Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/59303d-748a-4797-811e-fee2e8d4084f/1/1maipqk1JZf8HTaC1kQ-PPu208s.roa
File: 1maipqk1JZf8HTaC1kQ-PPu208s.roa (raw, json)
Hash identifier: NpteRTAz4MQXYYeb/64bOYgVrTB4ikNb3v9EuUm6N2k=
Subject key identifier: D6:66:A2:A6:A9:35:25:97:FC:1D:36:82:D6:44:3E:3C:FB:B6:D3:CB
Certificate issuer: /CN=408025c7de0400e0f3c88d4a122a317e32c5e21c
Certificate serial: 018660A16CB397240967DB4A83E8E251EC52
Authority key identifier: 40:80:25:C7:DE:04:00:E0:F3:C8:8D:4A:12:2A:31:7E:32:C5:E2:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QIAlx94EAODzyI1KEioxfjLF4hw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/59303d-748a-4797-811e-fee2e8d4084f/1/1maipqk1JZf8HTaC1kQ-PPu208s.roa
Signing time: Fri 17 Feb 2023 18:27:17 +0000
ROA not before: Fri 17 Feb 2023 18:27:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30818
IP address blocks: 82.221.0.0/20 maxlen: 20
82.221.164.0/24 maxlen: 24
82.221.166.0/24 maxlen: 24
82.221.171.0/24 maxlen: 24
82.221.167.0/24 maxlen: 24
82.221.168.0/24 maxlen: 24
82.221.170.0/24 maxlen: 24
82.221.80.0/20 maxlen: 20
82.221.96.0/20 maxlen: 20
82.221.112.0/20 maxlen: 20
82.221.16.0/20 maxlen: 20
82.221.32.0/20 maxlen: 20
82.221.48.0/20 maxlen: 20
82.221.57.0/24 maxlen: 24
82.221.64.0/20 maxlen: 20
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:60:a1:6c:b3:97:24:09:67:db:4a:83:e8:e2:51:ec:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=408025c7de0400e0f3c88d4a122a317e32c5e21c
Validity
Not Before: Feb 17 18:27:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d666a2a6a9352597fc1d3682d6443e3cfbb6d3cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:d6:70:ca:92:d5:be:7a:99:55:8c:03:3f:dd:
f1:68:0a:26:07:9d:f9:4e:cc:03:8c:6c:fb:5d:e8:
40:7c:76:3d:70:37:99:3f:cc:ec:ff:a8:91:88:a8:
8c:f2:9d:70:2e:4e:f3:4c:96:67:36:04:45:25:33:
76:80:2f:e4:10:ca:98:df:45:cc:c9:d5:6c:36:b3:
d6:6a:89:26:85:99:44:ad:2b:d9:3d:25:1b:d2:72:
f3:d8:5c:b3:f6:67:c1:8a:95:2d:80:ec:38:e8:e9:
27:1f:f0:db:52:e2:d3:d6:fe:8a:1b:f7:8f:9b:c8:
3b:b6:38:e6:74:60:cd:8e:fe:ee:58:aa:05:eb:4c:
ba:ee:cd:bc:b1:1a:11:50:8d:0a:b6:1f:ed:7f:28:
03:0a:66:1c:01:08:9a:28:ac:8d:de:a7:c6:84:d0:
d1:48:81:2d:76:08:c5:10:59:c0:b0:85:32:0b:61:
67:f2:f1:81:5f:af:cc:be:f3:a1:35:9f:43:05:37:
71:23:a3:f7:d0:b2:06:76:65:11:16:c7:16:fa:9f:
49:1b:93:16:77:89:19:bb:6e:ca:f8:11:5f:c3:69:
f3:de:9a:d7:33:e3:03:95:31:f5:84:30:b6:2f:2a:
3a:87:26:65:af:4f:4c:ce:ee:91:09:b3:6c:53:ac:
45:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:66:A2:A6:A9:35:25:97:FC:1D:36:82:D6:44:3E:3C:FB:B6:D3:CB
X509v3 Authority Key Identifier:
keyid:40:80:25:C7:DE:04:00:E0:F3:C8:8D:4A:12:2A:31:7E:32:C5:E2:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QIAlx94EAODzyI1KEioxfjLF4hw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/59303d-748a-4797-811e-fee2e8d4084f/1/1maipqk1JZf8HTaC1kQ-PPu208s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/59303d-748a-4797-811e-fee2e8d4084f/1/QIAlx94EAODzyI1KEioxfjLF4hw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.221.0.0/17
82.221.164.0/24
82.221.166.0-82.221.168.255
82.221.170.0/23
Signature Algorithm: sha256WithRSAEncryption
80:63:15:7c:05:bb:63:83:e4:18:96:cf:66:f5:97:6b:8d:5c:
76:6e:75:a8:1d:12:0c:92:c5:6d:49:8a:b0:b5:35:7a:ad:3a:
68:d3:4a:be:7c:da:b6:49:7b:3d:c6:ec:a7:aa:04:7e:b8:11:
59:26:c4:99:03:cf:d5:fe:5a:d5:50:69:ec:d2:72:84:9f:5e:
27:fe:24:64:6a:6f:a9:cc:ec:cf:e9:ff:19:b3:97:84:4c:06:
79:af:8d:21:9f:24:51:59:15:04:00:8b:9a:f7:f5:2f:02:e2:
c8:07:ca:95:32:f0:d5:68:da:f4:85:a3:56:70:58:9c:db:da:
3c:69:2f:d7:26:3a:b0:3d:d1:39:a4:77:91:64:cb:c5:6d:cb:
7c:2a:c3:db:c0:ee:31:65:3a:bd:ca:55:be:fa:f7:5d:18:06:
f9:62:5b:75:57:9e:e8:5f:06:4a:1b:99:90:8a:04:8b:44:d4:
91:8b:4b:d6:0e:10:82:d0:35:e1:26:e9:53:58:a4:d9:d5:fd:
30:16:aa:9c:ab:06:e7:88:8a:dd:b4:f1:88:5a:bb:2c:b8:b1:
11:29:3e:96:f9:d3:18:a5:f7:09:65:be:9c:f7:b9:0b:77:c5:
a5:36:69:a0:b3:23:14:c4:b4:72:5c:a6:17:cd:b0:48:13:aa:
0a:c5:99:1f
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYZgoWyzlyQJZ9tKg+jiUexSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwODAyNWM3ZGUwNDAwZTBmM2M4OGQ0YTEyMmEzMTdlMzJj
NWUyMWMwHhcNMjMwMjE3MTgyNzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjY2YTJhNmE5MzUyNTk3ZmMxZDM2ODJkNjQ0M2UzY2ZiYjZkM2NiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkdZwypLVvnqZVYwDP93xaAomB535
TswDjGz7XehAfHY9cDeZP8zs/6iRiKiM8p1wLk7zTJZnNgRFJTN2gC/kEMqY30XM
ydVsNrPWaokmhZlErSvZPSUb0nLz2Fyz9mfBipUtgOw46OknH/DbUuLT1v6KG/eP
m8g7tjjmdGDNjv7uWKoF60y67s28sRoRUI0Kth/tfygDCmYcAQiaKKyN3qfGhNDR
SIEtdgjFEFnAsIUyC2Fn8vGBX6/MvvOhNZ9DBTdxI6P30LIGdmURFscW+p9JG5MW
d4kZu27K+BFfw2nz3prXM+MDlTH1hDC2Lyo6hyZlr09Mzu6RCbNsU6xFFQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFNZmoqapNSWX/B02gtZEPjz7ttPLMB8GA1UdIwQY
MBaAFECAJcfeBADg88iNShIqMX4yxeIcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUlBbHg5NEVBT0R6eUkxS0Vpb3hmakxGNGh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy81OTMwM2QtNzQ4YS00Nzk3LTgxMWUt
ZmVlMmU4ZDQwODRmLzEvMW1haXBxazFKWmY4SFRhQzFrUS1QUHUyMDhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy81OTMwM2QtNzQ4YS00Nzk3LTgxMWUtZmVlMmU4ZDQwODRm
LzEvUUlBbHg5NEVBT0R6eUkxS0Vpb3hmakxGNGh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQHUt0AAwQA
Ut2kMAwDBAFS3aYDBABS3agDBAFS3aowDQYJKoZIhvcNAQELBQADggEBAIBjFXwF
u2OD5BiWz2b1l2uNXHZudagdEgySxW1JirC1NXqtOmjTSr582rZJez3G7KeqBH64
EVkmxJkDz9X+WtVQaezScoSfXif+JGRqb6nM7M/p/xmzl4RMBnmvjSGfJFFZFQQA
i5r39S8C4sgHypUy8NVo2vSFo1ZwWJzb2jxpL9cmOrA90Tmkd5Fky8Vty3wqw9vA
7jFlOr3KVb76910YBvliW3VXnuhfBkobmZCKBItE1JGLS9YOEILQNeEm6VNYpNnV
/TAWqpyrBueIit208Yhauyy4sREpPpb50xil9wllvpz3uQt3xaU2aaCzIxTEtHJc
phfNsEgTqgrFmR8=
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:30:36 2024 by rpki-client on console-ams.rpki-client.org