Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/Hhn5BzPtotV3vns0D4r5c5bTG90.roa
File: Hhn5BzPtotV3vns0D4r5c5bTG90.roa (raw, json)
Hash identifier: SGNC+zjLk1HTpeBunCTbj0yJgnod6csWRW0GKAycHDk=
Subject key identifier: 1E:19:F9:07:33:ED:A2:D5:77:BE:7B:34:0F:8A:F9:73:96:D3:1B:DD
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018A3BA230F88F6D93547F5F2F4B500FD611
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/Hhn5BzPtotV3vns0D4r5c5bTG90.roa
Signing time: Mon 28 Aug 2023 10:13:19 +0000
ROA not before: Mon 28 Aug 2023 10:13:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5065
IP address blocks: 82.163.168.0/22 maxlen: 24
188.215.120.0/22 maxlen: 24
82.163.224.0/22 maxlen: 24
46.20.212.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 28 Aug 2023 19:55:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:3b:a2:30:f8:8f:6d:93:54:7f:5f:2f:4b:50:0f:d6:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Aug 28 10:13:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1e19f90733eda2d577be7b340f8af97396d31bdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:fa:8b:33:83:39:2c:b3:0f:19:c9:f3:28:bd:
69:7c:10:a7:6b:5d:ae:52:7e:af:0d:2d:80:a9:03:
ba:45:4b:a4:0b:2d:7f:c4:4c:00:bc:22:86:1c:e9:
97:81:1e:ac:e9:dc:9b:65:a7:25:9f:d4:1a:4b:bc:
52:ee:8c:34:d3:3c:46:86:32:c2:8b:74:38:07:16:
6e:f8:19:6b:1e:27:f6:c1:5c:98:e7:cb:f3:ee:a8:
56:27:3c:a3:03:54:a6:d2:4e:eb:bf:33:c7:12:9b:
b3:a5:55:68:69:52:b7:21:91:83:04:2d:ce:23:23:
43:5c:3e:47:e9:67:05:c6:33:e3:6c:eb:e7:39:bd:
7e:34:25:75:ab:1c:b6:2f:7a:3e:ce:d5:45:60:98:
fe:df:71:de:32:96:0f:2a:69:67:aa:4c:8a:91:d2:
20:eb:bc:cb:01:ae:13:10:f4:82:e9:a8:23:e8:ed:
05:98:96:4f:f5:6e:65:c0:95:a5:ab:ef:b0:db:b5:
86:61:ef:9f:0e:ee:0f:c8:e1:6a:8f:6d:60:7b:db:
ff:07:79:b1:76:ea:98:43:ef:1a:81:73:44:ff:d9:
00:a6:99:af:bb:98:75:5e:04:58:e2:ac:9b:8e:16:
33:8d:2f:6f:d7:15:18:3c:2b:e7:63:7a:43:81:14:
68:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:19:F9:07:33:ED:A2:D5:77:BE:7B:34:0F:8A:F9:73:96:D3:1B:DD
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/Hhn5BzPtotV3vns0D4r5c5bTG90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.212.0/22
82.163.168.0/22
82.163.224.0/22
188.215.120.0/22
Signature Algorithm: sha256WithRSAEncryption
97:ba:d5:67:d9:c3:68:80:98:e7:18:ae:e0:3d:be:6f:e6:47:
09:f7:cd:ab:d0:71:21:c5:52:6f:b5:4c:35:3f:d3:b2:26:8e:
87:c4:47:ce:d9:c6:aa:93:a6:67:2f:c5:a3:5c:9f:9c:84:0c:
26:7e:b4:53:34:6e:d0:2a:ce:e2:2f:37:f6:50:72:9d:b1:88:
10:5a:6b:a3:86:f6:f5:72:d8:6a:1f:7d:c6:bd:f7:7d:75:2e:
61:4e:38:8c:6c:30:05:f3:26:2a:54:d5:23:46:e8:e0:3d:43:
19:5c:2c:30:9a:d3:cf:4d:59:f9:f3:b5:cf:01:15:d9:b9:7d:
9b:8e:f6:dd:6c:80:fd:d7:10:40:6b:cd:de:b3:d7:4f:a1:88:
08:2a:3c:c0:03:43:e1:07:f0:83:40:d0:64:0d:e7:e8:dd:09:
49:b5:c4:4d:1f:b3:9d:4d:c6:6b:6d:d5:4f:b9:90:04:30:4e:
ea:16:bd:a2:c3:11:15:c4:89:da:6d:89:3a:97:66:8f:db:bb:
78:ed:24:a9:d2:b0:2d:07:c4:aa:89:e0:a8:a8:0e:b8:dc:df:
de:04:cf:a2:c9:29:28:6d:3d:b2:3a:e4:9c:aa:e3:1c:43:54:
70:3b:f9:16:49:9f:89:c2:b5:78:d3:96:04:cc:d0:a0:78:df:
70:8f:61:09
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYo7ojD4j22TVH9fL0tQD9YRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMwODI4MTAxMzE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTE5ZjkwNzMzZWRhMmQ1NzdiZTdiMzQwZjhhZjk3Mzk2ZDMxYmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgfqLM4M5LLMPGcnzKL1pfBCna12u
Un6vDS2AqQO6RUukCy1/xEwAvCKGHOmXgR6s6dybZacln9QaS7xS7ow00zxGhjLC
i3Q4BxZu+BlrHif2wVyY58vz7qhWJzyjA1Sm0k7rvzPHEpuzpVVoaVK3IZGDBC3O
IyNDXD5H6WcFxjPjbOvnOb1+NCV1qxy2L3o+ztVFYJj+33HeMpYPKmlnqkyKkdIg
67zLAa4TEPSC6agj6O0FmJZP9W5lwJWlq++w27WGYe+fDu4PyOFqj21ge9v/B3mx
duqYQ+8agXNE/9kAppmvu5h1XgRY4qybjhYzjS9v1xUYPCvnY3pDgRRoMQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFB4Z+Qcz7aLVd757NA+K+XOW0xvdMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvSGhuNUJ6UHRvdFYzdm5zMEQ0cjVjNWJURzkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCLhTUAwQC
UqOoAwQCUqPgAwQCvNd4MA0GCSqGSIb3DQEBCwUAA4IBAQCXutVn2cNogJjnGK7g
Pb5v5kcJ982r0HEhxVJvtUw1P9OyJo6HxEfO2caqk6ZnL8WjXJ+chAwmfrRTNG7Q
Ks7iLzf2UHKdsYgQWmujhvb1cthqH33Gvfd9dS5hTjiMbDAF8yYqVNUjRujgPUMZ
XCwwmtPPTVn587XPARXZuX2bjvbdbID91xBAa83es9dPoYgIKjzAA0PhB/CDQNBk
Defo3QlJtcRNH7OdTcZrbdVPuZAEME7qFr2iwxEVxInabYk6l2aP27t47SSp0rAt
B8SqieCoqA643N/eBM+iySkobT2yOuScquMcQ1RwO/kWSZ+JwrV405YEzNCgeN9w
j2EJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:47 2024 by rpki-client on console-ams.rpki-client.org