Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/88175a-12c8-4590-82e0-3c6f88c914b1/1/Q442kCVVYLy_zMThRxv6m4sTbYU.roa
File: Q442kCVVYLy_zMThRxv6m4sTbYU.roa (raw, json)
Hash identifier: fv/w+XDCjhLmvV/16BQd0gk7PDnQkWWxLrsRuZ9YIKI=
Subject key identifier: 43:8E:36:90:25:55:60:BC:BF:CC:C4:E1:47:1B:FA:9B:8B:13:6D:85
Certificate issuer: /CN=27d8640c305107766a646fbf8ec81db45ce1f249
Certificate serial: 018C633FAC667F45F7CE9853501975874336
Authority key identifier: 27:D8:64:0C:30:51:07:76:6A:64:6F:BF:8E:C8:1D:B4:5C:E1:F2:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J9hkDDBRB3ZqZG-_jsgdtFzh8kk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/88175a-12c8-4590-82e0-3c6f88c914b1/1/Q442kCVVYLy_zMThRxv6m4sTbYU.roa
Signing time: Wed 13 Dec 2023 12:56:06 +0000
ROA not before: Wed 13 Dec 2023 12:56:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 196755
IP address blocks: 188.66.8.0/21 maxlen: 21
185.164.156.0/22 maxlen: 22
85.119.188.0/22 maxlen: 22
2a0c:10c0::/29 maxlen: 40
2a0c:10c0::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:63:3f:ac:66:7f:45:f7:ce:98:53:50:19:75:87:43:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27d8640c305107766a646fbf8ec81db45ce1f249
Validity
Not Before: Dec 13 12:56:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=438e3690255560bcbfccc4e1471bfa9b8b136d85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:87:b3:4e:7c:d7:29:cc:7e:93:87:d4:75:eb:
5b:34:6f:44:01:22:89:14:bf:16:50:7d:3a:85:f0:
4c:c5:84:27:bf:c1:9b:4d:8d:6e:35:71:38:a6:cd:
02:d1:73:06:9f:85:17:ca:71:07:fe:f6:06:de:37:
d0:93:a4:f6:05:49:ae:eb:c4:c3:e6:b9:1e:0c:70:
49:0c:22:94:a1:0a:5b:5e:17:9c:6d:75:20:3f:34:
f5:ae:d6:90:ce:f3:aa:53:24:e3:98:57:21:2e:88:
78:d5:99:9b:d5:6e:28:6e:64:70:15:ec:99:e3:23:
60:ae:8d:1d:a8:d3:af:32:a3:0f:a7:cf:30:7a:43:
9e:bc:5e:cb:fa:bc:14:e6:87:76:fd:ad:fd:81:b3:
aa:0c:fe:11:f6:d6:09:05:2b:4f:46:69:5f:f3:07:
7e:68:cb:11:ed:cc:8d:1b:07:51:53:b6:1c:35:cb:
9e:20:3c:41:93:55:03:10:ae:4f:58:9e:d4:e0:b2:
8d:32:cc:75:96:48:c2:d4:98:eb:cd:14:7c:5f:03:
b2:5d:6d:1d:b5:a9:06:43:be:08:f8:1a:a0:57:97:
62:13:62:8e:c5:cf:7e:cf:a0:61:05:fc:85:54:3e:
b6:5b:8f:c0:57:d9:99:d6:f2:24:01:d5:6b:1b:8a:
ba:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:8E:36:90:25:55:60:BC:BF:CC:C4:E1:47:1B:FA:9B:8B:13:6D:85
X509v3 Authority Key Identifier:
keyid:27:D8:64:0C:30:51:07:76:6A:64:6F:BF:8E:C8:1D:B4:5C:E1:F2:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J9hkDDBRB3ZqZG-_jsgdtFzh8kk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/88175a-12c8-4590-82e0-3c6f88c914b1/1/Q442kCVVYLy_zMThRxv6m4sTbYU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/88175a-12c8-4590-82e0-3c6f88c914b1/1/J9hkDDBRB3ZqZG-_jsgdtFzh8kk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.119.188.0/22
185.164.156.0/22
188.66.8.0/21
IPv6:
2a0c:10c0::/29
Signature Algorithm: sha256WithRSAEncryption
b0:8b:2b:20:4e:3f:44:ee:a7:d4:ad:4d:01:1c:95:80:b1:00:
b3:00:3c:db:a7:13:84:6a:68:86:17:93:74:8f:33:49:d6:96:
15:25:ac:94:1b:85:1d:87:78:66:91:bb:6c:29:dd:21:98:83:
7e:c7:ed:98:36:e0:ec:ea:9c:06:34:ca:27:14:cd:cc:2f:1c:
0e:28:41:3e:ef:50:09:27:71:33:88:fb:ab:c9:c4:87:10:c3:
40:95:72:7f:d0:f2:87:b5:2a:70:19:af:02:28:aa:85:5c:5a:
06:5c:0f:31:c1:f9:be:de:e0:2d:da:0c:30:b7:67:51:32:df:
03:64:04:35:b7:aa:e7:fc:a7:13:fd:f3:b2:84:d9:3f:cb:9a:
00:18:c5:a5:7e:06:50:3b:41:6a:b0:b3:6a:98:5c:41:80:fe:
c4:e4:06:15:f5:a0:d4:15:55:49:5f:1f:31:11:7b:50:98:86:
be:39:35:97:a0:b8:60:48:24:44:c7:41:c4:d3:55:93:7b:54:
a2:56:9d:fd:83:db:2a:d9:7a:25:b9:d6:d8:33:9f:f1:f6:93:
21:d5:42:87:65:d8:3a:2f:d6:64:5e:d1:b5:15:c5:bf:1b:cf:
97:ea:c7:be:bf:44:92:dd:33:68:5a:2d:9e:4b:f6:c8:e0:ee:
c6:cc:4e:59
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYxjP6xmf0X3zphTUBl1h0M2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3ZDg2NDBjMzA1MTA3NzY2YTY0NmZiZjhlYzgxZGI0NWNl
MWYyNDkwHhcNMjMxMjEzMTI1NjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzhlMzY5MDI1NTU2MGJjYmZjY2M0ZTE0NzFiZmE5YjhiMTM2ZDg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy4ezTnzXKcx+k4fUdetbNG9EASKJ
FL8WUH06hfBMxYQnv8GbTY1uNXE4ps0C0XMGn4UXynEH/vYG3jfQk6T2BUmu68TD
5rkeDHBJDCKUoQpbXhecbXUgPzT1rtaQzvOqUyTjmFchLoh41Zmb1W4obmRwFeyZ
4yNgro0dqNOvMqMPp88wekOevF7L+rwU5od2/a39gbOqDP4R9tYJBStPRmlf8wd+
aMsR7cyNGwdRU7YcNcueIDxBk1UDEK5PWJ7U4LKNMsx1lkjC1JjrzRR8XwOyXW0d
takGQ74I+BqgV5diE2KOxc9+z6BhBfyFVD62W4/AV9mZ1vIkAdVrG4q6bwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFEOONpAlVWC8v8zE4Ucb+puLE22FMB8GA1UdIwQY
MBaAFCfYZAwwUQd2amRvv47IHbRc4fJJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjloa0REQlJCM1pxWkctX2pzZ2R0RnpoOGtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi84ODE3NWEtMTJjOC00NTkwLTgyZTAt
M2M2Zjg4YzkxNGIxLzEvUTQ0MmtDVlZZTHlfek1UaFJ4djZtNHNUYllVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi84ODE3NWEtMTJjOC00NTkwLTgyZTAtM2M2Zjg4YzkxNGIx
LzEvSjloa0REQlJCM1pxWkctX2pzZ2R0RnpoOGtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCVXe8AwQC
uaScAwQDvEIIMA0EAgACMAcDBQMqDBDAMA0GCSqGSIb3DQEBCwUAA4IBAQCwiysg
Tj9E7qfUrU0BHJWAsQCzADzbpxOEamiGF5N0jzNJ1pYVJayUG4Udh3hmkbtsKd0h
mIN+x+2YNuDs6pwGNMonFM3MLxwOKEE+71AJJ3EziPurycSHEMNAlXJ/0PKHtSpw
Ga8CKKqFXFoGXA8xwfm+3uAt2gwwt2dRMt8DZAQ1t6rn/KcT/fOyhNk/y5oAGMWl
fgZQO0FqsLNqmFxBgP7E5AYV9aDUFVVJXx8xEXtQmIa+OTWXoLhgSCREx0HE01WT
e1SiVp39g9sq2XoludbYM5/x9pMh1UKHZdg6L9ZkXtG1FcW/G8+X6se+v0SS3TNo
Wi2eS/bI4O7GzE5Z
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:24 2024 by rpki-client on console-fra.rpki-client.org