Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/3dc3c4-9c48-4a64-8fa1-88f7b91b6e32/1/qQxwYef2YN-Bu3A1m9SshgRS6pk.roa
File: qQxwYef2YN-Bu3A1m9SshgRS6pk.roa (raw, json)
Hash identifier: hLdu77tCIblUdvbmzUZdg0ZFw5eTLHr+QkTWlvqh+is=
Subject key identifier: A9:0C:70:61:E7:F6:60:DF:81:BB:70:35:9B:D4:AC:86:04:52:EA:99
Certificate issuer: /CN=ff62562cae873f4fc4a3232bf49dd5343b7084f9
Certificate serial: 0190C106EA6125955D269F8237E2103CBEC7
Authority key identifier: FF:62:56:2C:AE:87:3F:4F:C4:A3:23:2B:F4:9D:D5:34:3B:70:84:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_2JWLK6HP0_EoyMr9J3VNDtwhPk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/3dc3c4-9c48-4a64-8fa1-88f7b91b6e32/1/qQxwYef2YN-Bu3A1m9SshgRS6pk.roa
Signing time: Wed 17 Jul 2024 14:09:34 +0000
ROA not before: Wed 17 Jul 2024 14:09:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15576
IP address blocks: 185.187.120.0/22 maxlen: 22
185.187.120.0/23 maxlen: 23
2a0b:9e80::/32 maxlen: 32
2a0b:9e80::/36 maxlen: 36
Validation: Failed, certificate revoked on Mon 29 Jul 2024 05:52:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:c1:06:ea:61:25:95:5d:26:9f:82:37:e2:10:3c:be:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff62562cae873f4fc4a3232bf49dd5343b7084f9
Validity
Not Before: Jul 17 14:09:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a90c7061e7f660df81bb70359bd4ac860452ea99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:4d:ec:be:33:e2:40:03:d9:96:76:5d:a8:d1:
08:2c:e3:f8:17:47:f7:5f:21:ef:a2:e5:e9:35:98:
6d:16:ee:30:3e:84:87:cd:8c:4a:2f:bd:34:0b:62:
a5:b6:a6:41:44:93:d0:4a:e3:c7:c8:02:09:6c:5a:
7e:a4:5c:e8:2a:22:bd:0b:e7:49:fd:78:16:7e:2e:
f1:8e:86:78:11:9c:5a:e7:8d:9c:d5:e5:a2:3e:30:
3a:8d:87:ba:99:88:1a:66:92:e9:12:29:0e:47:35:
5c:8c:da:1e:84:b6:42:f6:26:9d:d1:5d:72:33:de:
75:3c:e9:e3:94:b0:71:ca:8f:31:d3:6e:f4:46:1e:
88:0d:6a:6d:80:ba:59:91:b4:81:b2:1b:b3:e4:e9:
e6:5e:4a:0d:58:a0:23:1a:25:25:38:7b:e3:67:5e:
53:6f:42:d4:42:b9:67:b9:91:96:85:f3:5a:b5:3c:
f1:ca:3a:bd:a8:e6:ed:49:52:08:af:f0:3d:e1:7b:
1c:45:e9:f8:2a:c8:40:e7:68:a9:25:0b:46:6a:97:
fe:cd:ec:79:05:ec:c0:e5:73:b7:94:f2:87:98:ee:
b6:cd:60:54:29:61:9b:ec:e2:48:be:12:95:a0:ac:
72:85:52:9b:5f:2e:88:33:27:6b:36:45:74:c4:b7:
41:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:0C:70:61:E7:F6:60:DF:81:BB:70:35:9B:D4:AC:86:04:52:EA:99
X509v3 Authority Key Identifier:
keyid:FF:62:56:2C:AE:87:3F:4F:C4:A3:23:2B:F4:9D:D5:34:3B:70:84:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_2JWLK6HP0_EoyMr9J3VNDtwhPk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/3dc3c4-9c48-4a64-8fa1-88f7b91b6e32/1/qQxwYef2YN-Bu3A1m9SshgRS6pk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/3dc3c4-9c48-4a64-8fa1-88f7b91b6e32/1/_2JWLK6HP0_EoyMr9J3VNDtwhPk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.187.120.0/22
IPv6:
2a0b:9e80::/32
Signature Algorithm: sha256WithRSAEncryption
b2:6a:8b:b6:d8:ad:cc:87:ba:f4:58:47:d1:d1:3e:c3:24:4d:
01:f6:76:9c:07:07:8c:8d:17:31:5a:e5:c8:35:e5:3a:da:60:
77:65:8c:e5:11:df:41:0f:f7:36:9e:6c:e1:88:61:38:61:9e:
2b:8d:33:c8:c0:8b:3b:2d:58:09:e5:c0:23:c8:64:46:6e:ae:
53:01:fe:64:27:07:22:e3:68:b1:3c:94:31:cf:98:d5:c6:4c:
c2:ea:66:4b:e9:f8:f5:ac:6c:17:9d:bb:31:8d:ce:ab:95:7f:
60:4b:44:70:ca:a3:f1:28:9d:b4:51:bf:b5:1d:81:28:c2:83:
cd:16:62:ce:28:07:39:d1:4c:06:e6:a2:c0:e5:44:e4:14:e7:
97:80:2d:ba:86:d2:ab:2c:f4:8e:6b:be:da:40:ab:b2:47:12:
b9:cb:02:a8:a9:a8:59:b4:f0:7f:24:6d:d1:3b:b5:56:ab:ba:
29:a4:3d:30:ab:56:30:d0:66:60:cc:99:16:aa:fc:77:70:07:
0c:2b:51:d9:25:9f:9b:3e:0c:cb:a7:ec:4d:f3:54:35:91:ef:
2b:3e:0b:b4:df:9e:7e:a5:b6:bb:9e:ec:28:f5:f5:e9:08:37:
c9:b1:a1:d8:d4:ce:49:88:b5:92:2e:51:7c:71:ff:a9:18:cd:
01:08:48:f1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZDBBuphJZVdJp+CN+IQPL7HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmNjI1NjJjYWU4NzNmNGZjNGEzMjMyYmY0OWRkNTM0M2I3
MDg0ZjkwHhcNMjQwNzE3MTQwOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTBjNzA2MWU3ZjY2MGRmODFiYjcwMzU5YmQ0YWM4NjA0NTJlYTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvk3svjPiQAPZlnZdqNEILOP4F0f3
XyHvouXpNZhtFu4wPoSHzYxKL700C2KltqZBRJPQSuPHyAIJbFp+pFzoKiK9C+dJ
/XgWfi7xjoZ4EZxa542c1eWiPjA6jYe6mYgaZpLpEikORzVcjNoehLZC9iad0V1y
M951POnjlLBxyo8x0270Rh6IDWptgLpZkbSBshuz5OnmXkoNWKAjGiUlOHvjZ15T
b0LUQrlnuZGWhfNatTzxyjq9qObtSVIIr/A94XscRen4KshA52ipJQtGapf+zex5
BezA5XO3lPKHmO62zWBUKWGb7OJIvhKVoKxyhVKbXy6IMydrNkV0xLdBhQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKkMcGHn9mDfgbtwNZvUrIYEUuqZMB8GA1UdIwQY
MBaAFP9iViyuhz9PxKMjK/Sd1TQ7cIT5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzJKV0xLNkhQMF9Fb3lNcjlKM1ZORHR3aFBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi8zZGMzYzQtOWM0OC00YTY0LThmYTEt
ODhmN2I5MWI2ZTMyLzEvcVF4d1llZjJZTi1CdTNBMW05U3NoZ1JTNnBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi8zZGMzYzQtOWM0OC00YTY0LThmYTEtODhmN2I5MWI2ZTMy
LzEvXzJKV0xLNkhQMF9Fb3lNcjlKM1ZORHR3aFBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCubt4MA0E
AgACMAcDBQAqC56AMA0GCSqGSIb3DQEBCwUAA4IBAQCyaou22K3Mh7r0WEfR0T7D
JE0B9nacBweMjRcxWuXINeU62mB3ZYzlEd9BD/c2nmzhiGE4YZ4rjTPIwIs7LVgJ
5cAjyGRGbq5TAf5kJwci42ixPJQxz5jVxkzC6mZL6fj1rGwXnbsxjc6rlX9gS0Rw
yqPxKJ20Ub+1HYEowoPNFmLOKAc50UwG5qLA5UTkFOeXgC26htKrLPSOa77aQKuy
RxK5ywKoqahZtPB/JG3RO7VWq7oppD0wq1Yw0GZgzJkWqvx3cAcMK1HZJZ+bPgzL
p+xN81Q1ke8rPgu0355+pba7nuwo9fXpCDfJsaHY1M5JiLWSLlF8cf+pGM0BCEjx
-----END CERTIFICATE-----
Generated at Mon Jul 29 08:16:42 2024 by rpki-client on console-fra.rpki-client.org