Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/d07f01-77c0-4a40-9563-d6bb580af785/1/q8bgoJtJC5gBfxFhYJ7oPQAoBQw.roa
File: q8bgoJtJC5gBfxFhYJ7oPQAoBQw.roa (raw, json)
Hash identifier: CniXiGAmG53RrbXjgqKplKG3msfbnzJS6Fxcm/xdGHw=
Subject key identifier: AB:C6:E0:A0:9B:49:0B:98:01:7F:11:61:60:9E:E8:3D:00:28:05:0C
Certificate issuer: /CN=7645692d4bd30cf9e989d55bac8d08e7714493ab
Certificate serial: 018FC918F7032E7293A6A0BC13D142A40E32
Authority key identifier: 76:45:69:2D:4B:D3:0C:F9:E9:89:D5:5B:AC:8D:08:E7:71:44:93:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dkVpLUvTDPnpidVbrI0I53FEk6s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/d07f01-77c0-4a40-9563-d6bb580af785/1/q8bgoJtJC5gBfxFhYJ7oPQAoBQw.roa
Signing time: Thu 30 May 2024 10:43:27 +0000
ROA not before: Thu 30 May 2024 10:43:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12637
IP address blocks: 31.14.183.0/24 maxlen: 24
77.81.143.0/24 maxlen: 24
78.40.111.0/24 maxlen: 24
86.106.75.0/24 maxlen: 24
86.106.76.0/24 maxlen: 24
91.233.180.0/23 maxlen: 24
188.211.169.0/24 maxlen: 24
194.76.247.0/24 maxlen: 24
195.200.94.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 02 Sep 2024 09:31:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:c9:18:f7:03:2e:72:93:a6:a0:bc:13:d1:42:a4:0e:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7645692d4bd30cf9e989d55bac8d08e7714493ab
Validity
Not Before: May 30 10:43:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=abc6e0a09b490b98017f1161609ee83d0028050c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:22:5a:2a:0b:63:a7:e0:d5:32:ad:23:60:30:
88:bf:b3:98:12:32:02:1d:cb:0b:ff:35:b7:b1:b6:
5f:24:53:20:e3:46:01:59:3a:df:66:ba:34:6e:ca:
e4:21:9b:fc:91:b2:69:5a:e0:11:42:56:8b:aa:6f:
0c:40:76:ad:0a:9d:ad:3f:d0:d2:b2:e1:5d:38:c4:
5b:66:31:d5:3e:ab:ae:e3:9b:99:9a:5f:6c:af:48:
cf:55:e6:f6:e0:92:b2:9b:cf:b2:9b:33:83:0b:71:
3d:e3:ad:dc:4a:d2:0e:33:9f:7b:ad:9b:fd:9c:07:
d9:31:a3:2a:0b:1e:a6:1f:62:63:ed:4a:da:51:d0:
c4:4b:2e:1c:fb:f8:16:e9:1a:50:1e:5b:46:39:bd:
76:ad:71:aa:db:8f:97:94:ee:f7:32:2a:7c:df:63:
00:4b:1f:8c:a2:a3:a0:7f:45:c0:a9:0e:b3:be:1b:
a3:8e:37:fe:7d:5a:d8:9b:37:db:cd:48:2c:da:5e:
e2:a7:ff:ef:ba:31:6a:6f:dd:12:fe:38:5f:e9:51:
a0:6f:12:d3:48:d3:41:95:d4:dc:a2:ac:f7:37:47:
a7:1a:23:fa:aa:e5:fa:d4:9f:b6:91:bd:22:5f:36:
29:d5:a1:52:bc:ed:4a:0f:3b:56:42:01:f0:28:da:
e7:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:C6:E0:A0:9B:49:0B:98:01:7F:11:61:60:9E:E8:3D:00:28:05:0C
X509v3 Authority Key Identifier:
keyid:76:45:69:2D:4B:D3:0C:F9:E9:89:D5:5B:AC:8D:08:E7:71:44:93:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dkVpLUvTDPnpidVbrI0I53FEk6s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/d07f01-77c0-4a40-9563-d6bb580af785/1/q8bgoJtJC5gBfxFhYJ7oPQAoBQw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/d07f01-77c0-4a40-9563-d6bb580af785/1/dkVpLUvTDPnpidVbrI0I53FEk6s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.183.0/24
77.81.143.0/24
78.40.111.0/24
86.106.75.0-86.106.76.255
91.233.180.0/23
188.211.169.0/24
194.76.247.0/24
195.200.94.0/23
Signature Algorithm: sha256WithRSAEncryption
26:b9:73:f6:9b:6f:30:a7:6b:1e:62:34:25:19:05:c4:2f:50:
5e:09:ee:eb:b6:c8:f6:20:5f:a3:11:35:8e:a5:bc:fc:a9:38:
28:da:eb:9f:33:47:ac:02:87:ee:70:65:6c:0d:99:f9:a4:7a:
92:3c:5a:73:20:2d:2d:dc:ed:09:06:be:b5:93:f5:f0:6a:96:
01:57:be:54:86:0f:9e:cc:8d:eb:ac:3c:45:a1:b5:05:3f:33:
07:92:73:58:5b:46:94:6c:2a:a4:d1:1b:aa:0c:ea:76:69:34:
b0:15:7b:b4:af:74:8d:12:ab:0f:31:e6:8e:a4:7e:b3:f4:f9:
0f:6a:51:1a:7a:a5:e2:09:4c:14:8c:18:96:ad:33:bc:d8:cb:
f4:55:c2:db:47:e5:38:70:30:ca:15:7f:da:df:4a:cc:37:5a:
c2:35:1b:47:68:ce:61:07:9b:f6:11:40:98:cd:4f:e9:af:14:
94:a6:b9:12:7f:a4:89:2b:58:84:dc:f8:3d:8e:0e:4f:1d:81:
45:20:1b:a4:39:35:ad:cf:77:e2:d9:66:fc:9f:9f:7d:e4:ba:
f3:5f:b1:2a:af:c2:c3:66:0d:c1:2b:9a:fe:87:a7:5d:f7:3b:
b6:9b:f9:32:97:fe:f0:60:88:c9:af:7f:6a:e9:47:ad:f5:6c:
12:0c:e9:82
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAY/JGPcDLnKTpqC8E9FCpA4yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2NDU2OTJkNGJkMzBjZjllOTg5ZDU1YmFjOGQwOGU3NzE0
NDkzYWIwHhcNMjQwNTMwMTA0MzI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmM2ZTBhMDliNDkwYjk4MDE3ZjExNjE2MDllZTgzZDAwMjgwNTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzCJaKgtjp+DVMq0jYDCIv7OYEjIC
HcsL/zW3sbZfJFMg40YBWTrfZro0bsrkIZv8kbJpWuARQlaLqm8MQHatCp2tP9DS
suFdOMRbZjHVPquu45uZml9sr0jPVeb24JKym8+ymzODC3E9463cStIOM597rZv9
nAfZMaMqCx6mH2Jj7UraUdDESy4c+/gW6RpQHltGOb12rXGq24+XlO73Mip832MA
Sx+MoqOgf0XAqQ6zvhujjjf+fVrYmzfbzUgs2l7ip//vujFqb90S/jhf6VGgbxLT
SNNBldTcoqz3N0enGiP6quX61J+2kb0iXzYp1aFSvO1KDztWQgHwKNrn5wIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFKvG4KCbSQuYAX8RYWCe6D0AKAUMMB8GA1UdIwQY
MBaAFHZFaS1L0wz56YnVW6yNCOdxRJOrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGtWcExVdlREUG5waWRWYnJJMEk1M0ZFazZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9kMDdmMDEtNzdjMC00YTQwLTk1NjMt
ZDZiYjU4MGFmNzg1LzEvcThiZ29KdEpDNWdCZnhGaFlKN29QUUFvQlF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9kMDdmMDEtNzdjMC00YTQwLTk1NjMtZDZiYjU4MGFmNzg1
LzEvZGtWcExVdlREUG5waWRWYnJJMEk1M0ZFazZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAHw63AwQA
TVGPAwQATihvMAwDBABWaksDBABWakwDBAFb6bQDBAC806kDBADCTPcDBAHDyF4w
DQYJKoZIhvcNAQELBQADggEBACa5c/abbzCnax5iNCUZBcQvUF4J7uu2yPYgX6MR
NY6lvPypOCja658zR6wCh+5wZWwNmfmkepI8WnMgLS3c7QkGvrWT9fBqlgFXvlSG
D57MjeusPEWhtQU/MweSc1hbRpRsKqTRG6oM6nZpNLAVe7SvdI0Sqw8x5o6kfrP0
+Q9qURp6peIJTBSMGJatM7zYy/RVwttH5ThwMMoVf9rfSsw3WsI1G0dozmEHm/YR
QJjNT+mvFJSmuRJ/pIkrWITc+D2ODk8dgUUgG6Q5Na3Pd+LZZvyfn33kuvNfsSqv
wsNmDcErmv6Hp133O7ab+TKX/vBgiMmvf2rpR631bBIM6YI=
-----END CERTIFICATE-----
Generated at Mon Sep 2 12:49:59 2024 by rpki-client on console-ams.rpki-client.org