Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/f737d_6Z-MAaHolN4f_LF5tU-yg.roa
File: f737d_6Z-MAaHolN4f_LF5tU-yg.roa (raw, json)
Hash identifier: W4u69gEK7BvN41NJbn9z3EahZ5w+ggwQLIi0ngmLTlM=
Subject key identifier: 7F:BD:FB:77:FE:99:F8:C0:1A:1E:89:4D:E1:FF:CB:17:9B:54:FB:28
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018571B9EF9FE6C23C645137862E8F4E5E33
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/f737d_6Z-MAaHolN4f_LF5tU-yg.roa
Signing time: Mon 02 Jan 2023 09:04:48 +0000
ROA not before: Mon 02 Jan 2023 09:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 46.20.216.0/21 maxlen: 24
31.186.176.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 06 Jan 2023 07:13:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b9:ef:9f:e6:c2:3c:64:51:37:86:2e:8f:4e:5e:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Jan 2 09:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7fbdfb77fe99f8c01a1e894de1ffcb179b54fb28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:93:68:00:f7:d1:57:2f:7e:59:66:8c:ab:7d:
9c:8b:46:7d:a6:b8:0a:b5:89:e6:f2:21:6c:32:1f:
20:6f:b9:de:c8:b4:b3:a8:90:34:ed:d7:94:0c:7c:
25:66:d1:5c:60:7e:6d:e9:98:47:22:b4:96:e7:d9:
65:2b:dc:a2:ac:94:c0:b7:9a:b7:34:74:b0:2b:21:
0c:99:c0:ce:6e:6a:9e:dc:6c:67:1b:af:b8:e6:f5:
ea:69:9a:ee:39:ba:03:f9:35:1d:72:a0:97:a3:7a:
c2:a5:ab:1e:62:77:0e:93:a2:8f:82:71:85:5c:82:
ab:3c:79:9b:b4:0c:52:af:ab:ee:4a:81:d3:a2:87:
64:5c:32:f7:a1:1f:25:3f:f7:07:40:eb:45:8a:2a:
e1:26:fc:bb:ed:6f:c6:d0:d1:60:6c:f7:e8:6c:fc:
4e:1b:b2:32:0f:23:d8:19:f2:05:fb:53:d6:e8:db:
af:cf:04:76:bc:8f:b0:b0:fd:8f:56:fc:0c:1d:ad:
a2:e3:69:39:a1:a4:f4:e0:7a:ef:1c:53:75:2c:68:
12:e1:ed:5e:bf:37:42:36:22:fa:19:a0:55:e6:44:
9c:9f:2f:a6:42:35:ea:05:96:19:8b:4e:63:87:b2:
0c:4f:a4:d2:8c:af:f8:a0:a4:ea:ae:a9:0e:a7:e9:
2c:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:BD:FB:77:FE:99:F8:C0:1A:1E:89:4D:E1:FF:CB:17:9B:54:FB:28
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/f737d_6Z-MAaHolN4f_LF5tU-yg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.186.176.0/22
46.20.216.0/21
Signature Algorithm: sha256WithRSAEncryption
1f:49:20:9e:33:3f:92:31:fb:f8:25:e2:b2:12:1c:92:08:44:
59:98:bd:69:a2:4d:76:c5:29:0a:d5:b6:c0:79:d9:a8:b9:29:
26:72:b9:e1:54:5e:2a:a1:99:ee:e6:ca:50:ae:61:94:c4:b3:
18:af:2b:88:bc:13:03:32:8d:46:fe:73:c2:65:22:49:0d:6c:
22:d4:35:eb:f4:43:45:c7:67:ca:85:19:8f:c8:8a:51:49:9f:
68:4a:bc:67:8b:e8:a8:18:8f:be:f7:5c:02:2f:6f:e5:de:f2:
0f:84:a5:18:04:ec:20:05:d1:b2:01:c5:46:ca:7e:d3:6c:89:
19:b2:d5:8c:e0:e3:2f:d4:54:fe:3a:6e:78:22:34:b9:1e:b2:
fe:c4:53:af:44:ef:fe:b8:d0:51:8f:50:8e:e4:60:f1:db:f0:
71:65:16:fd:1b:3a:87:f3:09:1d:e3:dc:67:ac:68:ee:32:3f:
eb:1a:0e:50:90:ce:fd:40:09:23:08:41:a7:79:79:c1:4c:fa:
9b:26:ad:ae:a9:b8:1a:a1:23:a2:29:5a:04:5d:17:1b:ed:77:
ca:e5:4c:b1:a1:9f:0b:06:1e:4a:ab:ac:e3:71:f4:98:2e:d4:
83:e8:8a:ba:8f:3f:15:ee:f3:6d:23:87:62:f1:fc:66:77:75:
6e:d1:7f:f5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxue+f5sI8ZFE3hi6PTl4zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMwMTAyMDkwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmJkZmI3N2ZlOTlmOGMwMWExZTg5NGRlMWZmY2IxNzliNTRmYjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5NoAPfRVy9+WWaMq32ci0Z9prgK
tYnm8iFsMh8gb7neyLSzqJA07deUDHwlZtFcYH5t6ZhHIrSW59llK9yirJTAt5q3
NHSwKyEMmcDObmqe3GxnG6+45vXqaZruOboD+TUdcqCXo3rCpaseYncOk6KPgnGF
XIKrPHmbtAxSr6vuSoHToodkXDL3oR8lP/cHQOtFiirhJvy77W/G0NFgbPfobPxO
G7IyDyPYGfIF+1PW6NuvzwR2vI+wsP2PVvwMHa2i42k5oaT04HrvHFN1LGgS4e1e
vzdCNiL6GaBV5kScny+mQjXqBZYZi05jh7IMT6TSjK/4oKTqrqkOp+kslwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFH+9+3f+mfjAGh6JTeH/yxebVPsoMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvZjczN2RfNlotTUFhSG9sTjRmX0xGNXRVLXlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCH7qwAwQD
LhTYMA0GCSqGSIb3DQEBCwUAA4IBAQAfSSCeMz+SMfv4JeKyEhySCERZmL1pok12
xSkK1bbAedmouSkmcrnhVF4qoZnu5spQrmGUxLMYryuIvBMDMo1G/nPCZSJJDWwi
1DXr9ENFx2fKhRmPyIpRSZ9oSrxni+ioGI++91wCL2/l3vIPhKUYBOwgBdGyAcVG
yn7TbIkZstWM4OMv1FT+Om54IjS5HrL+xFOvRO/+uNBRj1CO5GDx2/BxZRb9GzqH
8wkd49xnrGjuMj/rGg5QkM79QAkjCEGneXnBTPqbJq2uqbgaoSOiKVoEXRcb7XfK
5UyxoZ8LBh5Kq6zjcfSYLtSD6Iq6jz8V7vNtI4di8fxmd3Vu0X/1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:35 2024 by rpki-client on console-fra.rpki-client.org