Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/to90UImoAe299xBPsjunbP2N-SE.roa
File: to90UImoAe299xBPsjunbP2N-SE.roa (raw, json)
Hash identifier: x6n1j++LlYPENPSaF2GqXoU+8Lz1KzSOU71r+ZioQCA=
Subject key identifier: B6:8F:74:50:89:A8:01:ED:BD:F7:10:4F:B2:3B:A7:6C:FD:8D:F9:21
Certificate issuer: /CN=16307d29f5543f21ea3009b9523fe71b8f1369ca
Certificate serial: 019233BDC9C25B6721F811BEDBC7DB468933
Authority key identifier: 16:30:7D:29:F5:54:3F:21:EA:30:09:B9:52:3F:E7:1B:8F:13:69:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FjB9KfVUPyHqMAm5Uj_nG48Taco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/to90UImoAe299xBPsjunbP2N-SE.roa
Signing time: Fri 27 Sep 2024 13:48:48 +0000
ROA not before: Fri 27 Sep 2024 13:48:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 82.21.0.0/16 maxlen: 16
82.22.0.0/16 maxlen: 16
82.23.0.0/16 maxlen: 16
82.24.0.0/16 maxlen: 16
82.25.0.0/16 maxlen: 16
82.26.0.0/16 maxlen: 16
82.27.0.0/16 maxlen: 16
82.29.0.0/16 maxlen: 16
212.43.160.0/19 maxlen: 19
213.147.224.0/19 maxlen: 19
Validation: Failed, certificate revoked on Tue 01 Oct 2024 08:15:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:33:bd:c9:c2:5b:67:21:f8:11:be:db:c7:db:46:89:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16307d29f5543f21ea3009b9523fe71b8f1369ca
Validity
Not Before: Sep 27 13:48:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b68f745089a801edbdf7104fb23ba76cfd8df921
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:a7:ae:83:e0:32:6c:35:5c:15:ea:04:11:6b:
2d:a2:c7:ec:ca:0d:79:5b:95:56:f5:74:9d:af:1e:
f5:9a:db:3f:33:2e:0f:fe:e7:91:0e:99:54:af:06:
68:cc:4d:e2:4f:7e:24:60:06:5d:ac:a9:0b:0f:fa:
55:5d:5a:79:7d:d2:e3:ac:e2:92:a0:29:5a:f0:1b:
26:a2:63:8e:59:b6:5b:68:e2:35:21:fa:1f:cd:ab:
09:ea:7f:4a:d5:34:65:2f:46:ed:69:4a:f3:17:0f:
30:36:f3:de:bb:4b:14:3e:18:bf:70:22:0b:90:c7:
d5:03:4b:24:0f:0c:78:30:18:90:40:6f:44:7a:db:
d8:de:9d:e8:9d:17:6c:1f:7c:40:a5:d1:10:fb:6c:
ff:e4:2f:b3:da:9d:fb:ad:37:9c:f5:60:e1:b8:20:
38:a3:60:4c:4e:92:bb:15:50:a6:e0:60:56:60:8d:
54:05:87:de:4b:cc:37:12:68:f3:4a:29:5d:88:de:
35:16:a9:e0:0c:5c:9d:4d:63:57:81:0c:78:c2:3a:
59:bc:a0:0b:2b:c4:fc:3b:e3:34:65:dc:63:2d:53:
d9:57:db:39:9d:0f:3f:bf:a6:ef:a4:44:9a:5f:b8:
c7:e2:3b:af:01:9e:e2:cc:cd:cf:ec:e8:b1:d1:64:
ac:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:8F:74:50:89:A8:01:ED:BD:F7:10:4F:B2:3B:A7:6C:FD:8D:F9:21
X509v3 Authority Key Identifier:
keyid:16:30:7D:29:F5:54:3F:21:EA:30:09:B9:52:3F:E7:1B:8F:13:69:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FjB9KfVUPyHqMAm5Uj_nG48Taco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/to90UImoAe299xBPsjunbP2N-SE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/FjB9KfVUPyHqMAm5Uj_nG48Taco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.0.0-82.27.255.255
82.29.0.0/16
212.43.160.0/19
213.147.224.0/19
Signature Algorithm: sha256WithRSAEncryption
b1:38:2d:f0:c8:ed:ce:c7:ea:d4:ed:50:ff:33:8b:47:80:37:
6d:0b:35:8a:6f:e5:9a:08:b6:45:b3:73:df:cd:17:fd:e6:2d:
90:c8:ca:84:ff:be:71:2f:c7:28:98:28:b0:84:3d:a9:d0:d4:
6b:fe:54:71:0f:d1:0a:d8:e3:c6:15:79:77:77:1e:cb:74:78:
8f:fb:cf:07:b3:b1:14:61:da:c6:6d:8e:43:57:62:e5:62:36:
55:c3:6b:ad:9d:a3:7f:a6:89:d7:6e:92:d0:f5:4c:38:f8:fe:
7a:62:f1:5e:ae:87:f9:a0:a9:5e:40:6e:3b:cc:10:70:1c:02:
e7:e6:e0:23:e4:a9:7f:d2:cb:9a:38:3d:9d:92:b2:08:b3:de:
b1:d5:3a:4c:96:7b:ae:9b:18:25:72:1c:39:e4:00:63:49:48:
5b:40:73:15:88:95:12:dd:43:00:da:29:34:fc:23:18:ed:3f:
00:d7:40:55:e2:b5:06:35:f5:66:6c:db:7c:12:08:64:99:7b:
85:49:ec:67:d6:6d:db:62:73:f8:3d:bf:c3:be:d1:f5:f5:a6:
03:c7:5d:25:20:91:8d:57:dc:d3:a4:a1:b8:be:35:ae:e3:8e:
91:3b:01:af:ad:38:0b:6e:ac:23:2f:0d:e1:14:be:17:bc:7c:
ef:60:be:e8
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZIzvcnCW2ch+BG+28fbRokzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MzA3ZDI5ZjU1NDNmMjFlYTMwMDliOTUyM2ZlNzFiOGYx
MzY5Y2EwHhcNMjQwOTI3MTM0ODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjhmNzQ1MDg5YTgwMWVkYmRmNzEwNGZiMjNiYTc2Y2ZkOGRmOTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwKeug+AybDVcFeoEEWstosfsyg15
W5VW9XSdrx71mts/My4P/ueRDplUrwZozE3iT34kYAZdrKkLD/pVXVp5fdLjrOKS
oCla8BsmomOOWbZbaOI1IfofzasJ6n9K1TRlL0btaUrzFw8wNvPeu0sUPhi/cCIL
kMfVA0skDwx4MBiQQG9EetvY3p3onRdsH3xApdEQ+2z/5C+z2p37rTec9WDhuCA4
o2BMTpK7FVCm4GBWYI1UBYfeS8w3EmjzSildiN41FqngDFydTWNXgQx4wjpZvKAL
K8T8O+M0ZdxjLVPZV9s5nQ8/v6bvpESaX7jH4juvAZ7izM3P7Oix0WSsvQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFLaPdFCJqAHtvfcQT7I7p2z9jfkhMB8GA1UdIwQY
MBaAFBYwfSn1VD8h6jAJuVI/5xuPE2nKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmpCOUtmVlVQeUhxTUFtNVVqX25HNDhUYWNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9iZjVlNzAtNjY2NS00OWRlLWI5Y2Yt
NGNmZTQwZjA3YTZiLzEvdG85MFVJbW9BZTI5OXhCUHNqdW5iUDJOLVNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9iZjVlNzAtNjY2NS00OWRlLWI5Y2YtNGNmZTQwZjA3YTZi
LzEvRmpCOUtmVlVQeUhxTUFtNVVqX25HNDhUYWNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAATAdMAoDAwBSFQMD
AlIYAwMAUh0DBAXUK6ADBAXVk+AwDQYJKoZIhvcNAQELBQADggEBALE4LfDI7c7H
6tTtUP8zi0eAN20LNYpv5ZoItkWzc9/NF/3mLZDIyoT/vnEvxyiYKLCEPanQ1Gv+
VHEP0QrY48YVeXd3Hst0eI/7zwezsRRh2sZtjkNXYuViNlXDa62do3+midduktD1
TDj4/npi8V6uh/mgqV5AbjvMEHAcAufm4CPkqX/Sy5o4PZ2Ssgiz3rHVOkyWe66b
GCVyHDnkAGNJSFtAcxWIlRLdQwDaKTT8IxjtPwDXQFXitQY19WZs23wSCGSZe4VJ
7GfWbdtic/g9v8O+0fX1pgPHXSUgkY1X3NOkobi+Na7jjpE7Aa+tOAturCMvDeEU
vhe8fO9gvug=
-----END CERTIFICATE-----
Generated at Tue Oct 1 12:18:48 2024 by rpki-client on console-ams.rpki-client.org