Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/sKWDgUqc_T_scefVY1e8H4cDgjw.roa
File: sKWDgUqc_T_scefVY1e8H4cDgjw.roa (raw, json)
Hash identifier: br+b9PnOTMKWd0eHFfOyiP5qY9PUnX0NnsebMKngs2Q=
Subject key identifier: B0:A5:83:81:4A:9C:FD:3F:EC:71:E7:D5:63:57:BC:1F:87:03:82:3C
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018AB9431BCBD25C109925E51E187E821C5B
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/sKWDgUqc_T_scefVY1e8H4cDgjw.roa
Signing time: Thu 21 Sep 2023 19:41:37 +0000
ROA not before: Thu 21 Sep 2023 19:41:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5065
IP address blocks: 188.215.120.0/22 maxlen: 24
82.163.96.0/21 maxlen: 24
130.255.68.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 25 Sep 2023 07:54:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b9:43:1b:cb:d2:5c:10:99:25:e5:1e:18:7e:82:1c:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Sep 21 19:41:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b0a583814a9cfd3fec71e7d56357bc1f8703823c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:11:53:81:27:db:52:73:ab:fb:9b:0f:b9:e0:
f6:79:bd:cf:82:2d:de:b4:2e:b4:8c:77:e5:ca:89:
1b:91:91:78:60:18:0c:1f:89:7b:f6:08:ab:f9:7f:
ed:78:66:fb:20:52:6b:d9:5a:c1:7d:dd:c5:5f:95:
e6:b9:4e:a7:5e:7f:98:9c:a8:ad:46:5f:4d:c3:1c:
a8:36:84:9d:ce:b8:f4:41:83:b4:4c:84:9a:ca:07:
55:b4:a9:30:68:de:bf:fe:a5:96:94:1f:91:51:19:
d6:a3:26:2c:bf:2b:71:70:9b:d8:fd:57:6c:2c:69:
3b:1d:d8:70:ad:97:a9:45:b7:d4:e2:d1:91:d0:17:
b5:de:32:db:8c:cc:fc:11:f8:e3:f0:22:91:1c:78:
f3:32:58:be:18:7a:85:dc:58:80:10:de:96:54:3e:
ef:f9:4c:08:65:6c:86:51:42:09:cb:39:94:23:61:
a6:7a:a7:bd:70:ca:b0:68:17:9a:15:19:46:79:a0:
d9:69:1f:3d:f2:56:26:56:81:3e:99:96:09:a5:50:
32:bd:af:c9:f1:89:61:f1:cf:21:ba:b6:29:46:66:
d3:36:13:00:10:ff:ef:b4:1f:fb:1c:a5:10:b0:60:
59:99:9c:1c:83:7e:c8:c6:e5:c8:2b:dd:46:ce:4c:
70:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:A5:83:81:4A:9C:FD:3F:EC:71:E7:D5:63:57:BC:1F:87:03:82:3C
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/sKWDgUqc_T_scefVY1e8H4cDgjw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.163.96.0/21
130.255.68.0/22
188.215.120.0/22
Signature Algorithm: sha256WithRSAEncryption
8d:2d:07:2d:11:b1:c0:15:d6:f0:41:92:df:80:0c:ed:90:b8:
cc:a4:31:b8:61:45:10:fe:0d:35:44:53:ba:5d:11:63:68:5d:
47:82:66:b2:86:fa:04:0b:30:a7:f2:78:6b:5a:30:ac:8d:99:
ee:5f:f7:cc:79:a3:a3:2f:a3:70:6b:f1:fc:5c:48:f0:93:65:
a5:42:b1:a2:ca:92:36:41:b7:4f:7f:ff:f9:26:ed:41:17:01:
56:b2:b6:db:3e:8c:06:4b:2d:c6:67:5e:32:2e:5b:c4:25:2a:
6c:76:93:b5:27:5b:3d:fa:2d:2e:03:01:18:7a:15:7b:5f:c7:
83:19:cd:24:90:94:9a:ad:12:cc:a5:50:a4:e6:30:0f:a8:48:
50:37:d4:03:61:e9:7d:4a:45:ec:7a:a2:14:0e:47:c1:0f:48:
79:e1:d3:68:a3:d0:40:61:99:aa:1e:5a:e9:77:d5:21:1a:e9:
4a:74:90:61:f0:f9:c7:f3:b4:aa:ca:28:61:c1:28:fd:25:68:
17:69:25:0d:81:47:d5:a8:f6:5a:a8:06:eb:03:f5:aa:20:13:
c9:25:e9:6c:4b:fe:bd:26:02:d1:64:b8:fc:f7:43:96:c4:fd:
43:96:37:d6:fa:42:9b:10:4d:9d:0d:71:a4:2d:7a:a3:8b:79:
de:ca:ee:94
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYq5QxvL0lwQmSXlHhh+ghxbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMwOTIxMTk0MTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGE1ODM4MTRhOWNmZDNmZWM3MWU3ZDU2MzU3YmMxZjg3MDM4MjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoBFTgSfbUnOr+5sPueD2eb3Pgi3e
tC60jHflyokbkZF4YBgMH4l79gir+X/teGb7IFJr2VrBfd3FX5XmuU6nXn+YnKit
Rl9NwxyoNoSdzrj0QYO0TISaygdVtKkwaN6//qWWlB+RURnWoyYsvytxcJvY/Vds
LGk7HdhwrZepRbfU4tGR0Be13jLbjMz8Efjj8CKRHHjzMli+GHqF3FiAEN6WVD7v
+UwIZWyGUUIJyzmUI2Gmeqe9cMqwaBeaFRlGeaDZaR898lYmVoE+mZYJpVAyva/J
8Ylh8c8hurYpRmbTNhMAEP/vtB/7HKUQsGBZmZwcg37IxuXIK91GzkxwTwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLClg4FKnP0/7HHn1WNXvB+HA4I8MB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvc0tXRGdVcWNfVF9zY2VmVlkxZThINGNEZ2p3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDUqNgAwQC
gv9EAwQCvNd4MA0GCSqGSIb3DQEBCwUAA4IBAQCNLQctEbHAFdbwQZLfgAztkLjM
pDG4YUUQ/g01RFO6XRFjaF1HgmayhvoECzCn8nhrWjCsjZnuX/fMeaOjL6Nwa/H8
XEjwk2WlQrGiypI2QbdPf//5Ju1BFwFWsrbbPowGSy3GZ14yLlvEJSpsdpO1J1s9
+i0uAwEYehV7X8eDGc0kkJSarRLMpVCk5jAPqEhQN9QDYel9SkXseqIUDkfBD0h5
4dNoo9BAYZmqHlrpd9UhGulKdJBh8PnH87SqyihhwSj9JWgXaSUNgUfVqPZaqAbr
A/WqIBPJJelsS/69JgLRZLj890OWxP1DljfW+kKbEE2dDXGkLXqji3neyu6U
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:39 2024 by rpki-client on console-fra.rpki-client.org