Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/7L1oAo5iMBZIV0MN4bRwb0-5JbE.roa
File: 7L1oAo5iMBZIV0MN4bRwb0-5JbE.roa (raw, json)
Hash identifier: Bp786tjsIZhRX7e7BJKTzYCTlSzVs3TPU0sOFNniwFw=
Subject key identifier: EC:BD:68:02:8E:62:30:16:48:57:43:0D:E1:B4:70:6F:4F:B9:25:B1
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018AEF5CA2902D811F4B9E2AFD980CE19F2B
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/7L1oAo5iMBZIV0MN4bRwb0-5JbE.roa
Signing time: Mon 02 Oct 2023 07:49:00 +0000
ROA not before: Mon 02 Oct 2023 07:49:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5065
IP address blocks: 82.163.168.0/22 maxlen: 24
82.163.224.0/22 maxlen: 24
130.255.68.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 02 Oct 2023 11:26:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ef:5c:a2:90:2d:81:1f:4b:9e:2a:fd:98:0c:e1:9f:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Oct 2 07:49:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ecbd68028e6230164857430de1b4706f4fb925b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:3d:21:95:8f:37:22:ac:47:dd:64:c9:fa:89:
a2:74:98:8e:ff:93:9f:3a:08:49:01:18:75:da:66:
42:b6:bf:87:a0:9f:28:b6:e9:97:29:0d:8f:54:23:
95:19:3e:3b:4c:59:fa:1f:92:7d:55:bf:b1:6a:00:
85:9a:1d:df:ec:e8:96:72:2a:aa:4e:aa:63:f0:93:
9a:e0:d6:a5:a2:1a:7e:29:55:f7:39:7e:28:af:7f:
51:99:b0:42:cd:8f:13:33:aa:32:8b:6f:13:96:08:
e5:68:cd:c4:fa:76:8f:c4:80:77:52:69:0a:a0:81:
1c:7e:43:68:d1:67:b5:ca:d2:93:ba:a1:b2:ac:84:
72:de:e5:23:a1:56:ca:45:33:f4:1d:ba:25:30:d9:
ca:61:19:1e:97:fc:54:c7:c7:e9:fa:7c:f0:ae:3e:
cf:ee:9c:91:71:24:46:c9:15:2f:77:a7:7d:c3:6a:
73:76:c0:67:45:c4:fc:10:5b:21:fb:66:0c:bd:29:
5f:ef:f4:ca:af:22:5d:12:97:cb:f4:e5:76:61:6b:
b2:b9:b0:e6:5b:17:2c:66:4e:12:b9:7d:07:4b:7d:
94:e2:ac:34:e5:e7:03:3b:59:b0:a3:58:d8:9e:e0:
27:64:a6:6d:b6:1a:24:4b:64:dc:0a:cf:44:33:e5:
3f:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:BD:68:02:8E:62:30:16:48:57:43:0D:E1:B4:70:6F:4F:B9:25:B1
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/7L1oAo5iMBZIV0MN4bRwb0-5JbE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.163.168.0/22
82.163.224.0/22
130.255.68.0/22
Signature Algorithm: sha256WithRSAEncryption
5b:14:71:3e:1d:bd:ab:cb:10:45:12:ec:47:2c:d8:d6:1c:00:
9d:0f:1c:61:d2:d2:99:77:0f:95:61:7d:0b:06:14:c9:28:90:
d1:d3:f9:35:46:02:99:eb:ef:6c:ec:58:a7:d3:86:a9:05:10:
4f:fe:88:84:8f:90:46:36:d9:c3:16:c7:6e:58:e6:05:5b:d4:
01:99:3e:dc:10:4a:1c:ff:a3:76:30:e7:b6:b9:50:9e:f2:de:
bb:39:e0:d5:a8:c1:9c:33:60:d2:bc:7e:df:01:ff:ed:d2:1e:
c9:fd:40:e5:a4:a2:b8:80:42:e0:7a:c3:6e:a1:61:de:83:f1:
b5:87:92:7e:9d:fc:40:34:83:4c:5b:69:fa:5d:00:29:ce:51:
e1:30:1a:5f:d0:75:f2:e0:5f:b5:39:d0:72:32:66:a9:d6:1b:
1d:68:65:4e:c4:36:f9:7f:8e:0a:4b:59:6a:66:44:1f:83:ae:
45:1a:aa:c9:f0:70:92:54:f9:08:e8:97:67:c6:a7:d2:63:7b:
bf:77:9f:b5:fc:cf:2a:8e:fb:fa:93:1d:fc:a3:f0:33:a7:0f:
05:02:00:a9:e1:d1:7a:3b:92:eb:41:e4:97:f1:db:a8:b8:ca:
cd:b5:e4:bd:7a:bb:f6:14:1f:7c:a3:11:b8:4c:50:3e:bd:1b:
5e:ac:61:14
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYrvXKKQLYEfS54q/ZgM4Z8rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMxMDAyMDc0OTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2JkNjgwMjhlNjIzMDE2NDg1NzQzMGRlMWI0NzA2ZjRmYjkyNWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApz0hlY83IqxH3WTJ+omidJiO/5Of
OghJARh12mZCtr+HoJ8otumXKQ2PVCOVGT47TFn6H5J9Vb+xagCFmh3f7OiWciqq
Tqpj8JOa4Nalohp+KVX3OX4or39RmbBCzY8TM6oyi28TlgjlaM3E+naPxIB3UmkK
oIEcfkNo0We1ytKTuqGyrIRy3uUjoVbKRTP0HbolMNnKYRkel/xUx8fp+nzwrj7P
7pyRcSRGyRUvd6d9w2pzdsBnRcT8EFsh+2YMvSlf7/TKryJdEpfL9OV2YWuyubDm
WxcsZk4SuX0HS32U4qw05ecDO1mwo1jYnuAnZKZtthokS2TcCs9EM+U/8QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOy9aAKOYjAWSFdDDeG0cG9PuSWxMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvN0wxb0FvNWlNQlpJVjBNTjRiUndiMC01SmJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCUqOoAwQC
UqPgAwQCgv9EMA0GCSqGSIb3DQEBCwUAA4IBAQBbFHE+Hb2ryxBFEuxHLNjWHACd
Dxxh0tKZdw+VYX0LBhTJKJDR0/k1RgKZ6+9s7Fin04apBRBP/oiEj5BGNtnDFsdu
WOYFW9QBmT7cEEoc/6N2MOe2uVCe8t67OeDVqMGcM2DSvH7fAf/t0h7J/UDlpKK4
gELgesNuoWHeg/G1h5J+nfxANINMW2n6XQApzlHhMBpf0HXy4F+1OdByMmap1hsd
aGVOxDb5f44KS1lqZkQfg65FGqrJ8HCSVPkI6JdnxqfSY3u/d5+1/M8qjvv6kx38
o/Azpw8FAgCp4dF6O5LrQeSX8duouMrNteS9erv2FB98oxG4TFA+vRterGEU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:35 2024 by rpki-client on console-fra.rpki-client.org