Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/tdgfph7jHk0ZsaIhuad9k3Rwzho.roa
File: tdgfph7jHk0ZsaIhuad9k3Rwzho.roa (raw, json)
Hash identifier: 12M3dJzr8JskyEQCRBICzN4tBzCRBb1c06VaO+tuuo4=
Subject key identifier: B5:D8:1F:A6:1E:E3:1E:4D:19:B1:A2:21:B9:A7:7D:93:74:70:CE:1A
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018924BAFA5E6283311DFED4BA6EE30B991C
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/tdgfph7jHk0ZsaIhuad9k3Rwzho.roa
Signing time: Wed 05 Jul 2023 06:26:20 +0000
ROA not before: Wed 05 Jul 2023 06:26:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 82.163.168.0/22 maxlen: 24
89.46.180.0/22 maxlen: 24
92.114.40.0/22 maxlen: 24
82.163.224.0/22 maxlen: 24
130.255.68.0/22 maxlen: 24
31.186.176.0/22 maxlen: 24
46.20.210.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sat 22 Jul 2023 07:35:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:24:ba:fa:5e:62:83:31:1d:fe:d4:ba:6e:e3:0b:99:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Jul 5 06:26:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b5d81fa61ee31e4d19b1a221b9a77d937470ce1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:9c:3c:30:68:b9:d2:5b:a6:4b:75:67:b3:f5:
d5:78:fa:9f:69:49:28:3a:ba:92:0b:bb:95:73:d4:
63:11:68:41:b4:d1:a0:47:41:9b:6e:94:74:2d:7f:
1b:e9:b4:17:6c:31:9e:8b:c8:9e:fc:e3:4a:20:93:
16:3a:f3:b7:8e:07:98:9c:38:a4:fc:d7:f3:84:81:
57:97:c1:2a:9c:f6:f7:72:6a:f7:bc:18:98:ff:b6:
35:af:c5:4d:72:b4:aa:9b:c1:40:e1:21:a4:57:84:
27:6e:1e:85:ec:69:29:74:42:b2:71:3d:c2:69:a4:
a2:fa:7d:7b:a7:d8:19:e3:80:30:f2:d0:86:51:de:
22:41:75:e3:87:14:d2:ef:86:22:3b:3b:a1:cb:4c:
6a:ff:42:34:bd:bf:1d:f8:6b:d9:92:e6:4a:cc:c0:
d2:8c:3a:55:25:45:8f:41:b1:dc:37:b6:22:ef:e2:
e3:53:00:cb:3c:85:7c:4a:15:6c:ff:a2:ed:9b:0a:
78:ab:13:7a:cd:c0:b3:c5:f1:62:7c:d4:a5:62:1a:
fd:89:d0:0c:7e:49:33:71:83:ee:70:a7:22:84:10:
b4:7d:87:60:48:50:a0:cb:58:16:bc:57:ab:2c:ab:
15:72:ee:cc:8f:b4:06:8d:9e:6d:ca:a8:cc:11:2b:
6f:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:D8:1F:A6:1E:E3:1E:4D:19:B1:A2:21:B9:A7:7D:93:74:70:CE:1A
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/tdgfph7jHk0ZsaIhuad9k3Rwzho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.186.176.0/22
46.20.210.0/23
82.163.168.0/22
82.163.224.0/22
89.46.180.0/22
92.114.40.0/22
130.255.68.0/22
Signature Algorithm: sha256WithRSAEncryption
10:c6:26:89:38:66:17:93:9c:71:61:45:c5:2d:71:f9:7e:20:
54:3f:5b:f1:b4:49:fd:5f:fc:16:c5:87:70:8a:f9:30:d3:eb:
d7:9b:5b:d0:ce:8b:61:c9:6e:7d:2e:11:67:31:5b:99:45:ae:
9f:3f:7e:e1:1e:eb:67:16:ac:5a:c4:dc:53:af:e9:f9:4c:2f:
b4:3d:78:13:8c:36:38:99:53:a7:fc:df:e4:4f:1e:ec:74:b9:
9d:09:d2:78:b8:c9:e1:bb:16:f5:1e:e3:62:83:8a:be:af:44:
75:a8:c5:36:92:1b:16:9e:da:77:19:50:6c:4b:24:5c:be:96:
7e:dc:2b:50:73:d8:f8:57:0b:12:c8:0f:5e:9e:4a:1b:4f:10:
c4:9a:f4:f5:90:a6:6d:9d:52:7f:78:2c:f5:0a:02:81:a6:49:
23:f1:ef:8e:96:01:84:ad:02:f1:ce:0e:5e:bd:3d:75:df:f6:
ed:e5:7e:0b:f4:e6:f9:ea:59:9e:df:ba:fd:2c:78:bd:a0:5b:
f2:6a:8d:2f:89:f3:51:4c:87:a5:49:27:57:f6:f1:d5:1c:94:
41:10:36:9a:82:2c:4a:f5:a5:98:29:6a:82:7c:03:9d:b8:63:
6d:76:a6:e9:b9:be:7c:a9:2f:b9:b2:05:03:f4:ba:a3:2b:6a:
6b:c5:c6:38
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYkkuvpeYoMxHf7Uum7jC5kcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMwNzA1MDYyNjIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWQ4MWZhNjFlZTMxZTRkMTliMWEyMjFiOWE3N2Q5Mzc0NzBjZTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtpw8MGi50lumS3Vns/XVePqfaUko
OrqSC7uVc9RjEWhBtNGgR0GbbpR0LX8b6bQXbDGei8ie/ONKIJMWOvO3jgeYnDik
/NfzhIFXl8EqnPb3cmr3vBiY/7Y1r8VNcrSqm8FA4SGkV4Qnbh6F7GkpdEKycT3C
aaSi+n17p9gZ44Aw8tCGUd4iQXXjhxTS74YiOzuhy0xq/0I0vb8d+GvZkuZKzMDS
jDpVJUWPQbHcN7Yi7+LjUwDLPIV8ShVs/6Ltmwp4qxN6zcCzxfFifNSlYhr9idAM
fkkzcYPucKcihBC0fYdgSFCgy1gWvFerLKsVcu7Mj7QGjZ5tyqjMEStvywIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFLXYH6Ye4x5NGbGiIbmnfZN0cM4aMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvdGRnZnBoN2pIazBac2FJaHVhZDlrM1J3emhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCH7qwAwQB
LhTSAwQCUqOoAwQCUqPgAwQCWS60AwQCXHIoAwQCgv9EMA0GCSqGSIb3DQEBCwUA
A4IBAQAQxiaJOGYXk5xxYUXFLXH5fiBUP1vxtEn9X/wWxYdwivkw0+vXm1vQzoth
yW59LhFnMVuZRa6fP37hHutnFqxaxNxTr+n5TC+0PXgTjDY4mVOn/N/kTx7sdLmd
CdJ4uMnhuxb1HuNig4q+r0R1qMU2khsWntp3GVBsSyRcvpZ+3CtQc9j4VwsSyA9e
nkobTxDEmvT1kKZtnVJ/eCz1CgKBpkkj8e+OlgGErQLxzg5evT113/bt5X4L9Ob5
6lme37r9LHi9oFvyao0vifNRTIelSSdX9vHVHJRBEDaagixK9aWYKWqCfAOduGNt
dqbpub58qS+5sgUD9LqjK2prxcY4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:39 2024 by rpki-client on console-fra.rpki-client.org