Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/6XXIPTn4PobMd2e4vBMc_275coc.roa
File: 6XXIPTn4PobMd2e4vBMc_275coc.roa (raw, json)
Hash identifier: 4oS4nfvv05atASI5M1yNoyv8gCCHlYJU50rOkRDxzv8=
Subject key identifier: E9:75:C8:3D:39:F8:3E:86:CC:77:67:B8:BC:13:1C:FF:6E:F9:72:87
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 01857C64D765357B374EE72EEE122FF693CA
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/6XXIPTn4PobMd2e4vBMc_275coc.roa
Signing time: Wed 04 Jan 2023 10:47:41 +0000
ROA not before: Wed 04 Jan 2023 10:47:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 185.86.142.0/23 maxlen: 24
37.34.88.0/21 maxlen: 24
185.86.140.0/23 maxlen: 24
37.218.208.0/21 maxlen: 24
37.218.216.0/21 maxlen: 24
188.215.120.0/22 maxlen: 24
89.46.180.0/22 maxlen: 24
149.126.88.0/22 maxlen: 24
130.255.64.0/22 maxlen: 24
130.255.68.0/22 maxlen: 24
31.186.180.0/22 maxlen: 24
46.20.210.0/23 maxlen: 24
Validation: Failed, certificate revoked on Fri 06 Jan 2023 07:09:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:7c:64:d7:65:35:7b:37:4e:e7:2e:ee:12:2f:f6:93:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Jan 4 10:47:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e975c83d39f83e86cc7767b8bc131cff6ef97287
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:0c:09:03:f5:7e:1d:33:83:d2:0d:04:62:5a:
6d:36:a6:80:59:4e:0f:4a:f6:07:6c:d0:71:22:f4:
a4:cf:e9:6b:fe:41:5f:1d:e8:a6:3b:90:c7:6c:f9:
78:68:ea:c7:87:24:34:00:f8:db:7d:6b:d4:44:7d:
cc:05:b2:05:38:4b:67:cd:3b:9f:d7:b0:7a:d1:e2:
96:30:c4:c0:e2:26:5e:77:59:e8:a1:f1:e2:ce:7e:
d2:9f:9f:fb:0c:4e:f6:10:75:2e:0e:fd:9e:df:a4:
b0:4a:7e:44:40:cd:44:bb:c7:a8:ac:97:c4:b8:17:
4b:b9:89:6d:9a:e5:a3:34:66:e1:2c:aa:ef:46:84:
06:86:b5:b2:98:96:d2:95:ff:33:8b:ec:ca:bb:9a:
cc:59:11:60:c7:1e:3e:54:87:53:5f:8d:50:cd:a2:
f8:c5:cb:7b:00:b3:3d:63:af:45:68:55:0d:08:af:
22:40:f3:5c:8c:41:23:80:70:dc:0c:b6:f4:8d:36:
cb:0e:1f:54:38:68:f8:db:23:13:9d:32:43:2a:3c:
0a:64:f8:08:af:44:55:1f:2c:9f:67:82:3c:fc:04:
9c:94:21:47:fd:e3:93:a6:f2:ce:d4:2d:f2:58:aa:
cd:ae:43:d9:8a:3b:64:db:ef:9f:a1:3e:b6:f7:42:
c2:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:75:C8:3D:39:F8:3E:86:CC:77:67:B8:BC:13:1C:FF:6E:F9:72:87
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/6XXIPTn4PobMd2e4vBMc_275coc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.186.180.0/22
37.34.88.0/21
37.218.208.0/20
46.20.210.0/23
89.46.180.0/22
130.255.64.0/21
149.126.88.0/22
185.86.140.0/22
188.215.120.0/22
Signature Algorithm: sha256WithRSAEncryption
6d:a8:6c:18:1a:75:2a:4d:ef:c3:a3:f6:7b:04:1e:a0:63:19:
af:c2:8d:68:13:77:71:36:60:9d:75:64:15:4e:dd:32:d7:80:
e3:07:d0:f7:7d:e2:4e:07:38:5a:4d:95:e7:d3:b4:5f:ac:86:
dd:bf:b2:7a:5f:c0:5e:cb:24:88:6a:7c:3f:0f:31:52:b0:d0:
c5:b9:2b:45:73:78:b8:48:da:72:5b:9b:f7:e8:3a:0d:70:0f:
fa:a5:a4:e1:01:f6:91:70:10:eb:d3:b8:1d:93:ab:e1:c9:31:
a5:17:d4:4e:47:94:2c:72:cf:cd:1b:61:62:02:1f:81:a8:cf:
a6:ac:a5:b1:64:6c:8a:da:32:c0:75:71:f9:3b:48:e4:46:68:
18:c5:59:45:b6:f3:56:4c:56:e0:43:80:bc:b6:70:6c:c9:70:
5c:5b:7e:f1:10:c9:f3:4c:ae:ca:8c:7e:91:6d:00:d1:cf:84:
1d:48:8c:01:64:db:0d:79:c9:93:4a:1b:31:d5:8a:cb:08:50:
7e:d4:9e:68:0a:81:83:09:09:ee:a5:ae:d6:a7:00:1d:0b:73:
3e:82:49:e1:8b:de:00:2e:f7:3a:f3:34:b3:c2:3f:4a:a8:42:
01:5a:19:a2:e7:8b:64:51:38:dd:35:d2:00:a0:f0:d5:80:23:
19:ab:ea:91
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYV8ZNdlNXs3Tucu7hIv9pPKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMwMTA0MTA0NzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTc1YzgzZDM5ZjgzZTg2Y2M3NzY3YjhiYzEzMWNmZjZlZjk3Mjg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjgwJA/V+HTOD0g0EYlptNqaAWU4P
SvYHbNBxIvSkz+lr/kFfHeimO5DHbPl4aOrHhyQ0APjbfWvURH3MBbIFOEtnzTuf
17B60eKWMMTA4iZed1noofHizn7Sn5/7DE72EHUuDv2e36SwSn5EQM1Eu8eorJfE
uBdLuYltmuWjNGbhLKrvRoQGhrWymJbSlf8zi+zKu5rMWRFgxx4+VIdTX41QzaL4
xct7ALM9Y69FaFUNCK8iQPNcjEEjgHDcDLb0jTbLDh9UOGj42yMTnTJDKjwKZPgI
r0RVHyyfZ4I8/ASclCFH/eOTpvLO1C3yWKrNrkPZijtk2++foT6290LCRwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFOl1yD05+D6GzHdnuLwTHP9u+XKHMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvNlhYSVBUbjRQb2JNZDJlNHZCTWNfMjc1Y29jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQCH7q0AwQD
JSJYAwQEJdrQAwQBLhTSAwQCWS60AwQDgv9AAwQClX5YAwQCuVaMAwQCvNd4MA0G
CSqGSIb3DQEBCwUAA4IBAQBtqGwYGnUqTe/Do/Z7BB6gYxmvwo1oE3dxNmCddWQV
Tt0y14DjB9D3feJOBzhaTZXn07RfrIbdv7J6X8BeyySIanw/DzFSsNDFuStFc3i4
SNpyW5v36DoNcA/6paThAfaRcBDr07gdk6vhyTGlF9ROR5Qscs/NG2FiAh+BqM+m
rKWxZGyK2jLAdXH5O0jkRmgYxVlFtvNWTFbgQ4C8tnBsyXBcW37xEMnzTK7KjH6R
bQDRz4QdSIwBZNsNecmTShsx1YrLCFB+1J5oCoGDCQnupa7WpwAdC3M+gknhi94A
Lvc68zSzwj9KqEIBWhmi54tkUTjdNdIAoPDVgCMZq+qR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:35 2024 by rpki-client on console-fra.rpki-client.org