Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/kvO33iPPJVZPSFEquNyZQZPDNCU.roa
File: kvO33iPPJVZPSFEquNyZQZPDNCU.roa (raw, json)
Hash identifier: S5bsNh6Wd9mBLbFl2bMXGNECs2NeL+zNwW3OHU315YM=
Subject key identifier: 92:F3:B7:DE:23:CF:25:56:4F:48:51:2A:B8:DC:99:41:93:C3:34:25
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018A07FFE2E1D16D7731B98C1D054BB286CC
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/kvO33iPPJVZPSFEquNyZQZPDNCU.roa
Signing time: Fri 18 Aug 2023 09:35:24 +0000
ROA not before: Fri 18 Aug 2023 09:35:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5065
IP address blocks: 82.163.168.0/22 maxlen: 24
82.163.224.0/22 maxlen: 24
46.20.212.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 28 Aug 2023 10:13:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:07:ff:e2:e1:d1:6d:77:31:b9:8c:1d:05:4b:b2:86:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Aug 18 09:35:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=92f3b7de23cf25564f48512ab8dc994193c33425
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:b4:bb:31:dd:85:09:6e:b0:1d:bf:42:03:de:
43:5b:41:54:b0:10:c9:f5:d1:46:60:5c:b7:e8:bd:
90:c7:ba:a9:8d:8a:ff:e9:ef:e7:11:b7:b6:33:b9:
22:d7:8b:1f:0b:df:d6:c4:8a:ad:76:fa:53:39:10:
f1:c6:38:60:09:d8:8d:07:8e:39:ab:5d:88:4a:09:
a8:b6:4d:d1:bc:fc:10:8f:e7:77:02:cd:34:bf:80:
7a:4d:1a:1f:22:3e:82:50:61:ac:b2:45:5e:99:6b:
26:b9:f3:fb:f6:79:45:36:87:1b:68:89:8f:99:ec:
c1:fc:1e:9c:07:e7:54:16:28:44:97:7a:c8:bc:0e:
6c:37:3f:e4:93:2f:0d:11:7e:98:6f:c6:ba:1e:9f:
75:3f:fc:aa:5f:71:e1:e6:ce:2b:76:27:4a:26:71:
b7:d3:bb:74:e3:fa:b9:89:31:f3:03:c2:bb:96:a5:
d7:40:6b:20:32:9e:a6:55:76:9d:aa:ba:cd:cf:c3:
7b:e5:ce:34:04:f7:81:66:ac:f0:76:71:b3:dc:b3:
97:71:3d:9b:7d:47:ed:e5:a2:61:c6:c3:00:28:10:
8d:ef:e1:77:c1:f6:5a:7a:de:36:fd:4c:d6:e2:12:
ac:c2:9a:50:fb:68:30:97:da:d4:e3:42:98:ce:65:
82:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:F3:B7:DE:23:CF:25:56:4F:48:51:2A:B8:DC:99:41:93:C3:34:25
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/kvO33iPPJVZPSFEquNyZQZPDNCU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.212.0/22
82.163.168.0/22
82.163.224.0/22
Signature Algorithm: sha256WithRSAEncryption
5c:2a:c8:6d:89:e6:f5:ec:74:43:92:17:7d:ab:21:c5:1e:df:
e4:66:00:5e:6d:4d:a2:c0:6c:c7:a3:91:a9:3e:6b:2c:9d:7f:
1d:d2:9a:ff:1a:de:c3:11:61:93:0e:90:ef:dc:9f:1a:3b:cd:
10:2e:c4:75:7f:22:c1:9c:30:d2:99:0c:78:95:8f:cb:e7:52:
e3:14:90:38:40:55:12:03:45:cf:f6:57:80:44:ab:e3:c7:30:
14:0f:17:6b:0f:45:62:5c:50:7a:04:d6:09:86:0b:20:9c:0e:
85:6e:5b:7c:23:c8:c0:9a:46:a2:f0:65:ca:84:1d:49:b2:5f:
66:5e:e1:6a:e3:16:fc:c2:74:1d:63:ff:b3:73:4f:51:ef:e9:
6f:50:ac:1f:ce:53:f8:1b:9e:f5:0b:45:88:ed:b9:b6:a0:34:
c1:da:fe:d2:95:ac:bc:5c:6b:13:d9:d3:06:b6:e8:88:0f:75:
be:4d:e4:6e:4c:14:d5:6d:24:df:6a:fd:ad:8e:8a:6d:d9:2a:
58:85:ad:c1:ff:41:26:f1:a9:76:5b:dd:cf:c2:5a:09:26:3b:
7b:6d:1e:a1:d3:77:ed:35:3d:16:fc:d2:a3:45:a8:5a:73:31:
c6:47:49:69:d5:66:f6:25:c2:68:cf:ce:de:d2:ed:7f:a2:3e:
2a:6a:b0:4f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYoH/+Lh0W13MbmMHQVLsobMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMwODE4MDkzNTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmYzYjdkZTIzY2YyNTU2NGY0ODUxMmFiOGRjOTk0MTkzYzMzNDI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj7S7Md2FCW6wHb9CA95DW0FUsBDJ
9dFGYFy36L2Qx7qpjYr/6e/nEbe2M7ki14sfC9/WxIqtdvpTORDxxjhgCdiNB445
q12ISgmotk3RvPwQj+d3As00v4B6TRofIj6CUGGsskVemWsmufP79nlFNocbaImP
mezB/B6cB+dUFihEl3rIvA5sNz/kky8NEX6Yb8a6Hp91P/yqX3Hh5s4rdidKJnG3
07t04/q5iTHzA8K7lqXXQGsgMp6mVXadqrrNz8N75c40BPeBZqzwdnGz3LOXcT2b
fUft5aJhxsMAKBCN7+F3wfZaet42/UzW4hKswppQ+2gwl9rU40KYzmWCsQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJLzt94jzyVWT0hRKrjcmUGTwzQlMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEva3ZPMzNpUFBKVlpQU0ZFcXVOeVpRWlBETkNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLhTUAwQC
UqOoAwQCUqPgMA0GCSqGSIb3DQEBCwUAA4IBAQBcKshtieb17HRDkhd9qyHFHt/k
ZgBebU2iwGzHo5GpPmssnX8d0pr/Gt7DEWGTDpDv3J8aO80QLsR1fyLBnDDSmQx4
lY/L51LjFJA4QFUSA0XP9leARKvjxzAUDxdrD0ViXFB6BNYJhgsgnA6Fblt8I8jA
mkai8GXKhB1Jsl9mXuFq4xb8wnQdY/+zc09R7+lvUKwfzlP4G571C0WI7bm2oDTB
2v7Slay8XGsT2dMGtuiID3W+TeRuTBTVbSTfav2tjopt2SpYha3B/0Em8al2W93P
wloJJjt7bR6h03ftNT0W/NKjRahaczHGR0lp1Wb2JcJoz87e0u1/oj4qarBP
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:47 2024 by rpki-client on console-ams.rpki-client.org