Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/q2q3tUasHWYJ3GFuJo6Hw7St_rY.roa
File: q2q3tUasHWYJ3GFuJo6Hw7St_rY.roa (raw, json)
Hash identifier: RW9961Ng4v5Dw+14NVGWF/m6S9sdetY7if2pzL095M8=
Subject key identifier: AB:6A:B7:B5:46:AC:1D:66:09:DC:61:6E:26:8E:87:C3:B4:AD:FE:B6
Certificate issuer: /CN=a849204ca4f0eb4e56e08e099fe3785ce06ffeaa
Certificate serial: 018E51A2C2C4E338932809C4DFEED30F1348
Authority key identifier: A8:49:20:4C:A4:F0:EB:4E:56:E0:8E:09:9F:E3:78:5C:E0:6F:FE:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qEkgTKTw605W4I4Jn-N4XOBv_qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/q2q3tUasHWYJ3GFuJo6Hw7St_rY.roa
Signing time: Mon 18 Mar 2024 12:56:44 +0000
ROA not before: Mon 18 Mar 2024 12:56:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204175
IP address blocks: 185.177.42.0/24 maxlen: 24
185.220.166.0/23 maxlen: 23
185.220.166.0/24 maxlen: 24
185.220.167.0/24 maxlen: 24
185.232.132.0/24 maxlen: 24
185.232.133.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 30 Apr 2024 06:15:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:51:a2:c2:c4:e3:38:93:28:09:c4:df:ee:d3:0f:13:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a849204ca4f0eb4e56e08e099fe3785ce06ffeaa
Validity
Not Before: Mar 18 12:56:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ab6ab7b546ac1d6609dc616e268e87c3b4adfeb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:2a:44:6a:86:59:47:f8:0d:24:38:d3:26:a9:
e6:d4:53:15:95:38:a5:b9:b4:4a:95:c6:a5:96:27:
04:07:7b:49:e2:1a:5d:d1:4a:fb:de:84:56:b4:a9:
5a:86:00:f2:21:d4:74:ba:bd:a9:65:55:b1:3c:d4:
42:69:e4:f0:6e:0c:38:7e:b2:d3:31:f0:c3:1b:ec:
c0:9e:48:ee:f1:9b:6a:87:fd:1c:5b:bf:99:ab:cd:
0b:e4:77:89:de:94:c7:23:62:e8:80:85:1d:9d:06:
c3:29:fa:11:2c:a0:11:24:21:80:59:b8:7d:58:02:
12:d2:96:99:41:f8:bd:19:74:8d:d2:bf:3c:0d:28:
e0:95:c5:ad:86:8b:9c:72:ab:39:a9:55:4e:2a:cd:
6c:6d:ff:f9:15:fa:23:62:4b:0c:ba:2c:85:29:b0:
5d:00:42:78:91:da:c2:cb:13:7e:8a:40:f5:41:b5:
3c:60:29:2d:4f:5e:31:9a:34:1f:85:51:01:5c:2b:
91:6a:84:58:c0:0d:35:68:36:f0:d6:2e:95:77:dc:
6e:18:bb:d2:fc:cc:5b:09:b8:97:af:ee:02:b9:2c:
30:21:10:42:ad:de:2b:76:f1:a8:d6:c7:03:9e:d4:
7e:d0:56:e9:f9:fb:3a:ae:2a:bb:2b:cf:40:d5:01:
c3:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:6A:B7:B5:46:AC:1D:66:09:DC:61:6E:26:8E:87:C3:B4:AD:FE:B6
X509v3 Authority Key Identifier:
keyid:A8:49:20:4C:A4:F0:EB:4E:56:E0:8E:09:9F:E3:78:5C:E0:6F:FE:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qEkgTKTw605W4I4Jn-N4XOBv_qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/q2q3tUasHWYJ3GFuJo6Hw7St_rY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/qEkgTKTw605W4I4Jn-N4XOBv_qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.177.42.0/24
185.220.166.0/23
185.232.132.0/23
Signature Algorithm: sha256WithRSAEncryption
33:72:60:c2:c1:cb:a0:f6:10:fb:5c:16:0d:be:92:77:14:52:
d2:31:d9:5f:d2:93:ff:34:53:dd:59:45:59:ae:d5:0f:43:a1:
53:86:4a:e2:2d:25:c0:86:b5:67:55:3b:50:82:05:36:14:54:
c0:34:36:d9:2c:08:b0:95:d8:12:9c:8a:0f:6f:45:58:fa:d9:
fc:e2:bb:45:f9:47:84:eb:a2:d3:5e:4f:42:3d:21:d5:90:a3:
80:09:4f:c4:1f:96:85:83:bb:e8:e7:13:35:d8:53:86:22:10:
f0:b1:20:3b:bc:db:14:d6:54:6b:17:a2:8a:8e:12:45:f4:2b:
19:6c:22:bb:40:17:18:50:33:8a:32:7d:1b:44:52:ec:b8:e2:
3f:a4:76:ad:ef:7d:00:47:f6:b0:f8:19:32:f0:95:9b:73:2e:
58:38:32:2d:d9:c3:fa:03:b9:e0:a4:2e:da:d0:ac:15:e6:37:
c8:07:f2:74:06:05:b6:a9:9d:38:6c:3d:68:10:5c:fa:bc:71:
27:78:93:4a:97:c0:8b:c7:ce:57:7a:67:d3:4c:b3:5e:f6:6c:
3d:a7:7d:e2:e1:7a:ee:e3:4d:88:19:5d:d3:a1:4a:35:f1:2c:
47:df:fb:f6:6a:83:7b:97:71:d4:9e:ef:6c:b4:66:fc:25:c0:
4d:70:54:ef
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY5RosLE4ziTKAnE3+7TDxNIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NDkyMDRjYTRmMGViNGU1NmUwOGUwOTlmZTM3ODVjZTA2
ZmZlYWEwHhcNMjQwMzE4MTI1NjQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjZhYjdiNTQ2YWMxZDY2MDlkYzYxNmUyNjhlODdjM2I0YWRmZWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3CpEaoZZR/gNJDjTJqnm1FMVlTil
ubRKlcallicEB3tJ4hpd0Ur73oRWtKlahgDyIdR0ur2pZVWxPNRCaeTwbgw4frLT
MfDDG+zAnkju8Ztqh/0cW7+Zq80L5HeJ3pTHI2LogIUdnQbDKfoRLKARJCGAWbh9
WAIS0paZQfi9GXSN0r88DSjglcWthouccqs5qVVOKs1sbf/5FfojYksMuiyFKbBd
AEJ4kdrCyxN+ikD1QbU8YCktT14xmjQfhVEBXCuRaoRYwA01aDbw1i6Vd9xuGLvS
/MxbCbiXr+4CuSwwIRBCrd4rdvGo1scDntR+0Fbp+fs6riq7K89A1QHDJQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKtqt7VGrB1mCdxhbiaOh8O0rf62MB8GA1UdIwQY
MBaAFKhJIEyk8OtOVuCOCZ/jeFzgb/6qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUVrZ1RLVHc2MDVXNEk0Sm4tTjRYT0J2X3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi80NWIyM2YtMzAyYi00MWYyLTk0OTYt
OWNjYmIwODQyOGZhLzEvcTJxM3RVYXNIV1lKM0dGdUpvNkh3N1N0X3JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi80NWIyM2YtMzAyYi00MWYyLTk0OTYtOWNjYmIwODQyOGZh
LzEvcUVrZ1RLVHc2MDVXNEk0Sm4tTjRYT0J2X3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAubEqAwQB
udymAwQBueiEMA0GCSqGSIb3DQEBCwUAA4IBAQAzcmDCwcug9hD7XBYNvpJ3FFLS
Mdlf0pP/NFPdWUVZrtUPQ6FThkriLSXAhrVnVTtQggU2FFTANDbZLAiwldgSnIoP
b0VY+tn84rtF+UeE66LTXk9CPSHVkKOACU/EH5aFg7vo5xM12FOGIhDwsSA7vNsU
1lRrF6KKjhJF9CsZbCK7QBcYUDOKMn0bRFLsuOI/pHat730AR/aw+Bky8JWbcy5Y
ODIt2cP6A7ngpC7a0KwV5jfIB/J0BgW2qZ04bD1oEFz6vHEneJNKl8CLx85XemfT
TLNe9mw9p33i4Xru402IGV3ToUo18SxH3/v2aoN7l3HUnu9stGb8JcBNcFTv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:02 2024 by rpki-client on console-fra.rpki-client.org