Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/eUI6SbGy6DHUdtjbMNeoW1dXeDU.roa
File: eUI6SbGy6DHUdtjbMNeoW1dXeDU.roa (raw, json)
Hash identifier: HDJ7VzYyGufqUkDeoCxRsJNl1JUu+AflZwQMgzeHIdk=
Subject key identifier: 79:42:3A:49:B1:B2:E8:31:D4:76:D8:DB:30:D7:A8:5B:57:57:78:35
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018C155D8CED51DCD0E66F0893ED989B45DA
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/eUI6SbGy6DHUdtjbMNeoW1dXeDU.roa
Signing time: Tue 28 Nov 2023 09:58:21 +0000
ROA not before: Tue 28 Nov 2023 09:58:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 82.163.54.0/23 maxlen: 24
82.163.52.0/23 maxlen: 24
5.102.104.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 29 Nov 2023 12:17:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:15:5d:8c:ed:51:dc:d0:e6:6f:08:93:ed:98:9b:45:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Nov 28 09:58:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=79423a49b1b2e831d476d8db30d7a85b57577835
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:c4:51:ab:34:b5:6e:e5:21:fe:bf:f3:fc:7f:
db:43:66:a4:d9:24:f3:49:63:12:02:30:e4:6d:e4:
44:96:12:a9:c6:34:d1:b8:cc:eb:9a:16:da:f7:f5:
f1:c8:5c:1d:c8:cc:fa:25:6a:3a:3c:85:84:c4:94:
49:bf:e2:2b:c1:17:39:41:6f:5a:31:27:2a:88:75:
86:95:55:7a:d9:40:45:a1:ac:f4:91:78:38:ad:91:
f1:ac:27:7c:1d:fb:99:8a:4d:7a:9e:64:7e:28:0c:
7e:cc:d0:9f:18:84:a9:a8:7c:71:fc:14:7d:ef:20:
21:83:e8:bb:55:45:9e:e3:e7:2d:97:8e:93:16:0a:
8f:8d:42:77:62:31:01:e5:5c:df:59:5c:34:eb:f9:
de:36:ae:af:59:1c:5e:32:fc:60:65:d0:54:6e:81:
80:2a:91:b5:c0:3b:78:8b:79:0d:b3:86:7f:89:d8:
2b:03:54:64:27:10:55:e6:0d:62:48:c5:67:32:82:
a8:cb:c3:e0:15:e3:a5:c6:09:df:6c:78:54:3f:41:
d8:6d:31:fd:bc:d2:6a:08:53:ee:2e:e4:2c:df:38:
f1:ce:c8:81:a1:2a:05:27:e5:70:8f:e2:1d:4f:de:
c9:36:9d:82:cd:b7:df:ff:59:d1:1b:56:b7:8b:d0:
29:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:42:3A:49:B1:B2:E8:31:D4:76:D8:DB:30:D7:A8:5B:57:57:78:35
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/eUI6SbGy6DHUdtjbMNeoW1dXeDU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.104.0/22
82.163.52.0/22
Signature Algorithm: sha256WithRSAEncryption
39:35:19:7f:c1:00:e1:bd:b6:32:3e:31:20:58:29:8f:a4:85:
d0:1a:b6:0e:87:72:d5:62:fd:cc:dc:0d:73:b5:e5:33:4d:61:
bb:db:77:97:7c:73:e2:81:22:78:a4:de:5b:8a:9b:9b:ec:bf:
b1:2f:49:f8:15:1b:6e:bf:0d:67:09:73:bd:96:46:ec:82:a0:
7d:16:70:d4:c8:3b:c2:d1:2b:b6:30:7f:2d:1a:13:52:d2:fb:
60:8b:0e:4f:2d:18:1d:e2:f0:b3:6f:57:8c:7e:31:b9:d2:e4:
8f:9d:e0:01:c9:2b:44:28:d5:4e:32:20:58:45:20:e9:c3:42:
e1:20:92:b4:80:ad:64:5d:48:4a:cc:79:19:c2:05:87:31:40:
fb:d2:d1:cc:11:d0:71:4c:fb:2b:6c:59:95:7e:36:3f:bf:dd:
f0:3f:38:a2:1d:9a:cd:e2:48:ad:56:57:35:d7:e3:b7:77:7e:
c8:43:8c:33:e4:b0:6c:08:d2:dc:39:53:4b:5b:c6:42:b7:be:
09:b8:8d:85:49:e4:d8:43:b0:52:c8:26:7a:1f:28:f8:78:67:
0e:5d:ca:90:4f:e4:ad:d6:42:e8:17:5e:aa:b1:ff:3f:2e:80:
28:91:67:c8:3e:1a:bf:59:78:0a:7e:7b:c5:9e:ff:1d:32:30:
6e:1f:3c:6b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYwVXYztUdzQ5m8Ik+2Ym0XaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMxMTI4MDk1ODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTQyM2E0OWIxYjJlODMxZDQ3NmQ4ZGIzMGQ3YTg1YjU3NTc3ODM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApcRRqzS1buUh/r/z/H/bQ2ak2STz
SWMSAjDkbeRElhKpxjTRuMzrmhba9/XxyFwdyMz6JWo6PIWExJRJv+IrwRc5QW9a
MScqiHWGlVV62UBFoaz0kXg4rZHxrCd8HfuZik16nmR+KAx+zNCfGISpqHxx/BR9
7yAhg+i7VUWe4+ctl46TFgqPjUJ3YjEB5VzfWVw06/neNq6vWRxeMvxgZdBUboGA
KpG1wDt4i3kNs4Z/idgrA1RkJxBV5g1iSMVnMoKoy8PgFeOlxgnfbHhUP0HYbTH9
vNJqCFPuLuQs3zjxzsiBoSoFJ+Vwj+IdT97JNp2Czbff/1nRG1a3i9Ap0QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHlCOkmxsugx1HbY2zDXqFtXV3g1MB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvZVVJNlNiR3k2REhVZHRqYk1OZW9XMWRYZURVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCBWZoAwQC
UqM0MA0GCSqGSIb3DQEBCwUAA4IBAQA5NRl/wQDhvbYyPjEgWCmPpIXQGrYOh3LV
Yv3M3A1zteUzTWG723eXfHPigSJ4pN5bipub7L+xL0n4FRtuvw1nCXO9lkbsgqB9
FnDUyDvC0Su2MH8tGhNS0vtgiw5PLRgd4vCzb1eMfjG50uSPneAByStEKNVOMiBY
RSDpw0LhIJK0gK1kXUhKzHkZwgWHMUD70tHMEdBxTPsrbFmVfjY/v93wPziiHZrN
4kitVlc11+O3d37IQ4wz5LBsCNLcOVNLW8ZCt74JuI2FSeTYQ7BSyCZ6Hyj4eGcO
XcqQT+St1kLoF16qsf8/LoAokWfIPhq/WXgKfnvFnv8dMjBuHzxr
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:47 2024 by rpki-client on console-ams.rpki-client.org