Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/i6Z1mwj22AVRYQkTet7dpktIkKQ.roa
File: i6Z1mwj22AVRYQkTet7dpktIkKQ.roa (raw, json)
Hash identifier: lL6JYQR+UzywFNxdV/+Yz66lr/FMPmpVvG7cHZN8KT0=
Subject key identifier: 8B:A6:75:9B:08:F6:D8:05:51:61:09:13:7A:DE:DD:A6:4B:48:90:A4
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018BF6EAC05B531B4E761EC852CC30DD9D82
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/i6Z1mwj22AVRYQkTet7dpktIkKQ.roa
Signing time: Wed 22 Nov 2023 12:04:21 +0000
ROA not before: Wed 22 Nov 2023 12:04:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21859
IP address blocks: 37.218.208.0/21 maxlen: 24
149.126.88.0/22 maxlen: 24
92.114.40.0/22 maxlen: 24
5.102.96.0/21 maxlen: 24
Validation: Failed, certificate revoked on Sat 02 Dec 2023 08:18:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f6:ea:c0:5b:53:1b:4e:76:1e:c8:52:cc:30:dd:9d:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Nov 22 12:04:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8ba6759b08f6d805516109137adedda64b4890a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:a2:04:d8:aa:f9:74:86:64:82:ce:f7:a0:dd:
13:5e:e8:44:d4:a1:4a:63:16:85:1f:67:a6:54:b0:
37:53:e6:4e:48:43:26:07:17:6d:7d:60:db:98:81:
32:8f:0d:ec:40:4a:cf:55:e8:e8:d4:6a:84:3e:50:
75:80:e5:3f:bd:f0:38:0b:ea:f5:14:5f:a1:53:6d:
b7:96:5c:84:41:6c:26:a2:c2:a5:65:e3:47:2f:9a:
9e:94:03:8b:80:26:aa:84:7e:ee:e6:ff:37:76:3a:
88:bb:21:79:4e:69:17:90:cc:8e:60:84:3d:0c:58:
b5:e4:d3:7e:01:3e:35:87:7c:91:bd:60:af:a5:52:
f2:9f:d6:07:3e:a8:55:41:af:dd:e3:10:f9:32:56:
b2:7c:8d:70:8f:fb:c0:8b:b0:ee:15:cd:dd:42:c1:
28:4b:63:77:09:eb:12:3f:ab:fd:29:a2:74:16:1e:
a2:d4:4f:45:95:b1:71:2f:51:93:5c:d2:80:83:95:
91:18:05:d3:38:e6:5d:13:ef:8b:ee:07:94:21:69:
07:3b:b7:e2:d4:64:2d:d2:d9:ff:38:9e:72:1a:2b:
e3:f0:91:05:75:d4:ab:0e:6c:4e:a3:40:91:f5:27:
6a:34:97:37:70:77:13:e7:a6:ed:64:21:0a:90:76:
14:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:A6:75:9B:08:F6:D8:05:51:61:09:13:7A:DE:DD:A6:4B:48:90:A4
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/i6Z1mwj22AVRYQkTet7dpktIkKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/21
37.218.208.0/21
92.114.40.0/22
149.126.88.0/22
Signature Algorithm: sha256WithRSAEncryption
12:40:32:10:bd:5c:6b:8f:1b:a2:39:9b:69:d0:e9:f8:06:cf:
f1:90:7f:07:5b:63:c9:d9:8c:1b:d0:a7:66:91:a3:16:5a:0b:
58:1d:2e:32:f5:e9:e1:c2:70:db:3b:e2:ea:70:1f:c9:be:e0:
13:9a:26:d2:10:8d:cb:ed:32:83:4e:f6:e8:80:be:3b:68:8f:
6a:91:61:e2:3f:77:d1:cf:21:94:5b:53:44:e7:69:8a:35:10:
d3:9b:1d:ba:83:74:b5:a7:e3:53:44:c6:38:de:f2:81:3d:ea:
8b:c2:ed:01:43:76:c7:8b:62:48:6e:38:d1:f7:e0:9a:71:83:
cb:e6:32:79:cd:ad:20:92:14:07:8e:17:e9:05:8a:74:9d:de:
a4:6f:2d:7f:07:04:d7:96:b8:03:68:5c:eb:72:b9:0f:4f:90:
24:35:f8:e6:13:cb:10:35:6e:a3:26:8e:d9:04:48:fe:1a:19:
b3:75:c9:c7:58:a2:8e:49:d5:4e:30:b2:4c:fa:45:fd:cd:ea:
c3:95:a0:06:73:54:82:b1:79:a4:3d:38:43:99:79:ab:1d:1e:
05:78:31:cd:d0:44:2c:71:e9:30:69:6d:3c:8a:e0:db:32:e1:
63:71:1c:ef:a8:07:87:82:a0:8f:d3:6c:d7:ca:11:dc:2c:88:
17:95:7a:fb
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYv26sBbUxtOdh7IUsww3Z2CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMxMTIyMTIwNDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmE2NzU5YjA4ZjZkODA1NTE2MTA5MTM3YWRlZGRhNjRiNDg5MGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6IE2Kr5dIZkgs73oN0TXuhE1KFK
YxaFH2emVLA3U+ZOSEMmBxdtfWDbmIEyjw3sQErPVejo1GqEPlB1gOU/vfA4C+r1
FF+hU223llyEQWwmosKlZeNHL5qelAOLgCaqhH7u5v83djqIuyF5TmkXkMyOYIQ9
DFi15NN+AT41h3yRvWCvpVLyn9YHPqhVQa/d4xD5MlayfI1wj/vAi7DuFc3dQsEo
S2N3CesSP6v9KaJ0Fh6i1E9FlbFxL1GTXNKAg5WRGAXTOOZdE++L7geUIWkHO7fi
1GQt0tn/OJ5yGivj8JEFddSrDmxOo0CR9SdqNJc3cHcT56btZCEKkHYUNQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIumdZsI9tgFUWEJE3re3aZLSJCkMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvaTZaMW13ajIyQVZSWVFrVGV0N2Rwa3RJa0tRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDBWZgAwQD
JdrQAwQCXHIoAwQClX5YMA0GCSqGSIb3DQEBCwUAA4IBAQASQDIQvVxrjxuiOZtp
0On4Bs/xkH8HW2PJ2Ywb0KdmkaMWWgtYHS4y9enhwnDbO+LqcB/JvuATmibSEI3L
7TKDTvbogL47aI9qkWHiP3fRzyGUW1NE52mKNRDTmx26g3S1p+NTRMY43vKBPeqL
wu0BQ3bHi2JIbjjR9+CacYPL5jJ5za0gkhQHjhfpBYp0nd6kby1/BwTXlrgDaFzr
crkPT5AkNfjmE8sQNW6jJo7ZBEj+GhmzdcnHWKKOSdVOMLJM+kX9zerDlaAGc1SC
sXmkPThDmXmrHR4FeDHN0EQscekwaW08iuDbMuFjcRzvqAeHgqCP02zXyhHcLIgX
lXr7
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:47 2024 by rpki-client on console-ams.rpki-client.org