Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/BSWhk0qO3zL5usdRkelrxa0qJNg.roa
File: BSWhk0qO3zL5usdRkelrxa0qJNg.roa (raw, json)
Hash identifier: Nfh+mdyeYpSdQ9dtTVcWuRms3HX0wv47Fn0WcSuhhbQ=
Subject key identifier: 05:25:A1:93:4A:8E:DF:32:F9:BA:C7:51:91:E9:6B:C5:AD:2A:24:D8
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0188D7B503C0CB80C32CB00962C47F2BFF1F
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/BSWhk0qO3zL5usdRkelrxa0qJNg.roa
Signing time: Tue 20 Jun 2023 07:29:04 +0000
ROA not before: Tue 20 Jun 2023 07:29:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 185.86.142.0/23 maxlen: 24
185.86.140.0/23 maxlen: 24
37.218.208.0/21 maxlen: 24
37.218.216.0/21 maxlen: 24
188.215.120.0/22 maxlen: 24
188.215.124.0/22 maxlen: 24
149.126.88.0/22 maxlen: 24
31.186.180.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 09 Aug 2023 06:14:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:d7:b5:03:c0:cb:80:c3:2c:b0:09:62:c4:7f:2b:ff:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Jun 20 07:29:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0525a1934a8edf32f9bac75191e96bc5ad2a24d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:6e:e7:a3:f2:f6:2c:83:fd:85:d9:af:d6:30:
d7:93:4f:5d:9a:b0:af:12:bd:fb:74:a1:35:db:d1:
c1:d7:52:f2:1a:b6:2b:a2:cb:1b:4b:91:b6:05:a0:
8d:cd:94:93:a4:36:91:fe:b5:40:9b:d1:e1:0c:f3:
51:21:e4:6a:0d:4b:1b:a5:eb:cf:e1:c8:5f:63:a8:
f9:f5:be:45:7f:b5:24:8d:d6:eb:f5:fe:b8:9a:37:
fd:d1:d5:58:98:1c:36:93:68:b3:8f:d6:f8:f0:9a:
08:14:be:2c:7a:eb:f2:d8:c2:53:69:79:c0:0e:c6:
44:67:2a:23:c9:36:e8:3f:ff:0f:5e:a2:cb:3b:37:
b7:3e:01:3f:55:8c:20:17:39:eb:2c:69:ba:b6:30:
17:ef:10:1f:80:4a:db:54:28:fc:fd:47:58:73:81:
40:45:c1:14:e2:3a:03:de:a9:26:c9:2c:b9:9e:5e:
89:d7:d3:e4:b1:65:3a:95:26:6f:3e:cc:bb:d6:9a:
be:30:63:8c:70:aa:6e:55:de:80:70:c4:3f:79:ff:
55:91:24:4c:0d:b9:47:5f:06:2a:48:ce:e3:04:92:
ee:bb:40:7f:17:97:39:28:c7:7e:41:32:92:7f:b6:
26:4a:12:9a:b7:1f:dd:de:b5:39:fc:43:bc:fa:ba:
04:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:25:A1:93:4A:8E:DF:32:F9:BA:C7:51:91:E9:6B:C5:AD:2A:24:D8
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/BSWhk0qO3zL5usdRkelrxa0qJNg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.186.180.0/22
37.218.208.0/20
149.126.88.0/22
185.86.140.0/22
188.215.120.0/21
Signature Algorithm: sha256WithRSAEncryption
5a:12:d8:e5:9a:fd:8f:74:72:66:5d:92:7f:38:02:0d:79:8e:
3e:3b:8f:ff:82:0b:cd:6d:96:78:fb:31:76:0f:67:04:4e:d8:
0d:7a:5f:0f:1b:5a:16:e2:e5:17:53:cd:a7:8c:f3:8c:c2:84:
08:b1:ad:ae:eb:fa:3a:4a:0b:24:10:1e:83:ac:59:de:40:1d:
e7:e9:75:bb:b5:17:e0:1b:ba:6f:0a:fd:9e:62:4e:b9:fa:02:
4b:be:80:77:40:89:e8:20:e8:86:e3:a2:26:ce:c0:e0:59:30:
2a:e5:69:80:8e:10:65:0a:e1:5f:b5:fd:7d:aa:01:81:f0:64:
6e:1e:d5:ec:50:9c:ca:58:09:9c:e1:56:25:f7:ea:4a:ec:b3:
3e:38:a2:f3:44:e8:ff:4e:12:d3:cd:cf:81:01:7a:69:3c:88:
5e:50:3d:f8:9b:7b:ae:85:d5:91:2e:6a:97:51:09:1d:20:6e:
e5:0c:ff:e3:73:0c:56:ff:20:df:db:25:5f:8a:6e:8f:7c:46:
9c:9e:c9:7e:61:43:37:af:d6:43:d5:d8:29:68:4a:31:69:8d:
90:cb:4a:3d:1e:ba:fa:09:db:4a:67:42:75:a2:6e:52:e8:9a:
dc:e3:82:4e:4a:54:e6:85:e9:16:e5:cb:dd:58:22:72:a5:86:
75:9f:75:61
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYjXtQPAy4DDLLAJYsR/K/8fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMwNjIwMDcyOTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTI1YTE5MzRhOGVkZjMyZjliYWM3NTE5MWU5NmJjNWFkMmEyNGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAom7no/L2LIP9hdmv1jDXk09dmrCv
Er37dKE129HB11LyGrYrossbS5G2BaCNzZSTpDaR/rVAm9HhDPNRIeRqDUsbpevP
4chfY6j59b5Ff7Ukjdbr9f64mjf90dVYmBw2k2izj9b48JoIFL4seuvy2MJTaXnA
DsZEZyojyTboP/8PXqLLOze3PgE/VYwgFznrLGm6tjAX7xAfgErbVCj8/UdYc4FA
RcEU4joD3qkmySy5nl6J19PksWU6lSZvPsy71pq+MGOMcKpuVd6AcMQ/ef9VkSRM
DblHXwYqSM7jBJLuu0B/F5c5KMd+QTKSf7YmShKatx/d3rU5/EO8+roEPwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAUloZNKjt8y+brHUZHpa8WtKiTYMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvQlNXaGswcU8zekw1dXNkUmtlbHJ4YTBxSk5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCH7q0AwQE
JdrQAwQClX5YAwQCuVaMAwQDvNd4MA0GCSqGSIb3DQEBCwUAA4IBAQBaEtjlmv2P
dHJmXZJ/OAINeY4+O4//ggvNbZZ4+zF2D2cETtgNel8PG1oW4uUXU82njPOMwoQI
sa2u6/o6SgskEB6DrFneQB3n6XW7tRfgG7pvCv2eYk65+gJLvoB3QInoIOiG46Im
zsDgWTAq5WmAjhBlCuFftf19qgGB8GRuHtXsUJzKWAmc4VYl9+pK7LM+OKLzROj/
ThLTzc+BAXppPIheUD34m3uuhdWRLmqXUQkdIG7lDP/jcwxW/yDf2yVfim6PfEac
nsl+YUM3r9ZD1dgpaEoxaY2Qy0o9Hrr6CdtKZ0J1om5S6Jrc44JOSlTmhekW5cvd
WCJypYZ1n3Vh
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:47 2024 by rpki-client on console-ams.rpki-client.org