Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/5bR28nOwst74t9YFkKgqTGjlEIc.roa
File: 5bR28nOwst74t9YFkKgqTGjlEIc.roa (raw, json)
Hash identifier: laNdP+jfyzbGc9HumoLapLqiJbpxxuRFlfRrclJfpzY=
Subject key identifier: E5:B4:76:F2:73:B0:B2:DE:F8:B7:D6:05:90:A8:2A:4C:68:E5:10:87
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0188A45EBD7492DC93107E75BABF356CB17D
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/5bR28nOwst74t9YFkKgqTGjlEIc.roa
Signing time: Sat 10 Jun 2023 08:14:12 +0000
ROA not before: Sat 10 Jun 2023 08:14:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 46.20.216.0/21 maxlen: 24
82.163.60.0/22 maxlen: 24
130.255.64.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 27 Jul 2023 20:44:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:a4:5e:bd:74:92:dc:93:10:7e:75:ba:bf:35:6c:b1:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Jun 10 08:14:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e5b476f273b0b2def8b7d60590a82a4c68e51087
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:8e:1f:01:ef:ae:a3:73:85:a7:42:2f:00:e1:
2e:d1:8a:91:8a:19:eb:cc:4c:24:6b:d5:c0:e9:10:
de:69:17:2e:45:a4:53:e8:e2:13:9e:e9:f2:10:ac:
a7:72:cb:c5:7f:af:a9:78:ed:ec:d6:88:93:9d:f3:
59:99:7f:f2:65:91:97:a9:fe:c5:f6:46:9a:5a:b4:
21:e8:6e:6b:86:29:45:0b:76:fa:66:20:80:1e:b7:
44:b5:81:63:03:81:ac:cc:85:89:2b:2e:10:d6:eb:
e8:48:bf:9d:1b:b6:0f:85:b2:c7:93:de:d1:9b:e7:
c1:d7:9e:8a:c0:a8:a2:14:68:5a:e3:fc:51:21:db:
77:de:d4:b7:7d:75:47:da:64:6e:42:ea:35:1b:75:
c7:b6:1b:57:77:ca:ba:27:ec:73:66:36:8c:6d:93:
ab:dc:82:b1:c1:99:f0:23:b1:71:89:7d:57:99:36:
79:99:a0:b7:e8:89:b4:f9:01:c4:06:2a:ac:83:fd:
a4:53:af:5e:84:dc:d6:07:7d:86:dd:d7:4d:7a:7f:
96:70:34:2e:8b:a3:2c:81:8d:67:c7:22:bd:d6:ef:
d3:ed:8e:51:14:76:bd:34:2b:14:f6:c1:4f:e5:92:
c8:94:17:ec:69:bf:fb:a6:48:c7:f9:94:7b:3e:8d:
50:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:B4:76:F2:73:B0:B2:DE:F8:B7:D6:05:90:A8:2A:4C:68:E5:10:87
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/5bR28nOwst74t9YFkKgqTGjlEIc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.216.0/21
82.163.60.0/22
130.255.64.0/22
Signature Algorithm: sha256WithRSAEncryption
8b:7b:aa:ae:d8:26:62:49:25:71:43:bc:29:11:8d:6b:48:62:
87:4d:c1:9f:f1:35:ba:7a:59:d1:02:5e:ba:94:a5:85:bc:7d:
78:da:b9:a8:95:be:bd:61:d5:d6:a5:a3:8e:3a:de:ef:86:51:
8d:cb:4c:a0:de:a6:a2:81:f2:78:c3:61:5b:e9:1b:ec:77:50:
dc:c4:6c:bc:39:f3:d8:83:27:64:4c:af:32:92:e7:7d:e8:33:
9f:bc:a2:55:02:c4:b0:7f:5c:2a:c9:28:59:99:d6:7e:38:c5:
3a:64:34:b7:81:5b:2c:c0:00:1b:bf:34:fe:6a:6b:3a:fc:fc:
06:2f:05:05:b9:9f:44:50:42:72:aa:5e:60:17:02:92:d9:2e:
6e:e9:35:8a:1e:74:15:bf:d4:54:08:54:77:74:95:ce:46:dd:
2c:2d:aa:3d:ad:3f:3d:45:74:87:c8:0a:3f:2c:4f:32:31:18:
46:9f:0c:ee:75:c6:cc:83:14:af:95:85:d3:d1:42:22:d9:a5:
2d:81:78:32:5f:7e:97:3b:e2:82:96:0d:1a:b6:94:24:89:ff:
2a:c4:00:28:cb:2c:71:07:a6:93:fa:a9:aa:8e:44:b2:22:ad:
41:d0:00:ed:b8:fd:da:d1:54:b3:ce:b9:fc:5f:10:ee:94:f2:
d9:7c:c3:6c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYikXr10ktyTEH51ur81bLF9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMwNjEwMDgxNDEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWI0NzZmMjczYjBiMmRlZjhiN2Q2MDU5MGE4MmE0YzY4ZTUxMDg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnI4fAe+uo3OFp0IvAOEu0YqRihnr
zEwka9XA6RDeaRcuRaRT6OITnunyEKyncsvFf6+peO3s1oiTnfNZmX/yZZGXqf7F
9kaaWrQh6G5rhilFC3b6ZiCAHrdEtYFjA4GszIWJKy4Q1uvoSL+dG7YPhbLHk97R
m+fB156KwKiiFGha4/xRIdt33tS3fXVH2mRuQuo1G3XHthtXd8q6J+xzZjaMbZOr
3IKxwZnwI7FxiX1XmTZ5maC36Im0+QHEBiqsg/2kU69ehNzWB32G3ddNen+WcDQu
i6MsgY1nxyK91u/T7Y5RFHa9NCsU9sFP5ZLIlBfsab/7pkjH+ZR7Po1QwwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOW0dvJzsLLe+LfWBZCoKkxo5RCHMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvNWJSMjhuT3dzdDc0dDlZRmtLZ3FUR2psRUljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDLhTYAwQC
UqM8AwQCgv9AMA0GCSqGSIb3DQEBCwUAA4IBAQCLe6qu2CZiSSVxQ7wpEY1rSGKH
TcGf8TW6elnRAl66lKWFvH142rmolb69YdXWpaOOOt7vhlGNy0yg3qaigfJ4w2Fb
6Rvsd1DcxGy8OfPYgydkTK8ykud96DOfvKJVAsSwf1wqyShZmdZ+OMU6ZDS3gVss
wAAbvzT+ams6/PwGLwUFuZ9EUEJyql5gFwKS2S5u6TWKHnQVv9RUCFR3dJXORt0s
Lao9rT89RXSHyAo/LE8yMRhGnwzudcbMgxSvlYXT0UIi2aUtgXgyX36XO+KClg0a
tpQkif8qxAAoyyxxB6aT+qmqjkSyIq1B0ADtuP3a0VSzzrn8XxDulPLZfMNs
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:46 2024 by rpki-client on console-ams.rpki-client.org