Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/wxHIt0Te5gpefpmdIO4PfbVbsf0.roa
File: wxHIt0Te5gpefpmdIO4PfbVbsf0.roa (raw, json)
Hash identifier: 46cvAXESJtMHnPm1oz9NEMhHRzECUAHiYC/7+LJoGE8=
Subject key identifier: C3:11:C8:B7:44:DE:E6:0A:5E:7E:99:9D:20:EE:0F:7D:B5:5B:B1:FD
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 01863A4D946556054FEF006EA2C1A7D9A02B
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/wxHIt0Te5gpefpmdIO4PfbVbsf0.roa
Signing time: Fri 10 Feb 2023 07:50:08 +0000
ROA not before: Fri 10 Feb 2023 07:50:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35913
IP address blocks: 86.104.160.0/22 maxlen: 24
92.114.40.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sat 25 Mar 2023 07:52:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:3a:4d:94:65:56:05:4f:ef:00:6e:a2:c1:a7:d9:a0:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Feb 10 07:50:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c311c8b744dee60a5e7e999d20ee0f7db55bb1fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:cf:08:d4:b4:90:ed:41:3d:87:21:05:9c:c1:
a8:77:2f:81:dd:8f:16:41:7f:72:8c:f7:4c:74:4f:
cd:6b:2c:90:ac:5f:cd:6b:35:69:33:8d:4d:c0:1e:
22:fa:c7:90:7a:c7:53:14:3c:b6:d3:6f:07:9e:51:
09:2f:d8:9b:3d:42:8b:4e:55:33:3d:1d:cc:e8:0b:
29:54:0e:d1:d9:d4:b1:68:49:88:d0:81:de:25:d0:
a5:7c:93:37:7e:37:92:3a:21:19:2d:c8:d7:7f:5b:
4f:40:53:66:cf:a9:29:47:b1:a5:6f:97:25:61:15:
0b:d7:12:58:be:40:e9:95:cc:62:4e:0a:ba:93:3f:
5f:7e:97:c1:90:ad:cb:c0:d4:0b:d6:3d:13:06:40:
8f:30:56:96:8e:6b:23:0a:3e:74:a1:7e:25:ab:67:
e9:31:21:9d:fc:8e:25:50:38:15:25:a4:37:ac:be:
2b:95:81:ef:4b:83:aa:9d:24:c7:2a:54:18:97:e1:
70:1c:d4:75:f3:20:75:09:63:a8:a1:cf:58:a3:dd:
92:04:fc:77:63:c8:84:41:3b:f7:ba:85:4f:8e:a6:
a4:ab:c2:41:af:f3:1a:4d:09:3c:f9:83:ce:b0:b1:
ff:7e:ed:7b:44:7c:5d:f0:5e:84:bd:4c:8c:6c:a1:
fd:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:11:C8:B7:44:DE:E6:0A:5E:7E:99:9D:20:EE:0F:7D:B5:5B:B1:FD
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/wxHIt0Te5gpefpmdIO4PfbVbsf0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.104.160.0/22
92.114.40.0/22
Signature Algorithm: sha256WithRSAEncryption
62:8e:1c:68:ab:df:08:44:1c:61:bb:b4:52:b1:d7:1f:f1:c8:
40:87:4f:df:aa:16:3f:7b:6d:bf:f5:42:32:47:a0:d1:be:e4:
a7:50:b5:b1:0e:7f:70:f0:f0:43:21:43:df:20:11:05:0a:a8:
fc:71:86:36:cb:65:40:e1:59:0b:8c:96:ec:3d:dd:95:08:0e:
29:56:da:b6:5c:de:81:61:98:8a:42:56:b7:98:bf:bc:9e:94:
95:04:26:c4:ca:25:f7:63:bb:5e:14:79:92:54:5a:05:cc:f4:
fe:4d:1f:84:08:a6:fc:14:89:d7:ec:8f:ca:3b:78:bc:34:8e:
af:32:d4:58:7b:01:e3:0e:4f:43:48:61:d6:3d:3b:eb:56:fc:
15:66:d2:c8:27:d8:e3:0d:65:a1:74:a4:f2:a8:5e:d3:8e:b4:
00:a9:1b:6a:10:41:ba:58:c0:01:d1:69:e7:71:8f:12:84:96:
2e:3a:04:7e:f1:08:62:2a:1f:f6:51:c3:96:d3:cb:11:aa:ec:
44:f7:b7:0a:65:71:fc:63:54:cc:98:41:24:e9:81:81:73:78:
09:3d:5e:41:87:d9:6f:94:f4:9e:66:fe:ea:3f:78:93:06:87:
e5:84:a9:9c:2b:00:d5:7f:6d:29:2e:7f:6c:05:0f:69:cd:15:
18:ab:ef:9c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYY6TZRlVgVP7wBuosGn2aArMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMwMjEwMDc1MDA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzExYzhiNzQ0ZGVlNjBhNWU3ZTk5OWQyMGVlMGY3ZGI1NWJiMWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0c8I1LSQ7UE9hyEFnMGody+B3Y8W
QX9yjPdMdE/NayyQrF/NazVpM41NwB4i+seQesdTFDy2028HnlEJL9ibPUKLTlUz
PR3M6AspVA7R2dSxaEmI0IHeJdClfJM3fjeSOiEZLcjXf1tPQFNmz6kpR7Glb5cl
YRUL1xJYvkDplcxiTgq6kz9ffpfBkK3LwNQL1j0TBkCPMFaWjmsjCj50oX4lq2fp
MSGd/I4lUDgVJaQ3rL4rlYHvS4OqnSTHKlQYl+FwHNR18yB1CWOooc9Yo92SBPx3
Y8iEQTv3uoVPjqakq8JBr/MaTQk8+YPOsLH/fu17RHxd8F6EvUyMbKH9JwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMMRyLdE3uYKXn6ZnSDuD321W7H9MB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvd3hISXQwVGU1Z3BlZnBtZElPNFBmYlZic2YwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCVmigAwQC
XHIoMA0GCSqGSIb3DQEBCwUAA4IBAQBijhxoq98IRBxhu7RSsdcf8chAh0/fqhY/
e22/9UIyR6DRvuSnULWxDn9w8PBDIUPfIBEFCqj8cYY2y2VA4VkLjJbsPd2VCA4p
Vtq2XN6BYZiKQla3mL+8npSVBCbEyiX3Y7teFHmSVFoFzPT+TR+ECKb8FInX7I/K
O3i8NI6vMtRYewHjDk9DSGHWPTvrVvwVZtLIJ9jjDWWhdKTyqF7TjrQAqRtqEEG6
WMAB0WnncY8ShJYuOgR+8QhiKh/2UcOW08sRquxE97cKZXH8Y1TMmEEk6YGBc3gJ
PV5Bh9lvlPSeZv7qP3iTBoflhKmcKwDVf20pLn9sBQ9pzRUYq++c
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:47 2024 by rpki-client on console-ams.rpki-client.org