Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/1-qt8iLXotjEn5VQx7ljvWqdDn-c.roa
File: 1-qt8iLXotjEn5VQx7ljvWqdDn-c.roa (raw, json)
Hash identifier: 6rBgtvCrwgNDKHrRXPhmQa9Q+YVHTHdo9c4kEqDQK5I=
Subject key identifier: FA:AB:7C:88:B5:E8:B6:31:27:E5:54:31:EE:58:EF:5A:A7:43:9F:E7
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0186A164E44D98FB20801C64E747C5CA0B3B
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/1-qt8iLXotjEn5VQx7ljvWqdDn-c.roa
Signing time: Thu 02 Mar 2023 08:16:29 +0000
ROA not before: Thu 02 Mar 2023 08:16:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 54339
IP address blocks: 46.20.216.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a1:64:e4:4d:98:fb:20:80:1c:64:e7:47:c5:ca:0b:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Mar 2 08:16:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=faab7c88b5e8b63127e55431ee58ef5aa7439fe7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:37:83:61:68:c8:68:1c:c8:2a:5b:ab:04:d2:
3c:b8:fb:8e:09:18:53:7e:15:f6:1d:32:b0:3e:14:
d1:c5:42:40:71:2a:9f:ff:e1:dc:44:30:5c:33:a1:
ea:9f:89:72:e2:bd:21:9a:3a:e7:51:86:a2:98:3c:
85:4c:62:b6:7c:45:fb:db:61:50:e1:52:38:1a:f6:
1a:4b:ac:b6:44:23:30:02:9e:6d:0c:7d:b7:fa:77:
a5:9a:6a:6c:86:8d:cc:39:71:03:e0:0f:c8:58:dc:
af:3b:20:c3:7e:2b:b0:5c:53:e5:ed:cf:de:b8:8b:
f0:16:21:76:0c:ec:bc:ca:0d:21:19:db:9c:21:52:
ba:05:71:28:53:9a:e0:0e:88:5f:55:58:2c:df:fc:
3e:05:1a:cb:b5:fd:b2:26:3c:0e:bd:a9:ff:ed:70:
7d:09:5e:01:c9:4d:0f:b0:82:67:06:44:39:e4:f8:
1d:39:7e:cb:68:3b:b3:e4:c8:b0:4b:b7:fb:6a:0f:
a0:dc:45:b1:78:f2:bc:fe:23:d0:da:07:ad:e1:75:
c4:33:24:ac:d0:c2:6a:b2:18:92:d6:ef:db:3c:28:
57:1e:b4:02:c8:fe:ab:d3:d4:b2:eb:00:ed:d6:00:
09:92:e8:80:17:f1:fd:e3:2f:46:e5:69:65:7d:69:
c0:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:AB:7C:88:B5:E8:B6:31:27:E5:54:31:EE:58:EF:5A:A7:43:9F:E7
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/1-qt8iLXotjEn5VQx7ljvWqdDn-c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.216.0/21
Signature Algorithm: sha256WithRSAEncryption
49:2c:7e:cf:a0:10:89:de:c2:04:0f:8f:3c:9d:6f:d4:68:15:
bc:ab:91:d5:b6:b9:6c:bc:58:b4:69:0a:43:a8:37:cf:bb:8a:
7a:2b:07:42:54:a0:9c:03:01:20:20:3a:8b:d9:cc:27:0d:9a:
18:43:5e:7a:04:5c:8a:37:03:a3:32:cd:99:43:dd:bb:89:55:
82:b1:02:fb:54:91:2a:07:f0:4b:0a:ef:ae:97:dc:da:64:3f:
bf:73:2e:e5:f0:d1:db:86:7b:a3:58:c5:40:5e:a8:79:7e:c2:
6f:ee:36:1e:9c:41:3e:37:e8:7d:a5:d3:93:41:42:73:d2:18:
1d:27:1b:ad:e6:76:f5:3a:c7:ab:eb:3f:d7:5f:41:2a:17:a1:
42:82:eb:36:42:38:34:4b:9c:31:aa:54:29:dd:aa:42:96:68:
cd:b1:ff:09:55:10:a5:83:a6:fb:06:fe:2f:4e:7b:f5:12:ef:
35:ca:a0:6d:bb:e8:cf:6c:0c:b2:f7:ef:12:db:62:64:b0:fb:
39:94:05:00:c0:9b:cd:e1:ff:f5:2c:e5:4f:c2:ab:b9:b0:78:
0f:99:80:1f:a8:78:20:4c:f7:d8:a8:ec:6d:d6:10:83:4b:76:
74:92:dd:bc:c8:b6:39:f5:a3:c6:66:7f:41:79:39:62:cc:a7:
a1:7c:37:c7
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYahZORNmPsggBxk50fFygs7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMwMzAyMDgxNjI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWFiN2M4OGI1ZThiNjMxMjdlNTU0MzFlZTU4ZWY1YWE3NDM5ZmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlTeDYWjIaBzIKlurBNI8uPuOCRhT
fhX2HTKwPhTRxUJAcSqf/+HcRDBcM6Hqn4ly4r0hmjrnUYaimDyFTGK2fEX722FQ
4VI4GvYaS6y2RCMwAp5tDH23+nelmmpsho3MOXED4A/IWNyvOyDDfiuwXFPl7c/e
uIvwFiF2DOy8yg0hGducIVK6BXEoU5rgDohfVVgs3/w+BRrLtf2yJjwOvan/7XB9
CV4ByU0PsIJnBkQ55PgdOX7LaDuz5MiwS7f7ag+g3EWxePK8/iPQ2get4XXEMySs
0MJqshiS1u/bPChXHrQCyP6r09Sy6wDt1gAJkuiAF/H94y9G5WllfWnAIwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPqrfIi16LYxJ+VUMe5Y71qnQ5/nMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvMS1xdDhpTFhvdGpFbjVWUXg3bGp2V3FkRG4tYy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvNjZmMDVjLTc0MWMtNDcyMC1iYzdlLTg5NzE0YTdlOGQ1
OC8xL2hzemdibkRmbHcyUXFfNDh2bi1vZ3ZSbnNlUS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAy4U2DAN
BgkqhkiG9w0BAQsFAAOCAQEASSx+z6AQid7CBA+PPJ1v1GgVvKuR1ba5bLxYtGkK
Q6g3z7uKeisHQlSgnAMBICA6i9nMJw2aGENeegRcijcDozLNmUPdu4lVgrEC+1SR
KgfwSwrvrpfc2mQ/v3Mu5fDR24Z7o1jFQF6oeX7Cb+42HpxBPjfofaXTk0FCc9IY
HScbreZ29TrHq+s/119BKhehQoLrNkI4NEucMapUKd2qQpZozbH/CVUQpYOm+wb+
L0579RLvNcqgbbvoz2wMsvfvEttiZLD7OZQFAMCbzeH/9SzlT8KrubB4D5mAH6h4
IEz32KjsbdYQg0t2dJLdvMi2OfWjxmZ/QXk5YsynoXw3xw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:35 2024 by rpki-client on console-fra.rpki-client.org