Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/XVWOvDk71mWwOO4qVWpa0mWRfA8.roa
File: XVWOvDk71mWwOO4qVWpa0mWRfA8.roa (raw, json)
Hash identifier: ZJiNELD82CgqNJLRBd+4YGAlPVSzZlwO3ZJKDreEbGU=
Subject key identifier: 5D:55:8E:BC:39:3B:D6:65:B0:38:EE:2A:55:6A:5A:D2:65:91:7C:0F
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 01864EACCA8ED4F9979810F88D4D2CCB7E1B
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/XVWOvDk71mWwOO4qVWpa0mWRfA8.roa
Signing time: Tue 14 Feb 2023 06:46:32 +0000
ROA not before: Tue 14 Feb 2023 06:46:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 174
IP address blocks: 37.34.88.0/21 maxlen: 24
82.163.104.0/21 maxlen: 24
Validation: Failed, certificate revoked on Thu 27 Jul 2023 08:39:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:4e:ac:ca:8e:d4:f9:97:98:10:f8:8d:4d:2c:cb:7e:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Feb 14 06:46:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d558ebc393bd665b038ee2a556a5ad265917c0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ed:9f:af:38:55:c6:ae:c0:72:0b:ec:3b:33:
58:5b:ca:b2:40:fb:7d:d5:8a:78:b7:a2:9b:4e:58:
65:41:d9:a6:76:7f:b7:9c:8c:c6:0b:45:f2:a5:bd:
b4:8e:39:f5:53:6a:92:7d:0b:db:65:b5:c0:c3:e7:
2c:1b:7c:14:67:ac:24:ee:87:b3:1e:ce:68:fa:46:
43:f4:32:0a:69:9e:f8:4b:e9:36:03:95:8e:3a:b5:
c7:2c:dd:c1:d9:10:5b:d1:25:bd:d4:b2:2a:54:a1:
08:1a:b9:96:25:0e:0c:a7:c5:77:8f:c5:89:e8:2b:
b4:e2:d1:29:7c:eb:1b:e3:f8:8c:b4:09:56:e7:47:
00:55:f2:68:1c:e3:fb:cf:60:31:f5:11:17:8f:2a:
be:75:8d:63:31:51:db:96:85:d7:f1:a6:a4:18:b7:
00:93:cc:f2:a4:5e:a6:ba:de:2f:9e:2e:5d:8b:e4:
26:be:44:01:28:be:70:0a:6d:c2:5a:22:a5:65:a1:
7c:1a:82:ad:96:d9:8b:cd:2b:78:de:79:66:ea:a8:
af:cf:db:19:ad:9a:c3:1f:a3:73:3e:b4:46:d2:24:
5f:44:10:85:4c:90:18:20:ce:52:e2:eb:ef:c0:a4:
ba:69:36:8c:a8:ea:34:6b:68:8d:a2:e3:ce:a0:35:
77:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:55:8E:BC:39:3B:D6:65:B0:38:EE:2A:55:6A:5A:D2:65:91:7C:0F
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/XVWOvDk71mWwOO4qVWpa0mWRfA8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.34.88.0/21
82.163.104.0/21
Signature Algorithm: sha256WithRSAEncryption
68:41:06:1e:40:78:dd:39:42:d0:24:8d:26:c9:81:4b:c6:49:
3d:09:b8:8a:68:93:7f:11:16:f1:3e:ce:d0:e8:d3:ca:32:36:
9c:20:6d:01:e6:d1:9e:c0:ef:9c:7c:07:98:77:f9:19:de:b2:
d3:7c:8c:b9:9b:c1:12:62:d3:df:f0:17:9b:d6:47:68:16:67:
b1:45:93:17:62:20:27:1c:dd:ae:c7:cb:f3:13:c4:c5:55:05:
49:4e:a8:97:42:6e:86:57:2f:a2:15:57:5c:8d:8b:aa:d3:00:
5a:16:be:14:1d:4b:aa:ca:b2:17:82:24:8f:47:14:3e:a6:57:
af:da:d0:98:12:7b:e1:37:e0:5d:4b:10:a4:79:23:6e:8e:3b:
b3:84:99:65:89:fd:a3:10:95:e5:30:0e:ac:bb:d2:69:19:68:
ce:a1:c5:30:b3:9c:7d:da:3d:1b:bd:a1:dd:98:4b:5d:84:ee:
32:03:1f:ab:d7:eb:97:d9:36:b5:e0:d2:68:45:c5:ca:52:f9:
d4:5f:e3:7d:8d:24:c2:db:07:03:2c:4a:94:5a:30:ce:2d:dc:
ed:c4:c3:b0:75:42:50:86:de:8f:0d:bb:3d:d1:ec:fa:6c:4f:
37:f8:1e:40:79:b8:6e:56:21:61:65:a9:5d:5a:a3:c6:e8:72:
f4:38:0e:c2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYZOrMqO1PmXmBD4jU0sy34bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMwMjE0MDY0NjMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDU1OGViYzM5M2JkNjY1YjAzOGVlMmE1NTZhNWFkMjY1OTE3YzBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApu2frzhVxq7AcgvsOzNYW8qyQPt9
1Yp4t6KbTlhlQdmmdn+3nIzGC0Xypb20jjn1U2qSfQvbZbXAw+csG3wUZ6wk7oez
Hs5o+kZD9DIKaZ74S+k2A5WOOrXHLN3B2RBb0SW91LIqVKEIGrmWJQ4Mp8V3j8WJ
6Cu04tEpfOsb4/iMtAlW50cAVfJoHOP7z2Ax9REXjyq+dY1jMVHbloXX8aakGLcA
k8zypF6mut4vni5di+QmvkQBKL5wCm3CWiKlZaF8GoKtltmLzSt43nlm6qivz9sZ
rZrDH6NzPrRG0iRfRBCFTJAYIM5S4uvvwKS6aTaMqOo0a2iNouPOoDV3fQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFF1Vjrw5O9ZlsDjuKlVqWtJlkXwPMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvWFZXT3ZEazcxbVd3T080cVZXcGEwbVdSZkE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDJSJYAwQD
UqNoMA0GCSqGSIb3DQEBCwUAA4IBAQBoQQYeQHjdOULQJI0myYFLxkk9CbiKaJN/
ERbxPs7Q6NPKMjacIG0B5tGewO+cfAeYd/kZ3rLTfIy5m8ESYtPf8Beb1kdoFmex
RZMXYiAnHN2ux8vzE8TFVQVJTqiXQm6GVy+iFVdcjYuq0wBaFr4UHUuqyrIXgiSP
RxQ+plev2tCYEnvhN+BdSxCkeSNujjuzhJllif2jEJXlMA6su9JpGWjOocUws5x9
2j0bvaHdmEtdhO4yAx+r1+uX2Ta14NJoRcXKUvnUX+N9jSTC2wcDLEqUWjDOLdzt
xMOwdUJQht6PDbs90ez6bE83+B5AebhuViFhZaldWqPG6HL0OA7C
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:47 2024 by rpki-client on console-ams.rpki-client.org