Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hoZU2v08qtvIVIaO-tJu4YDz5sk.roa
File: hoZU2v08qtvIVIaO-tJu4YDz5sk.roa (raw, json)
Hash identifier: 5FPJMPBMAyCf9xpIjrIBN1ngFyUhexj5Nbx7bLeR6ZU=
Subject key identifier: 86:86:54:DA:FD:3C:AA:DB:C8:54:86:8E:FA:D2:6E:E1:80:F3:E6:C9
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0189D8EF2B5612661F4E768A178A1916F449
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hoZU2v08qtvIVIaO-tJu4YDz5sk.roa
Signing time: Wed 09 Aug 2023 06:14:59 +0000
ROA not before: Wed 09 Aug 2023 06:14:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 185.86.142.0/23 maxlen: 24
185.86.140.0/23 maxlen: 24
37.218.208.0/21 maxlen: 24
37.218.216.0/21 maxlen: 24
188.215.124.0/22 maxlen: 24
149.126.88.0/22 maxlen: 24
31.186.180.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sun 19 Nov 2023 07:23:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:d8:ef:2b:56:12:66:1f:4e:76:8a:17:8a:19:16:f4:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Aug 9 06:14:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=868654dafd3caadbc854868efad26ee180f3e6c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:f0:12:08:c7:15:da:75:98:9d:22:02:51:23:
1d:88:37:48:52:f4:72:24:24:fa:66:d6:fb:22:c4:
63:55:0e:c9:19:8b:5b:e3:66:e0:c5:84:85:9f:02:
6c:80:68:f0:22:3c:c3:d2:69:3a:cb:5c:77:6f:16:
f7:16:08:d4:c6:db:09:45:1d:1b:3c:39:74:4b:e7:
b1:84:fb:db:01:69:f9:dd:cc:40:76:97:b9:38:69:
9a:58:cb:28:d1:3f:03:f4:d1:97:f0:3b:af:02:75:
57:6c:a2:8e:f2:d6:7a:9f:67:9f:4b:49:58:68:6e:
4d:cd:b5:ef:64:45:b7:60:99:bb:88:c1:82:d9:c7:
56:af:0d:8b:51:29:2f:e1:83:d4:05:e5:d2:9d:86:
de:0b:79:59:1a:0e:41:7d:31:be:d1:2d:f7:22:8b:
46:93:21:59:eb:07:0f:41:2b:7e:5d:a8:a0:f8:38:
7f:1e:77:a9:e0:86:cc:27:c9:e2:81:20:48:c3:14:
ab:96:65:70:0c:2b:7c:1a:c4:85:97:71:d6:c0:15:
fd:ac:4a:ce:c1:a2:5d:12:f5:29:00:e0:5b:6a:69:
6f:76:05:de:34:8b:3b:4d:3a:54:67:84:97:02:46:
f7:f3:9e:4f:c0:2f:04:d2:24:6d:2f:5b:ee:aa:37:
b1:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:86:54:DA:FD:3C:AA:DB:C8:54:86:8E:FA:D2:6E:E1:80:F3:E6:C9
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hoZU2v08qtvIVIaO-tJu4YDz5sk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.186.180.0/22
37.218.208.0/20
149.126.88.0/22
185.86.140.0/22
188.215.124.0/22
Signature Algorithm: sha256WithRSAEncryption
0a:14:63:90:8e:a2:a6:55:17:95:b0:8e:ea:eb:49:4a:2c:95:
dd:b5:39:41:95:da:7e:c7:09:9c:93:af:40:14:aa:00:56:6d:
99:dd:bd:6c:1a:15:14:26:72:2d:29:10:94:95:8e:ae:9c:b5:
03:b4:4b:58:66:eb:96:ab:73:68:16:af:35:ba:10:9d:ee:90:
21:1d:1a:a9:f9:71:de:8a:df:a6:aa:7f:6d:ce:ba:f1:22:8f:
82:4f:f3:6a:83:04:f2:c8:64:20:7c:d9:bc:3e:f9:a4:45:0b:
23:6d:11:52:57:23:10:ee:58:41:20:7e:dd:c0:47:6d:34:10:
b0:68:99:31:ee:f2:0f:5c:ba:17:d1:71:d0:37:d5:25:7f:d3:
c0:fc:a0:2f:80:cf:42:1a:ed:f9:1b:e4:58:15:84:5d:c7:b2:
a6:87:db:09:5f:08:2d:5a:69:2e:28:03:e3:7a:2c:d3:49:5b:
34:b7:2f:03:0e:ae:fc:ba:cc:60:13:66:94:51:b8:85:c2:8a:
a9:cb:44:aa:61:90:61:0f:2c:a6:10:9d:eb:25:81:56:de:ca:
8f:14:9e:27:2b:f5:5a:cc:49:a1:bb:f3:95:a1:c7:7c:43:54:
55:a6:a8:5b:f3:5a:0f:a9:97:b6:aa:b8:2b:29:44:7f:79:34:
55:bd:5e:73
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYnY7ytWEmYfTnaKF4oZFvRJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMwODA5MDYxNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Njg2NTRkYWZkM2NhYWRiYzg1NDg2OGVmYWQyNmVlMTgwZjNlNmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg/ASCMcV2nWYnSICUSMdiDdIUvRy
JCT6Ztb7IsRjVQ7JGYtb42bgxYSFnwJsgGjwIjzD0mk6y1x3bxb3FgjUxtsJRR0b
PDl0S+exhPvbAWn53cxAdpe5OGmaWMso0T8D9NGX8DuvAnVXbKKO8tZ6n2efS0lY
aG5NzbXvZEW3YJm7iMGC2cdWrw2LUSkv4YPUBeXSnYbeC3lZGg5BfTG+0S33IotG
kyFZ6wcPQSt+Xaig+Dh/Hnep4IbMJ8nigSBIwxSrlmVwDCt8GsSFl3HWwBX9rErO
waJdEvUpAOBbamlvdgXeNIs7TTpUZ4SXAkb3855PwC8E0iRtL1vuqjex0QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFIaGVNr9PKrbyFSGjvrSbuGA8+bJMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvaG9aVTJ2MDhxdHZJVklhTy10SnU0WUR6NXNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCH7q0AwQE
JdrQAwQClX5YAwQCuVaMAwQCvNd8MA0GCSqGSIb3DQEBCwUAA4IBAQAKFGOQjqKm
VReVsI7q60lKLJXdtTlBldp+xwmck69AFKoAVm2Z3b1sGhUUJnItKRCUlY6unLUD
tEtYZuuWq3NoFq81uhCd7pAhHRqp+XHeit+mqn9tzrrxIo+CT/NqgwTyyGQgfNm8
PvmkRQsjbRFSVyMQ7lhBIH7dwEdtNBCwaJkx7vIPXLoX0XHQN9Ulf9PA/KAvgM9C
Gu35G+RYFYRdx7Kmh9sJXwgtWmkuKAPjeizTSVs0ty8DDq78usxgE2aUUbiFwoqp
y0SqYZBhDyymEJ3rJYFW3sqPFJ4nK/VazEmhu/OVocd8Q1RVpqhb81oPqZe2qrgr
KUR/eTRVvV5z
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:36 2024 by rpki-client on console-fra.rpki-client.org