Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/TGylNgpilQDT2bxIeti3RZijc0E.roa
File: TGylNgpilQDT2bxIeti3RZijc0E.roa (raw, json)
Hash identifier: qvy9cjT+rALbyx3h85wjPFaG6Z0Yf6qV8MPArzkr5C0=
Subject key identifier: 4C:6C:A5:36:0A:62:95:00:D3:D9:BC:48:7A:D8:B7:45:98:A3:73:41
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018A3DB705E2A96B8EC0B2FA83307C5943A1
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/TGylNgpilQDT2bxIeti3RZijc0E.roa
Signing time: Mon 28 Aug 2023 19:55:19 +0000
ROA not before: Mon 28 Aug 2023 19:55:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5065
IP address blocks: 82.163.168.0/22 maxlen: 24
188.215.120.0/22 maxlen: 24
82.163.96.0/21 maxlen: 24
82.163.224.0/22 maxlen: 24
46.20.212.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 18 Sep 2023 08:07:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:3d:b7:05:e2:a9:6b:8e:c0:b2:fa:83:30:7c:59:43:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Aug 28 19:55:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4c6ca5360a629500d3d9bc487ad8b74598a37341
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:b6:a1:c5:70:6e:2a:84:a9:3d:c3:da:b4:cb:
20:bb:04:47:93:ed:59:a3:e6:51:6e:e1:ae:e3:3e:
33:94:b7:0b:f3:d7:48:2f:14:e5:de:59:b6:ee:9f:
ce:ff:cd:a1:fd:f5:46:87:8f:ca:b4:25:99:a9:51:
99:84:7e:93:f3:4f:9c:77:f9:c7:42:81:2d:79:99:
e6:5e:ae:ba:cb:cd:7b:ea:9d:61:b5:c1:0a:95:3f:
44:94:fa:6d:e3:25:9d:2c:63:9f:2c:f4:66:55:e0:
5b:92:2e:3a:46:c4:ac:f4:50:aa:93:fd:5c:e3:4b:
3c:d2:13:9a:ed:d0:10:8a:0a:66:5f:f1:9d:9f:35:
61:bd:36:04:8f:14:3c:6f:d6:ad:cb:13:b9:36:fe:
eb:14:a7:f0:a1:6e:ff:72:40:89:96:90:b5:07:81:
ec:d9:5e:cf:fe:4b:27:dc:0a:02:34:cf:bd:72:3f:
1c:4e:3b:3e:10:93:c9:0e:6d:e8:42:c0:9a:11:f4:
6b:2b:7b:f2:6d:0a:4a:40:0c:85:6f:6c:58:d3:e9:
3f:21:7f:63:41:87:64:3b:ab:bb:d4:2c:3a:20:d3:
b0:69:60:52:69:67:07:b4:3a:04:cb:7e:d0:b8:02:
4a:0a:5c:74:fc:46:5e:1e:cf:a6:95:44:ff:03:63:
3c:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:6C:A5:36:0A:62:95:00:D3:D9:BC:48:7A:D8:B7:45:98:A3:73:41
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/TGylNgpilQDT2bxIeti3RZijc0E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.212.0/22
82.163.96.0/21
82.163.168.0/22
82.163.224.0/22
188.215.120.0/22
Signature Algorithm: sha256WithRSAEncryption
68:db:65:29:8f:b4:c9:14:37:a1:b4:48:13:21:26:e0:36:62:
eb:86:34:36:ad:5c:d6:12:44:a4:5e:2d:34:9b:d0:4f:3e:5f:
2d:d9:3e:e9:cc:72:7b:46:44:e0:1e:ec:2c:73:93:af:3c:b2:
43:ea:6b:6b:25:61:95:95:9d:26:7a:2d:36:3f:e3:15:f2:4c:
ea:31:b4:01:23:f1:6c:8c:80:01:f7:ed:b4:e0:3e:cc:c1:69:
98:9d:cc:de:50:f3:ff:f9:eb:27:aa:55:28:7b:bc:a8:f1:1d:
ce:6f:f9:44:64:6e:a0:42:53:a4:b7:20:a0:00:6d:ec:78:1d:
18:91:f0:f0:2a:84:42:4f:98:98:0c:d8:92:08:3d:24:13:b0:
87:80:ff:a5:c2:ed:ff:0d:aa:11:3d:ce:6a:02:41:d0:ba:0b:
35:f1:a0:61:05:65:92:18:9e:c5:ad:7b:84:44:b1:4f:1e:f0:
bd:7d:20:11:36:4a:3d:cf:8d:f6:a7:e8:ca:80:b8:8a:9a:44:
4e:58:db:d1:1c:93:50:91:b8:02:6b:d2:26:b5:5f:9b:aa:82:
f9:80:1b:fa:cc:f5:df:32:2d:a0:51:f9:74:7a:d7:01:3a:2a:
e4:41:43:e9:3c:59:bf:4d:f3:f9:1a:af:91:1e:e1:23:99:aa:
a1:b7:65:f9
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYo9twXiqWuOwLL6gzB8WUOhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMwODI4MTk1NTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzZjYTUzNjBhNjI5NTAwZDNkOWJjNDg3YWQ4Yjc0NTk4YTM3MzQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvLahxXBuKoSpPcPatMsguwRHk+1Z
o+ZRbuGu4z4zlLcL89dILxTl3lm27p/O/82h/fVGh4/KtCWZqVGZhH6T80+cd/nH
QoEteZnmXq66y8176p1htcEKlT9ElPpt4yWdLGOfLPRmVeBbki46RsSs9FCqk/1c
40s80hOa7dAQigpmX/GdnzVhvTYEjxQ8b9atyxO5Nv7rFKfwoW7/ckCJlpC1B4Hs
2V7P/ksn3AoCNM+9cj8cTjs+EJPJDm3oQsCaEfRrK3vybQpKQAyFb2xY0+k/IX9j
QYdkO6u71Cw6INOwaWBSaWcHtDoEy37QuAJKClx0/EZeHs+mlUT/A2M8KQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFExspTYKYpUA09m8SHrYt0WYo3NBMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvVEd5bE5ncGlsUURUMmJ4SWV0aTNSWmlqYzBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCLhTUAwQD
UqNgAwQCUqOoAwQCUqPgAwQCvNd4MA0GCSqGSIb3DQEBCwUAA4IBAQBo22Upj7TJ
FDehtEgTISbgNmLrhjQ2rVzWEkSkXi00m9BPPl8t2T7pzHJ7RkTgHuwsc5OvPLJD
6mtrJWGVlZ0mei02P+MV8kzqMbQBI/FsjIAB9+204D7MwWmYnczeUPP/+esnqlUo
e7yo8R3Ob/lEZG6gQlOktyCgAG3seB0YkfDwKoRCT5iYDNiSCD0kE7CHgP+lwu3/
DaoRPc5qAkHQugs18aBhBWWSGJ7FrXuERLFPHvC9fSARNko9z432p+jKgLiKmkRO
WNvRHJNQkbgCa9ImtV+bqoL5gBv6zPXfMi2gUfl0etcBOirkQUPpPFm/TfP5Gq+R
HuEjmaqht2X5
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:47 2024 by rpki-client on console-ams.rpki-client.org