Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/QrtML9LC9PjrbGyfSJ6Z08ZzR6Q.roa
File: QrtML9LC9PjrbGyfSJ6Z08ZzR6Q.roa (raw, json)
Hash identifier: 1mjTJzKYd8t0da4Y3wN0NZJ5IsQ0MOEtNUPskptR1AU=
Subject key identifier: 42:BB:4C:2F:D2:C2:F4:F8:EB:6C:6C:9F:48:9E:99:D3:C6:73:47:A4
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018571B9F3E6FA59C5F40D087FFF8A8843EF
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/QrtML9LC9PjrbGyfSJ6Z08ZzR6Q.roa
Signing time: Mon 02 Jan 2023 09:04:50 +0000
ROA not before: Mon 02 Jan 2023 09:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211585
IP address blocks: 82.163.56.0/22 maxlen: 24
82.163.68.0/22 maxlen: 24
82.163.224.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 03 Jan 2023 08:01:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b9:f3:e6:fa:59:c5:f4:0d:08:7f:ff:8a:88:43:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Jan 2 09:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=42bb4c2fd2c2f4f8eb6c6c9f489e99d3c67347a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:3b:1e:7b:17:31:f4:b8:99:b4:9b:ea:34:d4:
24:df:15:5f:de:de:33:fb:0b:6a:01:10:42:06:60:
a0:ba:49:09:4f:e4:a6:3f:7c:aa:74:22:d5:e8:02:
fb:8e:55:e3:ce:82:49:0e:55:fd:02:42:cb:a9:9b:
7e:04:57:b7:4f:e3:24:4b:85:8d:22:40:ef:da:15:
9e:51:0e:98:4f:7e:99:fb:af:a9:48:e4:71:ba:18:
01:40:20:29:d3:f3:1b:50:4b:20:97:fa:4b:bf:6b:
39:80:e2:62:fe:fd:0f:68:80:72:56:fb:03:76:db:
e3:2f:b4:0f:ee:57:fe:dc:81:41:6e:d8:e1:4d:0a:
6c:4a:3d:0e:8a:70:08:4c:4c:e4:c1:87:1e:08:3f:
4a:38:e5:04:18:47:dc:42:a2:a1:4f:56:d2:67:21:
92:80:d9:15:8d:e9:d1:36:33:cf:61:5e:35:09:ba:
86:a4:ce:be:8b:2c:5d:9b:32:cb:5d:69:26:27:a7:
2f:65:63:b1:cf:f0:59:5e:95:11:da:61:9a:15:fa:
de:76:b7:11:00:bf:d9:41:7b:14:d6:60:84:51:01:
7a:72:c7:82:6d:fa:0f:bc:a8:83:cc:e5:25:00:80:
22:c6:c8:f2:66:9d:ea:c3:07:09:f1:df:04:aa:3b:
29:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:BB:4C:2F:D2:C2:F4:F8:EB:6C:6C:9F:48:9E:99:D3:C6:73:47:A4
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/QrtML9LC9PjrbGyfSJ6Z08ZzR6Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.163.56.0/22
82.163.68.0/22
82.163.224.0/22
Signature Algorithm: sha256WithRSAEncryption
9a:46:d8:cf:29:8f:39:3b:86:83:a0:02:01:ad:26:98:91:4b:
07:e5:74:95:12:5c:59:61:f9:38:d2:2f:50:7d:33:ab:6b:ee:
38:4c:6f:37:13:09:1e:d3:40:8b:15:8c:91:0e:5c:10:8f:bd:
f1:b2:6c:22:44:2f:6a:1e:79:9d:ae:f0:b7:13:c9:6d:95:95:
7c:f8:60:2e:fd:9f:12:ca:d4:bd:41:67:79:fe:2b:33:53:43:
bd:ce:7d:52:ea:64:c1:55:78:1d:fe:b8:70:95:2d:df:eb:a3:
f5:84:c9:d7:f7:89:f2:6f:bb:b7:63:5c:a1:b8:89:0e:24:29:
2a:7a:8f:d4:a9:3c:4f:18:c3:f0:8e:cb:3e:7a:ad:bf:b5:48:
38:26:a2:4c:79:e8:5f:38:45:a1:d3:d8:1d:e4:17:e3:aa:77:
63:33:c5:4f:3c:1b:66:94:2d:6c:0a:49:0f:8a:8a:51:1c:87:
c6:98:9a:1b:c8:6e:1b:36:df:e7:e8:00:0f:11:09:bf:5e:1b:
a5:14:c7:0c:b0:78:46:5d:1c:a0:6f:87:25:81:bb:94:d1:7a:
6d:84:c8:d7:74:68:cb:95:70:ad:71:a3:50:7c:5c:f9:a1:a6:
43:38:3f:da:ed:7a:0c:fa:3f:f6:15:38:c4:07:77:1c:40:1d:
32:6d:3a:b7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVxufPm+lnF9A0If/+KiEPvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMwMTAyMDkwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmJiNGMyZmQyYzJmNGY4ZWI2YzZjOWY0ODllOTlkM2M2NzM0N2E0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhjseexcx9LiZtJvqNNQk3xVf3t4z
+wtqARBCBmCgukkJT+SmP3yqdCLV6AL7jlXjzoJJDlX9AkLLqZt+BFe3T+MkS4WN
IkDv2hWeUQ6YT36Z+6+pSORxuhgBQCAp0/MbUEsgl/pLv2s5gOJi/v0PaIByVvsD
dtvjL7QP7lf+3IFBbtjhTQpsSj0OinAITEzkwYceCD9KOOUEGEfcQqKhT1bSZyGS
gNkVjenRNjPPYV41CbqGpM6+iyxdmzLLXWkmJ6cvZWOxz/BZXpUR2mGaFfredrcR
AL/ZQXsU1mCEUQF6cseCbfoPvKiDzOUlAIAixsjyZp3qwwcJ8d8EqjspeQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEK7TC/SwvT462xsn0iemdPGc0ekMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvUXJ0TUw5TEM5UGpyYkd5ZlNKNlowOFp6UjZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCUqM4AwQC
UqNEAwQCUqPgMA0GCSqGSIb3DQEBCwUAA4IBAQCaRtjPKY85O4aDoAIBrSaYkUsH
5XSVElxZYfk40i9QfTOra+44TG83Ewke00CLFYyRDlwQj73xsmwiRC9qHnmdrvC3
E8ltlZV8+GAu/Z8SytS9QWd5/iszU0O9zn1S6mTBVXgd/rhwlS3f66P1hMnX94ny
b7u3Y1yhuIkOJCkqeo/UqTxPGMPwjss+eq2/tUg4JqJMeehfOEWh09gd5Bfjqndj
M8VPPBtmlC1sCkkPiopRHIfGmJobyG4bNt/n6AAPEQm/XhulFMcMsHhGXRygb4cl
gbuU0XpthMjXdGjLlXCtcaNQfFz5oaZDOD/a7XoM+j/2FTjEB3ccQB0ybTq3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:35 2024 by rpki-client on console-fra.rpki-client.org