Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/GXlrQLJR8vwB84WsJSEcbcBYY-U.roa
File: GXlrQLJR8vwB84WsJSEcbcBYY-U.roa (raw, json)
Hash identifier: VGX6jHD0eiHYRWNV8h2pddvG3fSxZKkPHYJj5J2fi3w=
Subject key identifier: 19:79:6B:40:B2:51:F2:FC:01:F3:85:AC:25:21:1C:6D:C0:58:63:E5
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018CC5DCE12D09065C13BF9726E343E9D333
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/GXlrQLJR8vwB84WsJSEcbcBYY-U.roa
Signing time: Mon 01 Jan 2024 16:30:36 +0000
ROA not before: Mon 01 Jan 2024 16:30:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 185.86.142.0/23 maxlen: 24
185.86.140.0/23 maxlen: 24
37.218.216.0/21 maxlen: 24
188.215.124.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 Jan 2024 20:42:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:e1:2d:09:06:5c:13:bf:97:26:e3:43:e9:d3:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Jan 1 16:30:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=19796b40b251f2fc01f385ac25211c6dc05863e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:bc:02:5d:dc:75:76:f3:28:38:56:bc:09:c8:
4d:15:9e:a7:93:48:50:d4:75:21:1a:28:08:01:b7:
71:95:cc:04:dd:22:f0:80:03:ac:50:9a:d4:e8:27:
3b:91:18:2d:56:e7:41:6c:ee:b6:0f:92:79:52:bb:
56:66:fc:d5:2d:ef:4d:8b:3d:b3:65:2d:93:d5:b6:
ce:99:74:02:c9:d0:a5:d7:d6:10:59:59:fe:1a:93:
b0:f0:f8:ce:49:6a:d4:96:5d:fc:99:b3:86:53:a7:
2b:c2:01:53:71:47:f3:b7:89:6b:7e:44:47:30:1f:
7c:a8:3e:39:b6:77:70:9a:0a:29:40:15:a7:7d:7a:
9a:25:50:6a:ea:c3:88:ce:e6:ae:52:20:dd:e6:63:
73:29:8d:5c:ee:55:a8:2d:82:ee:86:8f:b4:1d:4b:
fb:77:82:1a:88:8e:c0:cc:65:c7:f0:96:3d:1b:db:
2b:9d:6b:e4:d0:88:d4:f1:8a:8c:42:19:94:8e:39:
97:f1:b9:91:f7:dd:94:60:93:3d:1b:c1:15:fd:c3:
30:28:14:e8:0f:0f:e1:5c:c9:d8:37:64:69:c2:d4:
74:52:34:e6:c8:fa:58:7b:26:ef:96:9b:1d:ff:c2:
c2:00:6b:0e:5d:13:02:b8:08:79:47:59:ef:92:b2:
ce:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:79:6B:40:B2:51:F2:FC:01:F3:85:AC:25:21:1C:6D:C0:58:63:E5
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/GXlrQLJR8vwB84WsJSEcbcBYY-U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.218.216.0/21
185.86.140.0/22
188.215.124.0/22
Signature Algorithm: sha256WithRSAEncryption
22:ce:f0:ff:b3:23:1b:fe:9d:fb:f8:46:b3:7c:9a:9f:04:ca:
cd:e6:a6:32:67:16:fe:b8:bf:0a:d7:8e:46:c3:95:87:86:82:
b2:b1:b2:d6:db:52:d0:ae:79:fc:eb:dd:07:a0:04:3c:1f:f5:
7d:d2:5f:f2:33:a6:c4:66:bd:63:c9:ba:69:5d:06:95:87:f9:
0d:b8:67:38:57:0f:47:2c:17:ee:11:c8:5b:5e:82:9d:6d:a7:
ad:f0:71:b6:92:45:69:62:ac:86:ba:d7:f3:5f:22:d5:2a:6e:
96:c8:67:ec:32:e6:78:66:4c:52:13:6c:50:5e:cc:74:1e:07:
4b:ef:31:f8:25:f9:76:ba:e7:7f:7f:2a:16:1c:41:66:bc:cb:
87:5b:da:cb:a4:3e:45:0b:4e:65:99:7f:ac:9b:40:02:fc:af:
41:6e:bc:c2:df:65:d0:b1:41:71:64:79:22:49:84:e7:3e:98:
90:89:22:a0:73:47:ba:19:8a:f6:56:1d:fd:e3:9c:92:b7:e8:
c9:f6:ef:88:77:99:49:4a:7d:0c:22:a8:20:13:f6:7a:2b:6f:
47:16:d2:ac:8b:1a:cc:8a:0c:5b:ce:13:e7:f1:0b:ad:f0:e9:
27:db:70:62:ce:58:99:a4:16:c0:e3:44:7c:c6:d4:61:ed:79:
06:18:02:ee
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzF3OEtCQZcE7+XJuND6dMzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQwMTAxMTYzMDM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTc5NmI0MGIyNTFmMmZjMDFmMzg1YWMyNTIxMWM2ZGMwNTg2M2U1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn7wCXdx1dvMoOFa8CchNFZ6nk0hQ
1HUhGigIAbdxlcwE3SLwgAOsUJrU6Cc7kRgtVudBbO62D5J5UrtWZvzVLe9Niz2z
ZS2T1bbOmXQCydCl19YQWVn+GpOw8PjOSWrUll38mbOGU6crwgFTcUfzt4lrfkRH
MB98qD45tndwmgopQBWnfXqaJVBq6sOIzuauUiDd5mNzKY1c7lWoLYLuho+0HUv7
d4IaiI7AzGXH8JY9G9srnWvk0IjU8YqMQhmUjjmX8bmR992UYJM9G8EV/cMwKBTo
Dw/hXMnYN2RpwtR0UjTmyPpYeybvlpsd/8LCAGsOXRMCuAh5R1nvkrLOOwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBl5a0CyUfL8AfOFrCUhHG3AWGPlMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvR1hsclFMSlI4dndCODRXc0pTRWNiY0JZWS1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDJdrYAwQC
uVaMAwQCvNd8MA0GCSqGSIb3DQEBCwUAA4IBAQAizvD/syMb/p37+EazfJqfBMrN
5qYyZxb+uL8K145Gw5WHhoKysbLW21LQrnn8690HoAQ8H/V90l/yM6bEZr1jybpp
XQaVh/kNuGc4Vw9HLBfuEchbXoKdbaet8HG2kkVpYqyGutfzXyLVKm6WyGfsMuZ4
ZkxSE2xQXsx0HgdL7zH4Jfl2uud/fyoWHEFmvMuHW9rLpD5FC05lmX+sm0AC/K9B
brzC32XQsUFxZHkiSYTnPpiQiSKgc0e6GYr2Vh3945ySt+jJ9u+Id5lJSn0MIqgg
E/Z6K29HFtKsixrMigxbzhPn8Qut8Okn23BizliZpBbA40R8xtRh7XkGGALu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:35 2024 by rpki-client on console-fra.rpki-client.org