Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/l1FEMwMLfoADg9K40RDRHOKF0OA.roa
File: l1FEMwMLfoADg9K40RDRHOKF0OA.roa (raw, json)
Hash identifier: pP3HwR7+TrEFpdsuO7xuwHJqbOJI58nRgJJDR7XvXG4=
Subject key identifier: 97:51:44:33:03:0B:7E:80:03:83:D2:B8:D1:10:D1:1C:E2:85:D0:E0
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018571B9F20623B3B2CFD405515FD2E5CB08
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/l1FEMwMLfoADg9K40RDRHOKF0OA.roa
Signing time: Mon 02 Jan 2023 09:04:49 +0000
ROA not before: Mon 02 Jan 2023 09:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 185.106.192.0/23 maxlen: 24
82.163.54.0/23 maxlen: 24
82.163.52.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 24 Jan 2023 13:59:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b9:f2:06:23:b3:b2:cf:d4:05:51:5f:d2:e5:cb:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Jan 2 09:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=97514433030b7e800383d2b8d110d11ce285d0e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:21:ac:71:48:34:d7:d4:45:23:14:0a:37:5d:
13:ca:0a:20:7c:a7:88:31:f7:df:b3:9b:29:91:d5:
a3:0c:b5:cf:3d:31:c9:44:b8:ae:aa:d8:00:3a:4a:
70:7e:53:d0:f9:3f:98:a9:1e:43:3c:16:df:d9:2b:
87:5d:cf:49:ed:88:29:15:f9:5d:84:1c:40:34:f2:
4e:81:b9:96:45:dc:64:f6:a6:cd:f6:3e:10:98:73:
cc:7e:c8:65:12:17:f0:1d:4f:d7:27:18:49:8e:b7:
90:3c:9b:fa:b1:81:44:0e:7d:20:46:5b:1d:36:51:
da:a5:57:3b:67:ce:d7:b4:cc:10:d2:f7:97:15:4e:
e1:4a:64:4f:cb:cd:04:67:67:7d:3a:b9:aa:17:0f:
5f:ba:ea:0d:3e:b1:26:ef:7b:ed:f0:6e:3f:c2:c2:
4d:ee:3e:90:1b:8b:3c:27:4a:2a:f2:a4:18:34:2f:
e6:84:30:ba:c1:f8:61:cd:04:79:2f:82:b3:40:91:
0b:5f:78:37:7e:02:fd:de:b8:dd:27:1a:7c:1f:c0:
d8:f2:5c:13:50:49:f2:74:82:f1:bb:3b:3a:ff:5d:
08:96:ad:b0:bb:a0:6e:a0:33:c2:b3:ac:01:4c:8f:
51:ad:6c:a4:17:f2:e6:91:c8:13:60:64:8a:e3:72:
4c:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:51:44:33:03:0B:7E:80:03:83:D2:B8:D1:10:D1:1C:E2:85:D0:E0
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/l1FEMwMLfoADg9K40RDRHOKF0OA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.163.52.0/22
185.106.192.0/23
Signature Algorithm: sha256WithRSAEncryption
49:87:80:b5:db:af:0d:d4:c6:78:d2:8c:49:37:f9:a8:be:16:
c1:95:bf:1f:36:d5:c3:53:1d:26:4e:c6:5c:e9:77:29:e4:17:
3d:85:9a:2f:42:a3:92:0e:fb:2e:02:9e:8a:65:7a:e0:14:ca:
b1:59:a2:52:28:e9:5c:44:9f:58:04:eb:b3:08:b3:2e:13:ea:
9b:4c:21:7f:6f:e3:39:09:fd:1f:0f:90:d5:8b:84:09:30:41:
01:35:80:41:75:d2:f0:98:c2:6d:9e:f9:45:38:19:c2:3b:e6:
9b:4f:e8:1e:30:d0:bc:d3:4c:5f:5b:2f:e4:6f:59:ac:ec:3b:
28:86:8f:59:93:86:dc:38:a1:48:5c:f8:55:d6:cf:78:17:61:
2d:9d:54:0e:67:00:92:ef:12:16:8b:40:84:b6:cc:e4:e2:cd:
29:fa:8c:70:85:8b:b4:57:5e:63:df:8a:26:6d:fd:20:82:a8:
45:73:30:8b:18:af:ea:a6:5a:05:52:12:a3:54:42:5c:c0:d3:
ff:31:00:54:e5:ef:54:52:7d:88:35:0a:92:70:d1:3c:07:7a:
79:75:d4:6f:43:37:a6:5a:98:ef:ff:5d:05:d0:a5:d0:f8:14:
20:ee:d4:69:a3:ed:3d:a6:82:92:17:37:f0:d4:6b:e6:60:37:
47:bd:52:03
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxufIGI7Oyz9QFUV/S5csIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMwMTAyMDkwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzUxNDQzMzAzMGI3ZTgwMDM4M2QyYjhkMTEwZDExY2UyODVkMGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmiGscUg019RFIxQKN10TygogfKeI
Mfffs5spkdWjDLXPPTHJRLiuqtgAOkpwflPQ+T+YqR5DPBbf2SuHXc9J7YgpFfld
hBxANPJOgbmWRdxk9qbN9j4QmHPMfshlEhfwHU/XJxhJjreQPJv6sYFEDn0gRlsd
NlHapVc7Z87XtMwQ0veXFU7hSmRPy80EZ2d9OrmqFw9fuuoNPrEm73vt8G4/wsJN
7j6QG4s8J0oq8qQYNC/mhDC6wfhhzQR5L4KzQJELX3g3fgL93rjdJxp8H8DY8lwT
UEnydILxuzs6/10Ilq2wu6BuoDPCs6wBTI9RrWykF/LmkcgTYGSK43JMiwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJdRRDMDC36AA4PSuNEQ0RzihdDgMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvbDFGRU13TUxmb0FEZzlLNDBSRFJIT0tGME9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCUqM0AwQB
uWrAMA0GCSqGSIb3DQEBCwUAA4IBAQBJh4C1268N1MZ40oxJN/movhbBlb8fNtXD
Ux0mTsZc6Xcp5Bc9hZovQqOSDvsuAp6KZXrgFMqxWaJSKOlcRJ9YBOuzCLMuE+qb
TCF/b+M5Cf0fD5DVi4QJMEEBNYBBddLwmMJtnvlFOBnCO+abT+geMNC800xfWy/k
b1ms7Dsoho9Zk4bcOKFIXPhV1s94F2EtnVQOZwCS7xIWi0CEtszk4s0p+oxwhYu0
V15j34ombf0ggqhFczCLGK/qploFUhKjVEJcwNP/MQBU5e9UUn2INQqScNE8B3p5
ddRvQzemWpjv/10F0KXQ+BQg7tRpo+09poKSFzfw1GvmYDdHvVID
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:47 2024 by rpki-client on console-ams.rpki-client.org