Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/b9Anc3CTWAIYv1zQP2w6j2Z2Tvg.roa
File: b9Anc3CTWAIYv1zQP2w6j2Z2Tvg.roa (raw, json)
Hash identifier: 9sSVhAA8uObwmtBrsDYbVmpTi5rRuELTc0WRevo77wE=
Subject key identifier: 6F:D0:27:73:70:93:58:02:18:BF:5C:D0:3F:6C:3A:8F:66:76:4E:F8
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018588B8F6C1220100A631BC24DAB8CCCD66
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/b9Anc3CTWAIYv1zQP2w6j2Z2Tvg.roa
Signing time: Fri 06 Jan 2023 20:15:01 +0000
ROA not before: Fri 06 Jan 2023 20:15:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 185.86.142.0/23 maxlen: 24
185.86.140.0/23 maxlen: 24
37.218.208.0/21 maxlen: 24
37.218.216.0/21 maxlen: 24
188.215.120.0/22 maxlen: 24
188.215.124.0/22 maxlen: 24
89.46.180.0/22 maxlen: 24
149.126.88.0/22 maxlen: 24
130.255.64.0/22 maxlen: 24
130.255.68.0/22 maxlen: 24
31.186.180.0/22 maxlen: 24
46.20.210.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sun 08 Jan 2023 10:19:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:88:b8:f6:c1:22:01:00:a6:31:bc:24:da:b8:cc:cd:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Jan 6 20:15:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6fd027737093580218bf5cd03f6c3a8f66764ef8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:02:9d:fc:b5:14:78:79:d0:f3:16:0d:a2:97:
06:20:47:de:6a:69:37:4b:48:7b:3a:29:5c:31:18:
05:73:5f:74:32:6d:70:02:ac:f3:dd:db:44:25:f3:
bf:f9:f4:10:77:a3:11:ed:54:db:ed:7f:0d:6e:da:
4d:10:d1:56:31:d6:89:64:88:50:18:ba:86:25:fe:
52:d7:85:35:2e:27:c1:fc:ca:a8:ac:2b:7e:a4:14:
b7:20:89:db:89:8c:02:9c:ad:2e:97:ef:4e:ff:26:
30:7b:be:e8:aa:3f:d8:05:a6:ca:ef:01:fa:9e:e5:
f0:54:c7:d5:90:b0:d1:1b:e0:3c:12:d3:0b:24:22:
57:6b:c1:aa:b1:90:6f:87:44:a0:bf:40:82:e1:a3:
f4:3e:21:cf:bb:98:5d:cc:d6:76:0b:ee:07:33:ed:
e6:27:58:18:f5:51:35:ce:33:9e:60:68:e5:e3:14:
64:96:d1:e0:27:2f:2f:5b:d2:2e:99:ce:85:4a:21:
67:d4:d5:e9:35:f0:ca:31:e3:82:09:de:53:12:80:
c8:8a:80:8b:de:2d:60:23:c2:b3:79:0b:99:b4:f4:
6c:c6:1a:3d:a2:03:5e:8a:16:56:7c:dd:c5:0c:32:
c2:7a:2d:73:39:8d:ab:a8:9f:a0:bf:b1:1f:f0:c4:
b8:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:D0:27:73:70:93:58:02:18:BF:5C:D0:3F:6C:3A:8F:66:76:4E:F8
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/b9Anc3CTWAIYv1zQP2w6j2Z2Tvg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.186.180.0/22
37.218.208.0/20
46.20.210.0/23
89.46.180.0/22
130.255.64.0/21
149.126.88.0/22
185.86.140.0/22
188.215.120.0/21
Signature Algorithm: sha256WithRSAEncryption
5c:c2:ed:0b:f9:fb:bf:8b:05:b7:28:88:32:47:79:9b:1f:15:
80:c3:f3:22:1b:db:6b:58:9f:b4:19:d7:84:ae:d2:ec:7f:6a:
34:95:33:27:32:8e:75:ed:76:e2:60:a0:c3:12:3e:2e:2f:fd:
ff:6d:00:38:16:ae:1d:53:1e:7a:1c:f5:d7:6a:ce:de:41:9b:
07:90:80:1f:6a:50:06:33:15:78:53:f8:c8:7d:c4:ff:0c:49:
85:e3:fe:2a:e0:76:6a:7b:fc:b7:fd:00:ae:b7:0a:1e:c4:b3:
1a:1b:c0:41:b8:ec:2b:42:5b:cf:28:32:4c:5e:4b:f0:64:75:
79:8f:56:af:c5:66:c5:a0:9f:a6:c2:00:a4:2c:bf:8e:ae:16:
e9:77:13:76:35:a4:e5:66:c0:46:79:39:dc:57:cf:3f:68:1c:
6e:9d:e6:6a:f4:b2:83:d2:8f:7a:17:f9:f4:de:cc:40:7b:c9:
14:9c:74:c9:d7:e3:48:35:65:d4:8c:ae:bc:3a:fc:76:b2:ee:
74:df:b7:68:9c:d3:e4:55:c9:e1:42:c7:5e:bb:34:6c:81:48:
b2:22:bb:31:3b:ea:47:94:b2:3b:62:c6:02:8c:e6:71:41:64:
8f:27:8a:34:6f:81:da:82:01:1f:58:bd:5c:20:6e:fc:37:cc:
e8:a3:47:8d
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYWIuPbBIgEApjG8JNq4zM1mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMwMTA2MjAxNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmQwMjc3MzcwOTM1ODAyMThiZjVjZDAzZjZjM2E4ZjY2NzY0ZWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQKd/LUUeHnQ8xYNopcGIEfeamk3
S0h7OilcMRgFc190Mm1wAqzz3dtEJfO/+fQQd6MR7VTb7X8NbtpNENFWMdaJZIhQ
GLqGJf5S14U1LifB/MqorCt+pBS3IInbiYwCnK0ul+9O/yYwe77oqj/YBabK7wH6
nuXwVMfVkLDRG+A8EtMLJCJXa8GqsZBvh0Sgv0CC4aP0PiHPu5hdzNZ2C+4HM+3m
J1gY9VE1zjOeYGjl4xRkltHgJy8vW9Iumc6FSiFn1NXpNfDKMeOCCd5TEoDIioCL
3i1gI8KzeQuZtPRsxho9ogNeihZWfN3FDDLCei1zOY2rqJ+gv7Ef8MS4zwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFG/QJ3Nwk1gCGL9c0D9sOo9mdk74MB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvYjlBbmMzQ1RXQUlZdjF6UVAydzZqMloyVHZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCH7q0AwQE
JdrQAwQBLhTSAwQCWS60AwQDgv9AAwQClX5YAwQCuVaMAwQDvNd4MA0GCSqGSIb3
DQEBCwUAA4IBAQBcwu0L+fu/iwW3KIgyR3mbHxWAw/MiG9trWJ+0GdeErtLsf2o0
lTMnMo517XbiYKDDEj4uL/3/bQA4Fq4dUx56HPXXas7eQZsHkIAfalAGMxV4U/jI
fcT/DEmF4/4q4HZqe/y3/QCutwoexLMaG8BBuOwrQlvPKDJMXkvwZHV5j1avxWbF
oJ+mwgCkLL+OrhbpdxN2NaTlZsBGeTncV88/aBxuneZq9LKD0o96F/n03sxAe8kU
nHTJ1+NINWXUjK68Ovx2su5037donNPkVcnhQsdeuzRsgUiyIrsxO+pHlLI7YsYC
jOZxQWSPJ4o0b4HaggEfWL1cIG78N8zoo0eN
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:47 2024 by rpki-client on console-ams.rpki-client.org