Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/_5ICrOFXKBB9dn_aBNa226-EBVA.roa
File: _5ICrOFXKBB9dn_aBNa226-EBVA.roa (raw, json)
Hash identifier: 9wPm5Wq6Mka4Umz2+aeRLRUO7IShJEXfnPzsbe+Lpgw=
Subject key identifier: FF:92:02:AC:E1:57:28:10:7D:76:7F:DA:04:D6:B6:DB:AF:84:05:50
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0193B5D2F9690A1D1CC40D290C0923DD5E5A
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/_5ICrOFXKBB9dn_aBNa226-EBVA.roa
Signing time: Wed 11 Dec 2024 13:05:22 +0000
ROA not before: Wed 11 Dec 2024 13:05:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5065
IP address blocks: 82.163.168.0/22 maxlen: 24
82.163.224.0/22 maxlen: 24
130.255.68.0/22 maxlen: 24
188.215.120.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:50:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:b5:d2:f9:69:0a:1d:1c:c4:0d:29:0c:09:23:dd:5e:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Dec 11 13:05:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ff9202ace15728107d767fda04d6b6dbaf840550
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:64:e8:34:14:ed:da:8a:63:b6:d2:48:46:4b:
34:e9:fe:65:68:38:6d:e1:be:93:f9:5a:01:1e:f9:
76:9b:8e:6a:84:e2:89:53:69:cf:e8:75:92:85:31:
e5:09:cd:42:bc:94:ed:e2:4e:70:55:bb:ff:da:b8:
28:c7:57:2f:c5:57:d3:82:20:45:ef:1d:73:7f:41:
93:82:b1:e6:50:f6:3f:93:35:91:fb:e1:3a:93:c5:
8b:80:51:75:2d:41:f0:1d:a8:ed:7a:d3:05:e6:48:
39:7d:02:62:92:cc:ef:7f:48:a2:78:f5:0c:97:bd:
1c:41:9f:80:bc:b5:38:1f:8e:01:bf:a8:b7:fd:50:
26:58:17:53:fa:44:8f:b1:e6:a6:f2:30:bc:79:5d:
c2:c9:e5:27:46:f0:10:93:e0:1b:9a:ae:50:c3:31:
fc:50:07:41:73:00:39:f0:a7:84:95:b5:d1:1b:66:
44:d9:eb:22:96:d1:b8:66:07:03:86:cc:bb:db:2f:
78:14:77:75:5a:4d:83:17:4a:08:55:90:72:72:c7:
ba:0c:d3:4f:bf:66:e7:0f:7c:d2:b7:ee:38:4d:d3:
14:bc:2d:fa:2f:5b:c1:f4:4f:a5:d0:b6:b7:0c:e5:
1a:72:a8:87:bf:a2:da:6c:61:47:0c:dc:52:15:d7:
4e:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:92:02:AC:E1:57:28:10:7D:76:7F:DA:04:D6:B6:DB:AF:84:05:50
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/_5ICrOFXKBB9dn_aBNa226-EBVA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.163.168.0/22
82.163.224.0/22
130.255.68.0/22
188.215.120.0/22
Signature Algorithm: sha256WithRSAEncryption
7e:a8:44:a4:e6:1d:e8:26:e4:de:43:c0:04:21:a3:f8:2f:44:
81:4f:f2:f9:2e:0b:82:9f:bc:11:5b:91:4c:d1:14:99:c9:72:
49:6d:77:3b:27:aa:ac:dc:9d:d4:50:b8:21:ee:48:09:c1:da:
86:61:16:3d:f8:07:ef:8c:00:72:ac:b1:98:53:31:9e:07:81:
f3:72:e7:ef:f8:6c:63:e4:08:84:9e:38:da:7f:c2:91:0c:a5:
13:4d:64:69:24:ef:84:4e:f3:d1:2f:b5:1b:df:d2:19:46:d0:
31:96:c1:e8:fa:c4:65:b6:40:d1:1f:b1:ee:5f:2b:3c:f9:52:
a3:8d:92:dc:2d:db:38:f1:75:bd:83:e7:71:bb:d6:92:f4:34:
d8:89:8d:d5:fb:3f:88:01:0f:b3:ec:8c:e7:a5:0d:fc:c0:4d:
85:e4:2e:17:fa:12:22:6f:af:b4:81:da:18:f5:7a:fd:99:32:
39:78:a5:dc:4b:bc:9c:bf:2a:d5:62:32:5b:51:86:c5:fc:78:
45:dd:f5:e8:d5:6b:14:02:be:c5:c9:2e:65:df:8a:0f:fb:08:
f1:c2:43:54:be:c0:b4:97:7a:8c:a9:2d:0d:6f:91:97:1c:c4:
a7:cb:04:91:16:48:19:a8:6c:0b:a7:c4:ec:b4:d2:a9:46:c0:
4c:a3:42:7f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZO10vlpCh0cxA0pDAkj3V5aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQxMjExMTMwNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjkyMDJhY2UxNTcyODEwN2Q3NjdmZGEwNGQ2YjZkYmFmODQwNTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkmToNBTt2opjttJIRks06f5laDht
4b6T+VoBHvl2m45qhOKJU2nP6HWShTHlCc1CvJTt4k5wVbv/2rgox1cvxVfTgiBF
7x1zf0GTgrHmUPY/kzWR++E6k8WLgFF1LUHwHajtetMF5kg5fQJikszvf0iiePUM
l70cQZ+AvLU4H44Bv6i3/VAmWBdT+kSPseam8jC8eV3CyeUnRvAQk+Abmq5QwzH8
UAdBcwA58KeElbXRG2ZE2esiltG4ZgcDhsy72y94FHd1Wk2DF0oIVZBycse6DNNP
v2bnD3zSt+44TdMUvC36L1vB9E+l0La3DOUacqiHv6LabGFHDNxSFddO8QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFP+SAqzhVygQfXZ/2gTWttuvhAVQMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvXzVJQ3JPRlhLQkI5ZG5fYUJOYTIyNi1FQlZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCUqOoAwQC
UqPgAwQCgv9EAwQCvNd4MA0GCSqGSIb3DQEBCwUAA4IBAQB+qESk5h3oJuTeQ8AE
IaP4L0SBT/L5LguCn7wRW5FM0RSZyXJJbXc7J6qs3J3UULgh7kgJwdqGYRY9+Afv
jAByrLGYUzGeB4Hzcufv+Gxj5AiEnjjaf8KRDKUTTWRpJO+ETvPRL7Ub39IZRtAx
lsHo+sRltkDRH7HuXys8+VKjjZLcLds48XW9g+dxu9aS9DTYiY3V+z+IAQ+z7Izn
pQ38wE2F5C4X+hIib6+0gdoY9Xr9mTI5eKXcS7ycvyrVYjJbUYbF/HhF3fXo1WsU
Ar7FyS5l34oP+wjxwkNUvsC0l3qMqS0Nb5GXHMSnywSRFkgZqGwLp8TstNKpRsBM
o0J/
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:20:35 2025 by rpki-client