Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/J2NB3I7BT5yNjIu9nMz0481AfuM.roa
File: J2NB3I7BT5yNjIu9nMz0481AfuM.roa (raw, json)
Hash identifier: 2KQp/0Ct0cz+WuLXqw3fZMF/z/AwIdkDJ4+a3XLOwvA=
Subject key identifier: 27:63:41:DC:8E:C1:4F:9C:8D:8C:8B:BD:9C:CC:F4:E3:CD:40:7E:E3
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 019324D66369EE29EE0AFAB2232AB51AC577
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/J2NB3I7BT5yNjIu9nMz0481AfuM.roa
Signing time: Wed 13 Nov 2024 09:24:10 +0000
ROA not before: Wed 13 Nov 2024 09:24:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214560
IP address blocks: 82.163.52.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:50:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:24:d6:63:69:ee:29:ee:0a:fa:b2:23:2a:b5:1a:c5:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Nov 13 09:24:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=276341dc8ec14f9c8d8c8bbd9cccf4e3cd407ee3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:5e:50:6c:64:0f:b1:cc:91:4d:e5:32:0c:7d:
09:15:5b:e2:2a:75:d5:9c:f8:9c:89:50:f8:1e:4c:
9c:12:6e:bb:20:f4:6b:7e:8d:a1:aa:9e:61:56:78:
fe:e9:1e:9a:31:5f:a3:e1:60:12:37:99:60:20:dd:
69:5a:5c:bd:8a:d7:12:02:11:45:39:ac:e4:d6:7e:
6b:76:27:7b:05:84:a0:24:32:81:4e:ba:f5:02:c1:
86:3b:ae:8b:ed:4c:77:b3:3d:3f:08:54:36:f6:db:
51:50:86:84:8c:8f:72:aa:2c:c3:f2:e5:09:b1:63:
37:bc:d6:c0:39:f6:47:5e:9a:64:84:f6:4b:08:a8:
65:11:ce:60:b7:00:c0:ec:14:41:43:a1:8d:06:8e:
a0:cd:95:2d:56:80:80:69:93:1e:d2:68:84:f7:61:
ce:87:43:ff:6a:b7:d9:75:0d:e8:e3:ac:39:25:b1:
b7:ae:a0:a5:73:5c:65:78:1c:15:db:8c:ac:bf:7c:
eb:18:0c:07:37:9f:94:39:4a:01:cf:e8:de:be:f0:
f4:c9:d4:d7:b0:0d:de:b1:62:26:1b:19:4a:2d:15:
2a:3d:cc:c2:4d:28:88:a9:10:6f:18:b1:10:a7:de:
0a:f9:62:0f:31:8e:94:27:2b:80:f4:f1:ac:b5:3a:
9b:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:63:41:DC:8E:C1:4F:9C:8D:8C:8B:BD:9C:CC:F4:E3:CD:40:7E:E3
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/J2NB3I7BT5yNjIu9nMz0481AfuM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.163.52.0/23
Signature Algorithm: sha256WithRSAEncryption
87:d7:fc:aa:30:b0:5e:7c:0e:23:b5:88:59:84:1e:d1:7a:7e:
c5:12:5d:4b:de:d7:74:bc:b9:32:10:21:7f:24:bc:a1:78:46:
40:6c:74:af:9f:6c:99:99:f8:49:f6:4d:8d:b5:b8:a1:3d:82:
72:9c:97:5b:18:43:77:c9:26:63:c4:f1:5d:ad:ca:ab:a2:15:
d8:6f:a8:6f:63:fc:5f:73:9c:37:5a:d1:0a:42:1f:07:f0:73:
dc:f3:b4:ef:86:a5:65:d3:7e:94:8e:f0:40:cc:ff:af:9e:1a:
3a:78:be:f1:47:be:04:1f:d2:ee:b0:92:cc:51:86:46:b3:02:
ac:8c:0a:02:06:1f:53:4d:30:e4:ea:1c:18:91:9b:21:76:0f:
bf:0b:0e:17:30:7a:0a:ae:50:07:c2:19:e7:77:1a:90:58:62:
aa:b9:b2:db:3d:87:87:67:9e:f4:4e:46:fc:ff:c2:29:f4:0a:
9c:5a:33:79:bf:cb:54:11:3a:04:07:f8:0c:f5:a2:62:0d:4b:
c8:f8:71:a4:8c:5b:02:d6:a9:d1:4f:6d:c7:4e:ef:58:e1:ab:
87:98:5d:3c:ea:f9:28:e2:b7:b1:20:25:0e:24:f0:f6:d1:a8:
33:ea:2b:ba:0d:aa:57:0e:a4:51:31:3e:db:81:d4:b8:81:a2:
b6:2d:ac:e9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZMk1mNp7inuCvqyIyq1GsV3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQxMTEzMDkyNDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzYzNDFkYzhlYzE0ZjljOGQ4YzhiYmQ5Y2NjZjRlM2NkNDA3ZWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm15QbGQPscyRTeUyDH0JFVviKnXV
nPiciVD4HkycEm67IPRrfo2hqp5hVnj+6R6aMV+j4WASN5lgIN1pWly9itcSAhFF
Oazk1n5rdid7BYSgJDKBTrr1AsGGO66L7Ux3sz0/CFQ29ttRUIaEjI9yqizD8uUJ
sWM3vNbAOfZHXppkhPZLCKhlEc5gtwDA7BRBQ6GNBo6gzZUtVoCAaZMe0miE92HO
h0P/arfZdQ3o46w5JbG3rqClc1xleBwV24ysv3zrGAwHN5+UOUoBz+jevvD0ydTX
sA3esWImGxlKLRUqPczCTSiIqRBvGLEQp94K+WIPMY6UJyuA9PGstTqbdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCdjQdyOwU+cjYyLvZzM9OPNQH7jMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvSjJOQjNJN0JUNXlOakl1OW5NejA0ODFBZnVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBUqM0MA0G
CSqGSIb3DQEBCwUAA4IBAQCH1/yqMLBefA4jtYhZhB7Ren7FEl1L3td0vLkyECF/
JLyheEZAbHSvn2yZmfhJ9k2NtbihPYJynJdbGEN3ySZjxPFdrcqrohXYb6hvY/xf
c5w3WtEKQh8H8HPc87TvhqVl036UjvBAzP+vnho6eL7xR74EH9LusJLMUYZGswKs
jAoCBh9TTTDk6hwYkZshdg+/Cw4XMHoKrlAHwhnndxqQWGKqubLbPYeHZ570Tkb8
/8Ip9AqcWjN5v8tUEToEB/gM9aJiDUvI+HGkjFsC1qnRT23HTu9Y4auHmF086vko
4rexICUOJPD20agz6iu6DapXDqRRMT7bgdS4gaK2Lazp
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:01:38 2025 by rpki-client