Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/BC-Mh6BXwfYVQfWymvtcJmqCFCw.roa
File: BC-Mh6BXwfYVQfWymvtcJmqCFCw.roa (raw, json)
Hash identifier: /C5rta5RMdzVmIRXSdNu8OOZ/Y3F21QPHGoUQPIp8s4=
Subject key identifier: 04:2F:8C:87:A0:57:C1:F6:15:41:F5:B2:9A:FB:5C:26:6A:82:14:2C
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 01887153698F58D4535F9DCC87B5F130377B
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/BC-Mh6BXwfYVQfWymvtcJmqCFCw.roa
Signing time: Wed 31 May 2023 10:21:11 +0000
ROA not before: Wed 31 May 2023 10:21:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 92.114.40.0/22 maxlen: 24
130.255.64.0/22 maxlen: 24
82.163.224.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 01 Jun 2023 06:29:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:71:53:69:8f:58:d4:53:5f:9d:cc:87:b5:f1:30:37:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: May 31 10:21:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=042f8c87a057c1f61541f5b29afb5c266a82142c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:8f:a9:32:53:24:21:fc:76:eb:23:b8:03:c9:
4d:d7:8b:04:a6:4d:e9:b6:06:19:a6:49:96:54:f1:
63:54:3d:c7:36:ff:9d:04:8c:38:84:bc:18:86:6a:
09:61:52:1a:f1:c7:c6:2f:1b:89:8b:5c:c0:bb:b3:
5a:e4:64:39:91:71:84:8a:0d:fe:ce:c1:28:d9:82:
c4:27:7a:fa:dc:98:d5:1d:10:fa:fc:de:ae:f9:b7:
16:92:53:56:e2:10:fa:28:f2:71:c9:7f:ac:9b:bc:
b5:70:f3:07:e4:ba:f7:ce:27:fa:db:64:3b:5e:a8:
97:c4:e9:e2:58:fe:08:08:1e:62:22:f8:58:71:c7:
5c:cc:15:92:c7:0c:fa:a8:14:f0:e1:b2:3d:0d:b4:
8f:1f:0b:c0:8c:3f:6f:69:28:84:cc:46:84:3b:cd:
ce:19:92:63:dc:0a:ef:ea:9b:f9:6e:e2:16:0b:0b:
d1:d0:50:28:01:2c:83:82:4c:39:5f:17:0c:4f:c0:
dd:e4:49:81:ad:24:59:d1:80:91:ae:f3:b2:b3:31:
85:46:54:54:ce:f3:c5:b5:bd:cd:df:6e:1e:34:d4:
2a:e6:a1:26:53:55:1f:4e:f2:f2:01:2b:64:86:e7:
ca:df:76:01:ce:45:d2:36:d5:8f:70:b2:aa:b7:96:
f3:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:2F:8C:87:A0:57:C1:F6:15:41:F5:B2:9A:FB:5C:26:6A:82:14:2C
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/BC-Mh6BXwfYVQfWymvtcJmqCFCw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.163.224.0/22
92.114.40.0/22
130.255.64.0/22
Signature Algorithm: sha256WithRSAEncryption
66:5e:71:20:66:ad:f0:6d:5e:6d:c1:6f:97:8b:16:6c:13:f3:
38:a1:2f:14:5e:d0:20:ee:a5:56:5c:82:0d:4a:93:d0:8e:30:
e3:cc:f4:a5:1d:27:13:18:e4:47:8f:68:99:92:b0:cc:dd:5e:
e3:26:41:07:2a:c8:bb:70:b8:75:97:29:e5:ad:7d:93:01:b0:
d5:cb:0c:d5:3c:10:a7:dc:5f:58:cd:f3:46:7b:99:9c:78:80:
c6:79:f2:52:d3:d5:86:35:fb:ff:94:e1:51:e8:65:89:c1:da:
f4:cf:56:f0:ee:55:21:e5:b1:c3:1b:c7:ba:95:c5:8a:b1:ef:
91:39:39:26:ad:37:0f:79:e8:22:12:42:e6:a0:f1:a4:97:d6:
ea:cf:fa:61:e2:1e:f9:61:e6:54:63:9a:ec:10:c6:64:74:87:
b1:6f:23:d0:26:83:5e:30:ad:8a:43:7c:af:27:08:3f:17:fe:
6f:fe:a7:08:ef:a9:f9:a5:d2:07:0c:1a:b5:98:56:8c:32:d1:
97:5b:eb:f5:6c:1a:14:ed:ec:fc:ae:79:bf:7d:1d:44:94:aa:
9a:17:a2:2a:c5:f8:9c:86:8c:af:97:7c:58:a6:65:bb:c1:10:
c5:ec:ec:81:0f:55:e2:b2:98:5e:e3:35:40:de:0f:af:a7:96:
7a:6c:6b:7a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYhxU2mPWNRTX53Mh7XxMDd7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMwNTMxMTAyMTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDJmOGM4N2EwNTdjMWY2MTU0MWY1YjI5YWZiNWMyNjZhODIxNDJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkY+pMlMkIfx26yO4A8lN14sEpk3p
tgYZpkmWVPFjVD3HNv+dBIw4hLwYhmoJYVIa8cfGLxuJi1zAu7Na5GQ5kXGEig3+
zsEo2YLEJ3r63JjVHRD6/N6u+bcWklNW4hD6KPJxyX+sm7y1cPMH5Lr3zif622Q7
XqiXxOniWP4ICB5iIvhYccdczBWSxwz6qBTw4bI9DbSPHwvAjD9vaSiEzEaEO83O
GZJj3Arv6pv5buIWCwvR0FAoASyDgkw5XxcMT8Dd5EmBrSRZ0YCRrvOyszGFRlRU
zvPFtb3N324eNNQq5qEmU1UfTvLyAStkhufK33YBzkXSNtWPcLKqt5bzYwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAQvjIegV8H2FUH1spr7XCZqghQsMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvQkMtTWg2Qlh3ZllWUWZXeW12dGNKbXFDRkN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCUqPgAwQC
XHIoAwQCgv9AMA0GCSqGSIb3DQEBCwUAA4IBAQBmXnEgZq3wbV5twW+XixZsE/M4
oS8UXtAg7qVWXIINSpPQjjDjzPSlHScTGORHj2iZkrDM3V7jJkEHKsi7cLh1lynl
rX2TAbDVywzVPBCn3F9YzfNGe5mceIDGefJS09WGNfv/lOFR6GWJwdr0z1bw7lUh
5bHDG8e6lcWKse+ROTkmrTcPeegiEkLmoPGkl9bqz/ph4h75YeZUY5rsEMZkdIex
byPQJoNeMK2KQ3yvJwg/F/5v/qcI76n5pdIHDBq1mFaMMtGXW+v1bBoU7ez8rnm/
fR1ElKqaF6Iqxfichoyvl3xYpmW7wRDF7OyBD1Xisphe4zVA3g+vp5Z6bGt6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:47 2024 by rpki-client on console-ams.rpki-client.org