Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/3phySq1Ba1KuhQjioAQQtYEs8fs.roa
File: 3phySq1Ba1KuhQjioAQQtYEs8fs.roa (raw, json)
Hash identifier: gU9hs/GBveMoMHHSjB+zIQjH0qpRHqQtzae6U3zWVUY=
Subject key identifier: DE:98:72:4A:AD:41:6B:52:AE:85:08:E2:A0:04:10:B5:81:2C:F1:FB
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018800B395CC8CFCDCE4354E3627212F94C1
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/3phySq1Ba1KuhQjioAQQtYEs8fs.roa
Signing time: Tue 09 May 2023 13:29:09 +0000
ROA not before: Tue 09 May 2023 13:29:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 130.255.64.0/22 maxlen: 24
82.163.224.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sun 14 May 2023 07:18:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:00:b3:95:cc:8c:fc:dc:e4:35:4e:36:27:21:2f:94:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: May 9 13:29:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=de98724aad416b52ae8508e2a00410b5812cf1fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:74:c6:e5:77:70:4f:e4:e1:23:11:0f:54:0e:
7a:6c:3b:99:eb:e5:bc:4c:1e:c4:d2:46:78:cc:19:
22:e5:32:57:8d:91:47:c5:12:b3:f3:55:7f:d4:35:
43:dd:ef:57:3e:a1:66:5a:02:ce:61:78:96:1b:18:
9d:9a:c2:79:63:9a:10:ef:fc:17:bc:76:ae:f5:b4:
bd:5a:c7:22:d4:c7:54:a9:8f:de:0a:5c:7f:8e:53:
28:70:2e:bd:af:9e:c3:b4:e2:33:eb:30:02:66:07:
05:71:90:fa:53:04:1a:68:17:67:16:23:1e:2c:22:
1c:e6:ed:12:21:9d:39:2f:75:0f:38:5d:4a:0b:52:
21:7a:f8:6f:b8:6e:ae:14:2f:9e:8c:7b:64:94:b8:
36:05:35:ca:05:b4:30:79:da:f5:71:92:c4:40:e5:
bb:e9:14:ce:f0:be:a0:a8:ab:e4:0e:96:e5:ca:25:
cf:07:29:db:b7:43:58:36:85:7c:8f:f8:d4:7b:cd:
a6:01:0b:e0:8c:e1:c1:43:7d:b3:8c:04:4c:db:8d:
72:ea:e2:44:2e:45:56:f9:7f:52:19:ed:69:df:96:
f5:b4:1c:bc:d8:2f:f3:0a:6d:b7:cd:d7:c6:7d:c0:
be:08:28:f9:19:7f:7f:73:9b:ab:b9:7d:e7:1a:70:
e1:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:98:72:4A:AD:41:6B:52:AE:85:08:E2:A0:04:10:B5:81:2C:F1:FB
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/3phySq1Ba1KuhQjioAQQtYEs8fs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.163.224.0/22
130.255.64.0/22
Signature Algorithm: sha256WithRSAEncryption
a2:d1:72:33:92:fe:7d:12:98:6a:6d:72:53:c0:a9:15:ae:a3:
ae:2a:c3:6f:5b:2a:a4:de:94:05:76:5a:ba:99:22:75:46:bd:
2f:9e:b0:9b:f9:7d:9d:e5:be:d5:4c:f8:bf:cc:cc:ae:16:db:
f1:c9:ff:c2:66:09:2a:db:43:3b:e4:8d:70:9a:0d:e7:97:31:
94:48:68:2a:c3:31:71:c9:f2:5e:5c:06:d4:28:ee:74:f4:b3:
22:5b:7b:c4:8d:dc:b6:2f:fb:a8:6c:ed:26:08:74:a8:f3:a1:
21:c5:e3:b6:c2:df:e3:89:09:61:bb:a8:20:bf:65:f4:a0:09:
c5:7a:2e:d4:72:21:be:76:d3:a9:c5:1c:63:1b:dc:5f:7d:d8:
66:09:15:42:11:d8:ae:c8:5d:74:6f:a0:54:96:72:5f:75:b8:
5d:6d:5e:57:28:ce:20:cb:42:28:54:60:68:74:87:cc:9f:5a:
20:f9:88:e1:11:a3:46:2e:23:d2:93:8d:8e:69:e0:45:3c:bc:
7d:e3:4f:a1:05:5d:0e:60:c3:43:4e:fb:0e:ed:e5:b0:ae:74:
29:10:5a:74:69:bc:67:3a:ad:36:19:c9:c1:aa:63:04:2b:d3:
ef:86:3b:11:41:25:73:6a:d8:88:61:16:c5:88:b3:88:db:d9:
b9:b2:78:72
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYgAs5XMjPzc5DVONichL5TBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMwNTA5MTMyOTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTk4NzI0YWFkNDE2YjUyYWU4NTA4ZTJhMDA0MTBiNTgxMmNmMWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg3TG5XdwT+ThIxEPVA56bDuZ6+W8
TB7E0kZ4zBki5TJXjZFHxRKz81V/1DVD3e9XPqFmWgLOYXiWGxidmsJ5Y5oQ7/wX
vHau9bS9Wsci1MdUqY/eClx/jlMocC69r57DtOIz6zACZgcFcZD6UwQaaBdnFiMe
LCIc5u0SIZ05L3UPOF1KC1IhevhvuG6uFC+ejHtklLg2BTXKBbQwedr1cZLEQOW7
6RTO8L6gqKvkDpblyiXPBynbt0NYNoV8j/jUe82mAQvgjOHBQ32zjARM241y6uJE
LkVW+X9SGe1p35b1tBy82C/zCm23zdfGfcC+CCj5GX9/c5uruX3nGnDh/QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN6YckqtQWtSroUI4qAEELWBLPH7MB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvM3BoeVNxMUJhMUt1aFFqaW9BUVF0WUVzOGZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCUqPgAwQC
gv9AMA0GCSqGSIb3DQEBCwUAA4IBAQCi0XIzkv59EphqbXJTwKkVrqOuKsNvWyqk
3pQFdlq6mSJ1Rr0vnrCb+X2d5b7VTPi/zMyuFtvxyf/CZgkq20M75I1wmg3nlzGU
SGgqwzFxyfJeXAbUKO509LMiW3vEjdy2L/uobO0mCHSo86EhxeO2wt/jiQlhu6gg
v2X0oAnFei7UciG+dtOpxRxjG9xffdhmCRVCEdiuyF10b6BUlnJfdbhdbV5XKM4g
y0IoVGBodIfMn1og+YjhEaNGLiPSk42OaeBFPLx940+hBV0OYMNDTvsO7eWwrnQp
EFp0abxnOq02GcnBqmMEK9PvhjsRQSVzatiIYRbFiLOI29m5snhy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:35 2024 by rpki-client on console-fra.rpki-client.org