Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/SnjAlYu-0Hn-DO_h6c5GzetXCaU.roa
File: SnjAlYu-0Hn-DO_h6c5GzetXCaU.roa (raw, json)
Hash identifier: XxMTL0ZEDmO3NljMqvnIkADCNV6wHboT/oi+QwV2WgE=
Subject key identifier: 4A:78:C0:95:8B:BE:D0:79:FE:0C:EF:E1:E9:CE:46:CD:EB:57:09:A5
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0189991880729ECB4D0AF0ABA84C98817CB9
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/SnjAlYu-0Hn-DO_h6c5GzetXCaU.roa
Signing time: Thu 27 Jul 2023 20:44:26 +0000
ROA not before: Thu 27 Jul 2023 20:44:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 82.163.168.0/22 maxlen: 24
92.114.40.0/22 maxlen: 24
82.163.224.0/22 maxlen: 24
130.255.68.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sat 05 Aug 2023 07:18:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:99:18:80:72:9e:cb:4d:0a:f0:ab:a8:4c:98:81:7c:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Jul 27 20:44:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4a78c0958bbed079fe0cefe1e9ce46cdeb5709a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:18:b5:03:0f:f7:a6:6d:b2:40:f5:ba:6d:70:
84:f5:ab:d2:69:bf:4a:2b:06:dc:32:7a:14:7e:fd:
b4:07:c2:57:aa:44:fb:02:33:c0:d0:fe:b0:93:a9:
ab:6d:76:b6:15:5f:6e:bd:fd:05:fe:d9:45:36:ec:
10:3b:07:6a:6e:e9:a4:60:ca:bb:7a:fb:a3:9b:dc:
72:80:42:89:17:34:08:98:a6:62:fc:c6:96:e7:b2:
e5:d5:80:8f:9d:21:75:cc:12:fb:04:95:b8:51:f1:
5d:f0:2b:20:1b:6a:67:aa:25:4d:5d:8d:54:68:49:
5c:fd:b0:04:49:2f:73:0b:a5:0e:4f:d3:20:6b:bc:
70:76:4e:ce:c6:e2:29:3b:1b:65:dd:e4:0b:e4:37:
75:65:b9:eb:98:a2:26:30:b0:23:e0:b2:fd:68:ed:
ee:32:58:5d:26:85:6e:4f:50:a3:66:84:08:0c:59:
74:98:7d:55:bb:c4:b0:bc:a5:7a:12:83:cc:18:f9:
d1:eb:1b:c0:51:9b:f7:57:c8:1d:a9:30:76:77:56:
a9:90:c2:a0:f7:35:fe:05:47:9b:0e:db:16:fd:a5:
21:b6:24:3a:75:00:47:4e:1d:d5:93:53:fc:3d:b5:
49:7e:e0:6f:a9:41:b7:28:f0:79:b3:4a:a1:ba:c5:
ee:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:78:C0:95:8B:BE:D0:79:FE:0C:EF:E1:E9:CE:46:CD:EB:57:09:A5
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/SnjAlYu-0Hn-DO_h6c5GzetXCaU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.163.168.0/22
82.163.224.0/22
92.114.40.0/22
130.255.68.0/22
Signature Algorithm: sha256WithRSAEncryption
5d:dc:07:24:5f:f3:75:38:0a:19:c8:6b:fb:dd:3e:1a:aa:0d:
d0:5e:69:20:1c:37:41:31:69:93:ee:56:68:b6:f2:35:87:0b:
9a:0d:0e:0e:a8:f6:70:11:d5:c7:a1:df:44:22:98:2e:88:92:
ac:60:9d:2f:86:08:4e:df:ef:0e:ab:19:13:5c:28:a4:72:89:
99:a0:a0:d7:41:58:0b:73:61:ab:5c:a0:cb:0d:e5:8f:6e:7a:
23:b5:6b:be:b2:cb:51:90:fd:cc:96:a8:d6:39:8d:d2:1d:60:
6e:b0:82:2b:6c:3d:fc:5e:11:e3:60:42:30:9f:af:ef:a8:0d:
b1:c4:72:49:08:3d:b2:9b:75:a8:41:e6:62:b9:12:43:58:a1:
f8:ad:38:e6:54:a7:db:3e:03:0c:69:3c:52:cd:92:d6:53:d4:
65:c0:89:85:ff:1a:95:62:f7:d7:ad:72:54:2d:0f:0b:20:db:
10:24:da:67:37:96:e8:eb:50:bd:fe:b7:c9:7a:47:fc:78:69:
b3:69:29:6e:3a:34:ea:34:de:96:29:3a:aa:32:6f:6e:f6:db:
c0:d1:f7:64:75:7d:f6:4c:9d:79:39:3b:98:9c:2e:b8:4a:01:
ef:73:bd:f2:3e:c6:b3:61:f1:c8:a5:5b:36:a5:8a:98:2a:e6:
b1:db:93:31
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYmZGIBynstNCvCrqEyYgXy5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMwNzI3MjA0NDI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTc4YzA5NThiYmVkMDc5ZmUwY2VmZTFlOWNlNDZjZGViNTcwOWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApRi1Aw/3pm2yQPW6bXCE9avSab9K
KwbcMnoUfv20B8JXqkT7AjPA0P6wk6mrbXa2FV9uvf0F/tlFNuwQOwdqbumkYMq7
evujm9xygEKJFzQImKZi/MaW57Ll1YCPnSF1zBL7BJW4UfFd8CsgG2pnqiVNXY1U
aElc/bAESS9zC6UOT9Mga7xwdk7OxuIpOxtl3eQL5Dd1ZbnrmKImMLAj4LL9aO3u
MlhdJoVuT1CjZoQIDFl0mH1Vu8SwvKV6EoPMGPnR6xvAUZv3V8gdqTB2d1apkMKg
9zX+BUebDtsW/aUhtiQ6dQBHTh3Vk1P8PbVJfuBvqUG3KPB5s0qhusXuLQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEp4wJWLvtB5/gzv4enORs3rVwmlMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvU25qQWxZdS0wSG4tRE9faDZjNUd6ZXRYQ2FVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCUqOoAwQC
UqPgAwQCXHIoAwQCgv9EMA0GCSqGSIb3DQEBCwUAA4IBAQBd3AckX/N1OAoZyGv7
3T4aqg3QXmkgHDdBMWmT7lZotvI1hwuaDQ4OqPZwEdXHod9EIpguiJKsYJ0vhghO
3+8OqxkTXCikcomZoKDXQVgLc2GrXKDLDeWPbnojtWu+sstRkP3MlqjWOY3SHWBu
sIIrbD38XhHjYEIwn6/vqA2xxHJJCD2ym3WoQeZiuRJDWKH4rTjmVKfbPgMMaTxS
zZLWU9RlwImF/xqVYvfXrXJULQ8LINsQJNpnN5bo61C9/rfJekf8eGmzaSluOjTq
NN6WKTqqMm9u9tvA0fdkdX32TJ15OTuYnC64SgHvc73yPsazYfHIpVs2pYqYKuax
25Mx
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:47 2024 by rpki-client on console-ams.rpki-client.org