Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/ITlQkDv_M2oWgc3COZDuVETXayo.roa
File: ITlQkDv_M2oWgc3COZDuVETXayo.roa (raw, json)
Hash identifier: ijfmSyGKXVTXQFdQDU3oQUWtyh4jWVdBzYMpGcVomQU=
Subject key identifier: 21:39:50:90:3B:FF:33:6A:16:81:CD:C2:39:90:EE:54:44:D7:6B:2A
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018CC5DCE04F9B74EAADC9BCD6EBC1FB81E0
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/ITlQkDv_M2oWgc3COZDuVETXayo.roa
Signing time: Mon 01 Jan 2024 16:30:35 +0000
ROA not before: Mon 01 Jan 2024 16:30:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5065
IP address blocks: 82.163.168.0/22 maxlen: 24
188.215.120.0/22 maxlen: 24
82.163.96.0/21 maxlen: 24
82.163.224.0/22 maxlen: 24
130.255.68.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sun 18 Feb 2024 06:51:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:e0:4f:9b:74:ea:ad:c9:bc:d6:eb:c1:fb:81:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Jan 1 16:30:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=213950903bff336a1681cdc23990ee5444d76b2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:3f:de:ca:bc:35:e7:c8:46:ee:4e:a3:2a:2a:
03:91:70:92:02:82:85:ef:dd:d1:0b:ed:17:05:0d:
23:ef:17:76:f2:bb:52:b1:cc:fb:d7:74:d9:a1:cb:
84:a8:d6:5f:53:f4:bd:8f:49:a4:fc:8d:c2:f4:92:
15:74:49:4a:f1:e4:3c:88:2a:6d:2c:a3:0e:03:c0:
ea:78:02:4f:8e:37:8f:28:30:76:16:aa:8a:30:fa:
1e:53:68:11:23:6f:ce:e5:ff:2a:8c:ae:e2:09:70:
b4:b5:01:1d:d3:fe:f8:c6:53:40:7a:54:5c:67:c6:
d1:8e:94:1e:17:dc:5a:17:0e:d2:f6:b5:23:36:75:
2d:83:0b:5d:2f:11:cd:30:7c:7d:86:58:62:24:4b:
75:bd:1f:6c:f8:7c:31:a9:f7:2d:3d:4a:ac:f2:6d:
fe:d1:73:5b:1d:c4:5c:5c:c5:49:c0:1e:c0:bf:45:
7b:16:1b:d9:78:89:70:1e:21:66:0e:5e:7e:b2:75:
d5:15:f0:24:47:eb:5e:8c:d9:49:5e:ab:cd:e3:e6:
10:8b:0c:25:f5:c0:2f:a3:34:de:e5:59:f7:47:69:
08:43:57:80:ad:4b:ba:33:9d:eb:6a:6d:47:86:34:
10:47:e3:15:b6:ad:e2:16:ff:60:06:07:28:28:1a:
08:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:39:50:90:3B:FF:33:6A:16:81:CD:C2:39:90:EE:54:44:D7:6B:2A
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/ITlQkDv_M2oWgc3COZDuVETXayo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.163.96.0/21
82.163.168.0/22
82.163.224.0/22
130.255.68.0/22
188.215.120.0/22
Signature Algorithm: sha256WithRSAEncryption
0f:4d:69:73:3d:f0:f1:f0:2e:0f:0a:19:09:05:f1:8b:6d:1c:
f2:3e:a5:70:db:5f:3e:a3:f5:26:21:2f:e8:92:86:a2:54:f1:
20:69:b5:1c:ad:2f:10:ba:2c:8a:7e:0c:98:3a:d4:81:66:ab:
77:b9:33:2f:7d:60:3c:82:b4:db:4a:08:45:5b:83:76:03:90:
e9:15:5e:37:da:69:52:53:a3:74:da:b9:5c:5c:04:c5:4a:a5:
a5:d4:8e:1c:d0:1e:f7:23:a9:55:63:20:6d:2b:20:fe:82:f5:
87:11:6e:28:cb:6b:28:f4:3e:9d:c0:50:f3:58:02:80:a1:e4:
b9:70:23:ba:6c:81:a0:5a:d2:bc:ba:d8:ac:f7:b2:1f:79:e7:
1d:4e:4e:34:b6:bb:8b:3a:b8:ac:fa:87:7b:2a:16:8b:52:b4:
23:e1:af:7a:98:61:7b:bc:96:95:7d:7c:83:c6:0c:e3:dc:33:
bc:d1:da:1e:4d:d4:92:62:a7:01:e0:5e:de:ff:be:5d:ea:81:
3a:c7:52:ff:7f:28:51:b2:25:84:83:72:4f:5f:63:ce:0f:46:
b5:03:90:43:34:42:02:03:a6:70:84:1a:f6:91:82:28:da:a8:
75:ad:b9:09:fe:4e:0c:0e:21:bd:43:fe:bb:58:ea:bd:07:1f:
b0:4f:12:f2
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzF3OBPm3Tqrcm81uvB+4HgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQwMTAxMTYzMDM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTM5NTA5MDNiZmYzMzZhMTY4MWNkYzIzOTkwZWU1NDQ0ZDc2YjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgz/eyrw158hG7k6jKioDkXCSAoKF
793RC+0XBQ0j7xd28rtSscz713TZocuEqNZfU/S9j0mk/I3C9JIVdElK8eQ8iCpt
LKMOA8DqeAJPjjePKDB2FqqKMPoeU2gRI2/O5f8qjK7iCXC0tQEd0/74xlNAelRc
Z8bRjpQeF9xaFw7S9rUjNnUtgwtdLxHNMHx9hlhiJEt1vR9s+HwxqfctPUqs8m3+
0XNbHcRcXMVJwB7Av0V7FhvZeIlwHiFmDl5+snXVFfAkR+tejNlJXqvN4+YQiwwl
9cAvozTe5Vn3R2kIQ1eArUu6M53ram1HhjQQR+MVtq3iFv9gBgcoKBoIQQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCE5UJA7/zNqFoHNwjmQ7lRE12sqMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvSVRsUWtEdl9NMm9XZ2MzQ09aRHVWRVRYYXlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDUqNgAwQC
UqOoAwQCUqPgAwQCgv9EAwQCvNd4MA0GCSqGSIb3DQEBCwUAA4IBAQAPTWlzPfDx
8C4PChkJBfGLbRzyPqVw218+o/UmIS/okoaiVPEgabUcrS8QuiyKfgyYOtSBZqt3
uTMvfWA8grTbSghFW4N2A5DpFV432mlSU6N02rlcXATFSqWl1I4c0B73I6lVYyBt
KyD+gvWHEW4oy2so9D6dwFDzWAKAoeS5cCO6bIGgWtK8utis97IfeecdTk40truL
Oris+od7KhaLUrQj4a96mGF7vJaVfXyDxgzj3DO80doeTdSSYqcB4F7e/75d6oE6
x1L/fyhRsiWEg3JPX2POD0a1A5BDNEICA6ZwhBr2kYIo2qh1rbkJ/k4MDiG9Q/67
WOq9Bx+wTxLy
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:47 2024 by rpki-client on console-ams.rpki-client.org