Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/65-8pKp8YIizEBS3MJ6rRSqoNN4.roa
File: 65-8pKp8YIizEBS3MJ6rRSqoNN4.roa (raw, json)
Hash identifier: SG2ixq50Hlz2ASZ/fspgWqs6Ccbe0ChtGx7jCC8hQ94=
Subject key identifier: EB:9F:BC:A4:AA:7C:60:88:B3:10:14:B7:30:9E:AB:45:2A:A8:34:DE
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018AA754D8FB1A0DE0291EF28E74A8E119E7
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/65-8pKp8YIizEBS3MJ6rRSqoNN4.roa
Signing time: Mon 18 Sep 2023 08:07:50 +0000
ROA not before: Mon 18 Sep 2023 08:07:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5065
IP address blocks: 188.215.120.0/22 maxlen: 24
82.163.96.0/21 maxlen: 24
Validation: Failed, certificate revoked on Thu 21 Sep 2023 19:41:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a7:54:d8:fb:1a:0d:e0:29:1e:f2:8e:74:a8:e1:19:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Sep 18 08:07:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eb9fbca4aa7c6088b31014b7309eab452aa834de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:bf:9a:fe:ff:f9:be:60:f8:f1:e0:b2:b1:74:
13:77:5d:2b:31:07:e4:b5:eb:f0:b9:30:f9:1f:c2:
c6:00:0e:77:a8:68:cc:74:c3:a7:3d:25:ce:f9:4b:
d3:35:8e:b5:22:12:a0:4c:24:0f:8d:7a:e2:9f:ab:
0f:71:1c:16:f2:fe:02:3b:20:ee:e2:7d:4d:65:af:
e9:da:48:8b:61:ff:90:83:89:52:bf:b2:fa:a7:11:
9c:38:7e:aa:96:f1:fd:10:ab:92:2f:98:80:eb:c7:
46:b3:05:7e:f5:b5:99:d3:70:cd:45:c9:48:e7:f1:
84:b4:5d:aa:68:0a:c6:11:ff:0b:f3:a3:c8:6a:91:
38:4d:fe:0d:f0:ae:cc:54:13:d8:5b:c2:c5:4a:98:
c0:cf:92:65:45:5e:bb:8d:01:eb:4c:cb:48:d6:16:
78:2d:56:3a:5b:20:a4:60:0f:ec:e3:ff:e4:20:d3:
97:3c:8c:76:fa:b8:2a:9f:8a:1c:f6:d7:a8:b2:3e:
14:4a:e7:dc:90:cb:f9:eb:e6:b4:f0:81:db:15:ff:
18:21:6d:b6:7c:c1:ac:64:1a:83:08:59:da:d2:44:
f3:d0:98:25:9e:e0:5a:ad:89:c5:f6:a8:06:81:ae:
9d:b3:c1:5b:fd:dd:58:87:2f:73:2c:47:f0:49:1a:
36:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:9F:BC:A4:AA:7C:60:88:B3:10:14:B7:30:9E:AB:45:2A:A8:34:DE
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/65-8pKp8YIizEBS3MJ6rRSqoNN4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.163.96.0/21
188.215.120.0/22
Signature Algorithm: sha256WithRSAEncryption
87:cb:18:86:d8:df:b5:f0:1b:7d:4f:27:0c:84:58:e1:8b:03:
b9:7a:a2:35:54:1a:a2:e2:54:f8:70:8b:b5:47:fb:7e:9d:60:
eb:d0:ae:26:e5:e3:14:d6:2b:0b:06:18:6e:41:5e:37:15:93:
0e:a1:3d:2f:a1:00:39:4f:e4:4a:54:da:bc:a3:f4:cc:b2:72:
f0:ee:e2:ac:7f:a7:21:49:31:3f:95:b9:ce:4f:7b:c3:42:24:
e1:49:33:3b:97:74:65:2f:f8:88:3a:9c:c8:13:65:d3:d7:64:
d0:eb:79:70:ce:e3:bf:b3:e4:e8:88:45:61:ff:1e:d0:86:4b:
43:52:d4:a3:cc:0c:84:2c:82:53:a2:94:cf:33:6b:06:24:60:
fc:0b:39:60:78:62:83:f9:81:a5:b5:36:cb:3b:ca:b6:9e:b5:
35:43:ba:19:8c:80:21:e1:17:42:36:ed:1d:83:15:64:8d:94:
65:46:ed:78:83:80:85:2e:f0:06:f9:0d:29:b1:51:08:cf:06:
41:a2:3b:09:26:bb:7e:41:ef:d8:22:b4:9d:b3:7d:99:2b:09:
6d:08:4e:07:bf:09:c9:da:15:74:75:a5:94:86:28:14:8e:bd:
ef:a4:32:f0:3b:aa:45:26:ef:c8:d5:36:46:95:f7:35:ca:e6:
08:a3:db:8d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYqnVNj7Gg3gKR7yjnSo4RnnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMwOTE4MDgwNzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjlmYmNhNGFhN2M2MDg4YjMxMDE0YjczMDllYWI0NTJhYTgzNGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhr+a/v/5vmD48eCysXQTd10rMQfk
tevwuTD5H8LGAA53qGjMdMOnPSXO+UvTNY61IhKgTCQPjXrin6sPcRwW8v4COyDu
4n1NZa/p2kiLYf+Qg4lSv7L6pxGcOH6qlvH9EKuSL5iA68dGswV+9bWZ03DNRclI
5/GEtF2qaArGEf8L86PIapE4Tf4N8K7MVBPYW8LFSpjAz5JlRV67jQHrTMtI1hZ4
LVY6WyCkYA/s4//kINOXPIx2+rgqn4oc9teosj4USufckMv56+a08IHbFf8YIW22
fMGsZBqDCFna0kTz0JglnuBarYnF9qgGga6ds8Fb/d1Yhy9zLEfwSRo2rQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOufvKSqfGCIsxAUtzCeq0UqqDTeMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvNjUtOHBLcDhZSWl6RUJTM01KNnJSU3FvTk40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDUqNgAwQC
vNd4MA0GCSqGSIb3DQEBCwUAA4IBAQCHyxiG2N+18Bt9TycMhFjhiwO5eqI1VBqi
4lT4cIu1R/t+nWDr0K4m5eMU1isLBhhuQV43FZMOoT0voQA5T+RKVNq8o/TMsnLw
7uKsf6chSTE/lbnOT3vDQiThSTM7l3RlL/iIOpzIE2XT12TQ63lwzuO/s+ToiEVh
/x7QhktDUtSjzAyELIJTopTPM2sGJGD8CzlgeGKD+YGltTbLO8q2nrU1Q7oZjIAh
4RdCNu0dgxVkjZRlRu14g4CFLvAG+Q0psVEIzwZBojsJJrt+Qe/YIrSds32ZKwlt
CE4HvwnJ2hV0daWUhigUjr3vpDLwO6pFJu/I1TZGlfc1yuYIo9uN
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:46 2024 by rpki-client on console-ams.rpki-client.org