Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/KBfbCyVQ7wM3DRQpgctXWhQqJ8g.roa
File: KBfbCyVQ7wM3DRQpgctXWhQqJ8g.roa (raw, json)
Hash identifier: d3n7dlKwrg8Xtrqc9+s9xV7NdBj7W5IFWVwr51sMgkw=
Subject key identifier: 28:17:DB:0B:25:50:EF:03:37:0D:14:29:81:CB:57:5A:14:2A:27:C8
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018AF4A2E927F7BBC8C20622258C5EA7EFC0
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/KBfbCyVQ7wM3DRQpgctXWhQqJ8g.roa
Signing time: Tue 03 Oct 2023 08:23:51 +0000
ROA not before: Tue 03 Oct 2023 08:23:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39521
IP address blocks: 82.163.64.0/22 maxlen: 24
82.163.228.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 13 Dec 2023 07:41:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f4:a2:e9:27:f7:bb:c8:c2:06:22:25:8c:5e:a7:ef:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Oct 3 08:23:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2817db0b2550ef03370d142981cb575a142a27c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:06:34:35:c7:43:20:84:ae:a6:97:fc:a7:20:
5a:c8:c4:36:69:1b:16:ef:a9:d8:2e:fa:48:b9:14:
bf:6e:1f:34:fb:b3:38:db:0a:1a:6b:d4:d5:5b:d7:
43:b6:81:78:25:08:4d:45:34:21:a1:4b:f2:d1:9e:
16:b5:e6:3b:f6:88:ab:4d:df:64:72:63:79:16:a8:
cf:84:df:f3:e1:dd:e8:5c:ea:ca:b5:8c:90:a7:03:
fe:b8:cf:6b:65:87:65:f8:96:fc:95:a1:36:9c:38:
e0:d0:04:f8:74:ea:dc:4b:1b:50:dc:bc:7a:47:61:
42:cd:14:12:f4:0b:15:af:a3:71:8f:98:f0:0e:45:
a6:0b:ad:9b:ff:83:c0:ed:54:15:72:ae:b5:c1:7f:
18:fd:0b:ca:9d:37:46:8d:1b:93:ab:b9:f2:59:38:
82:d8:ff:f9:c3:56:99:0d:50:2d:d1:11:ba:6b:f4:
81:14:42:e8:0d:4c:0d:57:e0:e2:b3:ee:a3:25:32:
ab:4f:28:19:6e:fe:d5:ed:87:3f:62:f1:5d:83:02:
70:26:ce:2e:23:5f:27:67:89:74:e3:ca:69:4c:05:
ff:cd:43:e3:9e:57:57:e1:de:37:b1:be:6c:89:d9:
dc:25:3b:b2:94:2b:76:79:39:88:b0:72:24:86:05:
db:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:17:DB:0B:25:50:EF:03:37:0D:14:29:81:CB:57:5A:14:2A:27:C8
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/KBfbCyVQ7wM3DRQpgctXWhQqJ8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.163.64.0/22
82.163.228.0/22
Signature Algorithm: sha256WithRSAEncryption
37:94:d9:86:20:2c:f2:e1:db:b1:e3:e9:74:1b:6a:a4:67:f8:
10:08:ff:60:e3:63:23:c2:f6:ea:84:3e:a3:ef:08:f7:df:6f:
68:60:91:c3:31:6e:86:70:55:57:d3:5e:4c:84:e8:86:7d:a6:
40:60:fd:5d:fd:1d:2a:09:f6:0e:4e:a9:d5:79:c6:90:03:04:
84:bc:db:39:34:4f:23:1c:9b:3f:55:1e:a0:a1:47:e0:0a:88:
26:9d:45:4f:4b:fc:c9:cc:2a:0b:df:68:66:4c:bb:35:e0:24:
c0:62:f8:3b:49:7f:7e:f7:3e:d3:0b:8a:14:1a:e9:96:3c:38:
d6:d9:8d:0a:45:4a:5c:6c:06:88:af:e0:37:f3:b3:f4:10:22:
8b:64:9d:da:2c:7f:d2:b2:af:3c:a1:19:97:10:08:68:14:58:
cc:5d:58:c8:8e:e5:c6:ac:d7:8f:65:c6:63:a3:21:8e:1c:3f:
a2:3a:46:07:c5:12:87:4d:14:49:e0:21:d6:70:37:4c:df:5e:
09:e8:92:ac:72:30:0d:17:10:2f:fb:f6:f2:d3:2a:b9:58:39:
cf:13:da:44:68:19:4b:b2:6a:1e:6a:c9:6c:b9:77:f5:ef:d3:
f7:2f:6b:8d:50:b4:c3:d5:69:52:f9:d8:f3:96:18:35:68:6e:
1f:42:71:c2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYr0oukn97vIwgYiJYxep+/AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMxMDAzMDgyMzUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODE3ZGIwYjI1NTBlZjAzMzcwZDE0Mjk4MWNiNTc1YTE0MmEyN2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkAY0NcdDIISuppf8pyBayMQ2aRsW
76nYLvpIuRS/bh80+7M42woaa9TVW9dDtoF4JQhNRTQhoUvy0Z4WteY79oirTd9k
cmN5FqjPhN/z4d3oXOrKtYyQpwP+uM9rZYdl+Jb8laE2nDjg0AT4dOrcSxtQ3Lx6
R2FCzRQS9AsVr6Nxj5jwDkWmC62b/4PA7VQVcq61wX8Y/QvKnTdGjRuTq7nyWTiC
2P/5w1aZDVAt0RG6a/SBFELoDUwNV+Dis+6jJTKrTygZbv7V7Yc/YvFdgwJwJs4u
I18nZ4l048ppTAX/zUPjnldX4d43sb5sidncJTuylCt2eTmIsHIkhgXbnwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCgX2wslUO8DNw0UKYHLV1oUKifIMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvS0JmYkN5VlE3d00zRFJRcGdjdFhXaFFxSjhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCUqNAAwQC
UqPkMA0GCSqGSIb3DQEBCwUAA4IBAQA3lNmGICzy4dux4+l0G2qkZ/gQCP9g42Mj
wvbqhD6j7wj3329oYJHDMW6GcFVX015MhOiGfaZAYP1d/R0qCfYOTqnVecaQAwSE
vNs5NE8jHJs/VR6goUfgCogmnUVPS/zJzCoL32hmTLs14CTAYvg7SX9+9z7TC4oU
GumWPDjW2Y0KRUpcbAaIr+A387P0ECKLZJ3aLH/Ssq88oRmXEAhoFFjMXVjIjuXG
rNePZcZjoyGOHD+iOkYHxRKHTRRJ4CHWcDdM314J6JKscjANFxAv+/by0yq5WDnP
E9pEaBlLsmoeaslsuXf179P3L2uNULTD1WlS+djzlhg1aG4fQnHC
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:47 2024 by rpki-client on console-ams.rpki-client.org