Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/bsmByvKcPu0S061xtIdKa0Q7mAM.roa
File: bsmByvKcPu0S061xtIdKa0Q7mAM.roa (raw, json)
Hash identifier: xltGTitVW1bkMBWH9Tot7zXy7QIbPACTyromCuaZHog=
Subject key identifier: 6E:C9:81:CA:F2:9C:3E:ED:12:D3:AD:71:B4:87:4A:6B:44:3B:98:03
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018585EDA2EC00FF911A04917452F564F3E6
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/bsmByvKcPu0S061xtIdKa0Q7mAM.roa
Signing time: Fri 06 Jan 2023 07:13:41 +0000
ROA not before: Fri 06 Jan 2023 07:13:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 46.20.216.0/21 maxlen: 24
82.163.60.0/22 maxlen: 24
31.186.176.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 11 Jan 2023 07:49:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:85:ed:a2:ec:00:ff:91:1a:04:91:74:52:f5:64:f3:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Jan 6 07:13:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6ec981caf29c3eed12d3ad71b4874a6b443b9803
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:97:c1:18:22:02:f3:74:83:d6:7c:e8:30:03:
5d:64:21:b5:13:a9:5c:d5:e6:69:4b:8a:7b:bc:26:
80:91:ca:aa:5f:49:e1:5d:9a:ba:ca:68:4b:02:2f:
61:7a:7b:50:e5:9e:66:9f:ef:be:55:07:9c:30:92:
df:dd:f9:c6:b6:61:32:89:2d:c2:28:c7:1b:98:e5:
9e:da:5b:0f:fc:67:5e:1d:86:94:fe:96:02:a7:b2:
bc:35:73:57:5c:d2:11:b3:78:d5:8c:4f:fd:b3:d1:
de:6d:40:51:88:fc:ba:be:d6:d6:30:22:d4:6d:ad:
1a:3c:49:c8:18:5e:83:ef:c0:c6:01:d7:42:0f:df:
ea:27:10:f5:72:43:cc:91:4d:52:3a:23:f5:16:89:
a1:f8:de:13:40:45:b2:24:cb:9f:a7:34:79:d0:08:
e0:ea:11:c0:0d:97:b0:1f:2b:4d:3e:25:7d:f7:9e:
06:3b:df:1d:66:89:af:2c:9b:92:12:64:9f:84:96:
4b:4a:e7:e3:ae:09:1e:72:53:3a:5b:cc:2c:51:87:
73:d8:3b:3f:1b:a2:61:ba:23:b1:bc:2b:af:57:49:
78:55:bd:74:8e:46:6b:d4:f9:cf:8f:3c:69:da:e4:
56:01:89:7a:a8:7e:0e:60:27:17:32:90:e0:be:4d:
43:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:C9:81:CA:F2:9C:3E:ED:12:D3:AD:71:B4:87:4A:6B:44:3B:98:03
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/bsmByvKcPu0S061xtIdKa0Q7mAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.186.176.0/22
46.20.216.0/21
82.163.60.0/22
Signature Algorithm: sha256WithRSAEncryption
89:d5:23:bf:43:29:88:3d:e3:8c:26:c7:37:e0:82:97:1a:ff:
2e:71:f9:57:25:3c:05:d4:35:2e:d7:66:5d:ce:dd:5b:3d:5b:
d3:8d:38:56:81:11:53:9c:8d:e2:e6:f6:10:3f:2d:44:6a:d8:
b1:dc:d9:22:d8:8b:9d:ad:b4:47:a8:ef:31:9a:cc:fd:6b:21:
5e:6c:6e:9d:33:ee:d3:f5:1a:67:1c:e1:48:4c:41:72:c5:d8:
8e:53:0c:1b:25:fb:40:01:a6:25:8e:28:30:a4:3e:a2:b6:c2:
57:3a:3a:91:0a:8e:80:0f:68:ce:f1:1a:60:ec:46:6a:45:c7:
7d:5a:a3:ff:54:50:73:75:ec:b9:fe:72:88:71:0a:6e:88:83:
aa:4a:50:6b:9a:b2:ac:9e:99:c2:8d:8f:fa:f9:9f:a2:54:5b:
de:d4:a2:7b:03:84:01:a8:8e:73:ba:7e:7f:0a:a3:e3:50:8b:
3e:1a:4a:f7:30:e1:d7:e6:9b:b1:0f:ef:3f:60:e5:83:68:d1:
b2:a2:e4:4c:e6:44:f7:97:fa:07:87:bf:c0:06:b2:84:96:e2:
d1:58:3d:95:06:1f:6e:56:1d:41:98:19:e7:59:1f:12:7a:b4:
a9:37:a7:18:6e:96:b9:56:27:02:eb:94:62:b5:21:f4:38:9c:
7d:da:7b:16
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYWF7aLsAP+RGgSRdFL1ZPPmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMwMTA2MDcxMzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWM5ODFjYWYyOWMzZWVkMTJkM2FkNzFiNDg3NGE2YjQ0M2I5ODAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArJfBGCIC83SD1nzoMANdZCG1E6lc
1eZpS4p7vCaAkcqqX0nhXZq6ymhLAi9hentQ5Z5mn+++VQecMJLf3fnGtmEyiS3C
KMcbmOWe2lsP/GdeHYaU/pYCp7K8NXNXXNIRs3jVjE/9s9HebUBRiPy6vtbWMCLU
ba0aPEnIGF6D78DGAddCD9/qJxD1ckPMkU1SOiP1Fomh+N4TQEWyJMufpzR50Ajg
6hHADZewHytNPiV9954GO98dZomvLJuSEmSfhJZLSufjrgkeclM6W8wsUYdz2Ds/
G6JhuiOxvCuvV0l4Vb10jkZr1PnPjzxp2uRWAYl6qH4OYCcXMpDgvk1D0QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFG7JgcrynD7tEtOtcbSHSmtEO5gDMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvYnNtQnl2S2NQdTBTMDYxeHRJZEthMFE3bUFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCH7qwAwQD
LhTYAwQCUqM8MA0GCSqGSIb3DQEBCwUAA4IBAQCJ1SO/QymIPeOMJsc34IKXGv8u
cflXJTwF1DUu12Zdzt1bPVvTjThWgRFTnI3i5vYQPy1Eatix3Nki2IudrbRHqO8x
msz9ayFebG6dM+7T9RpnHOFITEFyxdiOUwwbJftAAaYljigwpD6itsJXOjqRCo6A
D2jO8Rpg7EZqRcd9WqP/VFBzdey5/nKIcQpuiIOqSlBrmrKsnpnCjY/6+Z+iVFve
1KJ7A4QBqI5zun5/CqPjUIs+Gkr3MOHX5puxD+8/YOWDaNGyouRM5kT3l/oHh7/A
BrKEluLRWD2VBh9uVh1BmBnnWR8SerSpN6cYbpa5VicC65RitSH0OJx92nsW
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:47 2024 by rpki-client on console-ams.rpki-client.org