Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/4qht6lMn8YiKy5PoeaNndb6tjtE.roa
File: 4qht6lMn8YiKy5PoeaNndb6tjtE.roa (raw, json)
Hash identifier: rNSWbFaS+aDOt6O+GHDRC98g+XxAsnEqnQE68/n1hkA=
Subject key identifier: E2:A8:6D:EA:53:27:F1:88:8A:CB:93:E8:79:A3:67:75:BE:AD:8E:D1
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 01899680C04AF5501C0D8F796207C47E70AD
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/4qht6lMn8YiKy5PoeaNndb6tjtE.roa
Signing time: Thu 27 Jul 2023 08:39:27 +0000
ROA not before: Thu 27 Jul 2023 08:39:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 82.163.168.0/22 maxlen: 24
92.114.40.0/22 maxlen: 24
82.163.224.0/22 maxlen: 24
130.255.68.0/22 maxlen: 24
31.186.176.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 27 Jul 2023 20:44:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:96:80:c0:4a:f5:50:1c:0d:8f:79:62:07:c4:7e:70:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Jul 27 08:39:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e2a86dea5327f1888acb93e879a36775bead8ed1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:df:05:50:c9:5c:a7:e6:4a:d8:40:e0:23:e9:
bb:33:af:c5:33:4a:b3:ba:43:d8:95:28:25:1c:53:
cc:fa:f8:19:8a:2c:d9:5e:dc:53:ef:33:60:e0:f8:
00:dc:ea:4a:c5:e8:62:a0:fe:ff:cf:33:be:b8:50:
1d:2a:fd:ad:74:e6:ae:b4:4c:dd:da:a7:c3:99:a4:
6d:1f:61:4c:30:c5:6c:34:97:5d:9e:2c:f2:55:44:
3c:f3:a4:31:4d:94:cf:c7:9a:c1:b7:ed:1a:f7:f8:
5c:b8:c2:8f:d1:02:f9:bf:4d:5d:82:8b:40:33:51:
4a:45:9a:1c:fe:c9:fb:81:94:6d:7e:64:b9:cd:3a:
fe:57:68:fe:5a:01:f2:b0:e0:ec:13:0e:d6:af:09:
8e:ec:74:e3:e4:04:1a:76:db:d4:ca:6b:b2:e7:0c:
59:8f:8d:de:f5:12:51:cc:78:e3:3b:e1:7e:5b:e1:
c4:4e:98:9a:da:46:e2:0f:fb:ee:c6:a9:0d:37:8a:
91:6d:db:71:34:16:a0:18:bf:8b:6f:01:98:03:d7:
47:84:81:30:5a:f6:2a:f8:7c:19:ed:f5:9f:1b:2a:
72:e3:3e:61:d9:44:81:65:fc:3f:96:bd:e5:9b:16:
c9:a1:35:bd:3d:d3:c3:9a:ed:b2:ed:26:72:02:8e:
b2:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:A8:6D:EA:53:27:F1:88:8A:CB:93:E8:79:A3:67:75:BE:AD:8E:D1
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/4qht6lMn8YiKy5PoeaNndb6tjtE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.186.176.0/22
82.163.168.0/22
82.163.224.0/22
92.114.40.0/22
130.255.68.0/22
Signature Algorithm: sha256WithRSAEncryption
79:d0:07:69:de:37:9c:c6:31:d3:8c:4f:c3:8c:b4:6a:14:42:
fb:8b:78:dc:4f:c9:36:d9:32:d2:e1:df:2b:06:aa:99:b5:bc:
c5:ad:63:b0:95:48:35:1e:8a:f7:26:da:a3:19:a7:dd:e2:c3:
b1:d1:a5:57:8d:c8:d5:36:41:a3:3f:d1:f8:56:22:b1:da:59:
08:20:79:bd:fe:85:59:60:d4:ef:04:ba:76:2a:42:48:da:64:
e8:9a:e0:be:af:07:52:b8:07:d1:fc:f7:36:1b:db:65:21:bc:
20:13:7e:91:c6:94:3d:f4:c0:6a:a7:79:aa:f5:21:ea:60:26:
70:9a:44:3e:04:0a:d5:5f:63:a9:92:55:58:34:32:57:6f:74:
48:40:39:b1:ec:96:91:b3:7d:d1:7d:d1:07:87:c8:6e:5e:a7:
a3:b7:ed:32:56:49:7d:b8:8e:c5:b3:1f:7a:0b:48:c4:17:28:
3e:7a:1b:3b:e9:44:b3:73:9a:23:90:d5:4a:5c:aa:df:85:9b:
10:ee:08:f5:95:6b:2e:48:1a:42:95:c7:5c:f1:66:3c:a2:2b:
0d:aa:ee:7e:f4:7b:fd:08:93:33:75:91:c4:47:86:03:a6:6d:
8b:a3:d4:93:1d:4f:17:c2:80:5a:a0:ea:a0:c8:75:0b:19:39:
7a:01:0c:f3
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYmWgMBK9VAcDY95YgfEfnCtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMwNzI3MDgzOTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmE4NmRlYTUzMjdmMTg4OGFjYjkzZTg3OWEzNjc3NWJlYWQ4ZWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvd8FUMlcp+ZK2EDgI+m7M6/FM0qz
ukPYlSglHFPM+vgZiizZXtxT7zNg4PgA3OpKxehioP7/zzO+uFAdKv2tdOautEzd
2qfDmaRtH2FMMMVsNJddnizyVUQ886QxTZTPx5rBt+0a9/hcuMKP0QL5v01dgotA
M1FKRZoc/sn7gZRtfmS5zTr+V2j+WgHysODsEw7WrwmO7HTj5AQadtvUymuy5wxZ
j43e9RJRzHjjO+F+W+HETpia2kbiD/vuxqkNN4qRbdtxNBagGL+LbwGYA9dHhIEw
WvYq+HwZ7fWfGypy4z5h2USBZfw/lr3lmxbJoTW9PdPDmu2y7SZyAo6yBQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFOKobepTJ/GIisuT6HmjZ3W+rY7RMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvNHFodDZsTW44WWlLeTVQb2VhTm5kYjZ0anRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCH7qwAwQC
UqOoAwQCUqPgAwQCXHIoAwQCgv9EMA0GCSqGSIb3DQEBCwUAA4IBAQB50Adp3jec
xjHTjE/DjLRqFEL7i3jcT8k22TLS4d8rBqqZtbzFrWOwlUg1Hor3JtqjGafd4sOx
0aVXjcjVNkGjP9H4ViKx2lkIIHm9/oVZYNTvBLp2KkJI2mTomuC+rwdSuAfR/Pc2
G9tlIbwgE36RxpQ99MBqp3mq9SHqYCZwmkQ+BArVX2OpklVYNDJXb3RIQDmx7JaR
s33RfdEHh8huXqejt+0yVkl9uI7Fsx96C0jEFyg+ehs76USzc5ojkNVKXKrfhZsQ
7gj1lWsuSBpClcdc8WY8oisNqu5+9Hv9CJMzdZHER4YDpm2Lo9STHU8XwoBaoOqg
yHULGTl6AQzz
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:46 2024 by rpki-client on console-ams.rpki-client.org