Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/a0faca-db7f-4ed8-b11a-eec46ca82a33/1/Q6TgxrzigYDg4r8a3nFb0i0kYsM.roa
File: Q6TgxrzigYDg4r8a3nFb0i0kYsM.roa (raw, json)
Hash identifier: 5j2PRDBddWK3nlWWlISK6uSEl1pxR1FcbczjbTuh48o=
Subject key identifier: 43:A4:E0:C6:BC:E2:81:80:E0:E2:BF:1A:DE:71:5B:D2:2D:24:62:C3
Certificate issuer: /CN=3558bb47de354e09e0fc2cb2c1fa14d71d926ee8
Certificate serial: 018CCA99C6341202CDBEA02FD7F8EB6E2719
Authority key identifier: 35:58:BB:47:DE:35:4E:09:E0:FC:2C:B2:C1:FA:14:D7:1D:92:6E:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NVi7R941Tgng_CyywfoU1x2Sbug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/a0faca-db7f-4ed8-b11a-eec46ca82a33/1/Q6TgxrzigYDg4r8a3nFb0i0kYsM.roa
Signing time: Tue 02 Jan 2024 14:35:24 +0000
ROA not before: Tue 02 Jan 2024 14:35:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56548
IP address blocks: 185.199.208.0/24 maxlen: 24
185.199.211.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 28 Apr 2024 06:49:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:c6:34:12:02:cd:be:a0:2f:d7:f8:eb:6e:27:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3558bb47de354e09e0fc2cb2c1fa14d71d926ee8
Validity
Not Before: Jan 2 14:35:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=43a4e0c6bce28180e0e2bf1ade715bd22d2462c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:7e:3b:c4:2a:5e:80:ba:fa:b8:c0:83:e1:60:
ce:76:84:dd:96:b1:e1:63:44:62:a2:e0:fc:fd:19:
60:ef:c9:11:07:af:27:cd:ad:12:f9:1e:45:84:cf:
37:27:39:f2:e1:c3:72:45:77:c4:01:60:73:06:6f:
c3:d8:92:07:31:dd:13:21:bf:89:36:83:21:8d:8f:
60:d4:04:e6:47:d7:ae:80:de:23:30:3d:3a:f4:61:
c4:81:f0:81:b7:14:50:7d:bc:b8:99:00:8d:bf:f6:
c4:20:56:8f:8e:f5:f0:ac:e1:29:51:0e:e0:d1:10:
76:7f:2d:e5:14:a1:f3:7a:12:7a:55:2c:e2:fc:59:
16:d9:b0:d2:f4:f7:27:28:94:34:28:1e:ed:fe:8f:
91:0a:22:60:a6:4f:48:80:c4:82:4c:8e:31:36:03:
f8:74:ea:c2:2c:57:20:a5:23:c6:2b:27:88:37:f4:
82:8a:de:80:35:6f:db:5d:7a:b3:05:fd:5a:ed:ba:
65:4c:bf:80:fe:56:ea:25:7b:57:dc:83:10:bf:58:
1c:73:cb:c5:34:8c:6d:1c:a0:3c:e3:e3:97:c2:df:
9a:7f:74:69:99:44:b7:77:ef:86:ca:06:d0:7d:b9:
9d:96:b6:48:0e:67:81:1d:a8:5c:32:b5:71:ed:d3:
69:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:A4:E0:C6:BC:E2:81:80:E0:E2:BF:1A:DE:71:5B:D2:2D:24:62:C3
X509v3 Authority Key Identifier:
keyid:35:58:BB:47:DE:35:4E:09:E0:FC:2C:B2:C1:FA:14:D7:1D:92:6E:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NVi7R941Tgng_CyywfoU1x2Sbug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/a0faca-db7f-4ed8-b11a-eec46ca82a33/1/Q6TgxrzigYDg4r8a3nFb0i0kYsM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/a0faca-db7f-4ed8-b11a-eec46ca82a33/1/NVi7R941Tgng_CyywfoU1x2Sbug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.199.208.0/24
185.199.211.0/24
Signature Algorithm: sha256WithRSAEncryption
69:59:dd:af:ba:b6:2a:c7:b5:a0:b5:aa:e4:f7:38:0c:d8:30:
f8:c6:13:33:17:9f:75:fb:5e:c3:b2:70:35:95:05:30:cf:28:
b8:35:7a:df:55:c0:34:90:fe:82:36:20:ff:2a:55:a0:1d:9a:
62:9e:c9:21:36:a2:ba:4b:05:d8:8d:b6:71:c6:47:b4:47:9f:
26:be:5d:d6:67:fc:ba:03:82:28:1d:3b:16:d4:54:8c:97:1c:
96:15:9a:d6:74:dd:a3:be:e0:92:8e:c5:fc:47:5c:0d:1a:27:
05:de:68:48:fa:0d:07:99:0d:ea:7e:09:d6:d9:ac:28:20:a8:
35:2c:89:17:6b:f2:42:95:f9:f2:f0:c0:b7:60:22:27:e9:c4:
fc:6b:fb:84:e5:07:e9:12:d6:86:08:f8:42:69:a0:51:cc:de:
6d:d7:cc:0d:9e:18:f2:06:06:5d:8c:70:f4:22:c1:7c:66:01:
05:91:fb:28:54:3b:b2:06:eb:fe:29:49:e3:fc:e8:d5:45:84:
4b:19:b6:9e:63:02:41:82:57:d0:74:d7:96:39:6c:a2:43:7a:
e0:85:f3:05:ab:0c:35:b8:14:18:6b:16:f0:c1:16:2b:38:f9:
1e:36:67:54:46:31:3e:ae:84:d1:39:79:de:33:63:b3:19:7c:
da:01:45:bb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKmcY0EgLNvqAv1/jrbicZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NThiYjQ3ZGUzNTRlMDllMGZjMmNiMmMxZmExNGQ3MWQ5
MjZlZTgwHhcNMjQwMTAyMTQzNTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2E0ZTBjNmJjZTI4MTgwZTBlMmJmMWFkZTcxNWJkMjJkMjQ2MmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnH47xCpegLr6uMCD4WDOdoTdlrHh
Y0RiouD8/Rlg78kRB68nza0S+R5FhM83Jzny4cNyRXfEAWBzBm/D2JIHMd0TIb+J
NoMhjY9g1ATmR9eugN4jMD069GHEgfCBtxRQfby4mQCNv/bEIFaPjvXwrOEpUQ7g
0RB2fy3lFKHzehJ6VSzi/FkW2bDS9PcnKJQ0KB7t/o+RCiJgpk9IgMSCTI4xNgP4
dOrCLFcgpSPGKyeIN/SCit6ANW/bXXqzBf1a7bplTL+A/lbqJXtX3IMQv1gcc8vF
NIxtHKA84+OXwt+af3RpmUS3d++GygbQfbmdlrZIDmeBHahcMrVx7dNp4QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEOk4Ma84oGA4OK/Gt5xW9ItJGLDMB8GA1UdIwQY
MBaAFDVYu0feNU4J4PwsssH6FNcdkm7oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlZpN1I5NDFUZ25nX0N5eXdmb1UxeDJTYnVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9hMGZhY2EtZGI3Zi00ZWQ4LWIxMWEt
ZWVjNDZjYTgyYTMzLzEvUTZUZ3hyemlnWURnNHI4YTNuRmIwaTBrWXNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9hMGZhY2EtZGI3Zi00ZWQ4LWIxMWEtZWVjNDZjYTgyYTMz
LzEvTlZpN1I5NDFUZ25nX0N5eXdmb1UxeDJTYnVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAucfQAwQA
ucfTMA0GCSqGSIb3DQEBCwUAA4IBAQBpWd2vurYqx7Wgtark9zgM2DD4xhMzF591
+17DsnA1lQUwzyi4NXrfVcA0kP6CNiD/KlWgHZpinskhNqK6SwXYjbZxxke0R58m
vl3WZ/y6A4IoHTsW1FSMlxyWFZrWdN2jvuCSjsX8R1wNGicF3mhI+g0HmQ3qfgnW
2awoIKg1LIkXa/JClfny8MC3YCIn6cT8a/uE5QfpEtaGCPhCaaBRzN5t18wNnhjy
BgZdjHD0IsF8ZgEFkfsoVDuyBuv+KUnj/OjVRYRLGbaeYwJBglfQdNeWOWyiQ3rg
hfMFqww1uBQYaxbwwRYrOPkeNmdURjE+roTROXneM2OzGXzaAUW7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:00 2024 by rpki-client on console-fra.rpki-client.org