Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/Pr8XSjYuD0q0eOBdgqRIGrpmFYM.roa
File: Pr8XSjYuD0q0eOBdgqRIGrpmFYM.roa (raw, json)
Hash identifier: SzCDJOKtdIvvE9Fimp7QfYDmv0Yc1oboAmi1i7Fs+h8=
Subject key identifier: 3E:BF:17:4A:36:2E:0F:4A:B4:78:E0:5D:82:A4:48:1A:BA:66:15:83
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018A0508E8F50F6F19E187B7539833CE220D
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/Pr8XSjYuD0q0eOBdgqRIGrpmFYM.roa
Signing time: Thu 17 Aug 2023 19:46:24 +0000
ROA not before: Thu 17 Aug 2023 19:46:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 399073
IP address blocks: 130.255.68.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sun 17 Sep 2023 07:45:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:05:08:e8:f5:0f:6f:19:e1:87:b7:53:98:33:ce:22:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Aug 17 19:46:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3ebf174a362e0f4ab478e05d82a4481aba661583
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:cf:96:a5:29:59:ce:c5:d3:9e:ee:3c:f5:c1:
87:e9:9b:1b:b5:d2:ae:d4:c9:d3:5f:ba:19:2b:aa:
40:25:5d:f1:38:48:1b:51:9f:46:53:37:8f:28:b0:
a3:5f:1d:36:c3:84:72:fc:be:87:a9:e7:c6:7b:b8:
1c:ba:be:16:57:ee:e9:ae:59:6f:1f:1e:05:b0:44:
36:44:6d:53:77:aa:07:cb:0f:9e:0f:66:13:05:eb:
0e:53:ae:4e:64:86:ac:17:96:6c:8c:c2:6f:aa:ba:
92:c2:ea:5d:21:62:44:00:99:f0:67:49:f4:3c:f4:
5f:74:95:ca:b1:d0:06:c9:89:ec:f1:d5:01:41:de:
20:fd:1c:ce:f5:b0:d8:9f:38:e1:2d:0e:46:a0:4d:
34:a3:71:ab:73:54:03:ea:15:0d:1d:b9:c2:e6:c1:
81:04:27:b6:25:01:b0:d5:19:ce:a3:51:1b:9b:1e:
b2:d3:7f:88:77:82:a2:2e:d8:62:ba:37:fb:12:a8:
fa:36:40:f7:20:1a:aa:be:50:d1:05:ff:76:1d:05:
c1:6b:79:f7:08:e9:9a:4a:f8:e4:c5:1f:84:07:53:
aa:54:47:44:ed:8b:95:82:c1:66:b7:15:cd:c5:5d:
a9:b7:a8:87:94:13:75:c6:6b:04:c3:99:16:45:ca:
0a:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:BF:17:4A:36:2E:0F:4A:B4:78:E0:5D:82:A4:48:1A:BA:66:15:83
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/Pr8XSjYuD0q0eOBdgqRIGrpmFYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.255.68.0/22
Signature Algorithm: sha256WithRSAEncryption
5d:8b:c2:14:45:4c:04:7d:a2:aa:2f:b6:a1:a8:45:d7:17:6e:
5c:36:84:d7:f1:a3:c6:3a:53:72:5a:a1:d5:dc:c3:14:2f:40:
12:42:ea:22:b6:09:ca:56:dd:a8:d2:27:45:16:08:5d:dc:4a:
cf:27:3f:3f:78:3b:38:bf:a2:34:f6:3c:aa:8b:2c:57:bf:f5:
6b:74:23:ff:c3:0b:8c:fe:2f:a5:3d:f6:3d:9e:1c:79:b8:5f:
4b:a4:92:64:c5:eb:41:c5:04:04:15:dd:04:64:5a:fc:9f:7f:
40:e2:57:a5:66:5f:f7:a3:f1:97:2f:de:d6:ba:f7:7f:1c:a1:
0a:fc:30:31:59:21:bf:00:8a:9c:51:93:59:9a:3d:98:0c:af:
d4:37:60:7c:db:d3:7f:74:db:4c:88:34:27:50:8d:d5:40:c8:
2b:2f:ff:c5:88:2a:c8:da:13:89:34:a1:52:59:55:42:ba:9d:
6a:14:fd:86:0c:f0:ea:0f:bf:24:db:6b:86:76:f0:7e:cd:a8:
d1:65:cd:d9:4e:9c:09:d1:e4:b1:b8:c0:7e:ab:74:06:f3:ff:
11:5c:d1:60:eb:89:d2:ad:b0:25:e2:07:69:6f:e2:bc:6c:76:
b5:b7:c1:4f:b4:b3:a9:bb:90:c2:ab:5a:99:6e:0f:91:f9:94:
5f:53:5f:8f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYoFCOj1D28Z4Ye3U5gzziINMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMwODE3MTk0NjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWJmMTc0YTM2MmUwZjRhYjQ3OGUwNWQ4MmE0NDgxYWJhNjYxNTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqs+WpSlZzsXTnu489cGH6ZsbtdKu
1MnTX7oZK6pAJV3xOEgbUZ9GUzePKLCjXx02w4Ry/L6HqefGe7gcur4WV+7prllv
Hx4FsEQ2RG1Td6oHyw+eD2YTBesOU65OZIasF5ZsjMJvqrqSwupdIWJEAJnwZ0n0
PPRfdJXKsdAGyYns8dUBQd4g/RzO9bDYnzjhLQ5GoE00o3Grc1QD6hUNHbnC5sGB
BCe2JQGw1RnOo1Ebmx6y03+Id4KiLthiujf7Eqj6NkD3IBqqvlDRBf92HQXBa3n3
COmaSvjkxR+EB1OqVEdE7YuVgsFmtxXNxV2pt6iHlBN1xmsEw5kWRcoKcwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD6/F0o2Lg9KtHjgXYKkSBq6ZhWDMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvUHI4WFNqWXVEMHEwZU9CZGdxUklHcnBtRllNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCgv9EMA0G
CSqGSIb3DQEBCwUAA4IBAQBdi8IURUwEfaKqL7ahqEXXF25cNoTX8aPGOlNyWqHV
3MMUL0ASQuoitgnKVt2o0idFFghd3ErPJz8/eDs4v6I09jyqiyxXv/VrdCP/wwuM
/i+lPfY9nhx5uF9LpJJkxetBxQQEFd0EZFr8n39A4lelZl/3o/GXL97Wuvd/HKEK
/DAxWSG/AIqcUZNZmj2YDK/UN2B829N/dNtMiDQnUI3VQMgrL//FiCrI2hOJNKFS
WVVCup1qFP2GDPDqD78k22uGdvB+zajRZc3ZTpwJ0eSxuMB+q3QG8/8RXNFg64nS
rbAl4gdpb+K8bHa1t8FPtLOpu5DCq1qZbg+R+ZRfU1+P
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:47 2024 by rpki-client on console-ams.rpki-client.org