
185.177.47.0/24 maxlen: 24
2a0a:2f82::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b3:4f:40:6b:59:dd:a9:a8:55:9c:45:16:60:1b:56:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21cb2ac377fc603f95faecc54ac7d590f2cc319d
Validity
Not Before: Nov 9 08:59:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=882f36e386dd755ab9d90916d2698f9588e12c6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:32:42:12:5e:b6:a1:71:19:3a:bb:ff:e2:f3:
95:31:29:3f:e1:d4:58:7a:ff:53:0b:62:5b:cd:d7:
99:d3:84:d6:d7:bc:4a:36:84:99:30:a8:70:34:15:
78:2d:f2:bc:b3:e5:0d:7b:e1:23:df:b4:aa:23:be:
b1:f4:d7:06:7e:91:22:43:04:1e:8a:76:57:fa:ba:
97:5e:8a:59:7a:35:22:d5:8b:d6:35:50:fa:1e:6b:
97:2c:c1:cd:63:d5:1f:fa:f8:0e:6e:48:0f:79:dc:
68:da:46:fa:17:32:eb:8c:d1:7e:98:c7:bb:d6:59:
43:b4:38:5d:bb:5c:df:0a:7e:85:18:67:ed:00:e2:
30:34:71:d5:9b:10:92:6e:c6:28:fb:09:f3:99:66:
e0:64:21:70:29:0a:dc:5e:b6:11:2a:df:24:32:0b:
e1:7e:5a:82:51:c8:ae:3a:d9:0d:7a:4d:75:d1:b7:
92:62:51:ff:d9:0b:c1:f5:96:36:f1:ae:0b:e4:f9:
11:ec:07:e5:c0:1d:00:eb:f3:13:38:c0:2e:a0:78:
c2:88:74:e4:95:cc:23:b3:33:de:6d:d0:91:c0:fa:
85:94:ce:94:90:a6:05:65:fc:0c:33:0a:a5:28:1b:
c7:24:a1:32:4b:27:ba:a9:9d:aa:c4:9e:66:40:1d:
bc:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:2F:36:E3:86:DD:75:5A:B9:D9:09:16:D2:69:8F:95:88:E1:2C:6F
X509v3 Authority Key Identifier:
keyid:21:CB:2A:C3:77:FC:60:3F:95:FA:EC:C5:4A:C7:D5:90:F2:CC:31:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Icsqw3f8YD-V-uzFSsfVkPLMMZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/67c21d-0e92-4242-994e-fb40d6da2468/1/iC8244bddVq52QkW0mmPlYjhLG8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/67c21d-0e92-4242-994e-fb40d6da2468/1/Icsqw3f8YD-V-uzFSsfVkPLMMZ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.177.45.0-185.177.47.255
IPv6:
2a0a:2f82::/32
Signature Algorithm: sha256WithRSAEncryption
7a:c3:e5:88:2a:c3:c2:b3:64:26:a2:10:ec:98:d4:24:5b:c4:
c9:4f:18:c9:b0:27:38:58:41:4c:06:e0:a2:19:a2:c0:96:21:
43:9f:a9:a4:69:31:7c:dd:77:be:b5:7e:82:c8:b6:2d:ad:34:
ce:d1:fa:bd:c7:10:a9:6f:ba:9a:dd:14:a5:cf:6d:1a:16:41:
64:6d:df:a9:4b:31:0f:b0:e2:f4:c4:73:af:e8:c6:c1:cc:fe:
0c:55:9b:21:5f:32:7f:88:29:33:a0:84:7f:fa:ba:93:7d:f0:
15:ea:3d:3d:fc:5a:12:6f:eb:a8:27:70:78:e9:95:a2:10:53:
d0:10:18:ae:a7:9b:73:a7:a3:13:be:d9:c5:b9:25:79:ee:8b:
bc:8a:38:0b:00:3f:de:c2:6f:7b:1b:45:12:89:19:93:88:2e:
dd:a8:24:da:89:86:51:a2:6c:65:6c:f7:20:9e:1c:aa:07:6e:
74:27:5a:62:df:88:0d:e5:3c:a1:5c:9a:57:ae:21:09:f9:16:
5a:c4:6b:49:af:86:50:3c:5d:3d:1d:c3:f3:94:b7:df:94:56:
06:e8:8d:4d:40:14:c2:f3:ca:17:ea:0f:2d:35:8f:09:77:44:
0f:ba:12:14:66:b1:06:85:94:7d:66:aa:f3:da:00:5d:ac:9a:
d6:b9:e0:9c
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYuzT0BrWd2pqFWcRRZgG1agMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxY2IyYWMzNzdmYzYwM2Y5NWZhZWNjNTRhYzdkNTkwZjJj
YzMxOWQwHhcNMjMxMTA5MDg1OTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODJmMzZlMzg2ZGQ3NTVhYjlkOTA5MTZkMjY5OGY5NTg4ZTEyYzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApDJCEl62oXEZOrv/4vOVMSk/4dRY
ev9TC2JbzdeZ04TW17xKNoSZMKhwNBV4LfK8s+UNe+Ej37SqI76x9NcGfpEiQwQe
inZX+rqXXopZejUi1YvWNVD6HmuXLMHNY9Uf+vgObkgPedxo2kb6FzLrjNF+mMe7
1llDtDhdu1zfCn6FGGftAOIwNHHVmxCSbsYo+wnzmWbgZCFwKQrcXrYRKt8kMgvh
flqCUciuOtkNek110beSYlH/2QvB9ZY28a4L5PkR7AflwB0A6/MTOMAuoHjCiHTk
lcwjszPebdCRwPqFlM6UkKYFZfwMMwqlKBvHJKEySye6qZ2qxJ5mQB28aQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFIgvNuOG3XVaudkJFtJpj5WI4SxvMB8GA1UdIwQY
MBaAFCHLKsN3/GA/lfrsxUrH1ZDyzDGdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWNzcXczZjhZRC1WLXV6RlNzZlZrUExNTVowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy82N2MyMWQtMGU5Mi00MjQyLTk5NGUt
ZmI0MGQ2ZGEyNDY4LzEvaUM4MjQ0YmRkVnE1MlFrVzBtbVBsWWpoTEc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy82N2MyMWQtMGU5Mi00MjQyLTk5NGUtZmI0MGQ2ZGEyNDY4
LzEvSWNzcXczZjhZRC1WLXV6RlNzZlZrUExNTVowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAC5sS0D
BAS5sSAwDQQCAAIwBwMFACoKL4IwDQYJKoZIhvcNAQELBQADggEBAHrD5Ygqw8Kz
ZCaiEOyY1CRbxMlPGMmwJzhYQUwG4KIZosCWIUOfqaRpMXzdd761foLIti2tNM7R
+r3HEKlvuprdFKXPbRoWQWRt36lLMQ+w4vTEc6/oxsHM/gxVmyFfMn+IKTOghH/6
upN98BXqPT38WhJv66gncHjplaIQU9AQGK6nm3OnoxO+2cW5JXnui7yKOAsAP97C
b3sbRRKJGZOILt2oJNqJhlGibGVs9yCeHKoHbnQnWmLfiA3lPKFcmleuIQn5FlrE
a0mvhlA8XT0dw/OUt9+UVgbojU1AFMLzyhfqDy01jwl3RA+6EhRmsQaFlH1mqvPa
AF2smta54Jw=
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:10:45 2024 by rpki-client on console-ams.rpki-client.org