Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/EhgLyU8HvtDYz7dSasUYheXrZLM.roa
File: EhgLyU8HvtDYz7dSasUYheXrZLM.roa (raw, json)
Hash identifier: M1xbdPb+iwx/tX5zOJU79vyx7DCdsgOEGBkZvr6JmwQ=
Subject key identifier: 12:18:0B:C9:4F:07:BE:D0:D8:CF:B7:52:6A:C5:18:85:E5:EB:64:B3
Certificate issuer: /CN=088465b37b2d4e9f413a31dc7b7e6cba2a33db96
Certificate serial: 018D0971AABEFE6CB974B8F91EAD988B700A
Authority key identifier: 08:84:65:B3:7B:2D:4E:9F:41:3A:31:DC:7B:7E:6C:BA:2A:33:DB:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRls3stTp9BOjHce35suioz25Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/EhgLyU8HvtDYz7dSasUYheXrZLM.roa
Signing time: Sun 14 Jan 2024 19:27:40 +0000
ROA not before: Sun 14 Jan 2024 19:27:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215727
IP address blocks: 188.66.27.0/24 maxlen: 24
188.66.25.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 08 Oct 2024 09:47:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:09:71:aa:be:fe:6c:b9:74:b8:f9:1e:ad:98:8b:70:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088465b37b2d4e9f413a31dc7b7e6cba2a33db96
Validity
Not Before: Jan 14 19:27:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=12180bc94f07bed0d8cfb7526ac51885e5eb64b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:24:9c:b9:13:17:6c:71:91:50:cd:83:dc:9c:
aa:fd:1d:f2:1d:46:74:c4:1e:3d:97:f2:ff:46:dc:
6e:b8:63:86:fa:94:a4:81:74:a7:3f:0b:3a:86:96:
c2:20:0d:82:c6:40:df:ba:5e:a7:14:24:4d:31:ef:
02:55:97:ea:17:f9:e3:54:b1:be:11:54:d5:b3:11:
da:9b:f7:f3:03:19:12:d6:f9:23:42:a2:1b:ec:3c:
e9:37:d6:bd:57:86:3b:7c:b0:18:27:23:2e:a3:07:
bf:7f:f4:c6:b8:e1:1e:b4:af:67:09:02:53:f5:33:
eb:91:8a:4f:96:cf:0b:91:db:29:37:13:ff:b4:45:
e0:dc:0f:44:48:a8:16:25:a1:b2:4d:e0:c5:94:06:
34:96:a4:ce:24:ea:cd:d5:41:9b:92:09:55:19:60:
19:54:71:0c:2d:f0:0c:b7:97:0f:79:b0:f2:38:0d:
1e:38:86:d0:a0:89:1b:38:dd:92:b5:53:b4:35:07:
a4:87:e6:4d:fe:ca:3d:25:06:1d:5d:78:cf:ad:96:
6b:f4:33:ba:2b:0c:bc:65:48:d4:89:ad:dd:b0:bc:
b9:e2:08:34:1b:96:c5:16:c9:dc:89:a2:b2:47:31:
a7:a3:1c:fa:ee:13:37:17:2a:0f:b2:bd:44:91:b4:
61:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:18:0B:C9:4F:07:BE:D0:D8:CF:B7:52:6A:C5:18:85:E5:EB:64:B3
X509v3 Authority Key Identifier:
keyid:08:84:65:B3:7B:2D:4E:9F:41:3A:31:DC:7B:7E:6C:BA:2A:33:DB:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRls3stTp9BOjHce35suioz25Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/EhgLyU8HvtDYz7dSasUYheXrZLM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/CIRls3stTp9BOjHce35suioz25Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.66.25.0/24
188.66.27.0/24
Signature Algorithm: sha256WithRSAEncryption
73:06:06:b2:9d:9d:bb:56:c1:da:d8:4f:35:1a:e7:ae:36:d2:
b2:05:7c:a8:ca:ed:2d:d3:5d:44:cc:23:7a:cf:2c:2e:be:94:
39:ae:db:55:d5:67:14:d8:7c:7a:8f:c3:7f:48:4e:95:f7:d8:
97:a6:54:fc:99:72:f4:e4:9d:d1:fb:2a:2b:c0:19:ad:b9:ba:
e8:b4:b8:f6:0c:2e:30:d4:dd:af:b2:66:90:8c:89:2c:46:13:
e7:47:43:1f:42:45:95:10:fe:07:f0:35:a9:84:c1:04:1e:dd:
9e:32:52:27:81:97:2a:b5:be:7c:59:e2:46:e1:d8:43:d8:c0:
bb:28:04:90:38:70:f1:1f:ad:f6:60:e6:0b:91:4a:d8:96:59:
41:24:0e:49:4d:12:18:e1:ac:57:c9:02:9d:f8:89:6d:c5:c0:
15:80:26:5b:fc:27:4f:1e:dc:cd:bc:4d:59:f8:12:4c:d6:0b:
91:65:98:9f:c3:4c:75:8e:d1:43:15:7f:99:43:83:6f:43:c5:
8e:69:e2:b7:27:d5:1d:53:ed:78:b3:9f:4f:77:1b:42:13:6c:
e6:38:45:22:52:89:7a:42:f9:72:04:eb:24:df:b2:df:da:4c:
88:9d:ea:d3:cc:2d:1a:a7:63:a0:40:13:1a:09:e4:9e:c8:f6:
30:df:fc:35
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY0Jcaq+/my5dLj5Hq2Yi3AKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ODQ2NWIzN2IyZDRlOWY0MTNhMzFkYzdiN2U2Y2JhMmEz
M2RiOTYwHhcNMjQwMTE0MTkyNzQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjE4MGJjOTRmMDdiZWQwZDhjZmI3NTI2YWM1MTg4NWU1ZWI2NGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmiScuRMXbHGRUM2D3Jyq/R3yHUZ0
xB49l/L/RtxuuGOG+pSkgXSnPws6hpbCIA2CxkDful6nFCRNMe8CVZfqF/njVLG+
EVTVsxHam/fzAxkS1vkjQqIb7DzpN9a9V4Y7fLAYJyMuowe/f/TGuOEetK9nCQJT
9TPrkYpPls8LkdspNxP/tEXg3A9ESKgWJaGyTeDFlAY0lqTOJOrN1UGbkglVGWAZ
VHEMLfAMt5cPebDyOA0eOIbQoIkbON2StVO0NQekh+ZN/so9JQYdXXjPrZZr9DO6
Kwy8ZUjUia3dsLy54gg0G5bFFsnciaKyRzGnoxz67hM3FyoPsr1EkbRh3wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBIYC8lPB77Q2M+3UmrFGIXl62SzMB8GA1UdIwQY
MBaAFAiEZbN7LU6fQTox3Ht+bLoqM9uWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0lSbHMzc3RUcDlCT2pIY2UzNXN1aW96MjVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8zZTJiMTgtNTVjOS00MTgwLThjNmUt
MmM3MDg2ZmRlZDkzLzEvRWhnTHlVOEh2dERZejdkU2FzVVloZVhyWkxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8zZTJiMTgtNTVjOS00MTgwLThjNmUtMmM3MDg2ZmRlZDkz
LzEvQ0lSbHMzc3RUcDlCT2pIY2UzNXN1aW96MjVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAvEIZAwQA
vEIbMA0GCSqGSIb3DQEBCwUAA4IBAQBzBgaynZ27VsHa2E81GueuNtKyBXyoyu0t
011EzCN6zywuvpQ5rttV1WcU2Hx6j8N/SE6V99iXplT8mXL05J3R+yorwBmtubro
tLj2DC4w1N2vsmaQjIksRhPnR0MfQkWVEP4H8DWphMEEHt2eMlIngZcqtb58WeJG
4dhD2MC7KASQOHDxH632YOYLkUrYlllBJA5JTRIY4axXyQKd+IltxcAVgCZb/CdP
HtzNvE1Z+BJM1guRZZifw0x1jtFDFX+ZQ4NvQ8WOaeK3J9UdU+14s59PdxtCE2zm
OEUiUol6QvlyBOsk37Lf2kyInerTzC0ap2OgQBMaCeSeyPYw3/w1
-----END CERTIFICATE-----
Generated at Tue Oct 8 13:43:46 2024 by rpki-client on console-ams.rpki-client.org