Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/XJs_lNh9EJWQOXie_GxVd4-apNE.roa
File: XJs_lNh9EJWQOXie_GxVd4-apNE.roa (raw, json)
Hash identifier: avxjMBkSkW/R6q4ktq8rpkFiy1YDX62O9YmOCB72sAU=
Subject key identifier: 5C:9B:3F:94:D8:7D:10:95:90:39:78:9E:FC:6C:55:77:8F:9A:A4:D1
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018871536A78905EF8F9608F1C4D960C53B5
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/XJs_lNh9EJWQOXie_GxVd4-apNE.roa
Signing time: Wed 31 May 2023 10:21:12 +0000
ROA not before: Wed 31 May 2023 10:21:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 996
IP address blocks: 37.34.80.0/21 maxlen: 24
Validation: Failed, certificate revoked on Sat 23 Dec 2023 08:37:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:71:53:6a:78:90:5e:f8:f9:60:8f:1c:4d:96:0c:53:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: May 31 10:21:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c9b3f94d87d10959039789efc6c55778f9aa4d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:e1:6f:50:fa:fc:0d:a5:f0:bc:e9:53:0d:c1:
a2:d4:b7:d3:69:4d:8e:8a:08:13:73:ff:79:66:80:
71:e2:7e:33:9f:f5:24:3c:52:ec:b4:0f:f5:91:0a:
0b:67:a5:96:ab:72:27:7b:dc:18:ba:19:e2:1a:c5:
d5:2e:1d:09:9d:09:e1:99:4c:6d:fb:d6:8e:14:1f:
20:a7:da:69:92:d6:80:bb:4e:3b:e5:8d:1c:a5:1a:
ab:12:f1:14:e4:81:47:79:e5:e8:d0:ba:98:d3:e8:
48:d7:71:d8:a8:f9:67:94:43:30:2c:e4:e8:7a:a3:
1a:88:20:e1:56:a5:d7:a6:2e:8c:81:72:2b:b4:e8:
d5:db:e6:2b:66:ef:e6:6b:b4:9a:a8:02:9f:9d:9c:
c2:29:54:fc:6f:67:05:5d:86:ef:b5:20:70:8c:3c:
2b:d1:02:a6:a4:69:96:d3:ee:2e:43:a7:ef:b9:38:
ab:2c:bc:f3:49:97:4c:3d:20:7a:ea:d7:a4:6c:b6:
f0:5f:fd:79:a4:b2:2c:dd:9a:62:88:a8:ab:47:ef:
9c:32:cc:84:5f:bf:4b:7e:7c:3a:3c:a4:27:4e:9a:
ed:69:bf:4b:a6:d1:d1:0f:f4:61:2f:65:fe:45:df:
d5:f6:c6:dd:e1:21:ce:53:93:06:91:97:c0:47:9f:
12:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:9B:3F:94:D8:7D:10:95:90:39:78:9E:FC:6C:55:77:8F:9A:A4:D1
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/XJs_lNh9EJWQOXie_GxVd4-apNE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.34.80.0/21
Signature Algorithm: sha256WithRSAEncryption
38:c4:0b:75:0c:02:e3:29:ce:e1:5c:e4:5e:a2:b9:72:dd:d5:
9e:0f:17:c8:d3:32:b8:a2:e1:4d:99:13:7a:4b:35:be:45:aa:
79:93:13:c6:c0:ba:d3:06:77:fb:4b:68:c5:f5:00:93:59:80:
1a:0b:a2:5f:da:07:1d:8d:f8:bd:a7:05:83:d3:49:98:04:58:
4d:9f:56:1b:ac:f6:d1:7c:f1:ef:9c:9c:5c:c9:e9:5c:7a:8e:
f9:4c:15:7e:ac:67:15:62:6a:c5:70:d3:3c:e7:b4:e1:c2:db:
63:ff:54:45:ae:d0:8c:4b:d9:46:47:69:6a:d7:c9:66:f5:19:
b4:40:45:fe:48:69:2c:ac:06:1d:7c:23:f7:06:a8:eb:f2:a7:
bf:99:7d:0c:43:58:4c:8c:58:57:70:1f:a3:ca:9a:a4:81:b4:
89:76:e4:aa:94:1d:74:a4:69:5c:94:21:40:26:3c:4e:15:5c:
13:1b:ac:24:cf:fc:27:5c:36:b4:13:56:6f:0b:c1:22:1c:ed:
5b:05:66:45:d7:66:79:a6:81:fb:f5:f9:5d:1e:b4:00:15:ae:
ba:ab:9f:13:e3:c3:4f:28:51:fa:6e:d4:f4:ae:ec:48:35:38:
ab:2f:e0:37:3d:54:b8:96:a2:0b:3c:1c:c1:a6:f0:2d:cd:cf:
1e:5c:9e:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYhxU2p4kF74+WCPHE2WDFO1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMwNTMxMTAyMTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzliM2Y5NGQ4N2QxMDk1OTAzOTc4OWVmYzZjNTU3NzhmOWFhNGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAquFvUPr8DaXwvOlTDcGi1LfTaU2O
iggTc/95ZoBx4n4zn/UkPFLstA/1kQoLZ6WWq3Ine9wYuhniGsXVLh0JnQnhmUxt
+9aOFB8gp9ppktaAu0475Y0cpRqrEvEU5IFHeeXo0LqY0+hI13HYqPlnlEMwLOTo
eqMaiCDhVqXXpi6MgXIrtOjV2+YrZu/ma7SaqAKfnZzCKVT8b2cFXYbvtSBwjDwr
0QKmpGmW0+4uQ6fvuTirLLzzSZdMPSB66tekbLbwX/15pLIs3ZpiiKirR++cMsyE
X79Lfnw6PKQnTprtab9LptHRD/RhL2X+Rd/V9sbd4SHOU5MGkZfAR58SDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFybP5TYfRCVkDl4nvxsVXePmqTRMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvWEpzX2xOaDlFSldRT1hpZV9HeFZkNC1hcE5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDJSJQMA0G
CSqGSIb3DQEBCwUAA4IBAQA4xAt1DALjKc7hXOReorly3dWeDxfI0zK4ouFNmRN6
SzW+Rap5kxPGwLrTBnf7S2jF9QCTWYAaC6Jf2gcdjfi9pwWD00mYBFhNn1YbrPbR
fPHvnJxcyelceo75TBV+rGcVYmrFcNM857Thwttj/1RFrtCMS9lGR2lq18lm9Rm0
QEX+SGksrAYdfCP3Bqjr8qe/mX0MQ1hMjFhXcB+jypqkgbSJduSqlB10pGlclCFA
JjxOFVwTG6wkz/wnXDa0E1ZvC8EiHO1bBWZF12Z5poH79fldHrQAFa66q58T48NP
KFH6btT0ruxINTirL+A3PVS4lqILPBzBpvAtzc8eXJ42
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:47 2024 by rpki-client on console-ams.rpki-client.org