Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/cKdWyTwNmfdit3fKPSeSFQthKIo.roa
File: cKdWyTwNmfdit3fKPSeSFQthKIo.roa (raw, json)
Hash identifier: slymFXuFNQ3e1c9O7WvZ9kzOgvgOn8sdVoz+TtUDCfw=
Subject key identifier: 70:A7:56:C9:3C:0D:99:F7:62:B7:77:CA:3D:27:92:15:0B:61:28:8A
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 01864EACCB612651AD4B12FC6D997A82ABAA
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/cKdWyTwNmfdit3fKPSeSFQthKIo.roa
Signing time: Tue 14 Feb 2023 06:46:32 +0000
ROA not before: Tue 14 Feb 2023 06:46:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39521
IP address blocks: 82.163.56.0/22 maxlen: 24
78.143.224.0/21 maxlen: 24
82.163.64.0/22 maxlen: 24
82.163.228.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 20 Jun 2023 11:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:4e:ac:cb:61:26:51:ad:4b:12:fc:6d:99:7a:82:ab:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Feb 14 06:46:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=70a756c93c0d99f762b777ca3d2792150b61288a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:63:b1:e3:c2:af:02:73:8a:9a:92:2f:6c:1e:
1d:08:6a:c0:2c:c8:8f:d1:a1:c2:22:c8:fe:ef:54:
e2:63:b1:c7:5e:02:8e:25:dc:a7:9a:43:54:89:68:
a7:33:cc:2e:b6:fc:c9:0f:1c:9b:07:db:d9:08:4e:
24:aa:c3:b5:2c:ea:38:0b:c1:19:3a:03:5c:93:67:
4c:16:ef:6e:48:9f:62:9d:19:70:ea:34:3f:c0:92:
71:6d:97:8b:70:6b:75:92:37:a7:dd:6b:29:e2:d8:
2a:40:39:27:07:d9:8a:5a:0f:1e:cf:a4:a7:08:36:
5f:0c:71:ff:75:7a:b5:51:ff:58:02:bb:8d:51:9d:
58:56:9e:43:64:62:f9:79:fa:33:dd:8e:15:4d:85:
75:59:73:1e:38:ed:26:46:1e:54:3b:9b:d3:09:33:
52:14:f1:64:f9:05:34:e5:40:84:0f:75:7c:d4:ea:
1f:7c:95:f9:60:82:0e:e8:54:12:74:96:83:d5:36:
69:f3:1c:ef:fb:88:74:ed:39:7f:4d:ae:e6:d2:d8:
db:f4:bb:ad:84:41:d0:bb:8b:44:7f:0c:5f:0a:65:
f4:2c:19:1a:b6:2f:a4:0e:b4:bf:78:a8:6c:fb:88:
09:9f:72:6e:07:39:2f:25:cb:49:60:06:48:e3:76:
ef:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:A7:56:C9:3C:0D:99:F7:62:B7:77:CA:3D:27:92:15:0B:61:28:8A
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/cKdWyTwNmfdit3fKPSeSFQthKIo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.143.224.0/21
82.163.56.0/22
82.163.64.0/22
82.163.228.0/22
Signature Algorithm: sha256WithRSAEncryption
9e:f6:40:88:d3:1b:ad:d9:98:4d:52:de:c6:fb:cd:5a:21:eb:
c6:77:70:66:86:1c:6c:fe:3f:d2:cb:45:45:7c:f8:8d:b4:03:
ea:74:ca:cf:fd:ea:66:d4:23:be:c7:37:cd:1c:a0:8b:ac:c0:
9b:48:71:50:53:2f:69:73:6a:5d:8b:c2:df:27:2c:9a:b0:75:
75:e7:22:2e:38:6f:cf:a8:96:a8:8f:09:a4:fc:ad:ae:1c:b2:
f5:8d:5e:90:81:2b:f0:95:17:04:03:c1:b1:e8:4d:1f:1e:f1:
20:f4:06:af:a9:50:68:c8:cc:56:ec:72:c3:d2:b6:8b:c1:ae:
87:90:ac:df:d0:8f:3e:11:d3:fa:1e:d7:4f:fa:2a:24:30:be:
19:03:26:4a:78:e9:16:33:9f:aa:ec:37:95:ce:35:c2:02:52:
10:3c:8b:cc:70:d4:83:5c:80:0a:16:59:a5:b4:ad:68:ca:c0:
78:8e:6e:06:ac:a7:92:eb:04:76:7b:da:16:1a:fc:da:23:9e:
c9:06:9a:0d:29:5e:97:3f:b8:66:7f:fc:72:63:01:0d:6d:7c:
8f:e3:bb:be:2e:36:68:18:3c:ad:ec:e2:31:c7:18:9c:c1:ac:
43:d4:ce:ce:e4:f5:bb:52:09:c0:fc:57:38:fe:b8:a3:48:44:
00:07:98:0f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYZOrMthJlGtSxL8bZl6gquqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMwMjE0MDY0NjMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGE3NTZjOTNjMGQ5OWY3NjJiNzc3Y2EzZDI3OTIxNTBiNjEyODhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6mOx48KvAnOKmpIvbB4dCGrALMiP
0aHCIsj+71TiY7HHXgKOJdynmkNUiWinM8wutvzJDxybB9vZCE4kqsO1LOo4C8EZ
OgNck2dMFu9uSJ9inRlw6jQ/wJJxbZeLcGt1kjen3Wsp4tgqQDknB9mKWg8ez6Sn
CDZfDHH/dXq1Uf9YAruNUZ1YVp5DZGL5efoz3Y4VTYV1WXMeOO0mRh5UO5vTCTNS
FPFk+QU05UCED3V81OoffJX5YIIO6FQSdJaD1TZp8xzv+4h07Tl/Ta7m0tjb9Lut
hEHQu4tEfwxfCmX0LBkati+kDrS/eKhs+4gJn3JuBzkvJctJYAZI43bvFQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHCnVsk8DZn3Yrd3yj0nkhULYSiKMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvY0tkV3lUd05tZmRpdDNmS1BTZVNGUXRoS0lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDTo/gAwQC
UqM4AwQCUqNAAwQCUqPkMA0GCSqGSIb3DQEBCwUAA4IBAQCe9kCI0xut2ZhNUt7G
+81aIevGd3Bmhhxs/j/Sy0VFfPiNtAPqdMrP/epm1CO+xzfNHKCLrMCbSHFQUy9p
c2pdi8LfJyyasHV15yIuOG/PqJaojwmk/K2uHLL1jV6QgSvwlRcEA8Gx6E0fHvEg
9AavqVBoyMxW7HLD0raLwa6HkKzf0I8+EdP6HtdP+iokML4ZAyZKeOkWM5+q7DeV
zjXCAlIQPIvMcNSDXIAKFlmltK1oysB4jm4GrKeS6wR2e9oWGvzaI57JBpoNKV6X
P7hmf/xyYwENbXyP47u+LjZoGDyt7OIxxxicwaxD1M7O5PW7UgnA/Fc4/rijSEQA
B5gP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:35 2024 by rpki-client on console-fra.rpki-client.org