Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/gRtt5bhceB26Si7ePOv-oOhXO9s.roa
File: gRtt5bhceB26Si7ePOv-oOhXO9s.roa (raw, json)
Hash identifier: Wdtt+1VuTICqhxIvJT9Aeaga435PC1t/1Mpnj+1YgHM=
Subject key identifier: 81:1B:6D:E5:B8:5C:78:1D:BA:4A:2E:DE:3C:EB:FE:A0:E8:57:3B:DB
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018CC5DCE2A95D7659C61E9665F5F21A31A0
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/gRtt5bhceB26Si7ePOv-oOhXO9s.roa
Signing time: Mon 01 Jan 2024 16:30:36 +0000
ROA not before: Mon 01 Jan 2024 16:30:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 92.114.40.0/22 maxlen: 24
46.20.212.0/22 maxlen: 23
Validation: Failed, certificate revoked on Thu 08 Feb 2024 08:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:e2:a9:5d:76:59:c6:1e:96:65:f5:f2:1a:31:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Jan 1 16:30:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=811b6de5b85c781dba4a2ede3cebfea0e8573bdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:46:ac:17:21:0f:d0:d2:9c:87:94:10:57:be:
42:84:ca:cc:e1:0b:78:c3:dd:4e:c2:0b:bc:c9:24:
f1:85:35:83:81:20:a8:13:3f:7c:a6:c4:9d:1e:02:
d3:11:56:2f:61:61:6b:08:7e:6f:1c:05:46:fa:0d:
0e:f4:8e:ab:da:db:8a:c8:e9:ca:3e:19:c0:de:4a:
19:7f:8d:66:f6:e7:06:80:7f:9d:df:04:29:6d:75:
c0:11:ed:cc:96:d9:2f:a6:38:d0:45:3e:c4:7b:f5:
1c:27:41:95:7f:e0:4b:9f:9e:b1:5a:0c:b2:3e:c3:
08:cb:df:5b:67:45:60:2b:3a:69:be:b3:11:d8:00:
a8:88:ed:1d:0c:65:3c:dd:d8:d1:28:44:a7:46:c2:
8a:93:78:45:a4:fb:d9:91:17:ec:f6:18:ef:c1:92:
74:12:0a:01:79:9d:a6:03:63:80:2d:be:c8:77:90:
f0:f9:51:49:47:5c:1e:61:50:14:d7:ff:64:5b:e2:
95:8c:2a:f8:e3:19:9e:80:c4:51:bb:df:54:c6:8e:
23:c2:68:75:12:2a:87:d2:15:fb:74:45:7a:81:4d:
4b:b4:8a:3b:0a:ca:10:54:7e:c6:df:4f:5f:54:5f:
c0:e5:9e:bb:84:58:2e:d0:55:fe:d7:53:df:0c:d8:
7d:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:1B:6D:E5:B8:5C:78:1D:BA:4A:2E:DE:3C:EB:FE:A0:E8:57:3B:DB
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/gRtt5bhceB26Si7ePOv-oOhXO9s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.212.0/22
92.114.40.0/22
Signature Algorithm: sha256WithRSAEncryption
65:19:f5:70:1b:30:62:4a:4a:ad:80:f0:ed:95:c0:82:1c:16:
1e:67:7e:97:f4:0f:27:8d:07:62:88:52:b3:57:c3:95:ba:4b:
44:fc:50:01:bd:7d:1d:3a:65:e3:88:22:4e:e9:60:8e:bc:44:
fb:5c:2c:97:5b:45:57:28:3a:a9:1a:5a:84:7c:d5:8e:ed:16:
25:16:3f:c5:5c:39:8f:f8:0c:64:55:ae:eb:8a:94:eb:0c:00:
61:26:34:16:72:f6:d6:99:8d:e1:b2:6e:b6:9c:f6:f6:b2:29:
c2:71:1a:0e:f2:ea:0a:fc:be:81:1e:ad:82:69:c0:1d:f6:fb:
e1:58:75:ca:7a:a1:d5:b8:23:d7:5e:b9:e0:4a:09:99:01:2f:
50:08:63:4c:f2:bd:d2:81:99:8b:32:34:70:6b:1b:f1:5f:7f:
d6:56:ef:52:a1:3a:97:e2:89:8e:ae:18:21:ce:e4:b0:dd:e9:
84:0f:b1:48:86:e7:6a:70:7f:42:cf:1d:67:c5:7d:c9:0d:1a:
0f:7e:73:89:d0:1e:27:ac:01:6c:65:42:c6:7e:7d:ca:74:54:
8f:f7:cf:fc:e4:e9:ca:a6:e5:4c:fc:a8:93:5e:04:78:6b:57:
c6:3a:7f:05:7a:e2:f7:75:5c:2a:22:fa:80:2e:6a:f5:57:e8:
75:e9:ed:ba
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzF3OKpXXZZxh6WZfXyGjGgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQwMTAxMTYzMDM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTFiNmRlNWI4NWM3ODFkYmE0YTJlZGUzY2ViZmVhMGU4NTczYmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx0asFyEP0NKch5QQV75ChMrM4Qt4
w91Owgu8ySTxhTWDgSCoEz98psSdHgLTEVYvYWFrCH5vHAVG+g0O9I6r2tuKyOnK
PhnA3koZf41m9ucGgH+d3wQpbXXAEe3MltkvpjjQRT7Ee/UcJ0GVf+BLn56xWgyy
PsMIy99bZ0VgKzppvrMR2ACoiO0dDGU83djRKESnRsKKk3hFpPvZkRfs9hjvwZJ0
EgoBeZ2mA2OALb7Id5Dw+VFJR1weYVAU1/9kW+KVjCr44xmegMRRu99Uxo4jwmh1
EiqH0hX7dEV6gU1LtIo7CsoQVH7G309fVF/A5Z67hFgu0FX+11PfDNh9rQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIEbbeW4XHgdukou3jzr/qDoVzvbMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvZ1J0dDViaGNlQjI2U2k3ZVBPdi1vT2hYTzlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLhTUAwQC
XHIoMA0GCSqGSIb3DQEBCwUAA4IBAQBlGfVwGzBiSkqtgPDtlcCCHBYeZ36X9A8n
jQdiiFKzV8OVuktE/FABvX0dOmXjiCJO6WCOvET7XCyXW0VXKDqpGlqEfNWO7RYl
Fj/FXDmP+AxkVa7ripTrDABhJjQWcvbWmY3hsm62nPb2sinCcRoO8uoK/L6BHq2C
acAd9vvhWHXKeqHVuCPXXrngSgmZAS9QCGNM8r3SgZmLMjRwaxvxX3/WVu9SoTqX
4omOrhghzuSw3emED7FIhudqcH9Czx1nxX3JDRoPfnOJ0B4nrAFsZULGfn3KdFSP
98/85OnKpuVM/KiTXgR4a1fGOn8FeuL3dVwqIvqALmr1V+h16e26
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:36 2024 by rpki-client on console-fra.rpki-client.org