Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/LTP6HICRxSGE-227p3itSS2q0No.roa
File: LTP6HICRxSGE-227p3itSS2q0No.roa (raw, json)
Hash identifier: PJehuFqEzKR4qHf0CeZ4/756S4SzN/yLldk4D0da9lw=
Subject key identifier: 2D:33:FA:1C:80:91:C5:21:84:FB:6D:BB:A7:78:AD:49:2D:AA:D0:DA
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018AF023FEC641BDC1DAFA4DB2445C00A490
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/LTP6HICRxSGE-227p3itSS2q0No.roa
Signing time: Mon 02 Oct 2023 11:26:45 +0000
ROA not before: Mon 02 Oct 2023 11:26:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5065
IP address blocks: 82.163.168.0/22 maxlen: 24
188.215.120.0/22 maxlen: 24
82.163.96.0/21 maxlen: 24
82.163.224.0/22 maxlen: 24
130.255.68.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f0:23:fe:c6:41:bd:c1:da:fa:4d:b2:44:5c:00:a4:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Oct 2 11:26:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2d33fa1c8091c52184fb6dbba778ad492daad0da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:2e:46:8c:90:73:d4:62:a8:ab:72:f5:36:41:
b3:cf:13:84:c6:f9:86:8e:4c:14:97:fb:09:97:dc:
31:52:65:b4:af:d4:ba:4a:05:36:ee:18:30:e5:f6:
d4:d1:62:90:15:65:d1:b8:7e:16:f0:f7:4c:a2:13:
07:f1:59:85:95:23:0b:d9:9e:53:0f:32:e8:a5:3d:
c2:9d:d8:34:f3:31:76:95:c1:27:03:71:e3:d6:b2:
a6:d7:90:31:a8:3a:44:53:a7:b2:39:a0:f3:69:77:
34:0c:31:45:e6:2b:a2:2f:20:38:db:46:1f:d5:51:
28:aa:b3:45:81:5a:da:2e:da:a2:a3:20:e6:f0:f2:
7c:56:aa:f8:96:e3:0b:78:25:c1:81:0d:19:9d:47:
49:24:73:98:a9:ad:62:ac:8d:31:94:1e:cc:ce:5a:
6b:1a:ae:96:b5:d3:f9:ba:93:0a:73:b6:5c:85:9f:
5f:ac:9a:ea:84:6f:d8:fa:6b:64:c2:68:35:be:42:
97:40:d4:89:d0:13:c8:14:f0:31:ed:bd:db:4a:3d:
2b:1d:6d:16:fd:62:1c:69:5b:42:89:ca:36:b0:ea:
3a:3d:b0:f9:c4:72:34:ab:76:56:eb:1b:65:6c:4d:
f3:15:ab:4d:30:bf:b8:29:d0:c1:4d:c0:82:0e:cc:
0a:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:33:FA:1C:80:91:C5:21:84:FB:6D:BB:A7:78:AD:49:2D:AA:D0:DA
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/LTP6HICRxSGE-227p3itSS2q0No.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.163.96.0/21
82.163.168.0/22
82.163.224.0/22
130.255.68.0/22
188.215.120.0/22
Signature Algorithm: sha256WithRSAEncryption
74:e2:56:f4:71:5a:49:fa:21:39:c7:d3:11:6b:a8:9b:b4:4e:
37:5d:65:5d:48:7a:55:a8:1b:ae:58:de:a7:04:45:a7:53:08:
da:5c:8a:a6:ea:46:58:2d:ac:fd:c3:de:2b:34:32:8f:f6:41:
d4:d6:68:ed:0b:a1:86:80:c0:49:1b:d8:a2:83:c0:e0:90:70:
c6:f1:65:10:f3:b1:ef:80:b1:fe:ad:ad:81:49:ae:06:b4:af:
1b:75:ac:1c:11:5d:dc:93:66:db:c5:cc:c5:50:1b:bc:da:8a:
98:1e:40:d3:c1:75:7b:e8:9e:35:4e:5b:ff:a2:b7:13:e9:c5:
ed:5b:4f:58:5a:aa:d8:9a:08:af:1f:2f:c5:87:4b:f6:02:66:
5e:2f:79:83:96:6e:63:84:18:7f:8e:8c:9f:54:fa:84:db:cf:
51:7b:b3:ec:60:4f:45:e0:21:16:bd:c5:ee:53:9f:90:23:72:
81:f1:5b:84:04:88:cd:8d:dd:4a:19:03:ba:24:be:4c:bf:55:
5a:4e:4e:a5:0e:49:2c:9a:78:95:08:97:f6:28:04:cb:0b:dc:
98:6e:71:03:a3:d5:92:a4:04:83:a9:6f:64:d0:a3:22:66:0d:
a2:03:d2:1c:52:a4:49:9a:ee:13:e2:f8:79:ee:f3:48:22:9d:
5d:3c:cd:5b
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYrwI/7GQb3B2vpNskRcAKSQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMxMDAyMTEyNjQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDMzZmExYzgwOTFjNTIxODRmYjZkYmJhNzc4YWQ0OTJkYWFkMGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAui5GjJBz1GKoq3L1NkGzzxOExvmG
jkwUl/sJl9wxUmW0r9S6SgU27hgw5fbU0WKQFWXRuH4W8PdMohMH8VmFlSML2Z5T
DzLopT3Cndg08zF2lcEnA3Hj1rKm15AxqDpEU6eyOaDzaXc0DDFF5iuiLyA420Yf
1VEoqrNFgVraLtqioyDm8PJ8Vqr4luMLeCXBgQ0ZnUdJJHOYqa1irI0xlB7Mzlpr
Gq6WtdP5upMKc7ZchZ9frJrqhG/Y+mtkwmg1vkKXQNSJ0BPIFPAx7b3bSj0rHW0W
/WIcaVtCico2sOo6PbD5xHI0q3ZW6xtlbE3zFatNML+4KdDBTcCCDswKoQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFC0z+hyAkcUhhPttu6d4rUktqtDaMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvTFRQNkhJQ1J4U0dFLTIyN3AzaXRTUzJxME5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDUqNgAwQC
UqOoAwQCUqPgAwQCgv9EAwQCvNd4MA0GCSqGSIb3DQEBCwUAA4IBAQB04lb0cVpJ
+iE5x9MRa6ibtE43XWVdSHpVqBuuWN6nBEWnUwjaXIqm6kZYLaz9w94rNDKP9kHU
1mjtC6GGgMBJG9iig8DgkHDG8WUQ87HvgLH+ra2BSa4GtK8bdawcEV3ck2bbxczF
UBu82oqYHkDTwXV76J41Tlv/orcT6cXtW09YWqrYmgivHy/Fh0v2AmZeL3mDlm5j
hBh/joyfVPqE289Re7PsYE9F4CEWvcXuU5+QI3KB8VuEBIjNjd1KGQO6JL5Mv1Va
Tk6lDkksmniVCJf2KATLC9yYbnEDo9WSpASDqW9k0KMiZg2iA9IcUqRJmu4T4vh5
7vNIIp1dPM1b
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:35 2024 by rpki-client on console-fra.rpki-client.org