Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/kQTNofwWDS3Pv8EK8QRStW_6XIc.roa
File: kQTNofwWDS3Pv8EK8QRStW_6XIc.roa (raw, json)
Hash identifier: qHjOALqwukaVBButpVNJake/x4qD7ACTda2YixPrOc8=
Subject key identifier: 91:04:CD:A1:FC:16:0D:2D:CF:BF:C1:0A:F1:04:52:B5:6F:FA:5C:87
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0186B0B1146EDF7C008D91CF8ABFD2F8BC54
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/kQTNofwWDS3Pv8EK8QRStW_6XIc.roa
Signing time: Sun 05 Mar 2023 07:34:00 +0000
ROA not before: Sun 05 Mar 2023 07:34:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 185.86.142.0/23 maxlen: 24
185.86.140.0/23 maxlen: 24
37.218.208.0/21 maxlen: 24
37.218.216.0/21 maxlen: 24
188.215.120.0/22 maxlen: 24
188.215.124.0/22 maxlen: 24
89.46.180.0/22 maxlen: 24
149.126.88.0/22 maxlen: 24
31.186.180.0/22 maxlen: 24
46.20.210.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sun 18 Jun 2023 10:23:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:b0:b1:14:6e:df:7c:00:8d:91:cf:8a:bf:d2:f8:bc:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Mar 5 07:34:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9104cda1fc160d2dcfbfc10af10452b56ffa5c87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:ec:ad:7b:99:4f:f6:2d:a1:4c:06:3d:42:fc:
b2:54:75:cc:2e:df:1b:4c:c1:8f:26:bd:2b:20:b9:
01:d3:84:3a:52:4e:16:ab:6f:b7:6f:2f:69:dc:01:
64:b2:4b:11:fe:74:7b:d5:d2:9b:f2:d8:2b:57:3d:
96:eb:33:97:99:a5:b2:01:4b:d2:ef:07:8b:78:27:
f7:57:6e:55:89:72:b7:39:ed:b9:51:ad:da:41:e6:
d1:92:3c:46:8c:e1:65:ea:f4:a5:e4:0f:1b:da:85:
2e:09:da:26:f9:e0:42:ed:3f:1a:8e:5f:36:17:b7:
1f:cb:f0:00:96:ec:a3:8c:de:b6:45:e6:97:4e:d5:
45:9c:67:32:16:21:7b:b3:77:b9:ad:85:07:8c:bb:
cd:7d:b3:79:77:73:38:78:69:66:45:66:a3:74:ea:
31:85:5f:a7:2b:4e:2d:26:8e:7a:ef:fb:43:58:fe:
5b:0f:e7:3e:33:c4:8d:4b:01:c8:ca:a1:3b:25:bb:
c8:fa:8b:3c:ac:93:70:6a:e7:c5:53:7c:99:a1:6c:
dc:45:f0:c2:a1:6b:ba:3d:46:28:bb:b8:49:b2:84:
4f:d2:4b:c4:ae:21:9f:78:57:1a:79:48:6d:da:82:
38:32:4f:ab:47:7b:d0:3f:b3:aa:cf:e0:73:5f:6c:
e7:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:04:CD:A1:FC:16:0D:2D:CF:BF:C1:0A:F1:04:52:B5:6F:FA:5C:87
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/kQTNofwWDS3Pv8EK8QRStW_6XIc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.186.180.0/22
37.218.208.0/20
46.20.210.0/23
89.46.180.0/22
149.126.88.0/22
185.86.140.0/22
188.215.120.0/21
Signature Algorithm: sha256WithRSAEncryption
9f:b1:82:24:0d:8f:4d:3e:64:47:cc:5b:a2:a2:f7:64:26:32:
ad:53:a7:ab:60:af:4a:0d:89:b6:c0:83:a3:8a:fb:22:e7:ad:
8c:d1:57:bd:12:47:d0:64:4b:37:c0:04:74:ea:ab:f0:17:c4:
c2:df:88:f6:c6:25:c6:9c:3a:e4:67:f8:bd:26:9d:52:f2:d1:
24:33:10:c5:76:07:3b:3f:c0:84:4d:9a:e8:c2:ae:4c:23:ca:
89:c1:ad:a0:4b:75:f5:e7:38:e4:b0:f5:31:d7:ac:5e:c2:15:
07:21:5a:8f:5e:c5:9c:d1:78:b8:63:71:1a:10:c3:8b:45:40:
a4:c9:14:75:c8:2b:3d:55:21:b1:f0:34:d0:6f:ca:bc:3a:83:
80:07:17:b1:15:2d:f1:59:99:2d:d8:43:29:7a:a5:bc:9a:4e:
b2:0c:ed:6e:f3:4d:42:cf:18:e0:48:7d:cb:6d:0a:a4:7e:ff:
73:67:e0:7c:c8:c3:5b:3b:b6:bc:77:27:04:74:55:ae:4a:8e:
3f:23:59:41:1b:ad:ec:10:06:33:66:e4:22:8a:17:0c:f2:5c:
6f:b7:e3:1b:e7:75:93:74:ff:34:84:ae:9e:5e:a3:88:16:ae:
cd:69:83:38:10:32:96:28:82:fa:60:2a:36:8c:46:3c:55:b0:
9f:8c:01:e2
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYawsRRu33wAjZHPir/S+LxUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMwMzA1MDczNDAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTA0Y2RhMWZjMTYwZDJkY2ZiZmMxMGFmMTA0NTJiNTZmZmE1Yzg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAleyte5lP9i2hTAY9QvyyVHXMLt8b
TMGPJr0rILkB04Q6Uk4Wq2+3by9p3AFksksR/nR71dKb8tgrVz2W6zOXmaWyAUvS
7weLeCf3V25ViXK3Oe25Ua3aQebRkjxGjOFl6vSl5A8b2oUuCdom+eBC7T8ajl82
F7cfy/AAluyjjN62ReaXTtVFnGcyFiF7s3e5rYUHjLvNfbN5d3M4eGlmRWajdOox
hV+nK04tJo567/tDWP5bD+c+M8SNSwHIyqE7JbvI+os8rJNwaufFU3yZoWzcRfDC
oWu6PUYou7hJsoRP0kvEriGfeFcaeUht2oI4Mk+rR3vQP7Oqz+BzX2zn0QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFJEEzaH8Fg0tz7/BCvEEUrVv+lyHMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEva1FUTm9md1dEUzNQdjhFSzhRUlN0V182WEljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCH7q0AwQE
JdrQAwQBLhTSAwQCWS60AwQClX5YAwQCuVaMAwQDvNd4MA0GCSqGSIb3DQEBCwUA
A4IBAQCfsYIkDY9NPmRHzFuiovdkJjKtU6erYK9KDYm2wIOjivsi562M0Ve9EkfQ
ZEs3wAR06qvwF8TC34j2xiXGnDrkZ/i9Jp1S8tEkMxDFdgc7P8CETZrowq5MI8qJ
wa2gS3X15zjksPUx16xewhUHIVqPXsWc0Xi4Y3EaEMOLRUCkyRR1yCs9VSGx8DTQ
b8q8OoOABxexFS3xWZkt2EMpeqW8mk6yDO1u801CzxjgSH3LbQqkfv9zZ+B8yMNb
O7a8dycEdFWuSo4/I1lBG63sEAYzZuQiihcM8lxvt+Mb53WTdP80hK6eXqOIFq7N
aYM4EDKWKIL6YCo2jEY8VbCfjAHi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:36 2024 by rpki-client on console-fra.rpki-client.org