Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/uWCSPrtPCvXsZQQ4LIwfdE6JWMg.roa
File: uWCSPrtPCvXsZQQ4LIwfdE6JWMg.roa (raw, json)
Hash identifier: pGN/p7geXrmhGy0dxncnqjrf8w3lhg/pWslBsLXkWdo=
Subject key identifier: B9:60:92:3E:BB:4F:0A:F5:EC:65:04:38:2C:8C:1F:74:4E:89:58:C8
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 01888F73D0C65DEAD23ACC86A905025424D9
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/uWCSPrtPCvXsZQQ4LIwfdE6JWMg.roa
Signing time: Tue 06 Jun 2023 06:45:11 +0000
ROA not before: Tue 06 Jun 2023 06:45:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 46.20.216.0/21 maxlen: 24
82.163.168.0/22 maxlen: 24
82.163.60.0/22 maxlen: 24
130.255.64.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sat 10 Jun 2023 08:14:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:8f:73:d0:c6:5d:ea:d2:3a:cc:86:a9:05:02:54:24:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Jun 6 06:45:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b960923ebb4f0af5ec6504382c8c1f744e8958c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:d8:41:95:c0:04:de:01:1c:75:e0:2e:60:66:
fc:46:bf:58:db:33:77:b2:d8:46:61:1b:ed:30:eb:
e0:1b:cd:1f:27:b3:ed:9f:1c:1a:fb:09:b7:57:95:
40:4a:77:1c:3c:bd:22:e5:ca:e5:ce:1a:53:dc:07:
16:b3:42:3f:a1:ec:e5:cb:fa:ef:9e:10:f4:3d:b6:
c1:19:e4:5d:ef:07:d4:10:ce:0a:97:91:cf:62:c0:
a4:01:3d:5c:f4:19:06:85:c6:ce:e0:bc:4f:be:ba:
b0:4e:cd:29:dc:7f:9e:c4:52:a6:56:bf:ac:95:e6:
38:8e:c7:be:52:4d:36:34:2e:79:e1:ed:dc:50:e2:
86:df:49:e2:02:b0:85:08:d1:0f:dd:96:ea:24:06:
f1:01:35:a7:f9:d0:6e:38:54:2a:35:4b:13:a6:7f:
73:a4:df:b0:2c:c3:65:1c:68:ce:fa:7e:d0:6c:96:
07:87:19:c1:9f:7f:36:c1:a0:09:fe:0b:33:40:71:
36:e3:95:ac:f5:e4:f3:40:9a:3c:64:85:dd:83:05:
5e:58:b0:07:e5:38:70:b2:56:44:d0:76:86:0b:13:
47:65:45:6d:aa:b0:74:85:47:d2:a9:99:02:b6:b6:
00:f9:4b:48:ec:1c:69:df:7b:08:f8:9d:d2:a2:70:
81:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:60:92:3E:BB:4F:0A:F5:EC:65:04:38:2C:8C:1F:74:4E:89:58:C8
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/uWCSPrtPCvXsZQQ4LIwfdE6JWMg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.216.0/21
82.163.60.0/22
82.163.168.0/22
130.255.64.0/22
Signature Algorithm: sha256WithRSAEncryption
38:95:aa:55:72:73:94:6d:2e:dd:9e:51:6c:88:e5:6e:86:ec:
b8:ff:c0:f9:ad:1a:7a:db:a3:c4:58:62:1c:d4:9e:6b:a2:dd:
6e:39:5b:20:32:41:df:9b:b8:c5:e6:6b:84:dd:89:e2:1b:b5:
23:ff:47:09:a9:5e:32:00:2e:ba:cf:13:63:3f:8c:92:51:2e:
23:02:8d:db:19:e9:29:65:72:ce:d1:c1:e5:53:aa:a5:a5:ca:
8c:c9:1c:80:c1:4f:a1:ac:e8:f8:38:c4:d6:87:67:eb:ce:15:
01:cc:1b:78:69:38:eb:dc:f7:47:ab:c2:e9:62:a1:d2:01:8e:
64:bc:13:9f:94:63:7a:7c:f0:08:72:4a:11:b2:42:7d:53:3b:
a3:5f:57:65:ec:15:4a:dc:8e:37:05:9c:00:7a:53:47:2d:ff:
85:1b:f1:37:67:b3:4c:22:60:bc:21:8d:bd:09:51:76:2f:9a:
6c:89:a2:51:8a:b5:35:80:81:30:f0:48:35:5b:15:84:36:38:
dc:c2:5f:9d:0d:23:f0:ca:94:2b:48:f5:da:e3:83:63:57:12:
c0:07:57:56:fa:35:70:33:59:3a:6d:e9:19:99:49:0d:02:d1:
ac:2b:e2:83:d9:bc:78:68:24:8d:bf:57:44:f9:2c:54:e1:ef:
c9:af:58:c8
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYiPc9DGXerSOsyGqQUCVCTZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMwNjA2MDY0NTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTYwOTIzZWJiNGYwYWY1ZWM2NTA0MzgyYzhjMWY3NDRlODk1OGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmdhBlcAE3gEcdeAuYGb8Rr9Y2zN3
sthGYRvtMOvgG80fJ7Ptnxwa+wm3V5VASnccPL0i5crlzhpT3AcWs0I/oezly/rv
nhD0PbbBGeRd7wfUEM4Kl5HPYsCkAT1c9BkGhcbO4LxPvrqwTs0p3H+exFKmVr+s
leY4jse+Uk02NC554e3cUOKG30niArCFCNEP3ZbqJAbxATWn+dBuOFQqNUsTpn9z
pN+wLMNlHGjO+n7QbJYHhxnBn382waAJ/gszQHE245Ws9eTzQJo8ZIXdgwVeWLAH
5ThwslZE0HaGCxNHZUVtqrB0hUfSqZkCtrYA+UtI7Bxp33sI+J3SonCB5QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLlgkj67Twr17GUEOCyMH3ROiVjIMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvdVdDU1BydFBDdlhzWlFRNExJd2ZkRTZKV01nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDLhTYAwQC
UqM8AwQCUqOoAwQCgv9AMA0GCSqGSIb3DQEBCwUAA4IBAQA4lapVcnOUbS7dnlFs
iOVuhuy4/8D5rRp626PEWGIc1J5rot1uOVsgMkHfm7jF5muE3YniG7Uj/0cJqV4y
AC66zxNjP4ySUS4jAo3bGekpZXLO0cHlU6qlpcqMyRyAwU+hrOj4OMTWh2frzhUB
zBt4aTjr3PdHq8LpYqHSAY5kvBOflGN6fPAIckoRskJ9UzujX1dl7BVK3I43BZwA
elNHLf+FG/E3Z7NMImC8IY29CVF2L5psiaJRirU1gIEw8Eg1WxWENjjcwl+dDSPw
ypQrSPXa44NjVxLAB1dW+jVwM1k6bekZmUkNAtGsK+KD2bx4aCSNv1dE+SxU4e/J
r1jI
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:47 2024 by rpki-client on console-ams.rpki-client.org