Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/v9tQU1gpNLE6TxOeQ7yd3dgze2k.roa
File: v9tQU1gpNLE6TxOeQ7yd3dgze2k.roa (raw, json)
Hash identifier: px8ovF7hxVdSnHF7OjPRcHLjkcMZaK+7XV/JREM1q6M=
Subject key identifier: BF:DB:50:53:58:29:34:B1:3A:4F:13:9E:43:BC:9D:DD:D8:33:7B:69
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018571B9F286F8D3966B648D7D9913FB0798
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/v9tQU1gpNLE6TxOeQ7yd3dgze2k.roa
Signing time: Mon 02 Jan 2023 09:04:49 +0000
ROA not before: Mon 02 Jan 2023 09:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206119
IP address blocks: 78.143.224.0/21 maxlen: 24
82.163.104.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 02 Jan 2023 14:02:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b9:f2:86:f8:d3:96:6b:64:8d:7d:99:13:fb:07:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Jan 2 09:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bfdb5053582934b13a4f139e43bc9dddd8337b69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:aa:27:45:8a:81:1e:00:87:d3:d5:e4:ce:df:
30:38:4d:11:4f:c3:32:42:a9:06:c7:c0:9c:fd:c7:
da:30:0d:14:ff:ed:10:b9:7f:b5:ff:7f:a9:ee:c3:
20:9a:ca:e2:ca:87:fc:c8:18:6c:bd:c0:2d:ea:66:
33:a0:ae:76:f8:0d:99:21:b4:15:52:ee:50:85:26:
ae:cc:e0:57:c2:c4:b2:8c:df:4c:8b:09:40:01:4a:
8a:d3:b0:3d:ea:d0:fb:66:21:d1:6d:ae:36:2d:57:
45:22:fe:20:95:59:1c:08:09:58:31:fa:d7:59:80:
79:06:37:97:80:45:36:49:8f:26:a7:3b:e7:52:33:
25:1a:d3:15:41:50:e2:55:b6:f8:45:6d:45:58:e5:
23:3a:be:cd:05:4c:1a:3d:3b:6b:cc:5f:a5:7b:58:
32:2c:74:3f:62:f3:91:3b:71:4b:8b:3f:a8:09:2c:
1a:f7:a8:ff:8d:e4:59:2d:7a:5e:26:6c:70:cd:46:
ea:f5:ac:b1:26:1d:59:22:9e:f4:d1:b0:72:4f:86:
17:d1:bb:ac:2f:62:59:cb:ad:99:30:bc:04:07:e6:
99:11:a4:8a:af:cc:db:77:53:80:55:6d:7a:71:88:
6a:f7:dd:8f:1b:5d:73:3d:d3:21:6f:be:27:d7:81:
6e:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:DB:50:53:58:29:34:B1:3A:4F:13:9E:43:BC:9D:DD:D8:33:7B:69
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/v9tQU1gpNLE6TxOeQ7yd3dgze2k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.143.224.0/21
82.163.104.0/21
Signature Algorithm: sha256WithRSAEncryption
8b:7c:28:c0:cd:54:cf:04:9f:d8:72:ea:53:33:40:34:32:22:
08:d0:1a:49:af:d0:60:89:4f:5b:6f:77:3e:31:b3:26:8f:db:
a4:b4:59:9a:3c:9b:74:4d:b6:91:28:ed:67:e5:1b:10:24:9e:
35:0f:5e:84:7f:fa:00:a3:db:cd:73:e5:f4:d0:97:8c:97:e6:
6b:41:4f:2a:e4:96:c0:a1:6a:2a:a7:5b:df:d1:e8:51:4c:fc:
bb:96:e2:15:66:58:4b:9c:25:9d:9b:c3:a4:9c:3e:be:e8:97:
17:c6:bb:45:dd:05:a3:3d:f1:51:56:13:74:6f:cc:38:50:51:
c9:20:7f:f8:62:6d:c2:3b:32:35:55:08:d0:77:26:ac:3a:1e:
1b:45:4c:9e:1e:ba:7d:ed:9e:f8:38:81:d2:b9:f2:f4:30:c1:
2d:73:08:78:96:c6:6f:fb:3e:d5:fb:07:5c:a4:e8:fe:ba:e5:
a2:d2:cc:ae:b2:69:be:6d:9c:25:e7:f5:3d:fd:3e:e1:39:56:
8c:21:7c:22:8a:e1:5a:ff:74:9b:bb:ed:7a:2e:62:4e:ee:64:
f3:dd:cc:8a:3f:ed:e4:ad:98:29:f5:94:4c:7a:f0:a4:a6:f1:
f8:47:35:8f:85:17:08:c2:9d:1b:07:1f:4d:a4:b1:f3:5f:a0:
a5:d8:f0:a1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxufKG+NOWa2SNfZkT+weYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMwMTAyMDkwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmRiNTA1MzU4MjkzNGIxM2E0ZjEzOWU0M2JjOWRkZGQ4MzM3YjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiqonRYqBHgCH09Xkzt8wOE0RT8My
QqkGx8Cc/cfaMA0U/+0QuX+1/3+p7sMgmsriyof8yBhsvcAt6mYzoK52+A2ZIbQV
Uu5QhSauzOBXwsSyjN9MiwlAAUqK07A96tD7ZiHRba42LVdFIv4glVkcCAlYMfrX
WYB5BjeXgEU2SY8mpzvnUjMlGtMVQVDiVbb4RW1FWOUjOr7NBUwaPTtrzF+le1gy
LHQ/YvORO3FLiz+oCSwa96j/jeRZLXpeJmxwzUbq9ayxJh1ZIp700bByT4YX0bus
L2JZy62ZMLwEB+aZEaSKr8zbd1OAVW16cYhq992PG11zPdMhb74n14FuywIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFL/bUFNYKTSxOk8TnkO8nd3YM3tpMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvdjl0UVUxZ3BOTEU2VHhPZVE3eWQzZGd6ZTJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDTo/gAwQD
UqNoMA0GCSqGSIb3DQEBCwUAA4IBAQCLfCjAzVTPBJ/YcupTM0A0MiII0BpJr9Bg
iU9bb3c+MbMmj9uktFmaPJt0TbaRKO1n5RsQJJ41D16Ef/oAo9vNc+X00JeMl+Zr
QU8q5JbAoWoqp1vf0ehRTPy7luIVZlhLnCWdm8OknD6+6JcXxrtF3QWjPfFRVhN0
b8w4UFHJIH/4Ym3COzI1VQjQdyasOh4bRUyeHrp97Z74OIHSufL0MMEtcwh4lsZv
+z7V+wdcpOj+uuWi0syusmm+bZwl5/U9/T7hOVaMIXwiiuFa/3Sbu+16LmJO7mTz
3cyKP+3krZgp9ZRMevCkpvH4RzWPhRcIwp0bBx9NpLHzX6Cl2PCh
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:47 2024 by rpki-client on console-ams.rpki-client.org