Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/saxS4SsUcJW7aenM5Fb1FAiUrdc.roa
File: saxS4SsUcJW7aenM5Fb1FAiUrdc.roa (raw, json)
Hash identifier: i826MgBTg6Zx5xEjfSB1PzjSHa0bEYD1xMpLI7O+9IU=
Subject key identifier: B1:AC:52:E1:2B:14:70:95:BB:69:E9:CC:E4:56:F5:14:08:94:AD:D7
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018CAF4FE641C777C10B512D6FE6BF884F24
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/saxS4SsUcJW7aenM5Fb1FAiUrdc.roa
Signing time: Thu 28 Dec 2023 07:24:58 +0000
ROA not before: Thu 28 Dec 2023 07:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6830
IP address blocks: 78.143.224.0/22 maxlen: 22
78.143.232.0/21 maxlen: 21
78.143.228.0/22 maxlen: 22
89.46.176.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:af:4f:e6:41:c7:77:c1:0b:51:2d:6f:e6:bf:88:4f:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Dec 28 07:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b1ac52e12b147095bb69e9cce456f5140894add7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:d1:fc:31:fa:5f:1d:33:8f:db:1f:46:df:b8:
65:d9:1b:d2:bf:fa:9c:4b:78:18:71:5c:86:00:a9:
6f:d2:e3:14:c5:09:e0:ec:f9:26:68:55:56:a1:96:
45:59:79:7e:4f:70:54:c5:76:52:8f:8c:04:b4:37:
49:03:94:fa:56:39:46:ab:ad:df:bb:b6:2c:be:5b:
0b:cf:7f:a2:6a:1d:11:94:99:fa:1c:e0:b1:9b:ea:
12:3a:e3:60:9f:1b:4e:fd:31:96:2c:22:f9:0f:1d:
e1:9f:c2:2c:ed:c5:37:92:56:48:99:b7:d0:86:6a:
c0:b3:ec:51:f4:e4:0d:5a:cb:52:4a:79:3e:df:6e:
73:cf:b4:f8:be:42:e1:37:67:45:68:59:cb:c1:59:
24:70:73:ea:8a:1e:8f:dd:0c:2d:80:a9:28:b9:6b:
59:13:2b:70:11:25:30:32:59:a8:c0:41:1b:12:4c:
bb:ea:34:90:60:17:9e:e8:a2:5b:3b:8e:67:b9:d2:
31:0b:6e:88:18:c1:8e:da:81:c0:4e:fd:51:a1:2a:
d4:5c:5d:0f:37:c0:31:6a:9e:51:12:63:7e:dd:49:
f4:8e:d8:42:25:a7:e2:dd:e7:43:77:21:cd:fc:fd:
9d:c2:b0:74:73:0f:35:dc:d8:8b:bb:64:2f:8f:2d:
fc:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:AC:52:E1:2B:14:70:95:BB:69:E9:CC:E4:56:F5:14:08:94:AD:D7
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/saxS4SsUcJW7aenM5Fb1FAiUrdc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.143.224.0/20
89.46.176.0/22
Signature Algorithm: sha256WithRSAEncryption
6d:18:ff:05:0f:67:23:bd:1d:17:fb:f4:d3:45:4a:f4:6b:32:
fa:df:54:a7:ab:14:13:a8:a7:f6:f3:20:aa:3f:5c:8f:3c:35:
47:2e:51:c7:0a:f8:c5:b4:d8:58:7f:ae:8e:91:86:7f:ff:b9:
2c:88:83:a3:5a:9f:81:51:3b:93:05:13:48:b0:79:4b:48:81:
bf:c9:0e:8e:ca:fd:48:5c:e8:0a:6b:7b:62:6c:9e:27:6a:00:
ca:e4:20:f3:04:35:c3:05:55:ec:bc:25:58:75:2e:8e:a1:7a:
3a:32:91:1a:ff:08:f8:a1:8a:14:16:f7:98:56:1a:2f:92:3e:
fa:a5:88:cb:95:ff:9b:8b:2f:2c:bf:c1:b3:ea:56:56:db:50:
79:3d:6d:e9:7f:76:33:a2:f8:b6:d6:51:fe:58:ec:67:27:a6:
7d:c8:39:5f:38:8f:2c:b9:0b:74:d4:8e:7e:20:e7:ca:67:92:
7a:40:53:86:5e:c6:db:12:df:9d:1c:e8:ac:11:54:83:c9:f3:
47:a9:07:d4:b4:27:15:1a:91:44:20:6f:72:42:46:12:3e:d3:
20:78:28:f1:e9:bf:2f:14:21:32:da:4d:07:6f:52:be:4b:64:
48:11:d4:f8:95:44:a9:d9:0f:c6:28:ab:63:e6:6f:ef:d2:2d:
b0:b8:91:ca
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYyvT+ZBx3fBC1Etb+a/iE8kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMxMjI4MDcyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWFjNTJlMTJiMTQ3MDk1YmI2OWU5Y2NlNDU2ZjUxNDA4OTRhZGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgdH8MfpfHTOP2x9G37hl2RvSv/qc
S3gYcVyGAKlv0uMUxQng7PkmaFVWoZZFWXl+T3BUxXZSj4wEtDdJA5T6VjlGq63f
u7YsvlsLz3+iah0RlJn6HOCxm+oSOuNgnxtO/TGWLCL5Dx3hn8Is7cU3klZImbfQ
hmrAs+xR9OQNWstSSnk+325zz7T4vkLhN2dFaFnLwVkkcHPqih6P3QwtgKkouWtZ
EytwESUwMlmowEEbEky76jSQYBee6KJbO45nudIxC26IGMGO2oHATv1RoSrUXF0P
N8Axap5REmN+3Un0jthCJafi3edDdyHN/P2dwrB0cw813NiLu2Qvjy38ZQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLGsUuErFHCVu2npzORW9RQIlK3XMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvc2F4UzRTc1VjSlc3YWVuTTVGYjFGQWlVcmRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQETo/gAwQC
WS6wMA0GCSqGSIb3DQEBCwUAA4IBAQBtGP8FD2cjvR0X+/TTRUr0azL631SnqxQT
qKf28yCqP1yPPDVHLlHHCvjFtNhYf66OkYZ//7ksiIOjWp+BUTuTBRNIsHlLSIG/
yQ6Oyv1IXOgKa3tibJ4nagDK5CDzBDXDBVXsvCVYdS6OoXo6MpEa/wj4oYoUFveY
Vhovkj76pYjLlf+biy8sv8Gz6lZW21B5PW3pf3Yzovi21lH+WOxnJ6Z9yDlfOI8s
uQt01I5+IOfKZ5J6QFOGXsbbEt+dHOisEVSDyfNHqQfUtCcVGpFEIG9yQkYSPtMg
eCjx6b8vFCEy2k0Hb1K+S2RIEdT4lUSp2Q/GKKtj5m/v0i2wuJHK
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:47 2024 by rpki-client on console-ams.rpki-client.org