Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/iFzzvxlI2gSz60lLULEZrTioSp0.roa
File: iFzzvxlI2gSz60lLULEZrTioSp0.roa (raw, json)
Hash identifier: i+HVEuTqt7u4w1q2k/HRNz4rD3+RoucoqNNILO39W+o=
Subject key identifier: 88:5C:F3:BF:19:48:DA:04:B3:EB:49:4B:50:B1:19:AD:38:A8:4A:9D
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 019324D6628D09317163A907786C1C474912
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/iFzzvxlI2gSz60lLULEZrTioSp0.roa
Signing time: Wed 13 Nov 2024 09:24:09 +0000
ROA not before: Wed 13 Nov 2024 09:24:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 82.163.96.0/21 maxlen: 24
92.114.40.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 14 Nov 2024 06:26:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:24:d6:62:8d:09:31:71:63:a9:07:78:6c:1c:47:49:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Nov 13 09:24:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=885cf3bf1948da04b3eb494b50b119ad38a84a9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:28:10:a5:ea:36:fd:cf:00:8b:a3:5c:2c:34:
76:37:08:9d:9c:3a:28:41:44:d6:c8:d8:fd:23:f1:
47:5b:ce:ac:39:bb:1c:03:df:34:5a:64:91:43:7a:
6e:19:96:92:15:d0:f6:2b:7c:2a:26:04:b3:73:f3:
89:e9:e6:83:41:02:8f:27:b0:38:8e:90:15:4f:79:
9b:4e:b9:36:49:dc:dc:11:5f:9d:cc:e8:3f:6f:9e:
09:d5:28:7d:c6:75:ae:a2:78:3d:25:7f:f4:fd:92:
b3:81:e5:b4:ce:76:5d:79:bd:d0:7b:43:b2:14:1d:
d8:3d:5e:65:72:1f:7f:d0:2b:37:f8:fb:9e:28:4a:
7d:70:73:77:20:90:08:26:82:f0:5d:18:85:b3:86:
b6:7c:fb:31:33:16:f4:c4:b3:e0:d6:c6:68:36:fc:
0d:29:50:2b:f1:64:2e:7e:47:21:b2:27:cb:f6:41:
51:01:e6:c5:11:39:2c:a7:15:21:43:1e:d8:82:6d:
32:eb:b3:e7:6d:c7:44:46:fe:ae:a0:ed:7c:b8:c4:
6e:fc:66:ba:cc:59:75:ed:5f:1f:6a:f1:20:6b:86:
fa:69:6d:73:96:53:5f:f1:46:d4:fb:41:e5:f3:25:
c7:12:28:ab:17:10:69:35:1b:ff:f4:e1:ed:fe:91:
e3:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:5C:F3:BF:19:48:DA:04:B3:EB:49:4B:50:B1:19:AD:38:A8:4A:9D
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/iFzzvxlI2gSz60lLULEZrTioSp0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.163.96.0/21
92.114.40.0/22
Signature Algorithm: sha256WithRSAEncryption
59:59:de:15:fd:15:0f:de:c3:83:f9:ea:9e:39:35:3f:3c:5c:
12:06:e3:72:5a:1f:3d:e9:8f:25:0a:d5:a7:2b:a6:86:b0:15:
86:3b:76:8a:23:4a:25:52:f3:68:23:da:8e:3b:08:e5:d6:bb:
3b:34:cb:cb:2f:82:7e:81:2c:b3:76:87:2c:99:9a:10:a1:7c:
e8:04:66:3b:6e:6d:fa:81:93:bd:93:cd:52:50:2f:93:6f:f0:
20:3e:a0:a5:15:55:ea:be:88:b0:18:73:2c:6d:d6:10:9f:f7:
c1:ee:5a:a2:ae:b7:70:7d:87:bb:30:1f:01:77:75:e3:03:a0:
2c:94:52:29:a8:63:80:ce:78:cb:fd:f4:56:84:c4:ea:ba:97:
06:af:4c:93:86:29:03:77:5d:c4:79:d3:b6:e4:50:89:96:58:
25:b2:a1:1f:b1:13:a5:ac:6b:0e:7f:39:24:b8:b9:49:f8:d5:
a0:3f:8d:19:32:40:84:9c:1a:c2:af:1f:d1:cc:32:08:8f:67:
b6:ba:93:a0:55:5a:10:d0:eb:fa:be:e7:16:96:10:f1:44:2f:
ff:5a:43:a9:0c:69:03:b8:52:52:57:c7:ba:c8:b6:8a:e1:73:
b1:b5:c3:d2:f3:9d:22:2e:eb:ab:f3:7c:b9:b9:95:59:64:65:
6b:db:19:61
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZMk1mKNCTFxY6kHeGwcR0kSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQxMTEzMDkyNDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODVjZjNiZjE5NDhkYTA0YjNlYjQ5NGI1MGIxMTlhZDM4YTg0YTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuCgQpeo2/c8Ai6NcLDR2NwidnDoo
QUTWyNj9I/FHW86sObscA980WmSRQ3puGZaSFdD2K3wqJgSzc/OJ6eaDQQKPJ7A4
jpAVT3mbTrk2SdzcEV+dzOg/b54J1Sh9xnWuong9JX/0/ZKzgeW0znZdeb3Qe0Oy
FB3YPV5lch9/0Cs3+PueKEp9cHN3IJAIJoLwXRiFs4a2fPsxMxb0xLPg1sZoNvwN
KVAr8WQufkchsifL9kFRAebFETkspxUhQx7Ygm0y67PnbcdERv6uoO18uMRu/Ga6
zFl17V8favEga4b6aW1zllNf8UbU+0Hl8yXHEiirFxBpNRv/9OHt/pHj7wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIhc878ZSNoEs+tJS1CxGa04qEqdMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvaUZ6enZ4bEkyZ1N6NjBsTFVMRVpyVGlvU3AwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDUqNgAwQC
XHIoMA0GCSqGSIb3DQEBCwUAA4IBAQBZWd4V/RUP3sOD+eqeOTU/PFwSBuNyWh89
6Y8lCtWnK6aGsBWGO3aKI0olUvNoI9qOOwjl1rs7NMvLL4J+gSyzdocsmZoQoXzo
BGY7bm36gZO9k81SUC+Tb/AgPqClFVXqvoiwGHMsbdYQn/fB7lqirrdwfYe7MB8B
d3XjA6AslFIpqGOAznjL/fRWhMTqupcGr0yThikDd13EedO25FCJllglsqEfsROl
rGsOfzkkuLlJ+NWgP40ZMkCEnBrCrx/RzDIIj2e2upOgVVoQ0Ov6vucWlhDxRC//
WkOpDGkDuFJSV8e6yLaK4XOxtcPS850iLuur83y5uZVZZGVr2xlh
-----END CERTIFICATE-----
Generated at Thu Nov 14 07:15:17 2024 by rpki-client on console-fra.rpki-client.org