Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/hL2U4YlxZBP2ek2__lsEJ4OvxS4.roa
File: hL2U4YlxZBP2ek2__lsEJ4OvxS4.roa (raw, json)
Hash identifier: QPyz96avajKi19+gSQIJxHH+MT7sIrfLOHz6+u3ozl4=
Subject key identifier: 84:BD:94:E1:89:71:64:13:F6:7A:4D:BF:FE:5B:04:27:83:AF:C5:2E
Certificate issuer: /CN=16307d29f5543f21ea3009b9523fe71b8f1369ca
Certificate serial: 0191FFB6D6E2573668D80ABA31A36DBFEB35
Authority key identifier: 16:30:7D:29:F5:54:3F:21:EA:30:09:B9:52:3F:E7:1B:8F:13:69:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FjB9KfVUPyHqMAm5Uj_nG48Taco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/hL2U4YlxZBP2ek2__lsEJ4OvxS4.roa
Signing time: Tue 17 Sep 2024 11:20:58 +0000
ROA not before: Tue 17 Sep 2024 11:20:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 82.21.0.0/16 maxlen: 16
82.22.0.0/16 maxlen: 16
212.43.160.0/19 maxlen: 19
213.147.224.0/19 maxlen: 19
Validation: Failed, certificate revoked on Fri 27 Sep 2024 13:46:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ff:b6:d6:e2:57:36:68:d8:0a:ba:31:a3:6d:bf:eb:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16307d29f5543f21ea3009b9523fe71b8f1369ca
Validity
Not Before: Sep 17 11:20:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=84bd94e189716413f67a4dbffe5b042783afc52e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:97:e5:a6:78:d8:37:cf:c3:49:98:17:48:26:
ca:bf:8f:f8:e0:c5:72:2d:1a:5e:ea:2a:b4:e4:22:
a3:dc:03:72:4f:02:0b:f8:ce:d5:36:1d:d6:9e:59:
63:5e:16:69:8f:18:dd:8f:ca:34:5e:0d:dd:a4:85:
31:4e:96:38:28:71:9a:2e:6a:aa:a1:3a:f8:b1:0a:
ca:21:3d:b6:ea:e2:81:2e:5d:c3:c3:73:e0:93:73:
1f:6f:ec:e2:94:a0:40:25:72:f8:2b:17:4c:1f:54:
aa:f5:72:d5:f7:62:99:fa:66:be:f8:0e:aa:9c:6e:
cd:21:43:d9:97:13:15:e5:ea:96:c7:74:46:97:91:
85:4e:b4:f9:29:a5:dd:33:50:b3:d5:0c:15:ae:73:
89:3b:7b:d9:88:f5:72:ed:bd:71:fc:4e:6c:c3:fa:
5f:7b:b9:04:5b:29:8f:4b:9a:44:58:77:34:df:4d:
27:bd:58:35:21:6e:8b:33:26:b4:ab:49:53:4c:52:
ef:3c:55:ee:ef:a6:f2:26:4d:7b:5d:59:d8:af:80:
9b:6d:fe:11:aa:93:3b:90:18:59:ee:59:9c:b2:c7:
fc:82:c0:44:64:12:c3:33:6a:98:33:ce:7a:b1:d6:
d3:92:1f:73:99:4d:63:5d:0f:83:2c:8c:74:b8:9a:
c2:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:BD:94:E1:89:71:64:13:F6:7A:4D:BF:FE:5B:04:27:83:AF:C5:2E
X509v3 Authority Key Identifier:
keyid:16:30:7D:29:F5:54:3F:21:EA:30:09:B9:52:3F:E7:1B:8F:13:69:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FjB9KfVUPyHqMAm5Uj_nG48Taco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/hL2U4YlxZBP2ek2__lsEJ4OvxS4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/FjB9KfVUPyHqMAm5Uj_nG48Taco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.0.0-82.22.255.255
212.43.160.0/19
213.147.224.0/19
Signature Algorithm: sha256WithRSAEncryption
3e:6f:b3:d2:34:c8:53:76:c6:13:27:cb:88:5b:0d:2c:28:b6:
6d:55:08:39:e3:85:b3:4a:45:5c:89:25:84:8b:a8:f5:4a:3e:
b3:a9:bd:81:0b:52:6f:0b:0a:59:97:30:e0:13:bb:e2:2d:f1:
74:f3:87:9b:1f:fa:63:9b:37:d6:d1:63:d6:53:7d:9a:62:25:
36:9b:a0:13:b2:20:c2:d4:d3:14:24:4e:0c:a0:e5:d1:6c:7a:
c6:06:4c:d7:37:db:b7:f6:6c:22:43:cf:3b:05:39:c9:fb:3e:
ed:2a:35:c3:42:d0:f2:3a:88:10:1f:e1:73:5f:c3:2d:4a:74:
2d:31:8a:4a:69:94:e5:2a:6f:c2:66:c1:ee:e0:00:6b:b0:81:
c6:14:e8:55:14:ad:6b:8c:eb:57:ad:86:4d:6b:63:f4:a6:eb:
12:db:0d:c9:2c:69:80:d8:17:38:cd:2f:4e:bd:fb:7c:ce:b6:
36:51:8c:a6:21:b4:4c:67:4f:50:0a:ca:e4:3f:96:a4:c6:79:
cc:b6:56:d3:cd:fc:64:24:4a:24:3e:88:56:85:ee:2d:33:65:
f1:9d:9e:a3:1e:db:17:97:a8:35:e3:97:a1:c4:d9:3b:71:03:
f2:7e:a4:43:73:71:96:ed:b8:06:9e:ff:75:0a:65:1d:3d:04:
28:b2:40:27
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZH/ttbiVzZo2Aq6MaNtv+s1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MzA3ZDI5ZjU1NDNmMjFlYTMwMDliOTUyM2ZlNzFiOGYx
MzY5Y2EwHhcNMjQwOTE3MTEyMDU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGJkOTRlMTg5NzE2NDEzZjY3YTRkYmZmZTViMDQyNzgzYWZjNTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA25flpnjYN8/DSZgXSCbKv4/44MVy
LRpe6iq05CKj3ANyTwIL+M7VNh3WnlljXhZpjxjdj8o0Xg3dpIUxTpY4KHGaLmqq
oTr4sQrKIT226uKBLl3Dw3Pgk3Mfb+zilKBAJXL4KxdMH1Sq9XLV92KZ+ma++A6q
nG7NIUPZlxMV5eqWx3RGl5GFTrT5KaXdM1Cz1QwVrnOJO3vZiPVy7b1x/E5sw/pf
e7kEWymPS5pEWHc0300nvVg1IW6LMya0q0lTTFLvPFXu76byJk17XVnYr4Cbbf4R
qpM7kBhZ7lmcssf8gsBEZBLDM2qYM856sdbTkh9zmU1jXQ+DLIx0uJrC7QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIS9lOGJcWQT9npNv/5bBCeDr8UuMB8GA1UdIwQY
MBaAFBYwfSn1VD8h6jAJuVI/5xuPE2nKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmpCOUtmVlVQeUhxTUFtNVVqX25HNDhUYWNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9iZjVlNzAtNjY2NS00OWRlLWI5Y2Yt
NGNmZTQwZjA3YTZiLzEvaEwyVTRZbHhaQlAyZWsyX19sc0VKNE92eFM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9iZjVlNzAtNjY2NS00OWRlLWI5Y2YtNGNmZTQwZjA3YTZi
LzEvRmpCOUtmVlVQeUhxTUFtNVVqX25HNDhUYWNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYMAoDAwBSFQMD
AFIWAwQF1CugAwQF1ZPgMA0GCSqGSIb3DQEBCwUAA4IBAQA+b7PSNMhTdsYTJ8uI
Ww0sKLZtVQg544WzSkVciSWEi6j1Sj6zqb2BC1JvCwpZlzDgE7viLfF084ebH/pj
mzfW0WPWU32aYiU2m6ATsiDC1NMUJE4MoOXRbHrGBkzXN9u39mwiQ887BTnJ+z7t
KjXDQtDyOogQH+FzX8MtSnQtMYpKaZTlKm/CZsHu4ABrsIHGFOhVFK1rjOtXrYZN
a2P0pusS2w3JLGmA2Bc4zS9Ovft8zrY2UYymIbRMZ09QCsrkP5akxnnMtlbTzfxk
JEokPohWhe4tM2XxnZ6jHtsXl6g145ehxNk7cQPyfqRDc3GW7bgGnv91CmUdPQQo
skAn
-----END CERTIFICATE-----
Generated at Fri Sep 27 15:32:02 2024 by rpki-client on console-fra.rpki-client.org