Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/YjFJUe46p6ki0Nma7RIBwXA-tfc.roa
File: YjFJUe46p6ki0Nma7RIBwXA-tfc.roa (raw, json)
Hash identifier: jzYiTCgMk+KopBMlAup0uVHsQJrJkUbUw8oGADySHDU=
Subject key identifier: 62:31:49:51:EE:3A:A7:A9:22:D0:D9:9A:ED:12:01:C1:70:3E:B5:F7
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0189991881193993647E8BD106AC722BD0F4
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/YjFJUe46p6ki0Nma7RIBwXA-tfc.roa
Signing time: Thu 27 Jul 2023 20:44:27 +0000
ROA not before: Thu 27 Jul 2023 20:44:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 46.20.216.0/21 maxlen: 24
82.163.60.0/22 maxlen: 24
130.255.64.0/22 maxlen: 24
31.186.176.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sat 05 Aug 2023 07:18:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:99:18:81:19:39:93:64:7e:8b:d1:06:ac:72:2b:d0:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Jul 27 20:44:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=62314951ee3aa7a922d0d99aed1201c1703eb5f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:e5:50:a9:a1:64:42:c0:21:e4:93:a0:9c:e7:
f3:8a:b0:ff:78:f1:a5:ae:c6:27:86:e1:4b:94:fd:
02:97:b1:a2:66:e9:cd:cc:f4:2a:f4:70:e8:67:5f:
d0:be:4d:cc:29:de:09:da:5f:e5:de:33:c8:50:0c:
42:e8:a7:72:a6:f2:d4:3c:34:e7:61:48:db:8b:cb:
1e:7b:4e:49:fb:29:a4:78:cb:00:82:4f:48:69:f8:
e8:46:0b:ce:c3:58:f7:3d:05:ec:b9:dd:48:96:f7:
75:27:f3:6c:77:f2:2a:ef:c8:38:1c:5c:9b:1a:d5:
db:00:12:7a:0a:20:aa:59:c3:6a:65:34:6d:d1:62:
34:fe:61:0c:d0:43:3a:75:58:49:c6:47:3f:77:59:
e6:70:b5:cb:2c:b3:f5:41:be:8e:70:03:5c:f7:e9:
59:85:fc:57:0e:dd:31:9b:b9:61:ac:9d:b7:0a:73:
1b:9d:86:65:b5:e7:5b:84:90:e2:ed:c2:8a:8d:0a:
74:b1:05:54:4b:63:7a:94:11:1e:65:d2:ea:93:3c:
78:13:2c:19:78:15:31:e2:27:08:f2:31:a4:4e:b0:
8a:8f:02:12:7e:2f:37:d8:9c:ca:48:f4:47:13:7d:
9b:9f:3e:34:6b:f9:58:be:20:04:49:ad:61:60:45:
b1:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:31:49:51:EE:3A:A7:A9:22:D0:D9:9A:ED:12:01:C1:70:3E:B5:F7
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/YjFJUe46p6ki0Nma7RIBwXA-tfc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.186.176.0/22
46.20.216.0/21
82.163.60.0/22
130.255.64.0/22
Signature Algorithm: sha256WithRSAEncryption
40:90:4e:f1:72:74:21:f1:fa:91:ae:f8:7e:5b:df:0a:b4:8e:
87:a1:ab:85:e8:f9:4f:ac:73:b8:51:d6:5c:59:8e:b4:d5:53:
16:ab:c8:9a:d0:a1:2c:f0:38:ee:03:36:7e:11:a2:95:a0:b7:
c8:d4:48:c5:e2:2f:87:53:aa:87:3f:59:c7:43:45:4d:ea:3e:
d3:41:c9:7f:2f:cb:59:29:d5:5f:0c:a8:57:36:51:0a:d9:8a:
e7:be:c5:d8:94:7e:fa:90:fa:a8:e7:4b:17:65:ae:a1:ec:95:
de:8a:b1:db:d4:eb:b8:b8:28:30:db:47:a7:a8:6c:2a:bf:89:
a6:06:bb:3f:d7:be:e4:a5:b9:5d:f5:20:9b:12:e9:3b:a2:7a:
2e:f2:24:32:ea:76:07:f6:b8:36:40:48:5d:aa:2c:ca:1b:9a:
fa:be:25:6b:ac:ba:67:ad:5e:45:a5:75:93:9d:30:d0:eb:63:
7c:4b:2e:6b:df:cc:8f:ab:5a:53:56:a0:01:9e:3a:3e:1e:29:
77:bf:54:5f:32:b3:1e:3a:17:ca:f9:87:89:32:4d:ad:18:e9:
86:b4:0f:af:0e:e0:f4:7c:ec:ee:80:9e:df:ee:7e:5d:ce:cb:
33:70:ef:cf:47:5f:62:75:a9:78:67:6e:75:43:73:ae:98:13:
c8:90:4f:fd
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYmZGIEZOZNkfovRBqxyK9D0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMwNzI3MjA0NDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjMxNDk1MWVlM2FhN2E5MjJkMGQ5OWFlZDEyMDFjMTcwM2ViNWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmeVQqaFkQsAh5JOgnOfzirD/ePGl
rsYnhuFLlP0Cl7GiZunNzPQq9HDoZ1/Qvk3MKd4J2l/l3jPIUAxC6KdypvLUPDTn
YUjbi8see05J+ymkeMsAgk9IafjoRgvOw1j3PQXsud1Ilvd1J/Nsd/Iq78g4HFyb
GtXbABJ6CiCqWcNqZTRt0WI0/mEM0EM6dVhJxkc/d1nmcLXLLLP1Qb6OcANc9+lZ
hfxXDt0xm7lhrJ23CnMbnYZltedbhJDi7cKKjQp0sQVUS2N6lBEeZdLqkzx4EywZ
eBUx4icI8jGkTrCKjwISfi832JzKSPRHE32bnz40a/lYviAESa1hYEWxZwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGIxSVHuOqepItDZmu0SAcFwPrX3MB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvWWpGSlVlNDZwNmtpME5tYTdSSUJ3WEEtdGZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCH7qwAwQD
LhTYAwQCUqM8AwQCgv9AMA0GCSqGSIb3DQEBCwUAA4IBAQBAkE7xcnQh8fqRrvh+
W98KtI6HoauF6PlPrHO4UdZcWY601VMWq8ia0KEs8DjuAzZ+EaKVoLfI1EjF4i+H
U6qHP1nHQ0VN6j7TQcl/L8tZKdVfDKhXNlEK2YrnvsXYlH76kPqo50sXZa6h7JXe
irHb1Ou4uCgw20enqGwqv4mmBrs/177kpbld9SCbEuk7onou8iQy6nYH9rg2QEhd
qizKG5r6viVrrLpnrV5FpXWTnTDQ62N8Sy5r38yPq1pTVqABnjo+Hil3v1RfMrMe
OhfK+YeJMk2tGOmGtA+vDuD0fOzugJ7f7n5dzsszcO/PR19idal4Z251Q3OumBPI
kE/9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:35 2024 by rpki-client on console-fra.rpki-client.org