Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/mLTBrHtXway_P4K9guwf-n9WbG4.roa
File: mLTBrHtXway_P4K9guwf-n9WbG4.roa (raw, json)
Hash identifier: OwlPgkmrjrQJgkBv3mWKq57Ye8p9AgoQx6i+4RYzuCU=
Subject key identifier: 98:B4:C1:AC:7B:57:C1:AC:BF:3F:82:BD:82:EC:1F:FA:7F:56:6C:6E
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0188D7B503317127716D1FAC7EE3DABA8384
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/mLTBrHtXway_P4K9guwf-n9WbG4.roa
Signing time: Tue 20 Jun 2023 07:29:04 +0000
ROA not before: Tue 20 Jun 2023 07:29:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 82.163.168.0/22 maxlen: 24
89.46.180.0/22 maxlen: 24
92.114.40.0/22 maxlen: 24
82.163.224.0/22 maxlen: 24
130.255.68.0/22 maxlen: 24
46.20.210.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 05 Jul 2023 06:26:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:d7:b5:03:31:71:27:71:6d:1f:ac:7e:e3:da:ba:83:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Jun 20 07:29:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=98b4c1ac7b57c1acbf3f82bd82ec1ffa7f566c6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:8a:e5:4e:1a:6a:f6:0c:16:d4:e1:ab:44:9e:
6d:f6:44:e4:23:a0:48:a3:d4:ad:8d:e1:16:31:15:
c2:94:41:94:57:83:4c:a3:d4:56:2c:da:b7:c0:b8:
49:90:5a:17:15:fb:f5:f4:d4:c5:04:0b:b5:e1:52:
22:84:f4:40:c8:f9:18:7c:81:81:13:08:04:8f:ba:
91:fb:db:18:59:2c:e4:c0:ed:ab:3a:71:e7:c4:62:
86:a4:a4:e8:17:45:db:c5:c7:96:d5:64:c0:36:28:
4d:7c:7f:1a:4f:5d:3f:34:1c:ee:8a:b1:21:5c:09:
d7:52:33:bc:d0:01:eb:c3:28:9f:80:ba:fc:10:2a:
54:df:64:2c:a1:c9:7a:5c:e8:40:9d:7d:08:6d:1c:
30:0f:ea:59:c5:bf:ab:fb:0e:70:4d:7a:d8:7c:17:
49:1f:65:45:9a:8c:95:4d:75:42:cd:e5:51:5f:d6:
77:e4:44:24:c2:50:bd:21:78:8c:2f:43:26:a0:37:
8b:a9:4b:86:80:05:1f:17:bf:8d:bc:83:bc:ee:26:
5f:af:3b:4d:24:54:79:4a:7c:ab:63:fa:4e:d3:44:
3f:f8:fb:38:31:34:e7:1e:3e:e6:d4:b8:18:35:ff:
35:aa:39:57:ce:79:08:de:fd:7b:c4:58:35:7b:da:
9d:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:B4:C1:AC:7B:57:C1:AC:BF:3F:82:BD:82:EC:1F:FA:7F:56:6C:6E
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/mLTBrHtXway_P4K9guwf-n9WbG4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.210.0/23
82.163.168.0/22
82.163.224.0/22
89.46.180.0/22
92.114.40.0/22
130.255.68.0/22
Signature Algorithm: sha256WithRSAEncryption
4d:33:58:e9:40:18:bf:8e:9e:22:74:cc:14:10:04:b5:96:89:
ce:71:a3:8f:ef:cf:8c:bd:3b:88:81:07:84:42:ae:de:fb:2a:
e9:59:bf:a4:4e:c7:8c:f5:dd:59:f7:6a:1b:fa:c3:af:89:ad:
28:75:92:77:dd:a8:8d:8d:81:b2:07:2b:68:6e:c6:99:cf:76:
76:2a:17:2a:bf:7a:e8:36:ea:01:11:dd:06:c1:c0:0a:bb:14:
4e:9c:c9:39:e4:19:fa:b7:d5:93:12:af:d1:91:a6:9f:d0:be:
26:c6:4c:fb:cc:87:80:bf:26:7f:c1:10:91:47:16:34:82:79:
3d:0b:6d:10:3c:25:4f:9e:d1:76:b6:ee:af:c0:e4:4e:86:d3:
a0:ab:dd:3c:c7:e7:42:ba:c1:58:bf:fa:ee:06:f7:a9:5f:9a:
9c:6b:6e:63:a9:47:e0:11:22:6d:41:e1:c1:f2:f4:38:f8:f9:
a7:c5:e1:14:f1:a8:01:36:17:8d:b2:38:fc:2b:8b:ec:7d:6e:
94:5f:a0:5e:fd:87:58:c0:e7:9c:aa:ac:79:73:f4:38:0c:d0:
de:be:08:4e:b1:15:82:d7:d5:72:af:8c:eb:3b:aa:02:8a:ad:
b1:51:f3:66:f8:ba:fc:36:95:d5:4e:ae:14:92:4c:d9:dd:4a:
06:9f:fc:71
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYjXtQMxcSdxbR+sfuPauoOEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMwNjIwMDcyOTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGI0YzFhYzdiNTdjMWFjYmYzZjgyYmQ4MmVjMWZmYTdmNTY2YzZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArorlThpq9gwW1OGrRJ5t9kTkI6BI
o9StjeEWMRXClEGUV4NMo9RWLNq3wLhJkFoXFfv19NTFBAu14VIihPRAyPkYfIGB
EwgEj7qR+9sYWSzkwO2rOnHnxGKGpKToF0XbxceW1WTANihNfH8aT10/NBzuirEh
XAnXUjO80AHrwyifgLr8ECpU32Qsocl6XOhAnX0IbRwwD+pZxb+r+w5wTXrYfBdJ
H2VFmoyVTXVCzeVRX9Z35EQkwlC9IXiML0MmoDeLqUuGgAUfF7+NvIO87iZfrztN
JFR5SnyrY/pO00Q/+Ps4MTTnHj7m1LgYNf81qjlXznkI3v17xFg1e9qdHQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJi0wax7V8Gsvz+CvYLsH/p/VmxuMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvbUxUQnJIdFh3YXlfUDRLOWd1d2YtbjlXYkc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBLhTSAwQC
UqOoAwQCUqPgAwQCWS60AwQCXHIoAwQCgv9EMA0GCSqGSIb3DQEBCwUAA4IBAQBN
M1jpQBi/jp4idMwUEAS1lonOcaOP78+MvTuIgQeEQq7e+yrpWb+kTseM9d1Z92ob
+sOvia0odZJ33aiNjYGyBytobsaZz3Z2Khcqv3roNuoBEd0GwcAKuxROnMk55Bn6
t9WTEq/Rkaaf0L4mxkz7zIeAvyZ/wRCRRxY0gnk9C20QPCVPntF2tu6vwOROhtOg
q908x+dCusFYv/ruBvepX5qca25jqUfgESJtQeHB8vQ4+PmnxeEU8agBNheNsjj8
K4vsfW6UX6Be/YdYwOecqqx5c/Q4DNDevghOsRWC19Vyr4zrO6oCiq2xUfNm+Lr8
NpXVTq4UkkzZ3UoGn/xx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:36 2024 by rpki-client on console-fra.rpki-client.org