Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/jQC0ED-1qv0salOEOyLJTU6PyXI.roa
File: jQC0ED-1qv0salOEOyLJTU6PyXI.roa (raw, json)
Hash identifier: sIqvLXNJAN1EXLyAYD0ux2UtSM1hpF6rV2aR9ihKLiI=
Subject key identifier: 8D:00:B4:10:3F:B5:AA:FD:2C:6A:53:84:3B:22:C9:4D:4E:8F:C9:72
Certificate issuer: /CN=fb987244611b5230536744b6a89f044f32f462ea
Certificate serial: 0188E1AE4F14B9244174E2C9EA8E9CA63DC8
Authority key identifier: FB:98:72:44:61:1B:52:30:53:67:44:B6:A8:9F:04:4F:32:F4:62:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/jQC0ED-1qv0salOEOyLJTU6PyXI.roa
Signing time: Thu 22 Jun 2023 05:57:57 +0000
ROA not before: Thu 22 Jun 2023 05:57:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198651
IP address blocks: 195.12.189.0/24 maxlen: 24
195.12.190.0/24 maxlen: 24
195.12.188.0/24 maxlen: 24
195.12.191.0/24 maxlen: 24
88.119.176.0/22 maxlen: 22
88.119.176.0/24 maxlen: 24
88.119.179.0/24 maxlen: 24
88.119.177.0/24 maxlen: 24
88.119.178.0/24 maxlen: 24
2a00:1eb8:c000::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:e1:ae:4f:14:b9:24:41:74:e2:c9:ea:8e:9c:a6:3d:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb987244611b5230536744b6a89f044f32f462ea
Validity
Not Before: Jun 22 05:57:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8d00b4103fb5aafd2c6a53843b22c94d4e8fc972
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:46:d0:0d:b5:68:8a:09:96:56:ef:19:32:ee:
6f:b0:ba:77:1c:96:23:73:70:d8:5f:44:b0:76:b5:
d8:9a:9b:3d:30:28:48:fd:e7:e3:b9:f3:b9:fd:fe:
6c:f9:e8:0f:5b:9d:bb:26:5b:dd:92:10:b5:2f:8e:
0a:4a:12:bc:ec:5d:3b:8a:c8:c3:e9:be:90:3d:1d:
54:7f:b2:6e:83:80:3d:5d:27:2d:85:94:6d:e7:ab:
c7:5f:59:71:97:2d:ae:fd:68:fa:20:2e:3b:d3:6a:
67:89:13:01:fd:d6:3f:40:b9:01:53:68:55:9d:ec:
50:da:ef:e7:10:27:95:a8:f8:dc:65:c3:2d:71:ca:
cf:7f:ce:91:90:e1:d4:a9:16:35:3b:cd:05:50:75:
dc:f6:02:fc:03:56:76:8f:fa:c7:eb:e8:37:ed:26:
4e:4a:69:25:f4:60:f2:e9:a7:1d:db:4f:fd:f1:d9:
73:2b:2c:ac:b8:22:06:a3:26:ca:84:fd:fd:0e:62:
9d:92:c7:4b:e4:9c:f9:f5:71:39:4d:c6:07:3a:9e:
71:c7:29:71:47:7a:02:71:fb:c4:75:2d:57:40:64:
e4:90:9e:08:72:de:19:f8:e1:04:b8:eb:15:d7:59:
93:3c:b5:b7:7e:b3:3d:d5:26:1e:62:dc:14:2d:d2:
fc:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:00:B4:10:3F:B5:AA:FD:2C:6A:53:84:3B:22:C9:4D:4E:8F:C9:72
X509v3 Authority Key Identifier:
keyid:FB:98:72:44:61:1B:52:30:53:67:44:B6:A8:9F:04:4F:32:F4:62:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/jQC0ED-1qv0salOEOyLJTU6PyXI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.119.176.0/22
195.12.188.0/22
IPv6:
2a00:1eb8:c000::/48
Signature Algorithm: sha256WithRSAEncryption
4a:fd:2b:ca:26:f4:7d:03:03:3a:be:f0:cc:b3:45:c1:46:f7:
91:04:0a:2d:58:38:fd:16:68:9e:54:63:43:fc:ef:1f:48:db:
c9:b1:94:13:12:87:b2:87:63:4e:52:5b:8e:a4:b1:00:70:60:
7b:6c:72:7f:7a:8f:25:d9:9d:6a:cb:00:0d:df:4f:84:0b:5b:
be:7d:9a:c0:99:54:f4:8a:c5:8d:bd:44:64:31:14:e7:36:77:
b4:16:6f:ff:f5:30:b9:b9:6c:59:60:16:7b:64:ca:b8:39:a4:
a4:54:e8:57:ba:f2:f4:35:9c:de:f9:0a:a3:e4:63:75:1f:af:
5a:c0:b1:6d:da:85:d5:69:77:d4:71:f7:de:ca:64:56:cc:8a:
b9:28:29:a3:60:a6:16:f7:f8:30:ef:d5:7b:2e:c8:e5:62:65:
93:02:d7:66:34:60:85:31:7c:75:c8:45:e9:d0:9b:c4:d0:45:
bc:5d:f7:c2:fe:09:db:d4:17:83:4a:b2:cb:fd:87:f7:71:be:
9e:b1:1a:14:a9:99:46:22:e8:a4:c3:7a:25:1d:e4:8a:d5:ff:
50:37:f0:a0:ce:2b:ba:ad:82:e8:90:bc:fe:f9:d5:62:a8:4c:
dd:01:af:ba:c8:48:4a:50:b5:e7:23:57:d5:0b:d0:46:7c:13:
d7:5f:6f:ac
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYjhrk8UuSRBdOLJ6o6cpj3IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiOTg3MjQ0NjExYjUyMzA1MzY3NDRiNmE4OWYwNDRmMzJm
NDYyZWEwHhcNMjMwNjIyMDU1NzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDAwYjQxMDNmYjVhYWZkMmM2YTUzODQzYjIyYzk0ZDRlOGZjOTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3UbQDbVoigmWVu8ZMu5vsLp3HJYj
c3DYX0SwdrXYmps9MChI/efjufO5/f5s+egPW527JlvdkhC1L44KShK87F07isjD
6b6QPR1Uf7Jug4A9XScthZRt56vHX1lxly2u/Wj6IC4702pniRMB/dY/QLkBU2hV
nexQ2u/nECeVqPjcZcMtccrPf86RkOHUqRY1O80FUHXc9gL8A1Z2j/rH6+g37SZO
Smkl9GDy6acd20/98dlzKyysuCIGoybKhP39DmKdksdL5Jz59XE5TcYHOp5xxylx
R3oCcfvEdS1XQGTkkJ4Ict4Z+OEEuOsV11mTPLW3frM91SYeYtwULdL8kwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI0AtBA/tar9LGpThDsiyU1Oj8lyMB8GA1UdIwQY
MBaAFPuYckRhG1IwU2dEtqifBE8y9GLqMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS01aHlSR0ViVWpCVFowUzJxSjhFVHpMMFl1by5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDQvMzE5ZDdjLTdlNzYtNDMwOC1iYzAw
LWJlNTgzMmQ1ZjdhYS8xL2pRQzBFRC0xcXYwc2FsT0VPeUxKVFU2UHlYSS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNDQvMzE5ZDdjLTdlNzYtNDMwOC1iYzAwLWJlNTgzMmQ1Zjdh
YS8xLzEtNWh5UkdFYlVqQlRaMFMycUo4RVR6TDBZdW8uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNgYIKwYBBQUHAQcBAf8EJzAlMBIEAgABMAwDBAJYd7AD
BALDDLwwDwQCAAIwCQMHACoAHrjAADANBgkqhkiG9w0BAQsFAAOCAQEASv0ryib0
fQMDOr7wzLNFwUb3kQQKLVg4/RZonlRjQ/zvH0jbybGUExKHsodjTlJbjqSxAHBg
e2xyf3qPJdmdassADd9PhAtbvn2awJlU9IrFjb1EZDEU5zZ3tBZv//UwublsWWAW
e2TKuDmkpFToV7ry9DWc3vkKo+RjdR+vWsCxbdqF1Wl31HH33spkVsyKuSgpo2Cm
Fvf4MO/Vey7I5WJlkwLXZjRghTF8dchF6dCbxNBFvF33wv4J29QXg0qyy/2H93G+
nrEaFKmZRiLopMN6JR3kitX/UDfwoM4ruq2C6JC8/vnVYqhM3QGvushISlC15yNX
1QvQRnwT119vrA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:18 2024 by rpki-client on console-fra.rpki-client.org