Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/iBGHDL221RXPalx3ocnctXuksoM.roa
File: iBGHDL221RXPalx3ocnctXuksoM.roa (raw, json)
Hash identifier: XSrN9caD1nYo9FCwpas8pCNbTd+8Taafd+4mYTE3ESM=
Subject key identifier: 88:11:87:0C:BD:B6:D5:15:CF:6A:5C:77:A1:C9:DC:B5:7B:A4:B2:83
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018C8B7A51591EBC22AD71E74A6C52666375
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/iBGHDL221RXPalx3ocnctXuksoM.roa
Signing time: Thu 21 Dec 2023 08:24:58 +0000
ROA not before: Thu 21 Dec 2023 08:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 215825
IP address blocks: 82.115.209.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:8b:7a:51:59:1e:bc:22:ad:71:e7:4a:6c:52:66:63:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Dec 21 08:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8811870cbdb6d515cf6a5c77a1c9dcb57ba4b283
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:54:ea:35:a4:af:c1:01:44:0d:0e:69:b0:68:
7f:f2:2f:b6:67:66:3b:fe:41:21:61:ef:24:16:1d:
15:69:4d:f0:fa:b5:e6:86:e4:0b:55:41:8e:5d:d5:
fe:48:42:39:21:8d:55:42:53:ee:fe:a9:7c:ca:d3:
fe:2f:3c:da:86:fa:01:c7:d8:c8:55:89:21:50:38:
76:35:ac:c0:77:c0:7b:59:1d:ac:b0:bd:54:5e:44:
bd:f4:7b:34:d6:6e:f9:a6:fb:cb:f6:83:53:a6:2a:
55:3a:48:f8:91:50:aa:9a:dd:97:5a:32:ea:68:bb:
b3:f4:5f:13:a9:a7:ed:36:a7:4f:5a:b2:f8:78:af:
ab:5f:ed:88:b5:2f:a9:4b:3c:0d:3d:74:90:b4:4d:
49:21:7e:52:14:0b:b9:80:2a:53:2a:d0:e3:a2:ff:
d3:96:85:9f:60:bb:72:52:72:09:e1:24:f4:42:2e:
b1:e7:b6:16:c4:5f:e5:1b:e4:7c:ee:c9:04:ba:ab:
eb:0e:48:3f:32:ef:ba:fc:8e:1e:31:d5:6b:37:7c:
a7:e9:62:3f:0d:0d:b8:52:a8:d9:25:a1:d6:e8:8c:
bc:1b:d3:05:51:fd:be:33:dd:8d:22:d7:78:98:7d:
13:d6:e5:0f:cd:28:d8:04:a5:39:2f:3b:74:28:77:
0a:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:11:87:0C:BD:B6:D5:15:CF:6A:5C:77:A1:C9:DC:B5:7B:A4:B2:83
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/iBGHDL221RXPalx3ocnctXuksoM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.115.209.0/24
Signature Algorithm: sha256WithRSAEncryption
50:6e:35:c7:f8:a9:ab:89:d7:68:96:ea:15:5e:c5:e3:71:4a:
ad:0f:48:0c:c1:80:18:7f:7f:58:c3:06:3b:c3:d6:d6:f1:cd:
00:62:9a:82:5b:43:e3:d5:5d:9d:c4:84:89:ba:87:0d:0e:78:
bd:7e:84:d1:5c:87:e5:3c:85:ff:d0:41:7f:88:92:21:0c:14:
7b:90:40:ea:96:80:f3:b2:15:13:d1:24:c1:13:8b:30:20:3c:
d1:39:37:14:0b:3e:30:f7:e4:2c:78:10:47:8d:d1:dd:c2:04:
b0:8c:ff:19:c8:c6:46:14:e6:a2:2f:ed:a1:b4:c8:f3:75:b6:
df:38:25:d5:b6:fe:1a:47:b7:5a:51:85:9e:32:04:9d:fc:de:
8d:d2:11:7c:cc:8a:9a:68:71:8e:d6:29:ab:33:ad:72:a8:3a:
54:9d:c0:0c:3e:f8:80:e7:7c:05:5b:b0:c7:dc:fc:7d:eb:3b:
ff:a2:e5:6f:6e:37:7d:d7:ef:9a:87:71:6b:2f:03:18:e9:46:
e8:29:af:38:4e:78:12:f3:29:85:e7:34:7c:68:a9:b9:1f:cc:
ad:a8:ae:02:69:f3:93:90:0d:e5:a5:97:b1:cd:c7:ef:cb:70:
49:8d:21:f6:6d:ef:34:a1:d9:4f:ee:50:a2:25:3b:3f:74:1a:
a6:87:3b:d8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYyLelFZHrwirXHnSmxSZmN1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMjIxMDgyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODExODcwY2JkYjZkNTE1Y2Y2YTVjNzdhMWM5ZGNiNTdiYTRiMjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyFTqNaSvwQFEDQ5psGh/8i+2Z2Y7
/kEhYe8kFh0VaU3w+rXmhuQLVUGOXdX+SEI5IY1VQlPu/ql8ytP+LzzahvoBx9jI
VYkhUDh2NazAd8B7WR2ssL1UXkS99Hs01m75pvvL9oNTpipVOkj4kVCqmt2XWjLq
aLuz9F8TqaftNqdPWrL4eK+rX+2ItS+pSzwNPXSQtE1JIX5SFAu5gCpTKtDjov/T
loWfYLtyUnIJ4ST0Qi6x57YWxF/lG+R87skEuqvrDkg/Mu+6/I4eMdVrN3yn6WI/
DQ24UqjZJaHW6Iy8G9MFUf2+M92NItd4mH0T1uUPzSjYBKU5Lzt0KHcKGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIgRhwy9ttUVz2pcd6HJ3LV7pLKDMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvaUJHSERMMjIxUlhQYWx4M29jbmN0WHVrc29NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUnPRMA0G
CSqGSIb3DQEBCwUAA4IBAQBQbjXH+KmriddoluoVXsXjcUqtD0gMwYAYf39YwwY7
w9bW8c0AYpqCW0Pj1V2dxISJuocNDni9foTRXIflPIX/0EF/iJIhDBR7kEDqloDz
shUT0STBE4swIDzROTcUCz4w9+QseBBHjdHdwgSwjP8ZyMZGFOaiL+2htMjzdbbf
OCXVtv4aR7daUYWeMgSd/N6N0hF8zIqaaHGO1imrM61yqDpUncAMPviA53wFW7DH
3Px96zv/ouVvbjd91++ah3FrLwMY6UboKa84TngS8ymF5zR8aKm5H8ytqK4CafOT
kA3lpZexzcfvy3BJjSH2be80odlP7lCiJTs/dBqmhzvY
-----END CERTIFICATE-----
Generated at Tue Jan 2 08:59:13 2024 by rpki-client on console-ams.rpki-client.org