Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/iATA98zt3sWdXpISVipSmY5xdC4.roa
File: iATA98zt3sWdXpISVipSmY5xdC4.roa (raw, json)
Hash identifier: G+Xg7ACx11Lhm3D4hes3t4e58Rdcvrzx2uMJ7u3T188=
Subject key identifier: 88:04:C0:F7:CC:ED:DE:C5:9D:5E:92:12:56:2A:52:99:8E:71:74:2E
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018E50B68EDCE5DBE73C842CC94753EB444B
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/iATA98zt3sWdXpISVipSmY5xdC4.roa
Signing time: Mon 18 Mar 2024 08:38:45 +0000
ROA not before: Mon 18 Mar 2024 08:38:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5065
IP address blocks: 82.163.96.0/21 maxlen: 24
82.163.168.0/22 maxlen: 24
82.163.224.0/22 maxlen: 24
130.255.68.0/22 maxlen: 24
188.215.120.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 17 Apr 2024 14:12:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:50:b6:8e:dc:e5:db:e7:3c:84:2c:c9:47:53:eb:44:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Mar 18 08:38:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8804c0f7cceddec59d5e9212562a52998e71742e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:cb:d4:72:01:28:56:55:25:9a:b3:3c:a3:c9:
ee:32:6e:4f:e2:c1:84:18:6f:3e:88:90:68:7f:9e:
f8:c3:65:e2:70:69:e6:ae:7c:47:6f:55:d3:73:c2:
12:66:01:a7:b7:72:a8:4e:bc:4a:fe:c6:6e:31:ab:
a4:ce:a8:97:a9:44:2d:27:e8:39:10:4c:eb:27:33:
db:1b:6e:fd:cd:34:5b:90:b6:46:79:e8:28:2e:cc:
ad:ed:6c:2a:80:95:e8:3a:2e:d3:01:d6:60:10:5c:
64:bc:67:d4:89:4e:58:a9:51:c0:58:14:7b:9d:1b:
ba:63:23:a6:12:6f:e5:32:78:6a:09:34:c2:cd:2f:
45:6b:92:bc:b6:b7:17:24:27:fd:10:f2:80:40:0b:
fa:41:77:04:ff:60:86:1f:58:c4:3e:67:07:24:04:
ec:9a:cf:36:46:0e:d9:79:09:b9:7b:13:bd:3c:11:
b5:98:e7:92:92:25:f2:a0:88:de:40:ba:1b:d3:a4:
bc:d1:2e:b8:d0:35:e2:ab:16:a4:c0:46:72:30:cd:
b0:d4:5a:ab:44:a0:e4:13:69:6d:91:ad:1a:8f:c7:
cf:9d:52:24:d4:74:04:64:e3:38:19:ef:56:32:e4:
8d:dc:45:57:65:01:b9:22:36:f6:ad:1d:24:98:31:
f2:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:04:C0:F7:CC:ED:DE:C5:9D:5E:92:12:56:2A:52:99:8E:71:74:2E
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/iATA98zt3sWdXpISVipSmY5xdC4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.163.96.0/21
82.163.168.0/22
82.163.224.0/22
130.255.68.0/22
188.215.120.0/22
Signature Algorithm: sha256WithRSAEncryption
98:94:2b:e4:d0:28:53:15:b2:ff:59:7e:e8:3f:37:8a:2c:68:
a8:23:33:55:01:43:15:a7:be:77:8b:e5:d7:13:f6:70:9b:cf:
65:34:0e:6c:03:29:3f:e8:35:35:ab:08:a7:ee:cf:c4:e8:e7:
99:bf:44:c7:34:1b:28:22:7d:67:9a:fd:5b:95:a1:10:c7:a4:
93:53:ea:ca:12:5d:2b:0f:49:75:b9:02:47:cf:ca:43:39:18:
10:b0:a4:78:87:78:8e:69:66:0a:c8:00:f7:6b:ed:87:47:c9:
19:a1:f6:ee:de:93:5a:ff:b3:83:8b:f2:79:12:59:cc:5e:2e:
64:16:d4:1d:77:14:32:fb:d0:1a:eb:72:eb:5c:7e:a6:b5:b5:
dd:df:91:24:c0:d1:16:a2:2a:f0:93:26:c9:14:8f:ba:46:ee:
70:38:16:c9:c2:9a:b4:7a:67:d2:1b:be:d6:4f:84:90:d8:d9:
5d:86:51:b3:1f:1c:56:6e:7e:4f:5b:a4:c9:a1:66:ca:b3:78:
09:cc:21:1b:a5:d4:a1:7d:75:6d:62:d3:5b:53:ab:4b:4b:a9:
a7:63:dd:e5:6b:46:e9:45:c7:e6:1c:c0:36:eb:af:64:bf:51:
01:af:a9:e2:56:c1:07:f1:f2:10:88:e8:8a:bc:46:a5:0f:32:
04:0a:fc:a1
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY5Qto7c5dvnPIQsyUdT60RLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQwMzE4MDgzODQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODA0YzBmN2NjZWRkZWM1OWQ1ZTkyMTI1NjJhNTI5OThlNzE3NDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8vUcgEoVlUlmrM8o8nuMm5P4sGE
GG8+iJBof574w2XicGnmrnxHb1XTc8ISZgGnt3KoTrxK/sZuMaukzqiXqUQtJ+g5
EEzrJzPbG279zTRbkLZGeegoLsyt7WwqgJXoOi7TAdZgEFxkvGfUiU5YqVHAWBR7
nRu6YyOmEm/lMnhqCTTCzS9Fa5K8trcXJCf9EPKAQAv6QXcE/2CGH1jEPmcHJATs
ms82Rg7ZeQm5exO9PBG1mOeSkiXyoIjeQLob06S80S640DXiqxakwEZyMM2w1Fqr
RKDkE2ltka0aj8fPnVIk1HQEZOM4Ge9WMuSN3EVXZQG5Ijb2rR0kmDHyYwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFIgEwPfM7d7FnV6SElYqUpmOcXQuMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvaUFUQTk4enQzc1dkWHBJU1ZpcFNtWTV4ZEM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDUqNgAwQC
UqOoAwQCUqPgAwQCgv9EAwQCvNd4MA0GCSqGSIb3DQEBCwUAA4IBAQCYlCvk0ChT
FbL/WX7oPzeKLGioIzNVAUMVp753i+XXE/Zwm89lNA5sAyk/6DU1qwin7s/E6OeZ
v0THNBsoIn1nmv1blaEQx6STU+rKEl0rD0l1uQJHz8pDORgQsKR4h3iOaWYKyAD3
a+2HR8kZofbu3pNa/7ODi/J5ElnMXi5kFtQddxQy+9Aa63LrXH6mtbXd35EkwNEW
oirwkybJFI+6Ru5wOBbJwpq0emfSG77WT4SQ2NldhlGzHxxWbn5PW6TJoWbKs3gJ
zCEbpdShfXVtYtNbU6tLS6mnY93la0bpRcfmHMA2669kv1EBr6niVsEH8fIQiOiK
vEalDzIECvyh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:36 2024 by rpki-client on console-fra.rpki-client.org