Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/0jAT--cMlN4Y1lp6fSLiKlnjNno.roa
File: 0jAT--cMlN4Y1lp6fSLiKlnjNno.roa (raw, json)
Hash identifier: 7WvXTyk2DWsOplULLXGY+KqR37r1RLqHBmBJ6k5j+zE=
Subject key identifier: D2:30:13:FB:E7:0C:94:DE:18:D6:5A:7A:7D:22:E2:2A:59:E3:36:7A
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018F8A7094598548FB334E1DB7807231D816
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/0jAT--cMlN4Y1lp6fSLiKlnjNno.roa
Signing time: Sat 18 May 2024 06:43:04 +0000
ROA not before: Sat 18 May 2024 06:43:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39521
IP address blocks: 46.20.212.0/22 maxlen: 24
82.163.64.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 19 Nov 2024 07:42:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:8a:70:94:59:85:48:fb:33:4e:1d:b7:80:72:31:d8:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: May 18 06:43:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d23013fbe70c94de18d65a7a7d22e22a59e3367a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:17:8c:4b:c4:f4:ac:49:fb:20:a1:f9:84:2a:
5c:69:b4:1e:e8:74:85:18:11:b0:e7:a5:4f:bf:89:
c4:e9:52:d0:67:48:8c:97:92:f4:46:4b:5e:f2:e6:
ea:3b:24:cd:2b:c3:d4:1d:85:c8:7e:70:37:3e:47:
58:59:42:f1:ad:14:fb:6e:b6:0a:a6:1f:ec:c2:c0:
19:7b:75:a7:13:eb:80:fb:f2:88:21:25:f7:d4:88:
78:ad:e9:bf:e6:8a:40:5f:2f:f5:07:12:57:64:9a:
d6:47:ec:bf:a1:16:a7:df:48:ab:e2:18:0e:30:47:
56:a6:97:53:58:96:18:72:a0:07:0c:a3:d6:aa:d4:
66:00:8c:16:66:a5:0b:cd:45:2f:1b:0b:39:0e:50:
d2:d8:8c:29:e2:64:cb:9f:24:8f:93:1e:26:71:ec:
08:7e:a6:0c:b4:c4:5e:99:18:12:ca:9c:13:52:fc:
da:10:3d:42:bf:b1:c9:55:44:f8:c4:71:82:48:dd:
de:c0:10:36:03:7b:87:95:09:5c:92:37:da:1e:f9:
a6:70:ff:02:9b:78:a3:e0:a4:12:89:2b:d9:1b:7e:
65:d6:7d:f7:54:87:18:14:5e:cf:d0:3f:b4:50:ef:
23:7f:a6:83:70:28:e5:5b:ca:24:0f:6c:6c:c4:76:
10:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:30:13:FB:E7:0C:94:DE:18:D6:5A:7A:7D:22:E2:2A:59:E3:36:7A
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/0jAT--cMlN4Y1lp6fSLiKlnjNno.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.212.0/22
82.163.64.0/22
Signature Algorithm: sha256WithRSAEncryption
67:c7:8a:48:45:18:62:8d:6e:1f:fa:d0:15:a5:80:cf:fb:77:
be:d6:bf:9a:f7:fb:ce:2a:9e:d6:6a:48:4c:80:e9:d5:4b:4b:
cf:0f:46:e3:73:a2:82:04:73:ad:86:e2:26:78:d3:b3:43:1f:
68:50:5c:06:df:5a:a2:97:06:13:a5:12:1b:03:bc:01:f9:eb:
7b:9b:49:f2:5b:80:0d:76:9f:e0:a4:4e:50:58:5b:b2:37:c0:
fa:91:d6:77:b2:01:c7:6a:55:f8:f6:20:42:c0:29:0d:fa:c8:
1e:81:69:31:63:41:1a:0a:d4:25:34:66:3c:09:af:51:ca:78:
3a:9d:59:29:d9:4f:49:71:37:1b:bc:58:38:7d:43:58:b3:c7:
82:63:54:56:dd:f1:fd:a6:f7:69:04:aa:27:5a:d5:a7:d9:5f:
09:c0:8f:2b:8d:41:a1:fe:ac:8a:aa:e3:2a:ca:26:1d:89:99:
b7:d3:4f:54:9c:15:aa:89:7a:1a:4e:4a:2f:e3:b6:4d:aa:bd:
89:a4:95:54:7b:77:95:38:f6:f5:8e:f2:2b:24:dc:ae:4c:e0:
c7:07:df:38:47:87:ee:95:3f:bb:4c:7a:49:b5:1b:71:ba:d7:
3e:a3:76:17:05:41:69:38:57:cd:ef:50:59:ce:8c:7c:3d:bf:
cc:14:ae:f8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY+KcJRZhUj7M04dt4ByMdgWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQwNTE4MDY0MzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjMwMTNmYmU3MGM5NGRlMThkNjVhN2E3ZDIyZTIyYTU5ZTMzNjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtBeMS8T0rEn7IKH5hCpcabQe6HSF
GBGw56VPv4nE6VLQZ0iMl5L0Rkte8ubqOyTNK8PUHYXIfnA3PkdYWULxrRT7brYK
ph/swsAZe3WnE+uA+/KIISX31Ih4rem/5opAXy/1BxJXZJrWR+y/oRan30ir4hgO
MEdWppdTWJYYcqAHDKPWqtRmAIwWZqULzUUvGws5DlDS2Iwp4mTLnySPkx4mcewI
fqYMtMRemRgSypwTUvzaED1Cv7HJVUT4xHGCSN3ewBA2A3uHlQlckjfaHvmmcP8C
m3ij4KQSiSvZG35l1n33VIcYFF7P0D+0UO8jf6aDcCjlW8okD2xsxHYQiQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNIwE/vnDJTeGNZaen0i4ipZ4zZ6MB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvMGpBVC0tY01sTjRZMWxwNmZTTGlLbG5qTm5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLhTUAwQC
UqNAMA0GCSqGSIb3DQEBCwUAA4IBAQBnx4pIRRhijW4f+tAVpYDP+3e+1r+a9/vO
Kp7WakhMgOnVS0vPD0bjc6KCBHOthuImeNOzQx9oUFwG31qilwYTpRIbA7wB+et7
m0nyW4ANdp/gpE5QWFuyN8D6kdZ3sgHHalX49iBCwCkN+sgegWkxY0EaCtQlNGY8
Ca9Ryng6nVkp2U9JcTcbvFg4fUNYs8eCY1RW3fH9pvdpBKonWtWn2V8JwI8rjUGh
/qyKquMqyiYdiZm3009UnBWqiXoaTkov47ZNqr2JpJVUe3eVOPb1jvIrJNyuTODH
B984R4fulT+7THpJtRtxutc+o3YXBUFpOFfN71BZzox8Pb/MFK74
-----END CERTIFICATE-----
Generated at Tue Nov 19 09:21:15 2024 by rpki-client on console-fra.rpki-client.org