Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/uZ6TH-ZSusZToUqlK5jdtzp8ry8.roa
File: uZ6TH-ZSusZToUqlK5jdtzp8ry8.roa (raw, json)
Hash identifier: 40gE90krIAIECtjO/snD07DiCuWuaW0CM49ficp85I8=
Subject key identifier: B9:9E:93:1F:E6:52:BA:C6:53:A1:4A:A5:2B:98:DD:B7:3A:7C:AF:2F
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018C5A495C20AB29CCAFD4B06FA839DB8FFE
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/uZ6TH-ZSusZToUqlK5jdtzp8ry8.roa
Signing time: Mon 11 Dec 2023 19:10:06 +0000
ROA not before: Mon 11 Dec 2023 19:10:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 185.86.142.0/23 maxlen: 24
185.86.140.0/23 maxlen: 24
37.218.216.0/21 maxlen: 24
188.215.124.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:5a:49:5c:20:ab:29:cc:af:d4:b0:6f:a8:39:db:8f:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Dec 11 19:10:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b99e931fe652bac653a14aa52b98ddb73a7caf2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:95:54:5a:92:23:00:58:5a:bc:17:fd:12:c2:
09:46:1e:9d:d4:b2:c1:4d:00:b6:5b:ca:a2:81:4d:
ad:98:ce:e5:ef:d0:f9:fb:92:11:a5:0b:0d:46:4d:
6a:5c:23:d5:10:40:b2:0e:db:6d:1d:35:d5:ea:34:
b3:d3:5f:bf:c4:ce:12:c3:fb:b7:5a:69:b8:30:cb:
76:94:2d:27:5c:08:54:18:7c:d1:c1:46:f9:16:bf:
b9:44:d5:84:b1:8d:31:18:0b:91:c3:de:f6:a2:97:
32:04:16:4a:1e:bd:4d:49:51:0a:3e:fa:83:fc:3e:
54:9c:d4:05:18:9d:e2:3e:37:84:09:70:a2:7d:1e:
ca:8e:78:03:53:f5:42:d3:e6:4c:ce:21:a5:86:56:
c2:fb:54:16:65:95:c1:3a:bb:61:35:dd:43:d4:d3:
0c:5b:3e:f0:f6:a3:9c:96:46:57:f1:ac:03:56:37:
24:85:34:64:ec:0e:e7:64:2a:18:32:f2:4d:22:2b:
7c:2b:4c:39:eb:5c:52:f1:10:76:6d:9a:d9:77:9e:
55:e1:e7:b3:27:6c:a3:1a:bf:70:34:b9:5d:a0:1f:
d0:68:98:d4:0c:fc:d1:d3:b5:c8:85:c4:90:fc:c6:
06:66:70:f6:55:b3:d2:89:32:ef:69:30:f2:d0:0e:
76:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:9E:93:1F:E6:52:BA:C6:53:A1:4A:A5:2B:98:DD:B7:3A:7C:AF:2F
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/uZ6TH-ZSusZToUqlK5jdtzp8ry8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.218.216.0/21
185.86.140.0/22
188.215.124.0/22
Signature Algorithm: sha256WithRSAEncryption
45:f1:bc:d1:b7:00:14:1a:06:c9:ce:ef:dd:be:a4:6c:74:1c:
ad:2c:28:2e:fd:e6:50:f9:c6:dc:5b:26:51:68:88:60:2f:15:
18:71:37:a3:5d:bd:20:16:7a:82:ae:b8:7f:13:0a:2b:35:ae:
e3:ef:47:ef:e1:86:3c:9a:d3:90:6b:3d:f4:a0:1c:4c:bf:39:
c5:7a:9f:b7:61:a4:90:96:18:93:69:52:62:03:a7:36:11:a4:
8a:e7:f8:9d:8e:0f:af:8c:9d:3c:8b:be:f1:a5:e1:d3:27:fe:
9d:f0:05:e9:f0:b2:e5:ad:eb:f9:0f:e0:78:6e:c2:67:3a:fe:
ef:95:8e:47:fd:46:29:29:35:30:65:8f:39:ac:5e:39:74:f7:
b2:cf:d5:b2:eb:2e:50:b5:a8:64:3c:59:53:fc:16:2c:bf:30:
3a:d3:51:1b:fb:be:60:7b:4f:b5:4e:02:b2:7c:af:2b:4e:31:
b2:10:f3:00:f4:96:6d:7e:3d:62:2b:f7:14:4d:cd:32:c4:0d:
49:21:6c:d9:56:78:cd:6f:b8:51:48:a6:dc:56:fc:d1:be:f3:
5c:b7:b9:99:41:34:ce:a0:b3:85:31:3c:ad:72:b3:32:61:19:
ef:e9:28:ff:72:76:53:84:8a:ff:55:5a:f4:e8:ec:a6:26:b9:
eb:10:6a:2e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYxaSVwgqynMr9Swb6g524/+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMxMjExMTkxMDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTllOTMxZmU2NTJiYWM2NTNhMTRhYTUyYjk4ZGRiNzNhN2NhZjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsZVUWpIjAFhavBf9EsIJRh6d1LLB
TQC2W8qigU2tmM7l79D5+5IRpQsNRk1qXCPVEECyDtttHTXV6jSz01+/xM4Sw/u3
Wmm4MMt2lC0nXAhUGHzRwUb5Fr+5RNWEsY0xGAuRw972opcyBBZKHr1NSVEKPvqD
/D5UnNQFGJ3iPjeECXCifR7KjngDU/VC0+ZMziGlhlbC+1QWZZXBOrthNd1D1NMM
Wz7w9qOclkZX8awDVjckhTRk7A7nZCoYMvJNIit8K0w561xS8RB2bZrZd55V4eez
J2yjGr9wNLldoB/QaJjUDPzR07XIhcSQ/MYGZnD2VbPSiTLvaTDy0A52HQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLmekx/mUrrGU6FKpSuY3bc6fK8vMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvdVo2VEgtWlN1c1pUb1VxbEs1amR0enA4cnk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDJdrYAwQC
uVaMAwQCvNd8MA0GCSqGSIb3DQEBCwUAA4IBAQBF8bzRtwAUGgbJzu/dvqRsdByt
LCgu/eZQ+cbcWyZRaIhgLxUYcTejXb0gFnqCrrh/EworNa7j70fv4YY8mtOQaz30
oBxMvznFep+3YaSQlhiTaVJiA6c2EaSK5/idjg+vjJ08i77xpeHTJ/6d8AXp8LLl
rev5D+B4bsJnOv7vlY5H/UYpKTUwZY85rF45dPeyz9Wy6y5QtahkPFlT/BYsvzA6
01Eb+75ge0+1TgKyfK8rTjGyEPMA9JZtfj1iK/cUTc0yxA1JIWzZVnjNb7hRSKbc
VvzRvvNct7mZQTTOoLOFMTytcrMyYRnv6Sj/cnZThIr/VVr06OymJrnrEGou
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:47 2024 by rpki-client on console-ams.rpki-client.org