Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/L75d431wrfBYYYCua9TdWM5v1u4.roa
File: L75d431wrfBYYYCua9TdWM5v1u4.roa (raw, json)
Hash identifier: 1PFQtvRYlJLGJnoAPEi3vdUyR7SASwrRmJJ5/NFvquM=
Subject key identifier: 2F:BE:5D:E3:7D:70:AD:F0:58:61:80:AE:6B:D4:DD:58:CE:6F:D6:EE
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 01897C865A268E7EC6DB340A3DE8216BAA32
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/L75d431wrfBYYYCua9TdWM5v1u4.roa
Signing time: Sat 22 Jul 2023 07:35:26 +0000
ROA not before: Sat 22 Jul 2023 07:35:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205570
IP address blocks: 86.104.164.0/22 maxlen: 24
89.46.180.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 24 Aug 2023 05:15:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:7c:86:5a:26:8e:7e:c6:db:34:0a:3d:e8:21:6b:aa:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Jul 22 07:35:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2fbe5de37d70adf0586180ae6bd4dd58ce6fd6ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:f2:86:be:57:b3:70:79:74:0f:0b:85:fd:fa:
79:52:2d:9e:46:13:a5:a0:b4:f6:90:e5:9e:91:42:
c2:f2:09:cf:d5:45:8b:4f:6e:62:f5:aa:cd:2e:d6:
f3:58:ec:38:bd:6c:f1:28:36:29:44:72:70:57:1f:
5f:eb:a9:f7:b4:64:b3:d4:10:be:84:77:3d:2d:4f:
62:03:93:ea:67:78:2c:01:ea:3e:a2:76:c4:31:99:
42:42:5f:85:1c:2e:4a:25:7f:50:da:31:c4:c8:28:
55:52:28:4c:22:e2:d6:1a:06:f2:cb:91:4a:a0:d2:
3d:d1:bc:63:55:e2:25:85:50:f2:b3:c1:72:ee:8e:
91:df:7e:ae:4b:38:e7:f6:48:f7:f4:ab:29:28:f3:
f9:82:48:ec:8f:dd:9c:61:64:0a:a8:12:1e:71:c2:
66:be:cb:57:a4:fe:03:7f:08:27:dd:b2:93:85:4a:
14:0e:2a:17:c4:42:3e:cd:5e:4b:ed:f4:cd:be:ff:
87:cf:0f:1f:83:a2:20:85:08:18:b4:88:ad:2a:f7:
94:fb:cf:c0:4d:a8:2a:ca:34:ba:b4:d3:5a:97:3f:
72:1e:4c:9f:05:04:99:37:c9:27:d2:ac:d8:89:29:
c8:79:9b:0b:aa:2c:dc:06:36:89:e2:56:60:fa:52:
92:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:BE:5D:E3:7D:70:AD:F0:58:61:80:AE:6B:D4:DD:58:CE:6F:D6:EE
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/L75d431wrfBYYYCua9TdWM5v1u4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.104.164.0/22
89.46.180.0/22
Signature Algorithm: sha256WithRSAEncryption
0f:f1:42:6d:ac:6a:e2:ce:89:1d:28:80:4e:73:34:cb:60:31:
64:eb:21:83:6c:48:d1:8d:bd:70:27:fe:b4:d1:41:98:45:9c:
f4:19:50:67:b3:1e:17:1a:52:b2:80:f7:1c:a9:0e:5b:13:ce:
ea:00:aa:e3:4f:ad:93:ed:90:bb:19:65:60:f0:6c:bf:41:33:
10:ae:86:74:b1:fd:be:62:e6:25:2f:14:bd:c2:b9:23:f6:e2:
a9:ac:4c:58:97:20:7e:a2:36:b1:72:f8:cf:02:52:47:ed:73:
69:7d:36:f3:22:f5:8e:db:d4:be:22:f4:bb:a4:16:86:33:1b:
87:21:1a:69:a4:92:ee:f6:d6:d0:54:25:60:ee:e5:26:2f:89:
1d:e2:a2:7b:80:a3:50:63:3c:c1:a1:f6:a4:94:42:37:88:04:
ab:35:55:9e:03:70:5c:c3:c8:5b:f0:28:41:64:40:21:9a:1c:
35:26:92:5b:a9:50:91:b4:e5:e8:a1:9d:36:ff:51:0e:3f:5a:
6e:52:58:99:28:3a:2c:61:cc:20:de:49:15:0b:99:20:c1:cc:
92:01:5c:19:00:07:35:cd:92:13:a0:d5:64:e2:31:1e:e3:b9:
bf:ba:f2:f0:87:30:ca:dd:c6:91:99:d0:34:36:fe:0f:74:69:
f7:44:f7:63
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYl8hlomjn7G2zQKPegha6oyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMwNzIyMDczNTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmJlNWRlMzdkNzBhZGYwNTg2MTgwYWU2YmQ0ZGQ1OGNlNmZkNmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtPKGvlezcHl0DwuF/fp5Ui2eRhOl
oLT2kOWekULC8gnP1UWLT25i9arNLtbzWOw4vWzxKDYpRHJwVx9f66n3tGSz1BC+
hHc9LU9iA5PqZ3gsAeo+onbEMZlCQl+FHC5KJX9Q2jHEyChVUihMIuLWGgbyy5FK
oNI90bxjVeIlhVDys8Fy7o6R336uSzjn9kj39KspKPP5gkjsj92cYWQKqBIeccJm
vstXpP4Dfwgn3bKThUoUDioXxEI+zV5L7fTNvv+Hzw8fg6IghQgYtIitKveU+8/A
TagqyjS6tNNalz9yHkyfBQSZN8kn0qzYiSnIeZsLqizcBjaJ4lZg+lKS+wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFC++XeN9cK3wWGGArmvU3VjOb9buMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvTDc1ZDQzMXdyZkJZWVlDdWE5VGRXTTV2MXU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCVmikAwQC
WS60MA0GCSqGSIb3DQEBCwUAA4IBAQAP8UJtrGrizokdKIBOczTLYDFk6yGDbEjR
jb1wJ/600UGYRZz0GVBnsx4XGlKygPccqQ5bE87qAKrjT62T7ZC7GWVg8Gy/QTMQ
roZ0sf2+YuYlLxS9wrkj9uKprExYlyB+ojaxcvjPAlJH7XNpfTbzIvWO29S+IvS7
pBaGMxuHIRpppJLu9tbQVCVg7uUmL4kd4qJ7gKNQYzzBofaklEI3iASrNVWeA3Bc
w8hb8ChBZEAhmhw1JpJbqVCRtOXooZ02/1EOP1puUliZKDosYcwg3kkVC5kgwcyS
AVwZAAc1zZIToNVk4jEe47m/uvLwhzDK3caRmdA0Nv4PdGn3RPdj
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:47 2024 by rpki-client on console-ams.rpki-client.org