Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/tCO1MWjCyS_mDSCmzNAheEyzxZY.roa
File: tCO1MWjCyS_mDSCmzNAheEyzxZY.roa (raw, json)
Hash identifier: u/dlRWwySH/gPsU3ho1SEjobDm1dqQRcfifiEijzWy0=
Subject key identifier: B4:23:B5:31:68:C2:C9:2F:E6:0D:20:A6:CC:D0:21:78:4C:B3:C5:96
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0192666DB38E4F2C258C0D962737C936C43F
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/tCO1MWjCyS_mDSCmzNAheEyzxZY.roa
Signing time: Mon 07 Oct 2024 10:01:58 +0000
ROA not before: Mon 07 Oct 2024 10:01:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 82.163.52.0/23 maxlen: 23
92.114.40.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 06 Nov 2024 06:38:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:66:6d:b3:8e:4f:2c:25:8c:0d:96:27:37:c9:36:c4:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Oct 7 10:01:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b423b53168c2c92fe60d20a6ccd021784cb3c596
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:31:fb:b8:e3:1c:67:3c:5f:12:88:a8:cd:29:
73:69:5b:b4:a9:92:2b:09:03:4b:e1:52:3b:33:bb:
02:46:0d:80:a3:c3:39:fb:a8:d6:8b:c8:b1:00:df:
2d:dd:1e:1b:b7:e4:dc:66:99:c5:71:9e:ae:7d:96:
64:98:ec:56:ce:5b:91:05:49:b5:56:86:1a:d0:d8:
29:b3:63:00:63:d9:e1:91:fe:b7:fc:98:03:fd:d1:
a2:e5:4d:fe:27:2f:b4:42:83:70:ae:f5:2d:ac:d3:
85:6e:41:6d:19:36:ad:96:f7:9b:30:0d:c3:5f:80:
5b:01:8d:bf:42:e2:c9:15:49:c3:18:6b:e8:6e:13:
64:1d:69:1c:2a:3c:32:7e:61:f8:90:8a:98:07:b5:
52:8d:96:ec:31:6e:90:54:02:9f:23:70:9b:7f:33:
b2:9b:01:71:b8:90:67:35:e0:f1:0f:6c:a4:22:df:
3f:09:dc:45:c9:f9:71:b1:17:e0:78:97:ef:64:7e:
ae:8a:e1:b4:40:81:b7:bf:d0:42:85:f3:36:8d:cf:
25:04:f9:bd:41:e0:62:fd:3f:18:a8:b6:97:b0:e9:
73:5a:f2:46:51:ba:cd:5c:99:b6:ad:bf:15:ff:d5:
76:5e:de:1e:5a:4b:c0:76:8f:fd:d0:24:d2:f5:9b:
7d:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:23:B5:31:68:C2:C9:2F:E6:0D:20:A6:CC:D0:21:78:4C:B3:C5:96
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/tCO1MWjCyS_mDSCmzNAheEyzxZY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.163.52.0/23
92.114.40.0/22
Signature Algorithm: sha256WithRSAEncryption
25:fa:62:e0:88:b9:78:ed:97:c4:7e:d4:43:2d:28:a1:d3:4d:
05:1b:51:a6:e0:1a:dd:93:94:db:6d:49:cf:c0:de:2b:74:80:
cf:ea:db:04:61:84:40:a7:cd:39:b3:80:15:54:4e:2a:ee:53:
3c:ef:1b:13:2f:31:c1:41:e3:68:7f:d8:e1:f2:a3:c4:5b:79:
67:90:07:e4:83:04:fe:0b:fe:73:fc:d7:22:0f:dc:aa:d4:ea:
1a:44:bd:5a:79:36:dc:5d:38:5d:47:7a:36:98:49:8a:f5:7d:
78:0e:e2:ba:4c:29:0a:36:13:87:39:0d:3b:5e:b7:dd:c8:3f:
38:5a:0a:e0:2e:d9:f0:71:96:56:48:9a:64:1e:49:fd:e5:c0:
07:dd:63:7c:a6:c5:71:54:d9:0a:f2:86:83:13:1d:5b:fa:dc:
e6:19:19:8d:6c:f5:f3:dd:e2:d9:e5:f1:d5:e9:32:84:20:33:
52:a4:34:a6:ab:94:fb:47:bd:7d:eb:b5:dd:44:f8:32:4f:46:
73:e3:a7:47:0c:fa:76:49:41:fc:69:3b:c0:3d:5f:e9:de:b8:
c9:f3:27:97:49:78:e8:4c:ab:00:cf:ff:66:20:fc:6c:8e:44:
d9:98:a9:c8:72:af:b2:d8:a8:a1:39:6c:7c:b3:8c:96:41:33:
6a:c3:f8:8c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZJmbbOOTywljA2WJzfJNsQ/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQxMDA3MTAwMTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDIzYjUzMTY4YzJjOTJmZTYwZDIwYTZjY2QwMjE3ODRjYjNjNTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzH7uOMcZzxfEoiozSlzaVu0qZIr
CQNL4VI7M7sCRg2Ao8M5+6jWi8ixAN8t3R4bt+TcZpnFcZ6ufZZkmOxWzluRBUm1
VoYa0Ngps2MAY9nhkf63/JgD/dGi5U3+Jy+0QoNwrvUtrNOFbkFtGTatlvebMA3D
X4BbAY2/QuLJFUnDGGvobhNkHWkcKjwyfmH4kIqYB7VSjZbsMW6QVAKfI3CbfzOy
mwFxuJBnNeDxD2ykIt8/CdxFyflxsRfgeJfvZH6uiuG0QIG3v9BChfM2jc8lBPm9
QeBi/T8YqLaXsOlzWvJGUbrNXJm2rb8V/9V2Xt4eWkvAdo/90CTS9Zt9ZQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLQjtTFowskv5g0gpszQIXhMs8WWMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvdENPMU1XakN5U19tRFNDbXpOQWhlRXl6eFpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBUqM0AwQC
XHIoMA0GCSqGSIb3DQEBCwUAA4IBAQAl+mLgiLl47ZfEftRDLSih000FG1Gm4Brd
k5TbbUnPwN4rdIDP6tsEYYRAp805s4AVVE4q7lM87xsTLzHBQeNof9jh8qPEW3ln
kAfkgwT+C/5z/NciD9yq1OoaRL1aeTbcXThdR3o2mEmK9X14DuK6TCkKNhOHOQ07
XrfdyD84WgrgLtnwcZZWSJpkHkn95cAH3WN8psVxVNkK8oaDEx1b+tzmGRmNbPXz
3eLZ5fHV6TKEIDNSpDSmq5T7R71967XdRPgyT0Zz46dHDPp2SUH8aTvAPV/p3rjJ
8yeXSXjoTKsAz/9mIPxsjkTZmKnIcq+y2KihOWx8s4yWQTNqw/iM
-----END CERTIFICATE-----
Generated at Wed Nov 6 08:29:11 2024 by rpki-client on console-fra.rpki-client.org