Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/exkaIU1RLLbBuGLI46_kNlGtudw.roa
File: exkaIU1RLLbBuGLI46_kNlGtudw.roa (raw, json)
Hash identifier: kM9jAmjwlek1KJxQhFfW+L2NRXeLumnq+t7oRnTXKVs=
Subject key identifier: 7B:19:1A:21:4D:51:2C:B6:C1:B8:62:C8:E3:AF:E4:36:51:AD:B9:DC
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018FB3A6C81878E8D8F92AA009BF918CDEA8
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/exkaIU1RLLbBuGLI46_kNlGtudw.roa
Signing time: Sun 26 May 2024 06:46:42 +0000
ROA not before: Sun 26 May 2024 06:46:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21743
IP address blocks: 86.104.160.0/22 maxlen: 24
86.104.164.0/22 maxlen: 24
89.46.180.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jul 2024 08:45:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:b3:a6:c8:18:78:e8:d8:f9:2a:a0:09:bf:91:8c:de:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: May 26 06:46:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7b191a214d512cb6c1b862c8e3afe43651adb9dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:26:f7:fd:cd:a9:71:b1:01:30:95:b5:9c:0f:
63:15:1b:c9:8c:02:34:72:51:f5:de:b6:d8:31:e5:
6e:87:7d:32:49:93:1a:f3:44:85:6d:4e:2f:db:c0:
1c:57:48:d5:3b:61:cc:9a:c9:cd:50:5b:78:a8:94:
98:86:81:15:bb:fc:63:b5:9e:94:4d:63:51:fb:e8:
70:76:3f:01:63:bb:a5:5a:b1:de:eb:94:16:a1:4b:
93:21:ab:8a:6f:4b:4f:30:72:f9:11:1f:73:46:ef:
d3:bd:61:9a:95:a2:0c:9e:07:e1:14:c1:be:9c:77:
54:e7:af:8f:fc:10:2c:a7:5e:68:e6:4c:33:1d:39:
44:b4:b5:55:14:00:49:28:c0:0a:c4:ee:82:82:c9:
f6:cb:06:7c:1b:89:04:e7:48:d5:f4:5b:a6:ca:f8:
2c:4e:31:96:d2:d8:f2:51:24:58:7e:f2:ab:79:0c:
29:43:93:7d:ad:91:d9:e4:24:25:88:91:8a:66:fc:
23:9f:93:a2:b1:81:2f:30:81:7b:51:bf:e2:0a:8d:
c6:4b:72:42:3a:19:69:49:f9:2f:72:ee:47:af:51:
54:7e:ea:13:56:a2:93:e7:93:5c:7c:d7:c8:b3:fe:
6c:0a:ec:b9:69:24:e5:47:2e:4a:dd:7f:60:42:1c:
fc:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:19:1A:21:4D:51:2C:B6:C1:B8:62:C8:E3:AF:E4:36:51:AD:B9:DC
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/exkaIU1RLLbBuGLI46_kNlGtudw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.104.160.0/21
89.46.180.0/22
Signature Algorithm: sha256WithRSAEncryption
67:2a:6c:cb:5f:d7:3b:b0:ba:62:65:85:e5:37:00:af:e9:c7:
f2:49:8f:87:ae:ef:36:d7:25:66:05:86:45:5d:02:45:bc:4d:
77:d5:06:d0:c9:cd:e6:bd:5a:5b:34:aa:dc:25:8c:35:5f:e3:
c4:9a:47:e2:ef:8f:c1:63:0e:44:b3:b6:5e:79:66:55:91:22:
a8:49:99:a3:86:7d:72:70:7d:04:60:11:21:f7:36:8d:5e:48:
52:b8:92:b5:16:4e:60:3a:af:89:6f:11:b4:41:4d:16:04:73:
cd:aa:a3:55:32:be:72:ba:3b:d0:62:d2:85:0f:1a:ba:2f:b3:
c3:d9:27:88:0b:e9:81:aa:a9:ca:35:a5:28:61:de:7d:bc:42:
15:af:7e:04:86:aa:fc:66:11:7b:a4:ac:71:13:8b:38:26:04:
72:7f:1b:6a:b7:79:9a:83:d6:88:a0:0a:30:0e:da:00:0a:50:
64:e8:e3:af:ef:ac:1f:11:4e:c0:59:fc:c3:12:52:73:ac:ea:
ab:da:1c:a1:ac:c4:dd:b5:a0:96:45:78:0c:ea:ff:59:4d:28:
f9:fb:ff:87:9b:2c:cd:ad:f1:ae:f1:f5:7d:3f:b8:7d:8d:32:
e1:59:28:a3:b9:63:fb:a2:a3:8b:3a:0a:fe:83:05:73:1d:95:
91:87:a4:89
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY+zpsgYeOjY+SqgCb+RjN6oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQwNTI2MDY0NjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjE5MWEyMTRkNTEyY2I2YzFiODYyYzhlM2FmZTQzNjUxYWRiOWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlib3/c2pcbEBMJW1nA9jFRvJjAI0
clH13rbYMeVuh30ySZMa80SFbU4v28AcV0jVO2HMmsnNUFt4qJSYhoEVu/xjtZ6U
TWNR++hwdj8BY7ulWrHe65QWoUuTIauKb0tPMHL5ER9zRu/TvWGalaIMngfhFMG+
nHdU56+P/BAsp15o5kwzHTlEtLVVFABJKMAKxO6Cgsn2ywZ8G4kE50jV9Fumyvgs
TjGW0tjyUSRYfvKreQwpQ5N9rZHZ5CQliJGKZvwjn5OisYEvMIF7Ub/iCo3GS3JC
OhlpSfkvcu5Hr1FUfuoTVqKT55NcfNfIs/5sCuy5aSTlRy5K3X9gQhz8UwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHsZGiFNUSy2wbhiyOOv5DZRrbncMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvZXhrYUlVMVJMTGJCdUdMSTQ2X2tObEd0dWR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDVmigAwQC
WS60MA0GCSqGSIb3DQEBCwUAA4IBAQBnKmzLX9c7sLpiZYXlNwCv6cfySY+Hru82
1yVmBYZFXQJFvE131QbQyc3mvVpbNKrcJYw1X+PEmkfi74/BYw5Es7ZeeWZVkSKo
SZmjhn1ycH0EYBEh9zaNXkhSuJK1Fk5gOq+JbxG0QU0WBHPNqqNVMr5yujvQYtKF
Dxq6L7PD2SeIC+mBqqnKNaUoYd59vEIVr34Ehqr8ZhF7pKxxE4s4JgRyfxtqt3ma
g9aIoAowDtoAClBk6OOv76wfEU7AWfzDElJzrOqr2hyhrMTdtaCWRXgM6v9ZTSj5
+/+HmyzNrfGu8fV9P7h9jTLhWSijuWP7oqOLOgr+gwVzHZWRh6SJ
-----END CERTIFICATE-----
Generated at Mon Jul 1 10:53:26 2024 by rpki-client on console-ams.rpki-client.org