Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/tKa7o-zZlwTzT6rAkEE2c4xxj8o.roa
File: tKa7o-zZlwTzT6rAkEE2c4xxj8o.roa (raw, json)
Hash identifier: IGJ3YPYaayKOGLpBtIUfOIHuNZtY4+z5lUmGaCChFO0=
Subject key identifier: B4:A6:BB:A3:EC:D9:97:04:F3:4F:AA:C0:90:41:36:73:8C:71:8F:CA
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 01936C911E7317EAF74F697979F7A82D3C06
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/tKa7o-zZlwTzT6rAkEE2c4xxj8o.roa
Signing time: Wed 27 Nov 2024 07:41:10 +0000
ROA not before: Wed 27 Nov 2024 07:41:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 82.163.172.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sat 30 Nov 2024 12:18:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:6c:91:1e:73:17:ea:f7:4f:69:79:79:f7:a8:2d:3c:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Nov 27 07:41:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b4a6bba3ecd99704f34faac0904136738c718fca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:45:12:2d:cc:31:90:25:a8:58:54:d3:bc:af:
6a:f7:ec:64:7b:ae:96:68:2c:f8:59:70:65:88:c6:
2b:6a:c8:7f:48:25:8c:4f:0a:f7:f0:e1:51:f6:f1:
96:cf:4b:85:25:42:81:21:63:d6:34:da:91:58:15:
50:72:09:a9:95:1b:f1:39:01:b0:cd:6e:cf:20:d1:
46:6b:a9:03:86:e4:88:2a:bb:6b:b3:5a:1a:b2:43:
cb:67:29:94:87:1d:20:79:f4:a4:d7:de:33:e6:52:
fd:94:2b:65:c4:d0:fb:1c:d7:b3:52:74:c8:6d:f9:
ad:76:1c:e6:8b:91:a1:54:dd:1a:c7:81:a0:0e:83:
53:58:df:15:32:61:08:ef:07:bc:54:34:8e:bf:57:
a5:90:92:e0:b8:8b:e9:6d:a3:c9:83:53:fb:ce:40:
d6:f8:17:c5:20:7f:ca:b2:9a:b7:02:d5:55:e8:f0:
50:d3:f5:6c:52:7f:74:45:2c:37:00:87:01:4d:2b:
03:4d:61:db:04:f7:95:59:d2:69:d5:ac:dd:d5:2c:
8f:7d:7b:e8:40:76:5f:d6:21:5a:a4:94:ab:3e:e2:
24:53:c9:87:2c:56:8b:07:a7:84:08:ec:33:8e:46:
aa:a5:16:0b:1f:05:11:63:be:2a:14:96:7d:9a:9b:
35:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:A6:BB:A3:EC:D9:97:04:F3:4F:AA:C0:90:41:36:73:8C:71:8F:CA
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/tKa7o-zZlwTzT6rAkEE2c4xxj8o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.163.172.0/22
Signature Algorithm: sha256WithRSAEncryption
81:73:33:80:e5:5e:68:11:ec:12:63:18:e4:f9:5f:e8:60:dd:
35:83:9f:87:66:f0:62:5e:4a:bf:50:63:a8:5a:3f:78:67:54:
75:de:c0:53:48:e2:5b:7e:e7:6d:e3:25:bb:eb:bf:1a:1c:47:
52:63:a0:d9:ce:f9:a8:4e:f0:f0:72:9a:ae:03:90:79:4a:6a:
ec:8a:84:bb:30:91:17:74:fe:c1:ba:97:7c:91:f9:f0:54:da:
a9:d6:12:0f:e8:41:9d:b5:4a:a8:e3:fa:1b:c1:e4:f2:c2:3c:
8b:cf:b4:fc:39:94:32:14:b0:fe:6b:82:eb:27:c6:ae:ce:66:
69:15:de:aa:04:e5:3d:46:90:f9:e1:7d:7b:ea:af:f7:66:62:
f0:25:d8:c5:d1:8a:f0:a4:3e:f8:25:73:a0:dc:c9:0a:fe:0c:
38:4c:24:98:07:55:6d:2b:cb:cd:d2:e3:84:02:89:28:06:af:
22:e0:5c:19:06:63:9e:61:b0:05:f2:7b:89:b4:e4:76:35:1c:
22:70:ff:fe:13:9b:bc:c2:2a:3e:7e:46:b7:01:54:59:71:fd:
e3:d1:a7:3a:c6:3c:10:c3:65:39:c0:93:dd:6f:52:87:2e:90:
eb:c1:3e:f2:da:4b:cd:e4:53:a9:bc:43:2d:36:4a:38:d1:37:
d9:36:b5:4d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZNskR5zF+r3T2l5efeoLTwGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQxMTI3MDc0MTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGE2YmJhM2VjZDk5NzA0ZjM0ZmFhYzA5MDQxMzY3MzhjNzE4ZmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApUUSLcwxkCWoWFTTvK9q9+xke66W
aCz4WXBliMYrash/SCWMTwr38OFR9vGWz0uFJUKBIWPWNNqRWBVQcgmplRvxOQGw
zW7PINFGa6kDhuSIKrtrs1oaskPLZymUhx0gefSk194z5lL9lCtlxND7HNezUnTI
bfmtdhzmi5GhVN0ax4GgDoNTWN8VMmEI7we8VDSOv1elkJLguIvpbaPJg1P7zkDW
+BfFIH/Kspq3AtVV6PBQ0/VsUn90RSw3AIcBTSsDTWHbBPeVWdJp1azd1SyPfXvo
QHZf1iFapJSrPuIkU8mHLFaLB6eECOwzjkaqpRYLHwURY74qFJZ9mps1rwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLSmu6Ps2ZcE80+qwJBBNnOMcY/KMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvdEthN28telpsd1R6VDZyQWtFRTJjNHh4ajhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCUqOsMA0G
CSqGSIb3DQEBCwUAA4IBAQCBczOA5V5oEewSYxjk+V/oYN01g5+HZvBiXkq/UGOo
Wj94Z1R13sBTSOJbfudt4yW7678aHEdSY6DZzvmoTvDwcpquA5B5SmrsioS7MJEX
dP7Bupd8kfnwVNqp1hIP6EGdtUqo4/obweTywjyLz7T8OZQyFLD+a4LrJ8auzmZp
Fd6qBOU9RpD54X176q/3ZmLwJdjF0YrwpD74JXOg3MkK/gw4TCSYB1VtK8vN0uOE
AokoBq8i4FwZBmOeYbAF8nuJtOR2NRwicP/+E5u8wio+fka3AVRZcf3j0ac6xjwQ
w2U5wJPdb1KHLpDrwT7y2kvN5FOpvEMtNko40TfZNrVN
-----END CERTIFICATE-----
Generated at Sun Apr 20 20:04:22 2025 by rpki-client