Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/NSvezB2YMDorRjs3sKIJapdXSxg.roa
File: NSvezB2YMDorRjs3sKIJapdXSxg.roa (raw, json)
Hash identifier: oplw3hsWkYd5vI/iccjG0JQ2iVXRZeJyY0PwwSRmxoE=
Subject key identifier: 35:2B:DE:CC:1D:98:30:3A:2B:46:3B:37:B0:A2:09:6A:97:57:4B:18
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0193435F2860A1696B4E2774150479555ABA
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/NSvezB2YMDorRjs3sKIJapdXSxg.roa
Signing time: Tue 19 Nov 2024 07:42:09 +0000
ROA not before: Tue 19 Nov 2024 07:42:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 46.20.212.0/22 maxlen: 24
82.163.96.0/21 maxlen: 24
Validation: Failed, certificate revoked on Tue 19 Nov 2024 11:42:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:43:5f:28:60:a1:69:6b:4e:27:74:15:04:79:55:5a:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Nov 19 07:42:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=352bdecc1d98303a2b463b37b0a2096a97574b18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:52:8b:70:7d:81:4e:dd:4b:5e:a8:ac:40:a3:
ce:1f:b3:16:84:d0:7c:2d:2b:24:30:2b:ec:17:df:
87:2e:d6:6e:8b:77:11:b7:a7:de:84:e1:fa:1b:f4:
90:40:1d:c6:81:4b:10:cd:3f:32:fc:81:eb:49:2e:
d2:83:bd:38:8f:d3:4c:ec:29:0d:a5:4d:46:00:f7:
c2:f7:af:72:5a:48:98:7d:a8:3f:11:dc:e6:c2:14:
9a:0b:0d:fa:a8:d9:b2:d4:a2:3b:b1:df:31:52:d8:
78:00:18:d8:cd:b0:7f:10:af:3f:6b:33:98:a8:c9:
ce:fc:51:18:6f:9a:47:b2:95:d7:9e:da:12:b1:0f:
8f:59:d9:62:b2:44:4d:82:ef:35:04:da:f1:f0:3e:
29:f8:c1:ae:ae:26:fa:cb:20:63:95:d2:41:5f:e0:
a1:0e:b1:3b:a2:94:c5:07:44:0f:9a:d3:41:58:ef:
75:c0:4d:9b:16:2c:74:95:3d:ca:a5:ab:ff:03:9b:
47:05:9e:05:c3:10:3e:29:98:12:60:62:8a:27:a6:
28:a8:ea:87:8c:40:bb:29:48:76:1f:b0:96:c1:ed:
de:69:f9:a2:1e:b0:9d:4e:85:66:e9:de:3e:d1:48:
e9:0a:6f:56:d9:c2:e7:44:86:43:74:f5:18:a8:6c:
34:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:2B:DE:CC:1D:98:30:3A:2B:46:3B:37:B0:A2:09:6A:97:57:4B:18
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/NSvezB2YMDorRjs3sKIJapdXSxg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.212.0/22
82.163.96.0/21
Signature Algorithm: sha256WithRSAEncryption
92:f0:bd:1d:29:1f:90:ef:f3:6d:af:a0:ce:82:bf:13:92:aa:
cb:64:35:88:58:5f:d9:02:34:1d:88:e1:47:e1:a7:c7:20:de:
1e:ca:d4:ff:d8:c5:ce:40:f1:c1:6c:34:77:a0:3b:cb:eb:6f:
66:14:b9:21:31:30:ff:9f:8e:94:f4:9d:d2:de:37:95:c4:ed:
3d:c3:f9:5a:2e:e9:ae:a3:12:cf:62:fb:10:9e:c6:1c:c1:75:
05:c8:39:ba:3d:04:83:2a:dc:67:9b:e8:29:e2:f6:97:67:1f:
6a:df:9e:06:72:62:be:86:bc:9b:a3:21:8c:f4:e2:e6:c2:bf:
aa:d6:70:ab:a4:e6:a0:f0:b8:2a:c7:3d:f3:89:21:f0:4c:fa:
32:3d:2d:53:fe:63:33:8a:25:4a:15:f8:17:b4:4a:6a:96:b0:
92:65:a7:6d:5d:ee:5d:10:2c:b9:e4:73:5e:eb:7d:3c:5c:25:
a6:44:5a:75:34:02:c1:33:1a:f8:95:e9:fe:78:d3:9e:50:ac:
3f:65:26:d6:99:e4:50:ec:fc:59:17:0b:19:d3:d8:f9:b2:c8:
86:4e:2a:3e:de:b9:a7:56:01:7a:91:bc:f5:61:ba:ab:a8:16:
0c:c3:88:b1:e5:12:2f:91:ec:39:bc:e5:c3:8d:65:84:13:6a:
6d:99:75:96
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZNDXyhgoWlrTid0FQR5VVq6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQxMTE5MDc0MjA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTJiZGVjYzFkOTgzMDNhMmI0NjNiMzdiMGEyMDk2YTk3NTc0YjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqlKLcH2BTt1LXqisQKPOH7MWhNB8
LSskMCvsF9+HLtZui3cRt6fehOH6G/SQQB3GgUsQzT8y/IHrSS7Sg704j9NM7CkN
pU1GAPfC969yWkiYfag/EdzmwhSaCw36qNmy1KI7sd8xUth4ABjYzbB/EK8/azOY
qMnO/FEYb5pHspXXntoSsQ+PWdliskRNgu81BNrx8D4p+MGurib6yyBjldJBX+Ch
DrE7opTFB0QPmtNBWO91wE2bFix0lT3Kpav/A5tHBZ4FwxA+KZgSYGKKJ6YoqOqH
jEC7KUh2H7CWwe3eafmiHrCdToVm6d4+0UjpCm9W2cLnRIZDdPUYqGw0MQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDUr3swdmDA6K0Y7N7CiCWqXV0sYMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvTlN2ZXpCMllNRG9yUmpzM3NLSUphcGRYU3hnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLhTUAwQD
UqNgMA0GCSqGSIb3DQEBCwUAA4IBAQCS8L0dKR+Q7/Ntr6DOgr8TkqrLZDWIWF/Z
AjQdiOFH4afHIN4eytT/2MXOQPHBbDR3oDvL629mFLkhMTD/n46U9J3S3jeVxO09
w/laLumuoxLPYvsQnsYcwXUFyDm6PQSDKtxnm+gp4vaXZx9q354GcmK+hryboyGM
9OLmwr+q1nCrpOag8Lgqxz3ziSHwTPoyPS1T/mMziiVKFfgXtEpqlrCSZadtXe5d
ECy55HNe6308XCWmRFp1NALBMxr4len+eNOeUKw/ZSbWmeRQ7PxZFwsZ09j5ssiG
Tio+3rmnVgF6kbz1YbqrqBYMw4ix5RIvkew5vOXDjWWEE2ptmXWW
-----END CERTIFICATE-----
Generated at Tue Nov 19 15:05:53 2024 by rpki-client on console-fra.rpki-client.org