Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/ffbf6a-72f0-401f-b2c3-8b8d72172090/1/AkiCyLBtgnsY4mKkxhLX_m7wm94.roa
File: AkiCyLBtgnsY4mKkxhLX_m7wm94.roa (raw, json)
Hash identifier: 3PIGNWL3CVbVHe7rQJRHYInANpptaAHE3L7+wwAqkFo=
Subject key identifier: 02:48:82:C8:B0:6D:82:7B:18:E2:62:A4:C6:12:D7:FE:6E:F0:9B:DE
Certificate issuer: /CN=56d0e3b28f2be33ec5a9d2ca00ac64155536cbc6
Certificate serial: 0188FF6482A4F94F800BEED6106D68FDB6BA
Authority key identifier: 56:D0:E3:B2:8F:2B:E3:3E:C5:A9:D2:CA:00:AC:64:15:55:36:CB:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VtDjso8r4z7FqdLKAKxkFVU2y8Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/ffbf6a-72f0-401f-b2c3-8b8d72172090/1/AkiCyLBtgnsY4mKkxhLX_m7wm94.roa
Signing time: Wed 28 Jun 2023 00:25:56 +0000
ROA not before: Wed 28 Jun 2023 00:25:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8697
IP address blocks: 86.108.0.0/17 maxlen: 24
46.185.128.0/17 maxlen: 24
79.173.192.0/18 maxlen: 24
185.98.220.0/22 maxlen: 24
92.253.0.0/17 maxlen: 24
217.23.32.0/20 maxlen: 24
194.165.128.0/19 maxlen: 24
149.200.128.0/17 maxlen: 24
213.186.160.0/19 maxlen: 24
94.249.0.0/17 maxlen: 24
37.202.64.0/18 maxlen: 24
Validation: Failed, certificate revoked on Mon 04 Sep 2023 09:56:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:ff:64:82:a4:f9:4f:80:0b:ee:d6:10:6d:68:fd:b6:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56d0e3b28f2be33ec5a9d2ca00ac64155536cbc6
Validity
Not Before: Jun 28 00:25:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=024882c8b06d827b18e262a4c612d7fe6ef09bde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:f7:d2:bc:f6:05:1b:76:9e:81:dc:ef:8b:04:
f6:40:f6:67:ee:5d:59:df:bc:a7:82:2b:3e:33:29:
74:a6:b4:ac:0c:3b:e3:98:4b:4c:97:f8:ca:20:29:
3a:59:8e:c6:ff:bd:f9:7c:3c:7f:a3:6f:bc:db:8b:
23:f2:6a:b7:fc:b1:b3:5d:9e:30:03:22:ba:ec:bd:
1d:b3:9b:1c:86:eb:a9:a8:cc:58:e6:cc:87:de:44:
b0:ae:ab:9d:5f:01:92:8a:30:80:19:6d:69:8c:2a:
b9:25:ac:68:df:fa:8d:41:48:5d:cd:91:1a:8b:eb:
71:8d:29:d9:6a:21:3f:02:e1:36:95:d7:44:09:b0:
b3:e6:c0:15:47:98:a9:28:37:91:f8:9b:6e:79:9f:
41:11:78:8f:a9:59:af:b8:02:93:db:ad:5e:1b:d0:
75:65:93:c8:0c:39:f8:46:83:39:5b:fb:77:9e:96:
f3:68:f1:ae:bd:91:00:a5:1a:d1:14:e5:e2:26:e9:
e9:e9:70:9b:c1:d3:b4:30:cd:80:30:e8:21:b2:f4:
81:a1:14:91:ab:1d:72:6c:ed:75:0a:3d:d3:cd:9c:
40:84:f6:1b:ef:8a:40:52:63:57:de:73:36:73:0b:
c7:f6:f2:20:08:a1:9a:ea:e4:e2:2d:1e:52:8f:37:
37:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:48:82:C8:B0:6D:82:7B:18:E2:62:A4:C6:12:D7:FE:6E:F0:9B:DE
X509v3 Authority Key Identifier:
keyid:56:D0:E3:B2:8F:2B:E3:3E:C5:A9:D2:CA:00:AC:64:15:55:36:CB:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VtDjso8r4z7FqdLKAKxkFVU2y8Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/ffbf6a-72f0-401f-b2c3-8b8d72172090/1/AkiCyLBtgnsY4mKkxhLX_m7wm94.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/ffbf6a-72f0-401f-b2c3-8b8d72172090/1/VtDjso8r4z7FqdLKAKxkFVU2y8Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.64.0/18
46.185.128.0/17
79.173.192.0/18
86.108.0.0/17
92.253.0.0/17
94.249.0.0/17
149.200.128.0/17
185.98.220.0/22
194.165.128.0/19
213.186.160.0/19
217.23.32.0/20
Signature Algorithm: sha256WithRSAEncryption
6c:de:4b:26:50:a9:9b:a4:26:a5:c2:6b:cd:5c:f4:4f:9b:ea:
f2:11:34:ba:52:3f:b0:28:be:61:d0:b1:4c:e4:1a:39:05:6e:
e0:5b:8a:95:da:76:0d:86:6b:85:67:50:99:22:de:7f:41:de:
a7:6a:81:9c:fd:24:3e:08:e3:ae:1e:1e:65:dd:b8:a1:bf:15:
88:95:3c:c0:1b:49:c4:7f:29:e3:30:18:46:8e:cb:79:0f:f5:
ad:38:fa:1c:90:73:a7:68:95:af:62:0d:17:ea:55:1a:43:8f:
28:00:07:8d:cc:09:20:14:a6:fd:92:05:98:e1:02:7f:5e:ff:
eb:e7:54:10:9b:88:2b:7d:ff:52:b9:b0:8e:36:99:d9:10:82:
e0:99:ae:cb:78:a9:a0:17:70:64:0f:a3:27:21:b3:f9:8a:61:
eb:39:3e:79:65:e7:23:db:6e:90:92:9c:7c:e7:1a:7d:c1:67:
b1:ea:3b:72:fc:15:fb:c4:7f:ec:64:ba:df:de:2d:82:9b:fa:
46:c5:f2:99:a1:bf:0c:74:81:3e:8a:e2:ea:23:cf:9c:28:d5:
50:87:35:41:48:19:e8:82:79:64:73:7c:23:5c:bb:58:39:db:
31:93:6c:47:11:a5:2a:6e:be:44:1a:d7:f0:1b:1d:ae:46:7f:
d1:69:7d:68
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYj/ZIKk+U+AC+7WEG1o/ba6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2ZDBlM2IyOGYyYmUzM2VjNWE5ZDJjYTAwYWM2NDE1NTUz
NmNiYzYwHhcNMjMwNjI4MDAyNTU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjQ4ODJjOGIwNmQ4MjdiMThlMjYyYTRjNjEyZDdmZTZlZjA5YmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuffSvPYFG3aegdzviwT2QPZn7l1Z
37yngis+Myl0prSsDDvjmEtMl/jKICk6WY7G/735fDx/o2+824sj8mq3/LGzXZ4w
AyK67L0ds5schuupqMxY5syH3kSwrqudXwGSijCAGW1pjCq5Jaxo3/qNQUhdzZEa
i+txjSnZaiE/AuE2lddECbCz5sAVR5ipKDeR+JtueZ9BEXiPqVmvuAKT261eG9B1
ZZPIDDn4RoM5W/t3npbzaPGuvZEApRrRFOXiJunp6XCbwdO0MM2AMOghsvSBoRSR
qx1ybO11Cj3TzZxAhPYb74pAUmNX3nM2cwvH9vIgCKGa6uTiLR5Sjzc3TwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFAJIgsiwbYJ7GOJipMYS1/5u8JveMB8GA1UdIwQY
MBaAFFbQ47KPK+M+xanSygCsZBVVNsvGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnREanNvOHI0ejdGcWRMS0FLeGtGVlUyeThZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9mZmJmNmEtNzJmMC00MDFmLWIyYzMt
OGI4ZDcyMTcyMDkwLzEvQWtpQ3lMQnRnbnNZNG1La3hoTFhfbTd3bTk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9mZmJmNmEtNzJmMC00MDFmLWIyYzMtOGI4ZDcyMTcyMDkw
LzEvVnREanNvOHI0ejdGcWRMS0FLeGtGVlUyeThZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQGJcpAAwQH
LrmAAwQGT63AAwQHVmwAAwQHXP0AAwQHXvkAAwQHlciAAwQCuWLcAwQFwqWAAwQF
1bqgAwQE2RcgMA0GCSqGSIb3DQEBCwUAA4IBAQBs3ksmUKmbpCalwmvNXPRPm+ry
ETS6Uj+wKL5h0LFM5Bo5BW7gW4qV2nYNhmuFZ1CZIt5/Qd6naoGc/SQ+COOuHh5l
3bihvxWIlTzAG0nEfynjMBhGjst5D/WtOPockHOnaJWvYg0X6lUaQ48oAAeNzAkg
FKb9kgWY4QJ/Xv/r51QQm4grff9SubCONpnZEILgma7LeKmgF3BkD6MnIbP5imHr
OT55Zecj226Qkpx85xp9wWex6jty/BX7xH/sZLrf3i2Cm/pGxfKZob8MdIE+iuLq
I8+cKNVQhzVBSBnognlkc3wjXLtYOdsxk2xHEaUqbr5EGtfwGx2uRn/RaX1o
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:08 2024 by rpki-client on console-fra.rpki-client.org