Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/bmaxDIETHQYNcm2M5ZXzZB3K68w.roa
File: bmaxDIETHQYNcm2M5ZXzZB3K68w.roa (raw, json)
Hash identifier: XMyLJtO0c++DvtUB0XtzngFGawizJ/P4Rk98i5c3TLU=
Subject key identifier: 6E:66:B1:0C:81:13:1D:06:0D:72:6D:8C:E5:95:F3:64:1D:CA:EB:CC
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 01868331F632DE6E1BF2FCEBFC7119EC31F1
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/bmaxDIETHQYNcm2M5ZXzZB3K68w.roa
Signing time: Fri 24 Feb 2023 11:32:14 +0000
ROA not before: Fri 24 Feb 2023 11:32:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6939
IP address blocks: 78.143.232.0/21 maxlen: 24
82.163.96.0/21 maxlen: 24
Validation: Failed, certificate revoked on Sat 25 Mar 2023 07:52:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:83:31:f6:32:de:6e:1b:f2:fc:eb:fc:71:19:ec:31:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Feb 24 11:32:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6e66b10c81131d060d726d8ce595f3641dcaebcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:89:e0:77:01:d6:a9:43:ed:08:a1:2a:02:08:
bd:8e:93:d9:b1:df:31:50:51:0e:da:e7:70:f4:53:
b7:96:7c:99:e9:a9:7b:94:e7:0b:b1:19:a3:aa:f8:
16:9b:fd:8f:d1:49:24:48:32:fd:47:56:63:95:34:
3e:d9:71:a6:27:04:97:7f:31:30:6d:5d:48:ea:57:
c6:4f:aa:46:c3:ca:22:ae:aa:3f:55:dd:1e:1e:2d:
11:6a:16:46:de:51:2e:c9:02:99:6f:62:d1:01:4f:
79:56:c2:bc:ee:d5:27:1e:dd:db:6c:69:b5:71:3d:
49:0d:9e:ad:ee:82:00:f6:61:b7:ec:62:88:4f:1d:
dc:e4:7c:4f:8b:f0:d5:1f:6b:82:d7:97:7b:66:43:
f6:f6:2e:89:9d:d1:63:e3:eb:aa:61:91:e4:c4:59:
1c:16:a6:63:60:a0:60:f5:5b:df:ef:07:bc:0a:51:
d4:99:a4:72:c1:88:55:0e:ff:51:d5:5d:9f:a8:04:
7c:23:97:ec:3e:54:d5:3c:ef:08:28:34:a6:26:8e:
bf:62:54:4d:68:9c:c0:b2:aa:e0:4f:eb:61:4e:08:
30:7e:f3:00:cc:53:36:11:60:32:19:c7:bb:e4:2a:
58:88:39:59:42:f4:9c:91:0f:7d:1d:56:b9:2c:15:
57:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:66:B1:0C:81:13:1D:06:0D:72:6D:8C:E5:95:F3:64:1D:CA:EB:CC
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/bmaxDIETHQYNcm2M5ZXzZB3K68w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.143.232.0/21
82.163.96.0/21
Signature Algorithm: sha256WithRSAEncryption
33:ee:32:1f:36:c8:60:70:ae:e2:f7:70:29:a0:55:9f:49:17:
75:5f:92:4e:cc:47:fa:a7:4f:5d:1f:c3:b8:9c:9f:50:4a:6b:
c5:af:2d:aa:b2:89:0c:f2:d1:57:fa:13:ca:5f:9d:69:41:ca:
10:bd:82:27:85:85:8e:91:3c:dd:07:d7:45:53:9d:82:8e:74:
45:f4:5e:29:d2:3d:60:94:14:82:83:46:4e:59:7a:d7:23:e0:
3a:31:0b:bb:c6:9a:ca:c6:b1:8b:e6:fd:b1:73:b2:9a:03:a2:
90:6c:72:aa:89:95:d7:9a:a9:2f:b0:46:41:e6:2d:19:f6:20:
d8:a3:51:bc:38:c7:3a:3d:de:dd:5f:eb:77:36:53:9f:52:36:
84:0a:3f:e2:15:90:b3:ee:ec:c1:14:99:e2:de:98:7a:9e:70:
95:75:c5:7f:aa:a4:81:7c:e1:7a:4e:8e:d9:e7:02:d1:71:ee:
2f:a0:73:87:47:0d:f6:2f:3b:e5:8a:33:a2:98:27:ee:0b:60:
13:94:b3:b2:32:67:0a:8b:a2:ab:2e:a0:85:30:a2:87:cc:50:
d3:ba:30:b7:07:42:c7:a3:43:c8:1b:fa:97:e2:37:dc:ef:90:
2f:ce:8c:0c:a9:06:2e:b1:22:b2:60:2e:bc:6d:54:75:9e:96:
36:b2:8e:19
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYaDMfYy3m4b8vzr/HEZ7DHxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMwMjI0MTEzMjE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTY2YjEwYzgxMTMxZDA2MGQ3MjZkOGNlNTk1ZjM2NDFkY2FlYmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsYngdwHWqUPtCKEqAgi9jpPZsd8x
UFEO2udw9FO3lnyZ6al7lOcLsRmjqvgWm/2P0UkkSDL9R1ZjlTQ+2XGmJwSXfzEw
bV1I6lfGT6pGw8oirqo/Vd0eHi0RahZG3lEuyQKZb2LRAU95VsK87tUnHt3bbGm1
cT1JDZ6t7oIA9mG37GKITx3c5HxPi/DVH2uC15d7ZkP29i6JndFj4+uqYZHkxFkc
FqZjYKBg9Vvf7we8ClHUmaRywYhVDv9R1V2fqAR8I5fsPlTVPO8IKDSmJo6/YlRN
aJzAsqrgT+thTggwfvMAzFM2EWAyGce75CpYiDlZQvSckQ99HVa5LBVXRQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG5msQyBEx0GDXJtjOWV82QdyuvMMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvYm1heERJRVRIUVlOY20yTTVaWHpaQjNLNjh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDTo/oAwQD
UqNgMA0GCSqGSIb3DQEBCwUAA4IBAQAz7jIfNshgcK7i93ApoFWfSRd1X5JOzEf6
p09dH8O4nJ9QSmvFry2qsokM8tFX+hPKX51pQcoQvYInhYWOkTzdB9dFU52CjnRF
9F4p0j1glBSCg0ZOWXrXI+A6MQu7xprKxrGL5v2xc7KaA6KQbHKqiZXXmqkvsEZB
5i0Z9iDYo1G8OMc6Pd7dX+t3NlOfUjaECj/iFZCz7uzBFJni3ph6nnCVdcV/qqSB
fOF6To7Z5wLRce4voHOHRw32LzvlijOimCfuC2ATlLOyMmcKi6KrLqCFMKKHzFDT
ujC3B0LHo0PIG/qX4jfc75AvzowMqQYusSKyYC68bVR1npY2so4Z
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:35 2024 by rpki-client on console-fra.rpki-client.org