Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/3qRubFXrIxLbhPNBsNe4hBmhJvU.roa
File: 3qRubFXrIxLbhPNBsNe4hBmhJvU.roa (raw, json)
Hash identifier: vqGcfeCITrcToTSJ3lNOoQ35/U9LsoeFdzQdtn+bSno=
Subject key identifier: DE:A4:6E:6C:55:EB:23:12:DB:84:F3:41:B0:D7:B8:84:19:A1:26:F5
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 01897C8659B7795CCA639425E853C3AA1D92
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/3qRubFXrIxLbhPNBsNe4hBmhJvU.roa
Signing time: Sat 22 Jul 2023 07:35:26 +0000
ROA not before: Sat 22 Jul 2023 07:35:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 82.163.168.0/22 maxlen: 24
92.114.40.0/22 maxlen: 24
82.163.224.0/22 maxlen: 24
130.255.68.0/22 maxlen: 24
31.186.176.0/22 maxlen: 24
46.20.210.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 27 Jul 2023 08:39:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:7c:86:59:b7:79:5c:ca:63:94:25:e8:53:c3:aa:1d:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Jul 22 07:35:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dea46e6c55eb2312db84f341b0d7b88419a126f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:f9:9d:2c:38:aa:66:8d:83:37:d2:5b:65:7b:
05:e7:2c:9c:d2:00:35:d4:ed:ed:35:93:d5:60:69:
4c:52:fe:a0:ff:76:24:aa:f5:c3:b3:c6:cc:c4:69:
da:65:48:9b:9d:48:b4:0a:20:6d:37:dc:77:92:5c:
46:f3:f5:b7:6d:59:01:cf:eb:e7:50:37:3b:98:9d:
36:21:50:7c:76:53:09:fd:03:23:0d:39:cf:c4:6e:
b7:e2:ea:c6:99:a3:7c:07:d8:e7:0f:9e:21:5e:36:
60:17:a2:21:e9:f8:99:00:f6:5d:48:3e:9b:95:5d:
a2:cb:7d:07:52:07:61:6a:e4:d6:d4:ee:7b:d1:67:
7d:2b:33:bf:17:96:f6:94:90:f2:45:3c:a5:93:b9:
fc:b8:ec:b7:2b:45:70:25:35:dd:3c:7f:d1:7d:64:
ae:0a:ab:0a:55:6b:64:d9:6e:b8:e1:9b:73:0f:1f:
b5:0b:a1:04:ec:ec:a9:6d:1c:79:21:a3:a2:ff:ed:
cd:20:54:4f:18:cd:eb:58:c5:59:f3:e5:80:10:cc:
03:7c:f8:d4:2f:33:ea:8a:11:d7:32:5e:64:5c:90:
0a:86:96:c1:2a:0c:7a:8f:7d:bd:99:17:87:3e:1b:
17:4b:6f:6e:8d:9b:83:99:46:fa:77:53:22:48:59:
a0:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:A4:6E:6C:55:EB:23:12:DB:84:F3:41:B0:D7:B8:84:19:A1:26:F5
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/3qRubFXrIxLbhPNBsNe4hBmhJvU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.186.176.0/22
46.20.210.0/23
82.163.168.0/22
82.163.224.0/22
92.114.40.0/22
130.255.68.0/22
Signature Algorithm: sha256WithRSAEncryption
2e:61:e0:04:85:43:82:aa:b1:df:53:b9:b8:28:3a:86:40:66:
d3:84:a5:aa:77:a6:f3:ba:9d:2c:f7:05:3c:da:ae:c8:c4:03:
6f:21:be:21:08:3b:ab:a4:e5:31:97:45:a7:10:07:9f:a7:47:
b6:9f:87:97:f3:4d:2d:30:16:e0:da:93:6f:76:ae:c8:75:62:
ff:04:21:48:82:45:5a:83:a0:f6:42:95:64:94:ac:e7:64:d7:
3e:8d:4c:ea:5a:29:fe:9d:72:0c:86:71:b9:51:fa:83:90:40:
19:9f:dd:83:50:7c:d1:c1:1e:4f:c3:f2:04:68:59:b5:94:da:
91:e6:6f:dc:ac:a4:a6:0e:ca:85:14:3b:52:0d:0b:60:26:43:
2f:88:f5:3a:a6:93:c3:1c:ee:59:e7:22:a0:d4:26:00:b3:5b:
04:33:c6:94:4a:75:3f:9b:30:1e:c1:96:12:fa:d7:77:20:55:
3a:7e:09:3b:88:fa:fb:68:7d:03:0c:22:4b:77:84:79:41:74:
b5:6f:65:42:e2:e4:b4:20:ce:80:b4:95:37:04:6b:12:29:e5:
a0:35:1c:63:8b:60:ff:01:3d:92:e8:d8:f9:23:b3:24:92:7f:
d2:95:d7:8a:05:3f:f2:44:59:47:fc:f9:16:68:82:a9:23:b1:
61:32:90:25
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYl8hlm3eVzKY5Ql6FPDqh2SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMwNzIyMDczNTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWE0NmU2YzU1ZWIyMzEyZGI4NGYzNDFiMGQ3Yjg4NDE5YTEyNmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh/mdLDiqZo2DN9JbZXsF5yyc0gA1
1O3tNZPVYGlMUv6g/3YkqvXDs8bMxGnaZUibnUi0CiBtN9x3klxG8/W3bVkBz+vn
UDc7mJ02IVB8dlMJ/QMjDTnPxG634urGmaN8B9jnD54hXjZgF6Ih6fiZAPZdSD6b
lV2iy30HUgdhauTW1O570Wd9KzO/F5b2lJDyRTylk7n8uOy3K0VwJTXdPH/RfWSu
CqsKVWtk2W644ZtzDx+1C6EE7OypbRx5IaOi/+3NIFRPGM3rWMVZ8+WAEMwDfPjU
LzPqihHXMl5kXJAKhpbBKgx6j329mReHPhsXS29ujZuDmUb6d1MiSFmguwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFN6kbmxV6yMS24TzQbDXuIQZoSb1MB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvM3FSdWJGWHJJeExiaFBOQnNOZTRoQm1oSnZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCH7qwAwQB
LhTSAwQCUqOoAwQCUqPgAwQCXHIoAwQCgv9EMA0GCSqGSIb3DQEBCwUAA4IBAQAu
YeAEhUOCqrHfU7m4KDqGQGbThKWqd6bzup0s9wU82q7IxANvIb4hCDurpOUxl0Wn
EAefp0e2n4eX800tMBbg2pNvdq7IdWL/BCFIgkVag6D2QpVklKznZNc+jUzqWin+
nXIMhnG5UfqDkEAZn92DUHzRwR5Pw/IEaFm1lNqR5m/crKSmDsqFFDtSDQtgJkMv
iPU6ppPDHO5Z5yKg1CYAs1sEM8aUSnU/mzAewZYS+td3IFU6fgk7iPr7aH0DDCJL
d4R5QXS1b2VC4uS0IM6AtJU3BGsSKeWgNRxji2D/AT2S6Nj5I7Mkkn/SldeKBT/y
RFlH/PkWaIKpI7FhMpAl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:35 2024 by rpki-client on console-fra.rpki-client.org