Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/8mQUE9JHsUcyhi2cT2w5NUzUmsY.roa
File: 8mQUE9JHsUcyhi2cT2w5NUzUmsY.roa (raw, json)
Hash identifier: YzqxXFvGVmriYias9NJisY1zomG1sq5l2JtbJ9kmbuI=
Subject key identifier: F2:64:14:13:D2:47:B1:47:32:86:2D:9C:4F:6C:39:35:4C:D4:9A:C6
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018BE67668FA06DC54860A56EE9370441743
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/8mQUE9JHsUcyhi2cT2w5NUzUmsY.roa
Signing time: Sun 19 Nov 2023 07:23:21 +0000
ROA not before: Sun 19 Nov 2023 07:23:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 185.86.142.0/23 maxlen: 24
185.86.140.0/23 maxlen: 24
37.218.216.0/21 maxlen: 24
188.215.124.0/22 maxlen: 24
31.186.180.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 11 Dec 2023 19:10:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:e6:76:68:fa:06:dc:54:86:0a:56:ee:93:70:44:17:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Nov 19 07:23:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f2641413d247b14732862d9c4f6c39354cd49ac6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:9a:3b:5f:8b:c0:36:45:fc:64:6c:f4:c1:2f:
14:67:e4:19:57:c2:eb:91:b4:4e:56:5b:04:c0:06:
b0:0f:e2:38:ce:cc:74:1e:aa:97:93:7d:b7:ea:58:
0e:c5:45:c2:bc:42:bb:0f:69:c8:bb:b9:d2:e3:db:
e6:7c:87:65:c6:f0:c0:1d:7c:77:2a:56:09:fa:fa:
48:97:19:af:97:69:72:3e:64:5d:17:05:40:af:d4:
a9:8d:7a:ac:83:c1:54:9e:2b:a4:a8:1f:36:7e:8b:
dd:99:26:3b:de:06:49:52:92:e7:be:e1:9e:25:f8:
e4:1d:a5:ea:d0:5a:5d:8f:ce:23:88:be:9c:3b:0a:
46:45:0e:25:a5:1f:5c:3b:da:05:68:4b:83:c9:17:
43:98:e6:e6:02:05:ed:78:aa:26:c9:42:96:0c:c7:
2a:ba:1e:26:31:ab:83:10:f4:3d:7d:41:7d:86:e3:
85:27:fe:a7:07:40:56:60:27:3e:82:75:69:e4:1f:
c0:50:f7:e8:21:f0:78:c2:11:59:8b:b2:a1:b1:f3:
cb:99:70:af:a5:96:04:ce:07:f0:8c:91:6b:ef:89:
35:8d:22:fd:60:12:91:b1:d0:0e:97:6b:a9:58:0d:
df:c9:f5:55:fd:86:74:dc:d7:a1:6d:0a:ed:16:5a:
77:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:64:14:13:D2:47:B1:47:32:86:2D:9C:4F:6C:39:35:4C:D4:9A:C6
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/8mQUE9JHsUcyhi2cT2w5NUzUmsY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.186.180.0/22
37.218.216.0/21
185.86.140.0/22
188.215.124.0/22
Signature Algorithm: sha256WithRSAEncryption
0c:2b:fc:53:41:4d:45:63:71:48:cb:5e:a1:67:c5:41:b4:02:
17:17:c8:29:8e:10:d4:04:c7:a2:7d:d3:7b:7b:f9:a5:64:c4:
ea:99:23:55:20:d4:9a:cb:0f:dc:dc:20:fd:6e:fe:cb:76:0b:
93:4e:2a:dd:0f:fd:72:05:04:a8:ef:69:b5:d8:08:86:16:b2:
03:6a:f7:24:ee:c9:50:03:47:7e:30:cb:df:9f:09:5e:e7:64:
e7:ad:04:aa:ae:f5:34:46:18:3a:e1:e9:a8:44:d7:c1:c3:a3:
59:89:67:40:79:03:4d:7b:73:02:f6:2a:c0:8d:72:26:50:f5:
fe:40:3e:47:ad:63:51:ba:c3:95:33:1e:19:1a:cd:cd:68:b6:
a2:d1:71:db:fd:55:ca:0a:10:7c:2f:3a:b1:4d:47:66:56:83:
b7:22:1b:fe:c8:b3:a6:4c:31:08:ee:f6:26:00:be:8f:5f:d4:
4e:c8:19:83:eb:3c:2b:a1:20:b1:2b:f9:99:68:92:69:46:d8:
60:4d:39:64:7a:d4:1e:17:0b:72:7f:e3:af:e1:7a:dc:35:ca:
75:88:ce:59:2d:f2:3f:d7:11:6a:f9:66:a4:1b:f3:05:b6:98:
bf:0f:40:20:d9:71:09:83:c8:1d:29:56:cc:20:6e:67:a9:08:
f8:6f:91:5e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYvmdmj6BtxUhgpW7pNwRBdDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMxMTE5MDcyMzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjY0MTQxM2QyNDdiMTQ3MzI4NjJkOWM0ZjZjMzkzNTRjZDQ5YWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJo7X4vANkX8ZGz0wS8UZ+QZV8Lr
kbROVlsEwAawD+I4zsx0HqqXk3236lgOxUXCvEK7D2nIu7nS49vmfIdlxvDAHXx3
KlYJ+vpIlxmvl2lyPmRdFwVAr9SpjXqsg8FUniukqB82fovdmSY73gZJUpLnvuGe
JfjkHaXq0Fpdj84jiL6cOwpGRQ4lpR9cO9oFaEuDyRdDmObmAgXteKomyUKWDMcq
uh4mMauDEPQ9fUF9huOFJ/6nB0BWYCc+gnVp5B/AUPfoIfB4whFZi7KhsfPLmXCv
pZYEzgfwjJFr74k1jSL9YBKRsdAOl2upWA3fyfVV/YZ03NehbQrtFlp3+QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPJkFBPSR7FHMoYtnE9sOTVM1JrGMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvOG1RVUU5SkhzVWN5aGkyY1QydzVOVXpVbXNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCH7q0AwQD
JdrYAwQCuVaMAwQCvNd8MA0GCSqGSIb3DQEBCwUAA4IBAQAMK/xTQU1FY3FIy16h
Z8VBtAIXF8gpjhDUBMeifdN7e/mlZMTqmSNVINSayw/c3CD9bv7LdguTTirdD/1y
BQSo72m12AiGFrIDavck7slQA0d+MMvfnwle52TnrQSqrvU0Rhg64emoRNfBw6NZ
iWdAeQNNe3MC9irAjXImUPX+QD5HrWNRusOVMx4ZGs3NaLai0XHb/VXKChB8Lzqx
TUdmVoO3Ihv+yLOmTDEI7vYmAL6PX9ROyBmD6zwroSCxK/mZaJJpRthgTTlketQe
Fwtyf+Ov4XrcNcp1iM5ZLfI/1xFq+WakG/MFtpi/D0Ag2XEJg8gdKVbMIG5nqQj4
b5Fe
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:35 2024 by rpki-client on console-fra.rpki-client.org