Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/WQCYXp4EnvXPBoXFkbMG7eXxCNk.roa
File: WQCYXp4EnvXPBoXFkbMG7eXxCNk.roa (raw, json)
Hash identifier: JN0YZt5wEdFNBBifWklbZ9X5ySF8J1GW6jlQ8AqxFc4=
Subject key identifier: 59:00:98:5E:9E:04:9E:F5:CF:06:85:C5:91:B3:06:ED:E5:F1:08:D9
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0188EC3686A5FB46BE9345597921735DA1FF
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/WQCYXp4EnvXPBoXFkbMG7eXxCNk.roa
Signing time: Sat 24 Jun 2023 07:02:56 +0000
ROA not before: Sat 24 Jun 2023 07:02:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6830
IP address blocks: 78.143.224.0/22 maxlen: 24
78.143.232.0/21 maxlen: 24
78.143.228.0/22 maxlen: 24
89.46.176.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 26 Jun 2023 08:36:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:ec:36:86:a5:fb:46:be:93:45:59:79:21:73:5d:a1:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Jun 24 07:02:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5900985e9e049ef5cf0685c591b306ede5f108d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:d4:f8:22:7c:14:46:94:18:ae:eb:d8:dd:83:
65:fd:c8:30:7a:a6:bd:3c:ff:9e:2f:e1:7c:64:d9:
10:b8:79:3b:f3:d1:ea:11:1e:88:61:a4:c9:77:63:
02:1e:5b:f7:19:7b:d6:f7:d2:f1:17:50:3d:a9:92:
7e:e0:ae:08:52:8b:26:79:cd:8c:58:01:cc:c0:4e:
04:38:49:0e:59:9c:73:d1:46:64:8a:0d:f3:eb:74:
38:e2:8f:63:31:7d:55:4c:5a:22:3f:c9:0e:d7:0b:
14:27:2c:36:1f:3e:49:2a:70:0b:3a:82:92:a7:bf:
d5:3b:24:1c:4c:67:02:28:aa:fa:59:b3:41:d4:c8:
81:b5:0d:df:02:d4:69:d2:f9:a0:f4:64:44:e6:ab:
0d:1b:95:16:8c:02:8a:b6:f0:80:a1:f3:5b:fd:f4:
8f:7f:85:e9:cc:87:3d:90:50:84:e9:97:2e:a1:76:
b1:29:bd:2b:9a:d1:59:87:77:5d:c3:b0:1a:09:7e:
39:26:66:f2:e1:a4:74:19:d4:9a:d8:b1:3b:8b:a0:
2f:2b:73:88:63:18:3c:63:37:a1:f0:e7:0e:3d:d4:
a8:bb:80:7b:f3:06:15:98:b0:10:46:35:a5:d1:ba:
35:ba:01:3a:d5:45:56:0f:93:fb:51:c7:61:20:56:
ed:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:00:98:5E:9E:04:9E:F5:CF:06:85:C5:91:B3:06:ED:E5:F1:08:D9
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/WQCYXp4EnvXPBoXFkbMG7eXxCNk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.143.224.0/20
89.46.176.0/22
Signature Algorithm: sha256WithRSAEncryption
2e:65:43:f0:d4:55:66:b2:a6:3b:20:2b:7c:ab:a6:bd:2a:1e:
11:41:08:cc:89:26:0f:6c:de:15:8f:0a:95:c0:8d:90:6b:d1:
6d:c5:84:0f:03:45:65:c0:19:f7:11:01:7d:66:86:7c:06:02:
3e:65:1e:b4:01:4d:7d:c5:bd:a8:f9:7f:30:f2:8b:39:43:4f:
36:19:b6:90:23:7e:7e:94:3e:b1:3c:39:e8:79:be:1c:52:2a:
06:58:84:47:d0:d5:d0:a2:ca:4b:b7:56:fc:30:5a:d3:c5:40:
5b:9b:95:c1:97:24:c8:91:bf:52:55:c6:24:e2:ec:a8:24:e0:
a4:d7:97:87:e1:99:39:b2:19:08:9e:39:43:d1:1c:14:c0:39:
27:0a:59:d0:db:c1:0f:d7:7c:f3:bc:2e:69:3f:60:e4:63:03:
2f:bd:33:7f:3b:30:bd:74:c3:a8:e4:08:e0:5b:0b:10:1d:e1:
80:e4:8f:16:b9:82:a1:84:63:86:84:f8:b1:fc:f6:ea:df:16:
8f:c3:ca:24:ac:f4:e9:05:86:91:39:31:e7:2e:d6:fb:92:cb:
e5:e3:4e:c1:56:31:6f:88:cb:4f:76:c3:f1:3a:7a:1d:40:14:
f2:88:4b:f0:49:55:54:f2:bb:b7:56:3f:58:16:ee:d0:55:4f:
ca:52:de:ba
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYjsNoal+0a+k0VZeSFzXaH/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMwNjI0MDcwMjU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTAwOTg1ZTllMDQ5ZWY1Y2YwNjg1YzU5MWIzMDZlZGU1ZjEwOGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzdT4InwURpQYruvY3YNl/cgweqa9
PP+eL+F8ZNkQuHk789HqER6IYaTJd2MCHlv3GXvW99LxF1A9qZJ+4K4IUosmec2M
WAHMwE4EOEkOWZxz0UZkig3z63Q44o9jMX1VTFoiP8kO1wsUJyw2Hz5JKnALOoKS
p7/VOyQcTGcCKKr6WbNB1MiBtQ3fAtRp0vmg9GRE5qsNG5UWjAKKtvCAofNb/fSP
f4XpzIc9kFCE6ZcuoXaxKb0rmtFZh3ddw7AaCX45Jmby4aR0GdSa2LE7i6AvK3OI
Yxg8Yzeh8OcOPdSou4B78wYVmLAQRjWl0bo1ugE61UVWD5P7UcdhIFbtTwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFkAmF6eBJ71zwaFxZGzBu3l8QjZMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvV1FDWVhwNEVudlhQQm9YRmtiTUc3ZVh4Q05rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQETo/gAwQC
WS6wMA0GCSqGSIb3DQEBCwUAA4IBAQAuZUPw1FVmsqY7ICt8q6a9Kh4RQQjMiSYP
bN4VjwqVwI2Qa9FtxYQPA0VlwBn3EQF9ZoZ8BgI+ZR60AU19xb2o+X8w8os5Q082
GbaQI35+lD6xPDnoeb4cUioGWIRH0NXQospLt1b8MFrTxUBbm5XBlyTIkb9SVcYk
4uyoJOCk15eH4Zk5shkInjlD0RwUwDknClnQ28EP13zzvC5pP2DkYwMvvTN/OzC9
dMOo5AjgWwsQHeGA5I8WuYKhhGOGhPix/Pbq3xaPw8okrPTpBYaROTHnLtb7ksvl
407BVjFviMtPdsPxOnodQBTyiEvwSVVU8ru3Vj9YFu7QVU/KUt66
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:47 2024 by rpki-client on console-ams.rpki-client.org