Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/etTz88bKXnnog6QBI-XJDef2FTg.roa
File: etTz88bKXnnog6QBI-XJDef2FTg.roa (raw, json)
Hash identifier: C/WM5BG6cw1SJJbN2BA3vPuSubxxFkFugfd0Qe7N9A4=
Subject key identifier: 7A:D4:F3:F3:C6:CA:5E:79:E8:83:A4:01:23:E5:C9:0D:E7:F6:15:38
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018A25F88B498F4DC87EF7D2979B4EC015B9
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/etTz88bKXnnog6QBI-XJDef2FTg.roa
Signing time: Thu 24 Aug 2023 05:16:00 +0000
ROA not before: Thu 24 Aug 2023 05:16:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205570
IP address blocks: 86.104.164.0/22 maxlen: 24
86.104.160.0/22 maxlen: 24
89.46.180.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:25:f8:8b:49:8f:4d:c8:7e:f7:d2:97:9b:4e:c0:15:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Aug 24 05:16:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7ad4f3f3c6ca5e79e883a40123e5c90de7f61538
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:76:c6:87:f2:78:e1:82:e6:23:44:a2:1d:1c:
0e:4c:d6:f7:63:df:65:01:a2:15:34:86:b1:50:1e:
e3:ce:ec:9a:27:0d:ec:16:65:09:9f:62:44:4a:c9:
09:07:35:c0:25:9d:0c:cd:2f:c2:8c:f5:d3:0c:1a:
4e:3e:cb:5d:74:90:fb:07:40:79:13:52:df:40:6a:
35:83:5b:35:7e:9c:4c:9d:c5:5b:98:ad:76:1e:c7:
2e:41:1f:30:83:a3:1a:92:ef:20:29:55:81:9d:4a:
45:27:8e:68:2e:ac:3e:2f:7f:98:a4:fd:59:7a:e9:
5c:46:ea:a1:87:45:6e:74:50:72:8c:85:ee:94:18:
72:a8:82:80:75:b2:57:e2:84:e9:3a:61:7d:32:16:
80:8b:45:dd:88:45:22:b0:00:a2:a7:fb:44:13:1d:
35:00:29:6d:b8:e9:38:09:fa:6d:0c:9f:14:3e:d9:
2d:7a:b7:8a:dc:17:f1:3b:3c:5a:76:1b:ba:cf:86:
19:5b:41:41:f8:38:e6:9f:36:8e:5c:15:5b:82:aa:
f7:24:11:61:ce:13:85:e3:f1:5b:55:7a:c2:4c:18:
9a:60:20:b0:f8:3b:dd:86:90:01:74:7d:43:b4:be:
2e:eb:6f:09:d5:72:4e:bf:9f:ae:c5:88:35:a4:a6:
e4:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:D4:F3:F3:C6:CA:5E:79:E8:83:A4:01:23:E5:C9:0D:E7:F6:15:38
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/etTz88bKXnnog6QBI-XJDef2FTg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.104.160.0/21
89.46.180.0/22
Signature Algorithm: sha256WithRSAEncryption
75:d9:3f:fb:23:44:70:cb:cb:c8:4d:cb:c5:77:54:0b:fb:ae:
a3:0b:5d:dd:eb:b0:7d:57:2b:9b:22:cb:c7:92:e1:ce:66:36:
52:a7:77:08:b1:dc:c0:90:e6:df:7a:61:17:07:44:d4:1e:75:
43:c7:47:2f:86:5f:c0:53:a5:0c:8a:05:30:2b:42:2c:97:f2:
c7:86:3c:af:4d:a8:eb:7e:aa:5c:75:80:4a:97:92:e5:14:8a:
56:fd:54:42:34:ef:52:d6:fa:e4:91:aa:3a:81:57:c0:7d:04:
53:96:b7:2b:af:d8:8f:ed:e2:78:ab:ca:8d:21:67:f8:14:30:
64:33:fe:02:fd:94:4a:3b:5b:7e:3c:01:d1:47:67:56:88:ba:
4b:b5:84:84:bc:03:98:3f:26:78:dd:1d:64:c2:96:42:a0:ef:
01:55:54:95:d9:bf:e2:f2:3b:1b:78:4f:1c:23:e5:15:8a:38:
81:32:86:88:5b:9e:c3:42:ba:bf:f6:4d:8a:6e:98:8b:3b:c1:
a8:12:57:10:51:eb:d4:1a:22:3a:bc:2c:87:a0:7f:87:b4:be:
d8:00:90:2d:4a:a4:8b:f6:57:dc:4f:26:d2:b1:a4:44:2b:b2:
60:2e:68:4c:3c:ff:a1:47:dc:47:f0:2f:70:ea:2f:aa:75:a5:
fa:f4:7d:78
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYol+ItJj03IfvfSl5tOwBW5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMwODI0MDUxNjAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWQ0ZjNmM2M2Y2E1ZTc5ZTg4M2E0MDEyM2U1YzkwZGU3ZjYxNTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqHbGh/J44YLmI0SiHRwOTNb3Y99l
AaIVNIaxUB7jzuyaJw3sFmUJn2JESskJBzXAJZ0MzS/CjPXTDBpOPstddJD7B0B5
E1LfQGo1g1s1fpxMncVbmK12HscuQR8wg6Maku8gKVWBnUpFJ45oLqw+L3+YpP1Z
eulcRuqhh0VudFByjIXulBhyqIKAdbJX4oTpOmF9MhaAi0XdiEUisACip/tEEx01
ACltuOk4CfptDJ8UPtktereK3BfxOzxadhu6z4YZW0FB+DjmnzaOXBVbgqr3JBFh
zhOF4/FbVXrCTBiaYCCw+DvdhpABdH1DtL4u628J1XJOv5+uxYg1pKbkkwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHrU8/PGyl556IOkASPlyQ3n9hU4MB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvZXRUejg4YktYbm5vZzZRQkktWEpEZWYyRlRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDVmigAwQC
WS60MA0GCSqGSIb3DQEBCwUAA4IBAQB12T/7I0Rwy8vITcvFd1QL+66jC13d67B9
VyubIsvHkuHOZjZSp3cIsdzAkObfemEXB0TUHnVDx0cvhl/AU6UMigUwK0Isl/LH
hjyvTajrfqpcdYBKl5LlFIpW/VRCNO9S1vrkkao6gVfAfQRTlrcrr9iP7eJ4q8qN
IWf4FDBkM/4C/ZRKO1t+PAHRR2dWiLpLtYSEvAOYPyZ43R1kwpZCoO8BVVSV2b/i
8jsbeE8cI+UVijiBMoaIW57DQrq/9k2KbpiLO8GoElcQUevUGiI6vCyHoH+HtL7Y
AJAtSqSL9lfcTybSsaREK7JgLmhMPP+hR9xH8C9w6i+qdaX69H14
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:47 2024 by rpki-client on console-ams.rpki-client.org