Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/188d75-2bf2-48f1-91f7-c48ca27a9c01/1/iPE6VtJvqWKgeZtYTIQncItpG8c.roa
File: iPE6VtJvqWKgeZtYTIQncItpG8c.roa (raw, json)
Hash identifier: 3rpJ1c1WPXYa/I2j+9H9nnX4eKDP28Nak5y9+xZTbeU=
Subject key identifier: 88:F1:3A:56:D2:6F:A9:62:A0:79:9B:58:4C:84:27:70:8B:69:1B:C7
Certificate issuer: /CN=98f9e0c20acdc8faa7441a0843ff8a01f3d9dbc5
Certificate serial: 01856FB119357371991546D1768E822483B6
Authority key identifier: 98:F9:E0:C2:0A:CD:C8:FA:A7:44:1A:08:43:FF:8A:01:F3:D9:DB:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mPngwgrNyPqnRBoIQ_-KAfPZ28U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/188d75-2bf2-48f1-91f7-c48ca27a9c01/1/iPE6VtJvqWKgeZtYTIQncItpG8c.roa
Signing time: Sun 01 Jan 2023 23:35:55 +0000
ROA not before: Sun 01 Jan 2023 23:35:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43037
IP address blocks: 185.66.188.0/22 maxlen: 22
77.75.72.0/21 maxlen: 21
77.75.72.0/23 maxlen: 23
77.75.78.0/23 maxlen: 23
77.75.75.0/24 maxlen: 24
77.75.76.0/23 maxlen: 23
77.75.74.0/24 maxlen: 24
2a02:598:a::/48 maxlen: 48
2a02:598::/32 maxlen: 32
2a02:598:b::/48 maxlen: 48
2a02:598:4444::/48 maxlen: 48
2a02:598:2::/48 maxlen: 48
2a02:598:3333::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:b1:19:35:73:71:99:15:46:d1:76:8e:82:24:83:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98f9e0c20acdc8faa7441a0843ff8a01f3d9dbc5
Validity
Not Before: Jan 1 23:35:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=88f13a56d26fa962a0799b584c8427708b691bc7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:5a:d6:8d:3a:40:cb:40:cb:f8:02:bf:de:84:
98:ab:f0:1e:e6:70:d6:3a:6c:ac:64:52:80:34:7d:
d0:d6:35:5a:04:a0:33:cb:94:f6:94:8b:4f:a9:4c:
3e:1e:5a:91:44:9b:2d:fc:75:5c:65:79:22:4a:3c:
83:5a:8e:8c:8d:09:29:b0:ef:99:9f:02:f6:25:de:
0a:62:b1:e2:9f:1c:b4:80:c9:18:15:e7:9e:f8:c1:
00:99:f1:11:b2:0a:a3:68:9c:6a:9a:a4:de:30:5c:
e4:91:19:74:13:b8:b4:6a:c5:bd:a8:28:97:36:f1:
d2:95:e6:bb:fc:16:f5:52:3d:34:15:54:ca:85:a7:
55:c2:3a:77:be:71:52:78:fc:8a:84:21:be:07:a9:
cb:2f:99:85:a3:f5:76:c3:cc:bd:36:cc:f1:81:4c:
fc:0f:88:cf:3d:d4:8c:a5:02:47:f9:44:a6:1f:d9:
8c:23:ec:91:f0:a4:e2:59:a0:19:84:90:06:d5:b2:
52:8e:b8:04:c8:22:31:e7:a9:16:e6:13:f8:f0:91:
a5:63:f1:d2:17:db:70:29:ca:6d:3f:e8:1b:6f:7d:
47:da:97:8a:d3:d5:09:d3:e4:cd:42:78:c7:a0:93:
93:aa:e8:f9:27:78:d8:15:95:a6:e2:65:1e:63:de:
f4:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:F1:3A:56:D2:6F:A9:62:A0:79:9B:58:4C:84:27:70:8B:69:1B:C7
X509v3 Authority Key Identifier:
keyid:98:F9:E0:C2:0A:CD:C8:FA:A7:44:1A:08:43:FF:8A:01:F3:D9:DB:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mPngwgrNyPqnRBoIQ_-KAfPZ28U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/188d75-2bf2-48f1-91f7-c48ca27a9c01/1/iPE6VtJvqWKgeZtYTIQncItpG8c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/188d75-2bf2-48f1-91f7-c48ca27a9c01/1/mPngwgrNyPqnRBoIQ_-KAfPZ28U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.75.72.0/21
185.66.188.0/22
IPv6:
2a02:598::/32
Signature Algorithm: sha256WithRSAEncryption
0d:9b:82:f9:1d:ca:eb:ba:1b:2b:0f:cf:24:80:d0:a7:8a:d8:
f6:8d:37:2c:ae:c3:f9:ff:9c:5b:d3:f0:06:f4:f8:5b:8b:3f:
da:8b:4a:b6:0c:64:84:a2:76:96:38:38:45:d7:07:21:88:a8:
ac:0d:73:17:70:a7:8c:94:b4:4e:04:fe:cb:69:5f:c3:6c:1d:
c9:1f:05:7b:ae:29:0b:2b:39:ce:29:0f:4b:92:49:f8:31:8b:
1f:e6:78:ef:2d:52:85:38:c4:32:78:66:5c:2f:cf:8c:c7:e0:
5e:13:f9:26:c1:db:c8:e6:bb:08:cf:9f:ea:7a:75:a3:19:3a:
7c:c0:3e:d6:a1:b6:5f:c1:52:ae:6b:7a:d5:78:ee:b2:dd:5f:
c3:4a:86:5a:22:f6:40:79:60:79:f0:b8:cb:97:18:e9:5a:86:
6b:17:dd:0e:1a:3b:a3:87:57:1d:5e:96:b5:02:d0:d5:b4:aa:
c4:dd:20:bf:e2:2b:ea:4b:d1:f0:e7:8b:d1:5c:70:9a:53:e3:
6a:22:a0:e0:3b:0e:63:d5:b7:a5:0a:c2:67:b7:da:81:a0:02:
b3:58:05:81:fb:cf:dd:99:0b:01:e3:fc:e8:ab:88:b5:20:0e:
37:56:c7:f0:13:03:48:99:24:cb:de:3a:56:9c:3c:e1:71:c0:
a0:a0:ae:e2
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVvsRk1c3GZFUbRdo6CJIO2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4ZjllMGMyMGFjZGM4ZmFhNzQ0MWEwODQzZmY4YTAxZjNk
OWRiYzUwHhcNMjMwMTAxMjMzNTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGYxM2E1NmQyNmZhOTYyYTA3OTliNTg0Yzg0Mjc3MDhiNjkxYmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqVrWjTpAy0DL+AK/3oSYq/Ae5nDW
OmysZFKANH3Q1jVaBKAzy5T2lItPqUw+HlqRRJst/HVcZXkiSjyDWo6MjQkpsO+Z
nwL2Jd4KYrHinxy0gMkYFeee+MEAmfERsgqjaJxqmqTeMFzkkRl0E7i0asW9qCiX
NvHSlea7/Bb1Uj00FVTKhadVwjp3vnFSePyKhCG+B6nLL5mFo/V2w8y9NszxgUz8
D4jPPdSMpQJH+USmH9mMI+yR8KTiWaAZhJAG1bJSjrgEyCIx56kW5hP48JGlY/HS
F9twKcptP+gbb31H2peK09UJ0+TNQnjHoJOTquj5J3jYFZWm4mUeY970GwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIjxOlbSb6lioHmbWEyEJ3CLaRvHMB8GA1UdIwQY
MBaAFJj54MIKzcj6p0QaCEP/igHz2dvFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVBuZ3dnck55UHFuUkJvSVFfLUtBZlBaMjhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8xODhkNzUtMmJmMi00OGYxLTkxZjct
YzQ4Y2EyN2E5YzAxLzEvaVBFNlZ0SnZxV0tnZVp0WVRJUW5jSXRwRzhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8xODhkNzUtMmJmMi00OGYxLTkxZjctYzQ4Y2EyN2E5YzAx
LzEvbVBuZ3dnck55UHFuUkJvSVFfLUtBZlBaMjhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDTUtIAwQC
uUK8MA0EAgACMAcDBQAqAgWYMA0GCSqGSIb3DQEBCwUAA4IBAQANm4L5Hcrruhsr
D88kgNCnitj2jTcsrsP5/5xb0/AG9Phbiz/ai0q2DGSEonaWODhF1wchiKisDXMX
cKeMlLROBP7LaV/DbB3JHwV7rikLKznOKQ9Lkkn4MYsf5njvLVKFOMQyeGZcL8+M
x+BeE/kmwdvI5rsIz5/qenWjGTp8wD7WobZfwVKua3rVeO6y3V/DSoZaIvZAeWB5
8LjLlxjpWoZrF90OGjujh1cdXpa1AtDVtKrE3SC/4ivqS9Hw54vRXHCaU+NqIqDg
Ow5j1belCsJnt9qBoAKzWAWB+8/dmQsB4/zoq4i1IA43VsfwEwNImSTL3jpWnDzh
ccCgoK7i
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:31 2024 by rpki-client on console-fra.rpki-client.org