Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/Oz2FadfrmTO7cyTWpPrgv3-DUdI.roa
File: Oz2FadfrmTO7cyTWpPrgv3-DUdI.roa (raw, json)
Hash identifier: WN+MRRbA054rCl0cYnQE+iI3a1nWFsPQS+TEUFx2jw0=
Subject key identifier: 3B:3D:85:69:D7:EB:99:33:BB:73:24:D6:A4:FA:E0:BF:7F:83:51:D2
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0188F6D94D189E8FAA6C8967714C8A6777BE
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/Oz2FadfrmTO7cyTWpPrgv3-DUdI.roa
Signing time: Mon 26 Jun 2023 08:36:56 +0000
ROA not before: Mon 26 Jun 2023 08:36:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6830
IP address blocks: 78.143.224.0/22 maxlen: 22
78.143.232.0/21 maxlen: 24
78.143.228.0/22 maxlen: 22
89.46.176.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 28 Dec 2023 07:24:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:f6:d9:4d:18:9e:8f:aa:6c:89:67:71:4c:8a:67:77:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Jun 26 08:36:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b3d8569d7eb9933bb7324d6a4fae0bf7f8351d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:36:69:da:41:53:c2:90:1e:08:e1:ad:6f:2f:
8d:c7:9d:76:2c:43:66:62:89:79:39:60:19:81:6a:
40:93:9d:4c:cb:7c:a9:42:fd:73:89:26:e1:dc:f4:
fd:40:47:4e:f0:5a:18:16:55:13:67:69:40:d7:99:
94:7c:4a:b0:bf:01:29:01:17:98:85:7b:42:0a:fd:
20:db:c7:11:48:e2:7f:e8:a6:a5:a9:1c:1d:80:49:
29:5a:7c:68:c7:cb:c4:82:31:e7:e9:ca:e0:b7:d9:
8f:e0:91:4a:e2:70:45:44:5b:45:11:fa:d6:e9:9b:
be:b1:4c:e1:8c:b9:7d:36:94:e8:ca:98:51:5f:60:
7f:a0:03:5e:aa:ba:96:ec:d6:c8:7c:b6:f7:54:25:
84:da:b8:e2:38:20:6c:a9:f3:c5:9a:73:fd:9a:87:
9e:e7:40:2e:15:26:fc:df:53:ae:c2:7a:0d:a0:a2:
8c:94:ef:fc:a0:ce:48:d5:e1:05:dd:69:d9:2d:04:
86:f5:f0:ef:62:16:07:71:d7:28:65:d7:aa:24:b5:
36:e8:2e:f1:e3:17:fd:15:8b:62:05:c4:5f:c7:e8:
68:b1:57:dc:55:ab:c4:42:bd:91:48:38:48:53:73:
ca:2c:9b:1f:04:c3:2b:01:f7:70:e6:cc:1d:d1:6c:
db:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:3D:85:69:D7:EB:99:33:BB:73:24:D6:A4:FA:E0:BF:7F:83:51:D2
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/Oz2FadfrmTO7cyTWpPrgv3-DUdI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.143.224.0/20
89.46.176.0/22
Signature Algorithm: sha256WithRSAEncryption
4d:0e:43:de:85:5b:b0:13:ea:1b:7d:41:e8:c1:2f:63:47:34:
fe:5f:80:89:5a:e0:03:c4:ed:78:5e:0e:00:b0:ee:bc:ab:67:
87:7c:5b:e1:ba:c8:89:b9:c2:bd:07:3c:9c:6e:72:d0:c4:33:
9a:75:9c:7a:53:fa:11:11:23:83:68:40:26:13:cd:b5:52:2a:
43:cc:7f:bf:3d:14:1c:78:ef:48:be:d0:5c:bd:05:54:f8:f7:
89:c9:4a:7a:b9:37:e0:ca:ae:13:3b:71:7b:bd:c3:a8:8b:c0:
34:ad:81:81:25:00:b7:8b:2a:3b:ac:5c:d3:5c:5b:6d:50:0d:
2d:5c:4a:02:65:3a:1b:37:8b:09:f1:11:fc:e0:86:50:18:24:
9a:4e:e2:2a:43:7f:ba:28:b3:5a:cb:2e:95:d1:58:42:4a:d8:
d7:75:99:9f:54:8d:4e:53:d7:fb:81:e6:77:06:2a:8f:5a:17:
27:9c:9b:90:16:eb:de:23:3c:5f:54:80:ac:8f:de:b0:14:c4:
b2:f6:52:b2:21:c2:30:9a:e3:3c:5f:bb:8f:c8:81:8d:a9:9e:
8f:e4:42:f4:77:1e:bd:14:12:af:a6:58:b3:14:5f:d5:26:ea:
a2:c6:30:93:6a:4f:e3:51:75:ec:9b:c3:d4:8e:af:1f:43:17:
9b:07:50:06
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYj22U0Yno+qbIlncUyKZ3e+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMwNjI2MDgzNjU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjNkODU2OWQ3ZWI5OTMzYmI3MzI0ZDZhNGZhZTBiZjdmODM1MWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkDZp2kFTwpAeCOGtby+Nx512LENm
Yol5OWAZgWpAk51My3ypQv1ziSbh3PT9QEdO8FoYFlUTZ2lA15mUfEqwvwEpAReY
hXtCCv0g28cRSOJ/6KalqRwdgEkpWnxox8vEgjHn6crgt9mP4JFK4nBFRFtFEfrW
6Zu+sUzhjLl9NpToyphRX2B/oANeqrqW7NbIfLb3VCWE2rjiOCBsqfPFmnP9moee
50AuFSb831OuwnoNoKKMlO/8oM5I1eEF3WnZLQSG9fDvYhYHcdcoZdeqJLU26C7x
4xf9FYtiBcRfx+hosVfcVavEQr2RSDhIU3PKLJsfBMMrAfdw5swd0WzbPQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDs9hWnX65kzu3Mk1qT64L9/g1HSMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvT3oyRmFkZnJtVE83Y3lUV3BQcmd2My1EVWRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQETo/gAwQC
WS6wMA0GCSqGSIb3DQEBCwUAA4IBAQBNDkPehVuwE+obfUHowS9jRzT+X4CJWuAD
xO14Xg4AsO68q2eHfFvhusiJucK9BzycbnLQxDOadZx6U/oRESODaEAmE821UipD
zH+/PRQceO9IvtBcvQVU+PeJyUp6uTfgyq4TO3F7vcOoi8A0rYGBJQC3iyo7rFzT
XFttUA0tXEoCZTobN4sJ8RH84IZQGCSaTuIqQ3+6KLNayy6V0VhCStjXdZmfVI1O
U9f7geZ3BiqPWhcnnJuQFuveIzxfVICsj96wFMSy9lKyIcIwmuM8X7uPyIGNqZ6P
5EL0dx69FBKvplizFF/VJuqixjCTak/jUXXsm8PUjq8fQxebB1AG
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:47 2024 by rpki-client on console-ams.rpki-client.org