Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/1kx2g4LsdeFkOUwq-RHXiHSk4bs.roa
File: 1kx2g4LsdeFkOUwq-RHXiHSk4bs.roa (raw, json)
Hash identifier: Kf4B09m1ld6ZE92+xfHlP5rnYBj6eQzvNXPIgdTvYm8=
Subject key identifier: D6:4C:76:83:82:EC:75:E1:64:39:4C:2A:F9:11:D7:88:74:A4:E1:BB
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0193AF6C2ED8F26BC8E56E8CA7A371D3A89D
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/1kx2g4LsdeFkOUwq-RHXiHSk4bs.roa
Signing time: Tue 10 Dec 2024 07:15:22 +0000
ROA not before: Tue 10 Dec 2024 07:15:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 397423
IP address blocks: 37.34.80.0/21 maxlen: 22
86.104.160.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:50:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:af:6c:2e:d8:f2:6b:c8:e5:6e:8c:a7:a3:71:d3:a8:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Dec 10 07:15:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d64c768382ec75e164394c2af911d78874a4e1bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:a6:ae:ba:30:81:4c:39:bf:12:1a:de:ca:79:
c6:74:ad:58:d9:9f:7e:3b:1e:da:09:d2:09:d8:6f:
35:eb:cd:de:7a:05:a7:1a:e0:12:c3:8a:24:42:a8:
b4:06:a7:e5:b2:06:1f:43:0c:97:77:1b:9e:52:da:
3c:82:60:71:9c:54:37:18:09:0b:da:8f:a3:32:84:
53:71:1a:ad:0d:68:04:88:3c:0b:f2:e7:ee:fa:5d:
e1:c1:db:1c:6c:c2:42:b9:51:d5:43:dd:5e:ab:01:
f3:7d:ab:04:f5:df:f3:c6:36:a5:3f:6c:be:ed:07:
4a:19:39:06:1a:0a:1c:db:67:76:70:b7:75:7c:40:
d3:39:2f:49:75:1c:72:24:f8:f1:44:d1:9f:e1:68:
1d:fc:ce:ab:a6:02:4b:fa:30:e6:a2:75:dd:4d:ee:
00:d2:fe:fd:ea:e3:7b:40:4d:47:16:39:93:d8:6d:
6d:df:81:20:e3:0a:77:da:03:f4:16:14:84:ab:c6:
6b:72:7b:3d:38:69:9e:49:ef:52:95:57:70:6f:9e:
dc:00:ae:db:73:9a:55:67:f7:6a:ea:2e:bd:f4:c4:
01:0d:f2:1e:62:4f:71:37:da:59:a5:b1:a9:01:60:
8b:dc:6c:00:3b:d2:0b:61:0a:76:cc:fd:01:d9:53:
9a:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:4C:76:83:82:EC:75:E1:64:39:4C:2A:F9:11:D7:88:74:A4:E1:BB
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/1kx2g4LsdeFkOUwq-RHXiHSk4bs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.34.80.0/21
86.104.160.0/22
Signature Algorithm: sha256WithRSAEncryption
46:30:2c:ac:e2:34:b9:b2:7f:4b:9d:fe:3a:d7:93:64:d2:3d:
d0:44:7e:1a:ea:9c:76:c7:2d:bb:7a:63:9f:ed:1b:96:49:fa:
cd:ae:43:19:d1:83:c0:da:38:5e:17:36:be:0d:e5:da:c2:12:
ac:25:f7:a9:e9:0a:cf:b8:45:98:17:8e:a7:57:b4:72:31:ed:
3a:f8:ab:0e:0c:20:39:c5:af:0b:69:9c:aa:7e:55:0d:32:8f:
53:11:da:1d:5b:34:c2:d1:4e:74:64:1e:b3:30:cd:6e:5e:2c:
19:52:e5:cf:a2:de:f1:e2:e9:03:e5:d3:a6:2f:20:38:a8:5f:
09:c6:07:60:dd:b6:e1:43:69:ab:ff:08:94:11:6c:37:41:62:
a5:a9:fb:7a:8c:c1:c9:32:a4:0b:85:4f:d9:41:03:36:63:7e:
58:c1:5e:10:64:4a:63:34:61:f7:90:67:84:be:62:a0:96:71:
e8:77:f3:9a:36:7c:a1:17:bc:a0:ea:34:02:56:37:d4:a6:96:
fc:25:9c:eb:0d:b9:47:1f:23:b7:42:d4:ef:e0:93:4b:d8:d0:
3b:d8:cd:49:7e:66:b5:38:df:b9:ea:9a:e9:c0:ce:fe:d6:b1:
da:1e:cc:9a:b1:f0:81:f5:34:c1:6c:d7:54:ed:c9:c3:a1:c3:
92:b2:fa:46
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZOvbC7Y8mvI5W6Mp6Nx06idMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQxMjEwMDcxNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjRjNzY4MzgyZWM3NWUxNjQzOTRjMmFmOTExZDc4ODc0YTRlMWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3qauujCBTDm/EhreynnGdK1Y2Z9+
Ox7aCdIJ2G81683eegWnGuASw4okQqi0BqflsgYfQwyXdxueUto8gmBxnFQ3GAkL
2o+jMoRTcRqtDWgEiDwL8ufu+l3hwdscbMJCuVHVQ91eqwHzfasE9d/zxjalP2y+
7QdKGTkGGgoc22d2cLd1fEDTOS9JdRxyJPjxRNGf4Wgd/M6rpgJL+jDmonXdTe4A
0v796uN7QE1HFjmT2G1t34Eg4wp32gP0FhSEq8Zrcns9OGmeSe9SlVdwb57cAK7b
c5pVZ/dq6i699MQBDfIeYk9xN9pZpbGpAWCL3GwAO9ILYQp2zP0B2VOaowIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNZMdoOC7HXhZDlMKvkR14h0pOG7MB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvMWt4Mmc0THNkZUZrT1V3cS1SSFhpSFNrNGJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDJSJQAwQC
VmigMA0GCSqGSIb3DQEBCwUAA4IBAQBGMCys4jS5sn9Lnf4615Nk0j3QRH4a6px2
xy27emOf7RuWSfrNrkMZ0YPA2jheFza+DeXawhKsJfep6QrPuEWYF46nV7RyMe06
+KsODCA5xa8LaZyqflUNMo9TEdodWzTC0U50ZB6zMM1uXiwZUuXPot7x4ukD5dOm
LyA4qF8Jxgdg3bbhQ2mr/wiUEWw3QWKlqft6jMHJMqQLhU/ZQQM2Y35YwV4QZEpj
NGH3kGeEvmKglnHod/OaNnyhF7yg6jQCVjfUppb8JZzrDblHHyO3QtTv4JNL2NA7
2M1Jfma1ON+56prpwM7+1rHaHsyasfCB9TTBbNdU7cnDocOSsvpG
-----END CERTIFICATE-----
Generated at Sat Apr 19 14:06:36 2025 by rpki-client