Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/ggBa3dkIsCVHPjPfLl1pbze96Mg.roa
File: ggBa3dkIsCVHPjPfLl1pbze96Mg.roa (raw, json)
Hash identifier: 1SJhI6aXo8wn5F7G6ecdudnXP4JAj82H7rHdusNYGkQ=
Subject key identifier: 82:00:5A:DD:D9:08:B0:25:47:3E:33:DF:2E:5D:69:6F:37:BD:E8:C8
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0187841DDB3B750F46F32637AB9E54034C9B
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/ggBa3dkIsCVHPjPfLl1pbze96Mg.roa
Signing time: Sat 15 Apr 2023 08:52:41 +0000
ROA not before: Sat 15 Apr 2023 08:52:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 46.20.216.0/21 maxlen: 24
82.163.168.0/22 maxlen: 24
82.163.60.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 06 Jun 2023 06:45:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:84:1d:db:3b:75:0f:46:f3:26:37:ab:9e:54:03:4c:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Apr 15 08:52:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=82005addd908b025473e33df2e5d696f37bde8c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:41:02:1a:1b:0b:44:0e:d7:9c:7f:f2:a7:51:
be:3c:3d:58:de:3e:af:db:f5:bd:68:a4:76:15:c2:
27:dc:d0:08:36:68:17:d4:85:1c:4f:48:86:b1:6d:
e9:10:61:58:af:6d:b5:a2:d9:98:c8:bb:9d:8e:0d:
43:c0:79:bd:d3:9b:55:61:01:1b:d7:61:b7:17:34:
53:05:fa:1f:c0:3b:3e:e9:f0:bf:a0:2b:30:d0:c0:
cb:aa:4e:ed:f8:e7:3a:27:c3:e5:bd:d1:84:f4:b9:
0c:92:42:92:40:a3:aa:66:f0:15:ec:d8:10:ae:6c:
d6:00:e0:76:76:4e:c0:e7:9f:61:54:65:50:f6:38:
73:fc:5f:23:f2:6c:9f:b9:b6:57:3a:53:77:af:19:
5f:cd:24:b5:1d:1b:45:28:45:23:93:c9:a5:c2:d4:
f1:53:04:fb:62:3e:e7:21:3b:12:0c:9b:56:f5:60:
fb:7d:77:a7:dc:41:15:99:e1:29:22:37:04:b5:87:
0d:f6:07:eb:ca:8c:08:6f:89:38:db:c9:78:99:27:
78:3c:0f:c4:ac:6f:89:e7:8a:e7:73:ea:7a:4e:3d:
4a:38:44:61:b1:5d:f0:ab:5d:2c:64:04:2a:20:b2:
b9:e9:4f:c5:6a:ec:a4:f3:5f:fb:e2:02:14:5c:2f:
58:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:00:5A:DD:D9:08:B0:25:47:3E:33:DF:2E:5D:69:6F:37:BD:E8:C8
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/ggBa3dkIsCVHPjPfLl1pbze96Mg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.216.0/21
82.163.60.0/22
82.163.168.0/22
Signature Algorithm: sha256WithRSAEncryption
40:36:76:3b:a7:d1:d0:4d:a0:68:4b:01:30:97:f6:80:8f:be:
a7:1e:96:1b:a4:06:e0:05:d8:c4:ef:ce:d6:53:57:ad:c8:b0:
f0:f9:aa:08:af:c3:67:80:d1:a1:0c:ea:6c:c4:02:1f:4f:c6:
0a:58:13:ab:ea:e4:a0:09:4c:cc:27:9b:d5:d3:ba:51:a2:10:
7b:18:75:fb:f1:f5:3b:e6:5a:83:87:f7:89:9d:23:3a:f6:d6:
b0:5a:d8:7f:0f:41:07:61:a7:e6:19:cd:c5:42:a3:db:4c:49:
92:06:c1:e8:10:9a:70:dc:3e:92:5d:f7:23:69:9c:27:a9:9f:
11:a4:47:1e:40:5b:a5:d6:c3:bf:6d:b5:4e:a3:0a:c7:02:ea:
7e:38:d0:51:55:46:64:61:45:28:62:62:48:a6:6c:a9:f2:53:
0d:40:59:74:1b:5b:0e:9c:a4:0c:bf:f1:c0:ea:79:a9:e8:20:
4c:ce:f7:3d:c8:ae:ea:b9:a7:ee:9b:b0:65:b4:45:67:9f:96:
e1:ac:87:7a:5f:7f:69:f4:7c:1e:e1:f1:10:11:73:a0:ec:41:
fd:9b:dc:85:40:34:0f:ba:1a:ec:9b:b4:90:c0:03:26:5c:e0:
b7:47:a9:1b:18:56:04:36:11:37:da:c4:98:57:47:ee:45:7d:
23:16:9a:55
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYeEHds7dQ9G8yY3q55UA0ybMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMwNDE1MDg1MjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjAwNWFkZGQ5MDhiMDI1NDczZTMzZGYyZTVkNjk2ZjM3YmRlOGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAokECGhsLRA7XnH/yp1G+PD1Y3j6v
2/W9aKR2FcIn3NAINmgX1IUcT0iGsW3pEGFYr221otmYyLudjg1DwHm905tVYQEb
12G3FzRTBfofwDs+6fC/oCsw0MDLqk7t+Oc6J8PlvdGE9LkMkkKSQKOqZvAV7NgQ
rmzWAOB2dk7A559hVGVQ9jhz/F8j8myfubZXOlN3rxlfzSS1HRtFKEUjk8mlwtTx
UwT7Yj7nITsSDJtW9WD7fXen3EEVmeEpIjcEtYcN9gfryowIb4k428l4mSd4PA/E
rG+J54rnc+p6Tj1KOERhsV3wq10sZAQqILK56U/Fauyk81/74gIUXC9YaQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIIAWt3ZCLAlRz4z3y5daW83vejIMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvZ2dCYTNka0lzQ1ZIUGpQZkxsMXBiemU5Nk1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDLhTYAwQC
UqM8AwQCUqOoMA0GCSqGSIb3DQEBCwUAA4IBAQBANnY7p9HQTaBoSwEwl/aAj76n
HpYbpAbgBdjE787WU1etyLDw+aoIr8NngNGhDOpsxAIfT8YKWBOr6uSgCUzMJ5vV
07pRohB7GHX78fU75lqDh/eJnSM69tawWth/D0EHYafmGc3FQqPbTEmSBsHoEJpw
3D6SXfcjaZwnqZ8RpEceQFul1sO/bbVOowrHAup+ONBRVUZkYUUoYmJIpmyp8lMN
QFl0G1sOnKQMv/HA6nmp6CBMzvc9yK7quafum7BltEVnn5bhrId6X39p9Hwe4fEQ
EXOg7EH9m9yFQDQPuhrsm7SQwAMmXOC3R6kbGFYENhE32sSYV0fuRX0jFppV
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:47 2024 by rpki-client on console-ams.rpki-client.org