Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/eafefe-787d-4b2d-b530-8af05ae3192c/1/djykdewOWv01fnbZxXiUH-j76Dw.roa
File: djykdewOWv01fnbZxXiUH-j76Dw.roa (raw, json)
Hash identifier: vz+NiASeRS73xyhJGbouecLFExdx1ULRAU4Wbo4I8iE=
Subject key identifier: 76:3C:A4:75:EC:0E:5A:FD:35:7E:76:D9:C5:78:94:1F:E8:FB:E8:3C
Certificate issuer: /CN=ebe324c4fff07240eeb1f00e63e635f7cb902f98
Certificate serial: 018CC64AEFBE17E7A29E8896197D4F9871A4
Authority key identifier: EB:E3:24:C4:FF:F0:72:40:EE:B1:F0:0E:63:E6:35:F7:CB:90:2F:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6-MkxP_wckDusfAOY-Y198uQL5g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/eafefe-787d-4b2d-b530-8af05ae3192c/1/djykdewOWv01fnbZxXiUH-j76Dw.roa
Signing time: Mon 01 Jan 2024 18:30:48 +0000
ROA not before: Mon 01 Jan 2024 18:30:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60764
IP address blocks: 185.174.192.0/24 maxlen: 32
185.174.195.0/24 maxlen: 32
185.174.193.0/24 maxlen: 32
185.174.194.0/24 maxlen: 32
86.62.14.0/24 maxlen: 32
86.62.15.0/24 maxlen: 32
86.62.12.0/24 maxlen: 32
86.62.13.0/24 maxlen: 32
2a0b:b500:f800::/48 maxlen: 48
2a0b:b500::/31 maxlen: 31
2a0b:b500:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 24 Jan 2024 07:14:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:ef:be:17:e7:a2:9e:88:96:19:7d:4f:98:71:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebe324c4fff07240eeb1f00e63e635f7cb902f98
Validity
Not Before: Jan 1 18:30:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=763ca475ec0e5afd357e76d9c578941fe8fbe83c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:d1:1d:81:10:7d:64:26:29:36:3f:07:f4:85:
83:ad:7b:66:dc:d4:41:b7:cc:a9:71:3d:01:33:16:
ca:3f:40:c9:aa:62:4b:f4:bb:56:6f:e4:b5:1d:ca:
f4:8b:2c:d1:14:27:9d:42:11:c1:e3:99:69:24:e2:
0d:52:5d:b3:67:3f:0e:34:36:a7:dc:0b:c3:5a:c4:
e8:10:6e:64:50:5d:26:a3:9f:6e:09:ac:a6:0f:80:
06:b0:9c:46:5e:a4:b7:97:80:90:37:d9:55:1c:a2:
2f:b1:a8:3b:54:28:74:46:57:ce:9f:0e:b5:39:8f:
31:9f:4b:0d:23:bf:bc:c4:10:5b:15:ef:22:98:04:
90:fa:d5:80:c0:e7:5e:ad:0d:fb:b2:22:0d:02:64:
70:c6:4a:3a:1b:4c:f5:08:00:84:ad:68:09:21:d1:
c6:b0:2d:d8:19:ea:2d:33:4f:12:5b:ca:a9:4e:00:
9e:66:42:f8:2d:9c:8a:8f:3b:ef:31:7e:7e:32:3c:
77:75:b7:a0:25:6c:c5:34:ce:1e:fa:77:a1:6a:d2:
a5:3e:03:3e:ee:09:7b:c2:9e:85:66:94:2e:e7:9b:
df:2a:67:46:73:1e:6d:dd:55:32:98:d9:81:ea:62:
e9:53:c2:e8:42:bd:3c:a8:b8:0e:da:43:bd:d9:8a:
6e:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:3C:A4:75:EC:0E:5A:FD:35:7E:76:D9:C5:78:94:1F:E8:FB:E8:3C
X509v3 Authority Key Identifier:
keyid:EB:E3:24:C4:FF:F0:72:40:EE:B1:F0:0E:63:E6:35:F7:CB:90:2F:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6-MkxP_wckDusfAOY-Y198uQL5g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/eafefe-787d-4b2d-b530-8af05ae3192c/1/djykdewOWv01fnbZxXiUH-j76Dw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/eafefe-787d-4b2d-b530-8af05ae3192c/1/6-MkxP_wckDusfAOY-Y198uQL5g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.62.12.0/22
185.174.192.0/22
IPv6:
2a0b:b500::/31
Signature Algorithm: sha256WithRSAEncryption
59:5a:fc:24:0a:d5:73:f6:9e:66:5e:57:0a:be:1a:6d:b4:c3:
dc:91:5f:59:db:fe:3d:a5:13:b8:30:45:19:fa:37:19:4a:4f:
49:18:ef:b4:3c:ea:fd:39:9a:75:ea:ac:63:aa:64:c7:c8:65:
a9:63:bc:1b:1c:9c:e7:76:0a:44:19:51:ce:f3:51:3a:98:0d:
72:b8:0c:f8:35:4e:29:57:e4:e3:44:7a:d3:a5:f2:70:ca:ef:
f6:71:f0:49:48:b9:34:70:cf:16:fa:80:f5:a3:37:87:61:20:
d2:36:2d:a9:ff:d1:99:0a:37:8e:6c:af:84:e2:c4:f9:9f:a9:
24:9b:b6:5b:c8:fd:01:50:37:90:c7:05:79:5e:70:13:cb:2a:
f5:2a:e9:82:8f:97:f2:31:89:09:3f:3e:9e:f4:c1:18:38:fc:
ab:ec:d2:b9:3f:9a:e5:a2:53:58:8b:fb:9a:36:f3:5e:24:8b:
09:98:99:da:2e:d3:58:a0:4e:33:b5:64:5c:01:7f:d9:3f:b3:
7b:e9:86:0a:30:80:10:91:ba:7a:78:ad:cb:75:9a:18:6f:98:
e6:f7:52:98:e3:3a:4f:db:ef:e0:6e:60:51:ec:d9:bf:75:05:
84:65:d6:b8:85:63:f0:23:ae:86:06:d0:44:f2:a6:40:67:ff:
62:32:32:0b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzGSu++F+einoiWGX1PmHGkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViZTMyNGM0ZmZmMDcyNDBlZWIxZjAwZTYzZTYzNWY3Y2I5
MDJmOTgwHhcNMjQwMTAxMTgzMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjNjYTQ3NWVjMGU1YWZkMzU3ZTc2ZDljNTc4OTQxZmU4ZmJlODNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqNEdgRB9ZCYpNj8H9IWDrXtm3NRB
t8ypcT0BMxbKP0DJqmJL9LtWb+S1Hcr0iyzRFCedQhHB45lpJOINUl2zZz8ONDan
3AvDWsToEG5kUF0mo59uCaymD4AGsJxGXqS3l4CQN9lVHKIvsag7VCh0RlfOnw61
OY8xn0sNI7+8xBBbFe8imASQ+tWAwOderQ37siINAmRwxko6G0z1CACErWgJIdHG
sC3YGeotM08SW8qpTgCeZkL4LZyKjzvvMX5+Mjx3dbegJWzFNM4e+nehatKlPgM+
7gl7wp6FZpQu55vfKmdGcx5t3VUymNmB6mLpU8LoQr08qLgO2kO92YpusQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHY8pHXsDlr9NX522cV4lB/o++g8MB8GA1UdIwQY
MBaAFOvjJMT/8HJA7rHwDmPmNffLkC+YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNi1Na3hQX3dja0R1c2ZBT1ktWTE5OHVRTDVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS9lYWZlZmUtNzg3ZC00YjJkLWI1MzAt
OGFmMDVhZTMxOTJjLzEvZGp5a2Rld09XdjAxZm5iWnhYaVVILWo3NkR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS9lYWZlZmUtNzg3ZC00YjJkLWI1MzAtOGFmMDVhZTMxOTJj
LzEvNi1Na3hQX3dja0R1c2ZBT1ktWTE5OHVRTDVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCVj4MAwQC
ua7AMA0EAgACMAcDBQEqC7UAMA0GCSqGSIb3DQEBCwUAA4IBAQBZWvwkCtVz9p5m
XlcKvhpttMPckV9Z2/49pRO4MEUZ+jcZSk9JGO+0POr9OZp16qxjqmTHyGWpY7wb
HJzndgpEGVHO81E6mA1yuAz4NU4pV+TjRHrTpfJwyu/2cfBJSLk0cM8W+oD1ozeH
YSDSNi2p/9GZCjeObK+E4sT5n6kkm7ZbyP0BUDeQxwV5XnATyyr1KumCj5fyMYkJ
Pz6e9MEYOPyr7NK5P5rlolNYi/uaNvNeJIsJmJnaLtNYoE4ztWRcAX/ZP7N76YYK
MIAQkbp6eK3LdZoYb5jm91KY4zpP2+/gbmBR7Nm/dQWEZda4hWPwI66GBtBE8qZA
Z/9iMjIL
Generated at Wed Jan 24 08:03:57 2024 by rpki-client on console-fra.rpki-client.org