Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/R7bdaOozdXWAe7S2zf_Ez0wLimc.roa
File: R7bdaOozdXWAe7S2zf_Ez0wLimc.roa (raw, json)
Hash identifier: AeWdFH2gfphZCj727je0I8HvtbW9//71zjHlI/f72Vw=
Subject key identifier: 47:B6:DD:68:EA:33:75:75:80:7B:B4:B6:CD:FF:C4:CF:4C:0B:8A:67
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018ACB5543A7F63F4735E9C5F94EBAC2BB6A
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/R7bdaOozdXWAe7S2zf_Ez0wLimc.roa
Signing time: Mon 25 Sep 2023 07:54:37 +0000
ROA not before: Mon 25 Sep 2023 07:54:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5065
IP address blocks: 82.163.168.0/22 maxlen: 24
188.215.120.0/22 maxlen: 24
82.163.96.0/21 maxlen: 24
82.163.224.0/22 maxlen: 24
130.255.68.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 02 Oct 2023 07:48:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:cb:55:43:a7:f6:3f:47:35:e9:c5:f9:4e:ba:c2:bb:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Sep 25 07:54:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=47b6dd68ea337575807bb4b6cdffc4cf4c0b8a67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:f9:32:da:25:b2:6f:f6:ea:ab:79:e0:77:d2:
3f:8b:f9:4a:e9:e6:40:94:60:d5:ef:c1:e9:03:80:
ef:20:ea:a9:8c:65:93:dc:aa:61:42:aa:8c:6f:9f:
86:80:56:df:9f:f2:25:79:4b:69:d2:b9:64:e1:fb:
15:a0:9c:a1:d5:0d:25:df:df:83:04:15:15:47:de:
11:60:03:1e:37:3e:1c:30:60:ef:3f:73:09:62:68:
d4:bf:0e:19:f9:18:c1:0b:99:c9:f9:29:12:8d:a4:
0c:0c:e3:f8:96:e2:3b:97:bd:97:db:9a:a8:a9:90:
f5:5c:27:ed:59:a6:03:fa:e6:35:14:2a:f4:32:e2:
71:96:da:6b:29:e8:34:05:4a:3c:99:fb:98:8b:9b:
5d:c9:27:91:20:c9:0f:80:a5:20:e0:72:73:04:15:
9e:81:32:5f:69:6c:4e:58:17:01:1d:e8:e8:97:60:
32:b4:b4:59:b3:e7:d5:b6:92:41:58:06:e8:80:f9:
0e:7c:a6:9c:89:0f:98:cc:e5:cc:ce:de:01:90:33:
ac:bf:24:7b:94:b7:dd:93:32:b3:0b:2d:bb:97:0e:
05:cb:1c:4a:cc:f8:c3:8b:ef:4c:95:89:38:60:13:
a8:96:cf:ff:10:fa:ff:ce:63:87:7e:9e:57:4f:7e:
73:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:B6:DD:68:EA:33:75:75:80:7B:B4:B6:CD:FF:C4:CF:4C:0B:8A:67
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/R7bdaOozdXWAe7S2zf_Ez0wLimc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.163.96.0/21
82.163.168.0/22
82.163.224.0/22
130.255.68.0/22
188.215.120.0/22
Signature Algorithm: sha256WithRSAEncryption
7d:73:a8:4e:8f:0b:24:e7:c9:38:17:08:fa:45:94:dc:1b:88:
df:1c:31:52:a8:1c:73:93:a5:9a:14:c6:bc:03:e6:d5:62:38:
33:96:b1:cc:96:ff:f8:50:75:3d:b9:73:41:0c:b9:5e:e4:46:
59:f5:69:7e:01:9f:3b:61:56:2a:56:56:8d:fb:c2:2c:9d:ef:
f2:49:3d:7e:f0:d9:3c:51:40:5a:4d:98:35:8c:6c:f1:5b:39:
00:fe:57:73:c1:cb:d1:61:9b:82:88:5b:eb:45:7f:74:94:6a:
5b:85:ae:17:1f:49:87:28:98:5c:71:b4:12:79:b1:f3:8a:90:
93:dc:33:d0:ef:d5:89:18:3e:28:b3:83:5a:3f:96:5a:f3:3c:
6d:73:d9:e1:48:b4:3f:8c:3b:8c:c3:0e:28:2a:0a:32:25:f3:
ca:6d:33:8b:bd:7b:ce:cc:18:e1:84:0f:f4:54:b9:5e:62:ce:
af:e0:81:02:87:93:6b:b1:1c:94:b1:50:f0:b3:ce:a4:04:65:
01:9c:c1:20:d2:86:d5:31:df:c2:12:d6:85:1d:fc:18:88:cd:
d3:30:60:1f:69:1b:bd:db:8d:fb:cc:46:ee:24:ce:fc:9a:9f:
0e:6a:a1:ec:16:f9:ec:f0:76:22:34:14:82:d0:bf:60:4b:51:
97:2b:4a:4f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYrLVUOn9j9HNenF+U66wrtqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMwOTI1MDc1NDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2I2ZGQ2OGVhMzM3NTc1ODA3YmI0YjZjZGZmYzRjZjRjMGI4YTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhvky2iWyb/bqq3ngd9I/i/lK6eZA
lGDV78HpA4DvIOqpjGWT3KphQqqMb5+GgFbfn/IleUtp0rlk4fsVoJyh1Q0l39+D
BBUVR94RYAMeNz4cMGDvP3MJYmjUvw4Z+RjBC5nJ+SkSjaQMDOP4luI7l72X25qo
qZD1XCftWaYD+uY1FCr0MuJxltprKeg0BUo8mfuYi5tdySeRIMkPgKUg4HJzBBWe
gTJfaWxOWBcBHejol2AytLRZs+fVtpJBWAbogPkOfKaciQ+YzOXMzt4BkDOsvyR7
lLfdkzKzCy27lw4FyxxKzPjDi+9MlYk4YBOols//EPr/zmOHfp5XT35zzQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEe23WjqM3V1gHu0ts3/xM9MC4pnMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvUjdiZGFPb3pkWFdBZTdTMnpmX0V6MHdMaW1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDUqNgAwQC
UqOoAwQCUqPgAwQCgv9EAwQCvNd4MA0GCSqGSIb3DQEBCwUAA4IBAQB9c6hOjwsk
58k4Fwj6RZTcG4jfHDFSqBxzk6WaFMa8A+bVYjgzlrHMlv/4UHU9uXNBDLle5EZZ
9Wl+AZ87YVYqVlaN+8Isne/yST1+8Nk8UUBaTZg1jGzxWzkA/ldzwcvRYZuCiFvr
RX90lGpbha4XH0mHKJhccbQSebHzipCT3DPQ79WJGD4os4NaP5Za8zxtc9nhSLQ/
jDuMww4oKgoyJfPKbTOLvXvOzBjhhA/0VLleYs6v4IECh5NrsRyUsVDws86kBGUB
nMEg0obVMd/CEtaFHfwYiM3TMGAfaRu92437zEbuJM78mp8OaqHsFvns8HYiNBSC
0L9gS1GXK0pP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:35 2024 by rpki-client on console-fra.rpki-client.org