Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/ee29a6-691d-4b0c-ad63-94c8254bd3b7/1/qhpEYX39vHCduwnXLer9RbyeY1w.roa
File: qhpEYX39vHCduwnXLer9RbyeY1w.roa (raw, json)
Hash identifier: PhFO4wACJ+z709gh3an2pjGfq2Z1ZvEs92nucIY7XVo=
Subject key identifier: AA:1A:44:61:7D:FD:BC:70:9D:BB:09:D7:2D:EA:FD:45:BC:9E:63:5C
Certificate issuer: /CN=4c1b0c40969080957fccee1fb8a3fb4bb38bf5dc
Certificate serial: 01856B77C2FF41A115000B7431443F8EEE63
Authority key identifier: 4C:1B:0C:40:96:90:80:95:7F:CC:EE:1F:B8:A3:FB:4B:B3:8B:F5:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TBsMQJaQgJV_zO4fuKP7S7OL9dw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/ee29a6-691d-4b0c-ad63-94c8254bd3b7/1/qhpEYX39vHCduwnXLer9RbyeY1w.roa
Signing time: Sun 01 Jan 2023 03:54:48 +0000
ROA not before: Sun 01 Jan 2023 03:54:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60849
IP address blocks: 185.27.117.0/24 maxlen: 24
185.27.118.0/24 maxlen: 24
185.27.116.0/22 maxlen: 22
185.27.116.0/24 maxlen: 24
185.27.119.0/24 maxlen: 24
2a04:2ec1::/32 maxlen: 32
2a04:2ec0::/29 maxlen: 29
2a04:2ec0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:30:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:77:c2:ff:41:a1:15:00:0b:74:31:44:3f:8e:ee:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c1b0c40969080957fccee1fb8a3fb4bb38bf5dc
Validity
Not Before: Jan 1 03:54:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aa1a44617dfdbc709dbb09d72deafd45bc9e635c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:9d:49:93:79:6a:09:8f:7f:56:5b:15:31:ba:
3d:04:5b:20:79:8b:54:9a:c7:fe:88:80:9f:cb:1d:
ff:7a:69:bf:84:40:e6:d5:e6:b0:1b:33:a3:3e:93:
1b:6f:db:9d:de:fd:35:fd:eb:81:c4:df:54:37:1b:
9e:de:c1:cf:d3:5b:fc:cb:ce:6e:38:a9:33:f4:1d:
fb:ed:d0:9a:98:cd:a1:ee:df:6a:bd:f8:98:31:ca:
eb:4c:a3:75:20:47:72:79:38:db:48:80:53:51:e3:
40:a1:6c:7c:31:75:4e:27:4b:e6:ae:1f:a5:08:d5:
bb:55:cb:73:e9:30:d6:29:2a:7d:6c:f3:c9:ab:64:
dd:fe:bd:24:1b:ba:89:bc:f3:8b:d5:f7:59:7d:90:
8f:5b:99:69:4e:e8:67:85:a5:85:41:35:9e:41:62:
1e:11:f2:33:74:fe:77:ff:f8:43:96:bb:9b:e8:ad:
df:f7:8c:bd:35:8b:a3:f0:33:a7:ea:6c:39:0b:98:
39:6e:f9:fe:a3:d9:c4:a5:0f:60:83:5b:24:48:a4:
78:35:75:d3:09:b3:e3:58:da:85:89:c8:2f:27:fc:
73:28:e5:47:0e:ea:cc:2b:be:6a:c9:e0:74:82:6e:
f4:2a:b4:08:ee:47:93:1f:14:54:ad:a8:a8:94:4c:
1d:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:1A:44:61:7D:FD:BC:70:9D:BB:09:D7:2D:EA:FD:45:BC:9E:63:5C
X509v3 Authority Key Identifier:
keyid:4C:1B:0C:40:96:90:80:95:7F:CC:EE:1F:B8:A3:FB:4B:B3:8B:F5:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TBsMQJaQgJV_zO4fuKP7S7OL9dw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/ee29a6-691d-4b0c-ad63-94c8254bd3b7/1/qhpEYX39vHCduwnXLer9RbyeY1w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/ee29a6-691d-4b0c-ad63-94c8254bd3b7/1/TBsMQJaQgJV_zO4fuKP7S7OL9dw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.27.116.0/22
IPv6:
2a04:2ec0::/29
Signature Algorithm: sha256WithRSAEncryption
78:d6:1c:e0:10:76:d1:28:59:1c:56:7e:3f:f0:9c:9d:f0:7a:
4c:43:b1:fb:8e:39:a7:54:cc:1a:d2:1a:1f:40:6e:a4:f6:7d:
d8:8b:40:40:3b:ce:40:06:c9:54:5a:2f:af:8b:c3:2e:fe:ef:
e1:e4:6c:fb:0a:06:0d:8d:e7:e4:c0:c2:30:59:3f:b9:c7:45:
23:5a:b2:93:05:ac:5e:c4:f9:2e:9f:52:4d:a2:d2:d3:c6:d2:
03:23:49:7a:7b:a5:07:4f:7d:56:e9:2f:8e:97:20:1a:3a:e3:
f3:12:65:7f:78:9e:57:bd:d0:d3:4e:cc:9f:45:f7:5a:4c:00:
2e:f5:f8:76:bb:ef:5a:33:b1:33:3a:dd:3b:16:40:b4:d1:c4:
54:d5:9a:df:ba:15:9f:c4:07:84:c3:e3:3e:dc:0d:38:b9:12:
dc:dd:53:9b:48:96:a7:c0:a6:8f:51:ee:46:1a:6c:5b:ac:c7:
47:05:86:17:2a:47:75:bf:51:4c:2a:fd:11:51:af:22:61:7f:
5a:c2:5b:ad:4f:a8:80:48:38:c2:f9:33:0c:33:60:96:61:b0:
04:4b:bc:9d:85:0c:8a:49:66:c6:25:47:56:39:a4:c1:db:1b:
73:43:f3:a7:5a:87:35:6d:fb:df:25:28:a8:a3:9e:a8:9b:7c:
76:0a:c1:5f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVrd8L/QaEVAAt0MUQ/ju5jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMWIwYzQwOTY5MDgwOTU3ZmNjZWUxZmI4YTNmYjRiYjM4
YmY1ZGMwHhcNMjMwMTAxMDM1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTFhNDQ2MTdkZmRiYzcwOWRiYjA5ZDcyZGVhZmQ0NWJjOWU2MzVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJ1Jk3lqCY9/VlsVMbo9BFsgeYtU
msf+iICfyx3/emm/hEDm1eawGzOjPpMbb9ud3v01/euBxN9UNxue3sHP01v8y85u
OKkz9B377dCamM2h7t9qvfiYMcrrTKN1IEdyeTjbSIBTUeNAoWx8MXVOJ0vmrh+l
CNW7Vctz6TDWKSp9bPPJq2Td/r0kG7qJvPOL1fdZfZCPW5lpTuhnhaWFQTWeQWIe
EfIzdP53//hDlrub6K3f94y9NYuj8DOn6mw5C5g5bvn+o9nEpQ9gg1skSKR4NXXT
CbPjWNqFicgvJ/xzKOVHDurMK75qyeB0gm70KrQI7keTHxRUraiolEwdhwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKoaRGF9/bxwnbsJ1y3q/UW8nmNcMB8GA1UdIwQY
MBaAFEwbDECWkICVf8zuH7ij+0uzi/XcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEJzTVFKYVFnSlZfek80ZnVLUDdTN09MOWR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9lZTI5YTYtNjkxZC00YjBjLWFkNjMt
OTRjODI1NGJkM2I3LzEvcWhwRVlYMzl2SENkdXduWExlcjlSYnllWTF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9lZTI5YTYtNjkxZC00YjBjLWFkNjMtOTRjODI1NGJkM2I3
LzEvVEJzTVFKYVFnSlZfek80ZnVLUDdTN09MOWR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuRt0MA0E
AgACMAcDBQMqBC7AMA0GCSqGSIb3DQEBCwUAA4IBAQB41hzgEHbRKFkcVn4/8Jyd
8HpMQ7H7jjmnVMwa0hofQG6k9n3Yi0BAO85ABslUWi+vi8Mu/u/h5Gz7CgYNjefk
wMIwWT+5x0UjWrKTBaxexPkun1JNotLTxtIDI0l6e6UHT31W6S+OlyAaOuPzEmV/
eJ5XvdDTTsyfRfdaTAAu9fh2u+9aM7EzOt07FkC00cRU1ZrfuhWfxAeEw+M+3A04
uRLc3VObSJanwKaPUe5GGmxbrMdHBYYXKkd1v1FMKv0RUa8iYX9awlutT6iASDjC
+TMMM2CWYbAES7ydhQyKSWbGJUdWOaTB2xtzQ/OnWoc1bfvfJSioo56om3x2CsFf
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:34 2024 by rpki-client on console-fra.rpki-client.org