Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/e66afe-6e0b-4dbd-8d0d-ce6915b4736f/1/htIc_xuBJS-lpqwfv9Z7Z_cyb18.roa
File: htIc_xuBJS-lpqwfv9Z7Z_cyb18.roa (raw, json)
Hash identifier: kuWeeZbBxkWXQH6PDsF3nDR1j1RYIAEJMrrIQw8ku8w=
Subject key identifier: 86:D2:1C:FF:1B:81:25:2F:A5:A6:AC:1F:BF:D6:7B:67:F7:32:6F:5F
Certificate issuer: /CN=6696fa3fe40cf770851c83adcafafb7a4107678f
Certificate serial: 0193AB74DCB0C690621C78BBE8A656E37EED
Authority key identifier: 66:96:FA:3F:E4:0C:F7:70:85:1C:83:AD:CA:FA:FB:7A:41:07:67:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zpb6P-QM93CFHIOtyvr7ekEHZ48.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/e66afe-6e0b-4dbd-8d0d-ce6915b4736f/1/htIc_xuBJS-lpqwfv9Z7Z_cyb18.roa
Signing time: Mon 09 Dec 2024 12:46:22 +0000
ROA not before: Mon 09 Dec 2024 12:46:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31182
IP address blocks: 146.66.134.0/23 maxlen: 23
146.66.134.0/24 maxlen: 24
146.66.135.0/24 maxlen: 24
193.8.139.0/24 maxlen: 24
2a14:5ec0::/29 maxlen: 29
2a14:5ec0::/32 maxlen: 32
2a14:5ec1::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:47:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ab:74:dc:b0:c6:90:62:1c:78:bb:e8:a6:56:e3:7e:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6696fa3fe40cf770851c83adcafafb7a4107678f
Validity
Not Before: Dec 9 12:46:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=86d21cff1b81252fa5a6ac1fbfd67b67f7326f5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:18:4f:25:b8:98:bb:08:5a:35:fe:40:80:2d:
ab:41:fe:14:9c:8f:76:8d:e6:28:d5:22:2b:56:3f:
a0:f4:07:7a:78:38:ea:1a:ab:30:75:80:97:18:4f:
c0:e3:9b:53:a5:a4:0c:ac:d3:b1:11:31:30:98:8d:
3f:a3:33:1f:09:4c:9c:c7:60:ca:44:84:f8:0f:f9:
8b:ed:fd:52:27:8e:6a:31:04:91:eb:e5:1a:37:df:
68:12:0b:1d:3c:cb:2c:76:db:21:84:2c:35:30:3e:
34:c3:cf:20:e8:3d:22:52:60:67:0f:69:d3:ab:ab:
e5:67:4e:f8:ad:27:19:3a:18:e2:a5:00:49:b9:8a:
b8:7d:ce:af:e4:b6:9f:45:14:c1:21:e9:70:e8:03:
0c:dc:68:48:d1:da:5c:f9:9a:c2:63:89:23:57:82:
5c:38:4a:4c:3b:8c:37:cc:ee:4b:e9:34:d9:73:6a:
c8:36:35:53:97:ee:31:be:a4:08:80:64:08:09:15:
7a:3d:1d:9a:88:98:c8:19:4c:3e:54:aa:c0:b7:f1:
72:a1:d2:a3:92:09:a1:66:42:20:12:32:ec:7a:a1:
25:5c:bf:6d:1c:82:5b:ce:e2:8f:36:23:16:70:87:
10:2e:54:fa:e1:4c:a7:60:b5:16:0e:d3:29:63:10:
b8:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:D2:1C:FF:1B:81:25:2F:A5:A6:AC:1F:BF:D6:7B:67:F7:32:6F:5F
X509v3 Authority Key Identifier:
keyid:66:96:FA:3F:E4:0C:F7:70:85:1C:83:AD:CA:FA:FB:7A:41:07:67:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zpb6P-QM93CFHIOtyvr7ekEHZ48.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e66afe-6e0b-4dbd-8d0d-ce6915b4736f/1/htIc_xuBJS-lpqwfv9Z7Z_cyb18.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e66afe-6e0b-4dbd-8d0d-ce6915b4736f/1/Zpb6P-QM93CFHIOtyvr7ekEHZ48.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.66.134.0/23
193.8.139.0/24
IPv6:
2a14:5ec0::/29
Signature Algorithm: sha256WithRSAEncryption
16:c7:51:2b:cc:fb:de:f3:12:2e:6b:ca:f0:64:da:97:33:d1:
66:e2:1b:2d:e6:ec:f5:67:27:7b:c6:cd:89:99:5c:66:2a:51:
b0:d3:bf:c8:c9:2a:49:20:c0:57:17:72:a4:e5:fb:7a:49:e3:
ea:08:98:11:64:7d:c3:aa:63:95:ad:c1:62:5c:8b:50:5e:5e:
3e:71:81:68:1d:2b:05:7f:48:db:df:c3:dc:be:f4:00:17:54:
63:0d:e1:3c:e3:95:00:0c:bd:2c:76:b6:82:4b:e1:78:6e:ac:
93:43:c4:02:54:0c:2f:74:70:c2:48:d7:4a:0e:75:58:ac:57:
a2:aa:46:28:aa:c7:88:74:98:02:3c:3b:9f:20:01:28:ab:ce:
d0:e2:cd:d1:fd:33:30:32:c9:bd:ec:fd:d7:15:2e:7a:ee:a4:
a2:5f:20:ea:84:34:6f:a0:9d:6a:e8:99:10:93:8e:89:52:c8:
2f:8d:d5:1f:9a:02:61:b8:a9:b5:50:13:89:20:bb:46:49:61:
b4:50:c2:37:db:b2:b1:42:bb:44:4b:dc:c1:a5:7e:e7:1a:c8:
16:af:9b:f1:a9:58:64:a7:e7:a0:cd:f0:13:b2:b4:b9:72:0f:
aa:d1:d0:c6:48:0a:54:f7:65:92:13:e7:3b:10:a8:1f:62:97:
a1:16:d5:18
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZOrdNywxpBiHHi76KZW437tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2OTZmYTNmZTQwY2Y3NzA4NTFjODNhZGNhZmFmYjdhNDEw
NzY3OGYwHhcNMjQxMjA5MTI0NjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmQyMWNmZjFiODEyNTJmYTVhNmFjMWZiZmQ2N2I2N2Y3MzI2ZjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApBhPJbiYuwhaNf5AgC2rQf4UnI92
jeYo1SIrVj+g9Ad6eDjqGqswdYCXGE/A45tTpaQMrNOxETEwmI0/ozMfCUycx2DK
RIT4D/mL7f1SJ45qMQSR6+UaN99oEgsdPMssdtshhCw1MD40w88g6D0iUmBnD2nT
q6vlZ074rScZOhjipQBJuYq4fc6v5LafRRTBIelw6AMM3GhI0dpc+ZrCY4kjV4Jc
OEpMO4w3zO5L6TTZc2rINjVTl+4xvqQIgGQICRV6PR2aiJjIGUw+VKrAt/FyodKj
kgmhZkIgEjLseqElXL9tHIJbzuKPNiMWcIcQLlT64UynYLUWDtMpYxC48wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIbSHP8bgSUvpaasH7/We2f3Mm9fMB8GA1UdIwQY
MBaAFGaW+j/kDPdwhRyDrcr6+3pBB2ePMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnBiNlAtUU05M0NGSElPdHl2cjdla0VIWjQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9lNjZhZmUtNmUwYi00ZGJkLThkMGQt
Y2U2OTE1YjQ3MzZmLzEvaHRJY194dUJKUy1scHF3ZnY5WjdaX2N5YjE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9lNjZhZmUtNmUwYi00ZGJkLThkMGQtY2U2OTE1YjQ3MzZm
LzEvWnBiNlAtUU05M0NGSElPdHl2cjdla0VIWjQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBkkKGAwQA
wQiLMA0EAgACMAcDBQMqFF7AMA0GCSqGSIb3DQEBCwUAA4IBAQAWx1ErzPve8xIu
a8rwZNqXM9Fm4hst5uz1Zyd7xs2JmVxmKlGw07/IySpJIMBXF3Kk5ft6SePqCJgR
ZH3DqmOVrcFiXItQXl4+cYFoHSsFf0jb38PcvvQAF1RjDeE845UADL0sdraCS+F4
bqyTQ8QCVAwvdHDCSNdKDnVYrFeiqkYoqseIdJgCPDufIAEoq87Q4s3R/TMwMsm9
7P3XFS567qSiXyDqhDRvoJ1q6JkQk46JUsgvjdUfmgJhuKm1UBOJILtGSWG0UMI3
27KxQrtES9zBpX7nGsgWr5vxqVhkp+egzfATsrS5cg+q0dDGSApU92WSE+c7EKgf
YpehFtUY
-----END CERTIFICATE-----
Generated at Sun Apr 13 02:39:27 2025 by rpki-client