Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/PxQMTNXpIcJ1cPpoyYK2p4uFOf0.roa
File: PxQMTNXpIcJ1cPpoyYK2p4uFOf0.roa (raw, json)
Hash identifier: tNxYLmryTKmTS9uE479ZiN7Za6G7s/lvo3q1bGTkhrQ=
Subject key identifier: 3F:14:0C:4C:D5:E9:21:C2:75:70:FA:68:C9:82:B6:A7:8B:85:39:FD
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 01859FCE5C6680AF19286DB6757C9FE4BE3F
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/PxQMTNXpIcJ1cPpoyYK2p4uFOf0.roa
Signing time: Wed 11 Jan 2023 07:49:39 +0000
ROA not before: Wed 11 Jan 2023 07:49:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 46.20.216.0/21 maxlen: 24
82.163.168.0/22 maxlen: 24
82.163.60.0/22 maxlen: 24
31.186.176.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sat 15 Apr 2023 08:52:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:9f:ce:5c:66:80:af:19:28:6d:b6:75:7c:9f:e4:be:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Jan 11 07:49:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3f140c4cd5e921c27570fa68c982b6a78b8539fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:9a:a4:88:17:4a:9a:44:f7:40:38:f9:e8:15:
10:61:60:98:62:09:9b:8f:28:90:9d:5a:cd:51:cd:
2b:ef:19:33:54:68:5e:50:17:5b:f4:09:b8:e0:84:
02:df:d4:1b:b0:2b:a3:ed:03:8c:21:4f:a8:03:69:
a3:dc:37:68:c6:d6:f6:08:b5:ea:b0:e2:7d:e5:43:
ae:9c:0f:22:49:0e:48:5c:d2:61:b1:e2:b1:33:8d:
64:05:f2:5c:dd:2a:32:96:fe:0a:a0:19:86:32:58:
a6:91:18:1a:73:5a:1b:ca:55:a1:52:da:3f:f5:4f:
eb:9f:bf:f2:2d:cd:55:0e:58:3a:d0:3d:34:8d:8e:
81:aa:5c:c8:42:e4:43:33:d5:8b:ae:db:db:b5:67:
68:87:e6:05:66:6b:d7:e8:1c:b4:b2:4a:c9:9e:32:
58:e6:7e:a3:fc:58:18:ae:81:f2:94:50:38:6c:75:
fe:20:03:db:62:fc:f5:57:8e:50:d6:bc:56:fa:67:
a6:a7:95:3c:04:6d:d4:60:84:f4:63:b5:43:1f:e6:
2c:19:42:f0:e8:cd:04:3c:f8:a0:68:93:d3:a4:c6:
ad:c6:69:3b:3c:21:ce:65:f8:75:b4:1e:bd:9d:c9:
18:50:68:83:4f:0a:3a:8c:fd:ad:ba:ed:07:1c:6a:
91:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:14:0C:4C:D5:E9:21:C2:75:70:FA:68:C9:82:B6:A7:8B:85:39:FD
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/PxQMTNXpIcJ1cPpoyYK2p4uFOf0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.186.176.0/22
46.20.216.0/21
82.163.60.0/22
82.163.168.0/22
Signature Algorithm: sha256WithRSAEncryption
53:65:01:90:47:8a:8e:45:62:3a:81:e4:42:42:b6:0e:41:94:
c6:ca:f1:c7:30:ed:08:e3:b8:07:3b:04:7b:aa:17:12:7c:5f:
19:47:09:05:3d:db:e0:ff:7b:28:70:cf:31:0b:36:df:b1:27:
9d:7b:5f:43:1b:3f:23:82:72:fa:13:f5:c3:b5:de:b3:10:0c:
0d:a9:6f:81:a4:f3:8e:1e:4c:00:68:df:fa:86:08:47:1a:39:
f1:cf:15:26:49:17:55:0f:cc:0a:69:dc:a2:3a:7d:93:53:ec:
29:58:31:d3:8b:d2:8f:5a:34:7c:23:8e:f4:86:2d:db:5e:75:
fc:b3:8b:26:6c:ce:05:1f:52:2b:4d:76:67:24:2f:ff:49:e9:
df:59:13:27:46:e1:30:e0:6b:a9:5f:8d:5f:58:7d:17:be:37:
24:5d:f7:22:f1:5c:47:73:56:78:33:8e:79:30:81:22:87:6a:
8e:31:3a:20:d1:ac:94:ed:b9:1e:27:38:f0:55:72:66:8f:47:
59:1c:7a:57:51:44:0d:4a:5c:b3:41:ad:7a:93:a6:78:ac:f5:
ae:f1:ef:bb:c3:b7:7e:fb:e1:f0:04:f2:17:7e:02:8b:8f:e4:
a1:34:c5:eb:2b:39:eb:a8:10:31:86:29:4b:e4:e4:5e:01:47:
9e:c1:b3:8c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYWfzlxmgK8ZKG22dXyf5L4/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMwMTExMDc0OTM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjE0MGM0Y2Q1ZTkyMWMyNzU3MGZhNjhjOTgyYjZhNzhiODUzOWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAppqkiBdKmkT3QDj56BUQYWCYYgmb
jyiQnVrNUc0r7xkzVGheUBdb9Am44IQC39QbsCuj7QOMIU+oA2mj3Ddoxtb2CLXq
sOJ95UOunA8iSQ5IXNJhseKxM41kBfJc3Soylv4KoBmGMlimkRgac1obylWhUto/
9U/rn7/yLc1VDlg60D00jY6BqlzIQuRDM9WLrtvbtWdoh+YFZmvX6By0skrJnjJY
5n6j/FgYroHylFA4bHX+IAPbYvz1V45Q1rxW+memp5U8BG3UYIT0Y7VDH+YsGULw
6M0EPPigaJPTpMatxmk7PCHOZfh1tB69nckYUGiDTwo6jP2tuu0HHGqRnwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFD8UDEzV6SHCdXD6aMmCtqeLhTn9MB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvUHhRTVROWHBJY0oxY1Bwb3lZSzJwNHVGT2YwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCH7qwAwQD
LhTYAwQCUqM8AwQCUqOoMA0GCSqGSIb3DQEBCwUAA4IBAQBTZQGQR4qORWI6geRC
QrYOQZTGyvHHMO0I47gHOwR7qhcSfF8ZRwkFPdvg/3socM8xCzbfsSede19DGz8j
gnL6E/XDtd6zEAwNqW+BpPOOHkwAaN/6hghHGjnxzxUmSRdVD8wKadyiOn2TU+wp
WDHTi9KPWjR8I470hi3bXnX8s4smbM4FH1IrTXZnJC//SenfWRMnRuEw4GupX41f
WH0XvjckXfci8VxHc1Z4M455MIEih2qOMTog0ayU7bkeJzjwVXJmj0dZHHpXUUQN
SlyzQa16k6Z4rPWu8e+7w7d+++HwBPIXfgKLj+ShNMXrKznrqBAxhilL5OReAUee
wbOM
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:47 2024 by rpki-client on console-ams.rpki-client.org