Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/1-lcHRqnb7fNBQ3_gGRHpsh8XS4.roa
File: 1-lcHRqnb7fNBQ3_gGRHpsh8XS4.roa (raw, json)
Hash identifier: 0gjFPVx9NieTlnccEmZFa6bSXmKu3od10GftZbB+cxc=
Subject key identifier: D7:E9:5C:1D:1A:A7:6F:B7:CD:05:0D:FF:80:64:47:A6:C8:7C:5D:2E
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018C5A4787FD10DE8E113F7975961ED90FF5
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/1-lcHRqnb7fNBQ3_gGRHpsh8XS4.roa
Signing time: Mon 11 Dec 2023 19:08:06 +0000
ROA not before: Mon 11 Dec 2023 19:08:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 46.20.216.0/21 maxlen: 24
82.163.60.0/22 maxlen: 24
82.163.104.0/21 maxlen: 24
92.114.44.0/22 maxlen: 24
31.186.176.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:5a:47:87:fd:10:de:8e:11:3f:79:75:96:1e:d9:0f:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Dec 11 19:08:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d7e95c1d1aa76fb7cd050dff806447a6c87c5d2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:70:c4:98:ae:eb:20:10:a9:b0:27:9f:25:d2:
a1:93:c8:f6:5a:a7:e7:1a:f8:c8:4b:6b:d6:b2:31:
73:b9:e3:22:31:ff:54:35:6c:ea:3d:2f:00:06:db:
81:81:ad:48:46:5a:7b:cd:1a:fb:e0:38:65:29:b4:
8a:2b:56:81:b6:60:49:b1:10:9e:52:76:f5:52:5c:
f3:9e:d8:71:96:45:35:85:4b:95:18:4b:f8:b1:07:
f5:a8:37:b2:e3:fc:aa:44:11:c9:47:e3:ab:cc:94:
d2:b7:23:7b:a1:52:e6:da:eb:d6:19:af:6f:cb:cc:
55:52:a2:93:46:34:bf:4f:f8:85:04:62:08:df:dc:
d7:33:6a:b6:84:45:8f:29:ba:3f:ac:6f:5c:03:2a:
e6:71:51:37:9f:e7:81:a8:cb:b5:44:7a:0c:c5:e8:
3d:0a:aa:97:81:fc:80:57:d8:6a:30:10:12:cf:47:
65:06:9c:37:d8:de:36:f7:bd:22:a8:7f:21:31:f8:
f7:e0:04:af:5f:5c:43:be:da:ed:cb:2a:fd:c7:57:
e9:cf:ec:48:92:ab:ea:62:02:e9:f4:cc:80:75:19:
cb:26:7b:3c:5f:d5:f1:ad:0e:6a:21:10:b7:b1:2d:
83:bb:c1:0c:f6:c3:4c:98:56:15:14:c4:06:3d:81:
3c:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:E9:5C:1D:1A:A7:6F:B7:CD:05:0D:FF:80:64:47:A6:C8:7C:5D:2E
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/1-lcHRqnb7fNBQ3_gGRHpsh8XS4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.186.176.0/22
46.20.216.0/21
82.163.60.0/22
82.163.104.0/21
92.114.44.0/22
Signature Algorithm: sha256WithRSAEncryption
68:7c:8d:a7:81:75:d1:a9:19:c4:6a:20:36:14:49:96:0e:b2:
bc:19:24:86:fc:6e:36:7d:a6:a2:d6:10:84:67:4d:42:ee:ec:
8a:c7:c7:a9:ca:e0:20:85:47:5f:e0:bb:d4:39:a9:fb:12:b2:
66:50:6d:de:f2:ae:14:92:e1:b6:60:97:ad:54:95:72:f7:9a:
78:82:c2:e6:e3:41:31:74:d3:17:e2:11:8e:c6:3c:40:b2:f8:
25:26:0b:67:65:3b:c2:92:ac:59:29:34:3e:6d:ed:5f:57:ad:
41:23:51:c0:8a:64:5a:ec:3e:c6:d8:00:a7:17:4c:e5:d4:9a:
b5:96:34:98:c4:8e:0a:1b:83:59:86:a0:37:30:81:99:87:7d:
e8:63:2a:12:1a:eb:c1:db:7e:6a:79:2b:ef:0a:72:9a:00:79:
d6:2a:31:af:f5:76:47:58:99:1f:f3:41:f7:ac:a4:ad:75:32:
5a:6b:ef:fb:35:96:4d:46:13:8d:66:4f:09:fc:84:db:48:6d:
c4:b4:f2:2c:aa:ce:35:0b:38:71:9e:f7:da:31:96:42:af:ad:
ca:56:ca:9c:56:a1:94:2a:28:ac:9f:94:38:48:e7:08:de:4b:
24:0d:63:68:c7:60:87:55:6c:3c:dc:fb:b9:f1:b0:19:c3:e8:
2a:e5:91:00
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYxaR4f9EN6OET95dZYe2Q/1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMxMjExMTkwODA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2U5NWMxZDFhYTc2ZmI3Y2QwNTBkZmY4MDY0NDdhNmM4N2M1ZDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs3DEmK7rIBCpsCefJdKhk8j2Wqfn
GvjIS2vWsjFzueMiMf9UNWzqPS8ABtuBga1IRlp7zRr74DhlKbSKK1aBtmBJsRCe
Unb1UlzznthxlkU1hUuVGEv4sQf1qDey4/yqRBHJR+OrzJTStyN7oVLm2uvWGa9v
y8xVUqKTRjS/T/iFBGII39zXM2q2hEWPKbo/rG9cAyrmcVE3n+eBqMu1RHoMxeg9
CqqXgfyAV9hqMBASz0dlBpw32N42970iqH8hMfj34ASvX1xDvtrtyyr9x1fpz+xI
kqvqYgLp9MyAdRnLJns8X9XxrQ5qIRC3sS2Du8EM9sNMmFYVFMQGPYE8FwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNfpXB0ap2+3zQUN/4BkR6bIfF0uMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvMS1sY0hScW5iN2ZOQlEzX2dHUkhwc2g4WFM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCH7qwAwQD
LhTYAwQCUqM8AwQDUqNoAwQCXHIsMA0GCSqGSIb3DQEBCwUAA4IBAQBofI2ngXXR
qRnEaiA2FEmWDrK8GSSG/G42faai1hCEZ01C7uyKx8epyuAghUdf4LvUOan7ErJm
UG3e8q4UkuG2YJetVJVy95p4gsLm40ExdNMX4hGOxjxAsvglJgtnZTvCkqxZKTQ+
be1fV61BI1HAimRa7D7G2ACnF0zl1Jq1ljSYxI4KG4NZhqA3MIGZh33oYyoSGuvB
235qeSvvCnKaAHnWKjGv9XZHWJkf80H3rKStdTJaa+/7NZZNRhONZk8J/ITbSG3E
tPIsqs41CzhxnvfaMZZCr63KVsqcVqGUKiisn5Q4SOcI3kskDWNox2CHVWw83Pu5
8bAZw+gq5ZEA
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:46 2024 by rpki-client on console-ams.rpki-client.org