Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/JThypkQZTcphMrI9-OVfveUrIEY.roa
File: JThypkQZTcphMrI9-OVfveUrIEY.roa (raw, json)
Hash identifier: 0n5VZUQ0xSFvLH04X9Q8orhcMU6zQZfvqJ1Rzxskh/k=
Subject key identifier: 25:38:72:A6:44:19:4D:CA:61:32:B2:3D:F8:E5:5F:BD:E5:2B:20:46
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018EEC66D5E6A648FE4B83E35F5209114AAD
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/JThypkQZTcphMrI9-OVfveUrIEY.roa
Signing time: Wed 17 Apr 2024 14:12:26 +0000
ROA not before: Wed 17 Apr 2024 14:12:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5065
IP address blocks: 82.163.54.0/23 maxlen: 24
82.163.96.0/21 maxlen: 24
82.163.168.0/22 maxlen: 24
82.163.224.0/22 maxlen: 24
130.255.68.0/22 maxlen: 24
188.215.120.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Jun 2024 12:07:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ec:66:d5:e6:a6:48:fe:4b:83:e3:5f:52:09:11:4a:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Apr 17 14:12:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=253872a644194dca6132b23df8e55fbde52b2046
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:6d:12:dc:a0:9b:ba:e1:d7:27:7c:2d:7e:03:
b5:d1:ff:05:ce:93:37:53:40:c5:be:e4:9b:53:a2:
25:ed:bc:6f:0e:35:96:9b:69:a7:f4:d3:3b:b6:44:
41:d9:8f:55:d7:a1:2a:1f:13:af:2f:54:ac:d3:b1:
eb:c9:3a:32:87:3a:b8:35:2c:9f:69:bd:be:24:da:
0e:73:81:c1:1b:f3:79:f0:27:f6:d3:f1:8f:e1:79:
cb:8b:a4:49:08:9f:66:18:6a:5c:95:93:ac:4c:ed:
f9:2f:43:29:24:92:56:b1:ec:dd:1a:be:35:9c:fd:
10:94:70:c1:67:2d:ca:a7:9e:77:01:ce:48:73:64:
e6:2e:04:e5:0a:c0:20:61:0e:89:06:83:0e:e3:d4:
b3:ac:33:50:c9:7d:22:f1:d8:49:a8:8a:9f:5e:cf:
d1:4d:b1:eb:f5:65:b7:77:17:e9:56:e5:f3:64:05:
95:a9:04:f6:72:33:2c:10:da:8c:9c:39:dd:66:b2:
3e:bb:41:43:6b:51:bd:02:c0:4b:5c:c6:5e:29:e2:
49:9e:32:a2:a4:d9:81:fd:d8:99:b3:a6:64:e7:3a:
5c:67:49:88:38:33:16:49:46:69:e8:39:2c:18:36:
2a:8b:9e:77:6c:40:73:f3:02:46:c6:6f:97:5a:1a:
ec:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:38:72:A6:44:19:4D:CA:61:32:B2:3D:F8:E5:5F:BD:E5:2B:20:46
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/JThypkQZTcphMrI9-OVfveUrIEY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.163.54.0/23
82.163.96.0/21
82.163.168.0/22
82.163.224.0/22
130.255.68.0/22
188.215.120.0/22
Signature Algorithm: sha256WithRSAEncryption
46:80:ba:c6:7d:fa:94:76:49:cc:94:48:55:6e:5d:56:64:b0:
b6:dc:47:1e:09:0d:ff:4a:7a:a3:dd:f4:89:45:4c:6f:4c:ed:
50:46:e8:cd:0b:d9:2a:b7:2c:b8:87:0b:51:41:89:23:e1:0b:
ce:76:b4:86:08:66:55:2c:bf:df:fc:69:00:ac:4a:72:25:f8:
0e:98:0e:e7:13:89:88:a5:a7:00:03:f4:06:34:4e:d2:bf:0c:
92:80:c7:33:cc:01:ae:72:f5:ad:75:79:98:1f:ee:d4:d9:ac:
be:af:47:c8:05:0e:3f:78:5d:b1:5c:0a:f0:f1:7e:e2:8b:b1:
56:f4:f0:d3:aa:d6:d2:69:9e:e8:22:b3:dc:01:0a:51:46:fd:
d9:72:c2:2d:aa:13:f6:13:0b:42:57:11:f4:02:0f:59:24:dc:
99:8e:bf:e5:27:f8:21:dd:76:40:e4:e1:bd:1e:b6:ff:13:84:
c9:e5:11:4c:a2:1a:cc:6a:2b:c7:77:67:fe:ad:24:c3:70:1a:
9c:c7:80:6b:70:19:e0:a7:98:77:4b:82:85:ef:00:95:b3:3c:
c9:23:ea:d9:77:41:c7:79:85:6c:3b:bc:4e:b8:a6:e3:3d:ca:
1f:c1:3b:6b:4f:7c:87:80:bc:f7:d3:5b:9c:1e:17:ec:55:8f:
6c:75:f5:3a
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY7sZtXmpkj+S4PjX1IJEUqtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQwNDE3MTQxMjI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTM4NzJhNjQ0MTk0ZGNhNjEzMmIyM2RmOGU1NWZiZGU1MmIyMDQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgm0S3KCbuuHXJ3wtfgO10f8FzpM3
U0DFvuSbU6Il7bxvDjWWm2mn9NM7tkRB2Y9V16EqHxOvL1Ss07HryToyhzq4NSyf
ab2+JNoOc4HBG/N58Cf20/GP4XnLi6RJCJ9mGGpclZOsTO35L0MpJJJWsezdGr41
nP0QlHDBZy3Kp553Ac5Ic2TmLgTlCsAgYQ6JBoMO49SzrDNQyX0i8dhJqIqfXs/R
TbHr9WW3dxfpVuXzZAWVqQT2cjMsENqMnDndZrI+u0FDa1G9AsBLXMZeKeJJnjKi
pNmB/diZs6Zk5zpcZ0mIODMWSUZp6DksGDYqi553bEBz8wJGxm+XWhrs5QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFCU4cqZEGU3KYTKyPfjlX73lKyBGMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvSlRoeXBrUVpUY3BoTXJJOS1PVmZ2ZVVySUVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBUqM2AwQD
UqNgAwQCUqOoAwQCUqPgAwQCgv9EAwQCvNd4MA0GCSqGSIb3DQEBCwUAA4IBAQBG
gLrGffqUdknMlEhVbl1WZLC23EceCQ3/Snqj3fSJRUxvTO1QRujNC9kqtyy4hwtR
QYkj4QvOdrSGCGZVLL/f/GkArEpyJfgOmA7nE4mIpacAA/QGNE7SvwySgMczzAGu
cvWtdXmYH+7U2ay+r0fIBQ4/eF2xXArw8X7ii7FW9PDTqtbSaZ7oIrPcAQpRRv3Z
csItqhP2EwtCVxH0Ag9ZJNyZjr/lJ/gh3XZA5OG9Hrb/E4TJ5RFMohrMaivHd2f+
rSTDcBqcx4BrcBngp5h3S4KF7wCVszzJI+rZd0HHeYVsO7xOuKbjPcofwTtrT3yH
gLz301ucHhfsVY9sdfU6
-----END CERTIFICATE-----
Generated at Mon Jun 10 16:21:31 2024 by rpki-client on console-fra.rpki-client.org