Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/3T-5_ucRg02aESP4AcFWZggP2rM.roa
File: 3T-5_ucRg02aESP4AcFWZggP2rM.roa (raw, json)
Hash identifier: 0/rfw3Z8xvfCIWmVgYQyA+g4fp9FoFkvs8+spTQamRg=
Subject key identifier: DD:3F:B9:FE:E7:11:83:4D:9A:11:23:F8:01:C1:56:66:08:0F:DA:B3
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0188A45FA6F4D925B7579617117ED98D3E1E
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/3T-5_ucRg02aESP4AcFWZggP2rM.roa
Signing time: Sat 10 Jun 2023 08:15:12 +0000
ROA not before: Sat 10 Jun 2023 08:15:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 82.163.168.0/22 maxlen: 24
92.114.40.0/22 maxlen: 24
82.163.224.0/22 maxlen: 24
130.255.68.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sun 18 Jun 2023 10:23:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:a4:5f:a6:f4:d9:25:b7:57:96:17:11:7e:d9:8d:3e:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Jun 10 08:15:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd3fb9fee711834d9a1123f801c15666080fdab3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:1a:dd:c2:b7:ca:f9:71:ac:41:9f:d1:2a:4e:
ec:04:d9:4f:65:a6:d4:9c:11:bc:86:3e:1d:62:dd:
7d:e9:1d:ba:a5:c5:0c:7c:47:18:29:30:49:02:81:
0f:3f:bf:cc:aa:9c:ad:43:f3:d3:a7:61:77:70:e1:
08:22:94:bf:22:c8:af:fc:bf:21:4a:d9:09:c5:86:
4d:33:fa:69:2f:bb:14:b2:c7:cc:d0:c3:b2:f2:5b:
e2:eb:4e:d4:bd:bb:2a:d2:f1:25:8b:59:d7:9e:21:
04:4d:71:e9:e2:bc:1b:e5:e8:26:7f:d2:a6:fa:b4:
83:c7:ea:26:0c:72:e3:06:07:a0:6d:71:2b:6c:dc:
63:d4:3e:de:e8:e6:76:66:dc:f5:90:c4:a5:a5:10:
0f:b9:06:1f:84:c6:5f:f8:b4:9f:f4:46:4f:38:0f:
36:7c:96:cc:ca:33:82:29:d8:15:27:02:f5:88:b6:
3b:a7:20:2b:3b:65:3b:d3:64:21:41:c0:13:61:c7:
29:3e:c2:d8:fd:9f:1e:3a:19:c9:f7:23:8b:73:15:
6e:e9:bf:0c:d6:f1:9b:af:7f:03:f1:0b:2e:61:5c:
02:41:32:c9:54:b4:5a:07:1b:14:04:cd:a1:ba:56:
99:8a:10:94:b3:da:65:98:f9:0f:ee:0e:a0:5e:55:
83:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:3F:B9:FE:E7:11:83:4D:9A:11:23:F8:01:C1:56:66:08:0F:DA:B3
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/3T-5_ucRg02aESP4AcFWZggP2rM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.163.168.0/22
82.163.224.0/22
92.114.40.0/22
130.255.68.0/22
Signature Algorithm: sha256WithRSAEncryption
9f:d0:85:b6:42:b9:c2:d8:dd:27:cd:38:5f:94:89:17:ff:34:
69:6d:f8:6e:8c:2b:5d:b3:bf:da:8d:93:a1:1a:7f:ea:04:2e:
84:4c:69:ba:fb:08:d8:58:bf:1c:07:2d:19:ca:15:a4:ef:f9:
50:61:3d:f5:84:d7:7a:b9:82:00:90:ba:08:7d:46:00:eb:6a:
dd:52:44:ef:21:5c:cc:de:fe:ed:19:b9:ef:ff:f1:f9:57:b0:
0f:7c:73:bd:24:83:80:44:51:8e:fd:e2:1b:f1:88:a2:e6:48:
22:2c:1a:74:7b:ef:13:1c:28:d3:82:f0:b1:40:48:41:0e:45:
22:f4:45:11:ff:ea:d6:d6:0a:c4:36:0a:62:ad:64:f5:99:16:
cb:b2:db:1b:98:50:63:63:d7:4d:96:c0:0c:8f:e9:22:7a:9c:
94:a8:fe:5f:91:d1:0a:00:eb:40:eb:de:09:a4:35:5d:64:29:
11:45:61:41:de:c3:05:b0:7a:88:cf:54:e4:03:5b:3f:65:66:
9e:c2:5c:40:11:ba:52:18:9e:fb:2d:61:26:53:cb:c3:d8:22:
ee:38:11:d1:62:e3:38:79:a7:b8:dd:91:6a:d6:8e:64:75:29:
11:7a:c7:f5:ce:ad:71:fa:3b:b1:5a:9a:d3:2f:65:ad:a0:9b:
17:df:3f:7e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYikX6b02SW3V5YXEX7ZjT4eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMwNjEwMDgxNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDNmYjlmZWU3MTE4MzRkOWExMTIzZjgwMWMxNTY2NjA4MGZkYWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2BrdwrfK+XGsQZ/RKk7sBNlPZabU
nBG8hj4dYt196R26pcUMfEcYKTBJAoEPP7/MqpytQ/PTp2F3cOEIIpS/Isiv/L8h
StkJxYZNM/ppL7sUssfM0MOy8lvi607Uvbsq0vEli1nXniEETXHp4rwb5egmf9Km
+rSDx+omDHLjBgegbXErbNxj1D7e6OZ2Ztz1kMSlpRAPuQYfhMZf+LSf9EZPOA82
fJbMyjOCKdgVJwL1iLY7pyArO2U702QhQcATYccpPsLY/Z8eOhnJ9yOLcxVu6b8M
1vGbr38D8QsuYVwCQTLJVLRaBxsUBM2hulaZihCUs9plmPkP7g6gXlWDYQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFN0/uf7nEYNNmhEj+AHBVmYID9qzMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvM1QtNV91Y1JnMDJhRVNQNEFjRldaZ2dQMnJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCUqOoAwQC
UqPgAwQCXHIoAwQCgv9EMA0GCSqGSIb3DQEBCwUAA4IBAQCf0IW2QrnC2N0nzThf
lIkX/zRpbfhujCtds7/ajZOhGn/qBC6ETGm6+wjYWL8cBy0ZyhWk7/lQYT31hNd6
uYIAkLoIfUYA62rdUkTvIVzM3v7tGbnv//H5V7APfHO9JIOARFGO/eIb8Yii5kgi
LBp0e+8THCjTgvCxQEhBDkUi9EUR/+rW1grENgpirWT1mRbLstsbmFBjY9dNlsAM
j+kiepyUqP5fkdEKAOtA694JpDVdZCkRRWFB3sMFsHqIz1TkA1s/ZWaewlxAEbpS
GJ77LWEmU8vD2CLuOBHRYuM4eae43ZFq1o5kdSkResf1zq1x+juxWprTL2WtoJsX
3z9+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:46 2024 by rpki-client on console-ams.rpki-client.org