Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/F_Q7QfhPAE27_VH5WQWuzqd_Hrs.roa
File: F_Q7QfhPAE27_VH5WQWuzqd_Hrs.roa (raw, json)
Hash identifier: fdiIKSEyugoK4VJxIzC0rUGWSz23Ht9o47XP+AAJe1c=
Subject key identifier: 17:F4:3B:41:F8:4F:00:4D:BB:FD:51:F9:59:05:AE:CE:A7:7F:1E:BB
Certificate issuer: /CN=99ce569a14c2db3772f23187ce68e6541ec0048e
Certificate serial: 018CC6B927B739F6C10EC016DFBFC3526597
Authority key identifier: 99:CE:56:9A:14:C2:DB:37:72:F2:31:87:CE:68:E6:54:1E:C0:04:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mc5WmhTC2zdy8jGHzmjmVB7ABI4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/F_Q7QfhPAE27_VH5WQWuzqd_Hrs.roa
Signing time: Mon 01 Jan 2024 20:31:12 +0000
ROA not before: Mon 01 Jan 2024 20:31:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3320
IP address blocks: 185.172.38.0/23 maxlen: 24
185.149.26.0/23 maxlen: 24
185.149.25.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 Apr 2024 05:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:27:b7:39:f6:c1:0e:c0:16:df:bf:c3:52:65:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99ce569a14c2db3772f23187ce68e6541ec0048e
Validity
Not Before: Jan 1 20:31:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=17f43b41f84f004dbbfd51f95905aecea77f1ebb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:31:37:77:b7:cf:d6:e0:ee:3c:28:b4:0e:88:
58:45:65:4e:52:7b:a5:38:fb:bf:c2:35:47:b8:03:
65:2c:6e:b4:e4:42:7a:8a:11:38:74:fa:b1:aa:82:
2a:8a:21:73:e7:a2:b8:28:4a:7d:55:20:54:7c:72:
68:ce:a1:3f:b6:4c:c8:c4:b8:e4:c3:8b:fe:13:c7:
2b:7e:d1:1a:2e:44:16:b5:a0:d4:74:33:bd:dc:50:
14:f6:ed:6b:84:a7:61:a6:0f:a4:78:27:10:cf:b5:
0d:a0:5e:b5:c1:7a:f4:a5:00:7f:67:d1:b4:18:f4:
25:45:19:68:af:bb:db:e3:ea:11:6f:31:77:c5:10:
a8:e7:00:3d:31:01:80:f6:c0:bc:86:84:b0:6a:5a:
23:6c:be:65:e3:00:f5:51:b3:25:3f:60:a5:ef:2a:
71:70:1a:03:17:79:c6:05:c9:8a:14:02:f3:ff:24:
3a:fb:a0:10:fd:20:4e:e8:13:b0:3b:fd:7e:fd:b0:
ff:55:c4:c4:92:5f:b9:b8:1e:f3:be:b1:c5:da:9f:
7b:fb:c8:b4:e0:87:ac:bc:57:e5:47:3d:0e:88:fc:
1e:83:07:bb:72:66:77:38:35:07:69:bb:d5:53:26:
78:20:b7:34:35:74:8c:2e:66:db:8c:b8:29:25:5c:
23:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:F4:3B:41:F8:4F:00:4D:BB:FD:51:F9:59:05:AE:CE:A7:7F:1E:BB
X509v3 Authority Key Identifier:
keyid:99:CE:56:9A:14:C2:DB:37:72:F2:31:87:CE:68:E6:54:1E:C0:04:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mc5WmhTC2zdy8jGHzmjmVB7ABI4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/F_Q7QfhPAE27_VH5WQWuzqd_Hrs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/mc5WmhTC2zdy8jGHzmjmVB7ABI4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.149.25.0-185.149.27.255
185.172.38.0/23
Signature Algorithm: sha256WithRSAEncryption
0e:bf:ec:42:9d:a5:89:2c:f0:b5:26:cb:b3:e9:9e:ff:1c:75:
9b:02:8a:31:e5:1d:47:25:d6:5d:4a:65:e7:6e:55:d1:2f:18:
00:3c:2e:8b:c0:65:31:90:7e:a0:92:eb:4a:19:6f:79:99:61:
bb:5a:1e:46:8f:6d:3c:b1:dc:60:07:a3:2d:97:0b:c2:c3:72:
bc:ed:61:e9:fb:cf:24:1b:44:ae:b3:26:1c:47:fb:ce:ba:58:
64:29:bc:4f:35:3a:e6:01:05:cb:a3:55:00:54:49:a8:ac:0a:
cc:4c:e0:bf:27:94:96:16:12:7a:da:ed:2f:fd:57:bb:b0:44:
fe:0b:97:82:15:83:fc:01:a2:69:c6:ae:b5:c3:6a:f5:ca:72:
e1:15:fb:0c:a0:cd:34:ca:50:12:96:fb:b6:33:c2:6b:de:4f:
2e:cc:85:a8:ce:aa:e8:3b:27:0b:35:96:49:7e:e8:59:6c:11:
52:03:20:a1:5f:c1:9b:e6:cc:46:26:3a:85:92:4b:55:67:19:
ab:67:08:d7:1d:3f:b6:59:a9:2b:91:a2:7e:f7:d8:30:5f:47:
e4:6c:fe:f8:dd:93:35:ad:49:ff:71:80:ef:a6:e3:66:90:ec:
49:1e:d0:b7:bb:1d:9d:b5:af:ab:a4:f3:30:7a:81:e5:08:a6:
da:92:c1:39
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzGuSe3OfbBDsAW37/DUmWXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5Y2U1NjlhMTRjMmRiMzc3MmYyMzE4N2NlNjhlNjU0MWVj
MDA0OGUwHhcNMjQwMTAxMjAzMTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2Y0M2I0MWY4NGYwMDRkYmJmZDUxZjk1OTA1YWVjZWE3N2YxZWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjDE3d7fP1uDuPCi0DohYRWVOUnul
OPu/wjVHuANlLG605EJ6ihE4dPqxqoIqiiFz56K4KEp9VSBUfHJozqE/tkzIxLjk
w4v+E8crftEaLkQWtaDUdDO93FAU9u1rhKdhpg+keCcQz7UNoF61wXr0pQB/Z9G0
GPQlRRlor7vb4+oRbzF3xRCo5wA9MQGA9sC8hoSwalojbL5l4wD1UbMlP2Cl7ypx
cBoDF3nGBcmKFALz/yQ6+6AQ/SBO6BOwO/1+/bD/VcTEkl+5uB7zvrHF2p97+8i0
4IesvFflRz0OiPwegwe7cmZ3ODUHabvVUyZ4ILc0NXSMLmbbjLgpJVwj7QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFBf0O0H4TwBNu/1R+VkFrs6nfx67MB8GA1UdIwQY
MBaAFJnOVpoUwts3cvIxh85o5lQewASOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWM1V21oVEMyemR5OGpHSHptam1WQjdBQkk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi9jYzZlOTktNmU1Zi00MDFiLTkxMmQt
MTA5NTU0NGM2YzUwLzEvRl9RN1FmaFBBRTI3X1ZINVdRV3V6cWRfSHJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi9jYzZlOTktNmU1Zi00MDFiLTkxMmQtMTA5NTU0NGM2YzUw
LzEvbWM1V21oVEMyemR5OGpHSHptam1WQjdBQkk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAC5lRkD
BAK5lRgDBAG5rCYwDQYJKoZIhvcNAQELBQADggEBAA6/7EKdpYks8LUmy7Ppnv8c
dZsCijHlHUcl1l1KZeduVdEvGAA8LovAZTGQfqCS60oZb3mZYbtaHkaPbTyx3GAH
oy2XC8LDcrztYen7zyQbRK6zJhxH+866WGQpvE81OuYBBcujVQBUSaisCsxM4L8n
lJYWEnra7S/9V7uwRP4Ll4IVg/wBomnGrrXDavXKcuEV+wygzTTKUBKW+7Yzwmve
Ty7MhajOqug7Jws1lkl+6FlsEVIDIKFfwZvmzEYmOoWSS1VnGatnCNcdP7ZZqSuR
on732DBfR+Rs/vjdkzWtSf9xgO+m42aQ7Eke0Le7HZ21r6uk8zB6geUIptqSwTk=
-----END CERTIFICATE-----
Generated at Thu Apr 11 06:01:24 2024 by rpki-client on console-ams.rpki-client.org