Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/1373a0-8c3d-4283-a5ce-822ea43dc18d/1/pk2W7rl0sXuty2brwnwRdj-LF34.roa
File: pk2W7rl0sXuty2brwnwRdj-LF34.roa (raw, json)
Hash identifier: ZUpTdTTp79PpXWV5dAGfarUpUFb2vCvGnpP3GHIl2YQ=
Subject key identifier: A6:4D:96:EE:B9:74:B1:7B:AD:CB:66:EB:C2:7C:11:76:3F:8B:17:7E
Certificate issuer: /CN=dbbf37909ce17ba53ad90a8632377a5d938743e5
Certificate serial: 018CCA2A7BC971E7CFCE7E0160836F58B339
Authority key identifier: DB:BF:37:90:9C:E1:7B:A5:3A:D9:0A:86:32:37:7A:5D:93:87:43:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2783kJzhe6U62QqGMjd6XZOHQ-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/1373a0-8c3d-4283-a5ce-822ea43dc18d/1/pk2W7rl0sXuty2brwnwRdj-LF34.roa
Signing time: Tue 02 Jan 2024 12:33:50 +0000
ROA not before: Tue 02 Jan 2024 12:33:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 267809
IP address blocks: 82.86.112.0/20 maxlen: 20
Validation: Failed, certificate revoked on Wed 21 Aug 2024 07:12:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:7b:c9:71:e7:cf:ce:7e:01:60:83:6f:58:b3:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbbf37909ce17ba53ad90a8632377a5d938743e5
Validity
Not Before: Jan 2 12:33:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a64d96eeb974b17badcb66ebc27c11763f8b177e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:92:74:f0:e1:7e:ef:f5:29:b9:5e:29:37:a4:
d3:69:6e:ec:21:ef:1a:2c:cf:83:93:e5:33:1d:41:
2f:6b:a3:03:7b:c3:56:a9:13:27:56:61:c7:74:6e:
36:16:46:db:fd:4e:1c:e2:14:ce:6d:95:62:e1:41:
53:24:bf:8e:fa:a4:2b:8e:86:c1:1e:c3:68:96:87:
5a:08:0f:9d:88:f1:9e:05:46:cf:08:a2:16:ef:04:
1b:66:ff:30:5f:75:06:46:26:72:b5:fa:c9:7f:5a:
74:79:63:c0:b5:77:76:67:9b:12:40:46:7e:c1:3a:
01:ca:b7:b1:fa:5c:0f:3f:e9:84:59:1c:22:07:eb:
94:61:09:c2:ee:fd:7b:44:ec:e6:68:92:92:98:dd:
c1:53:4a:ea:98:52:44:61:67:fa:05:a9:5f:98:95:
0c:d6:a8:99:f5:2e:58:e9:68:3c:ec:86:da:61:be:
f1:f7:6e:76:f4:36:1a:6a:8a:79:25:e0:85:c3:53:
31:fd:b3:6b:f8:95:2e:f2:ec:a7:04:7e:70:80:ed:
f5:31:18:fb:38:87:79:00:73:48:1e:9e:67:99:0b:
c2:5f:3a:3b:93:1f:b9:40:f3:f3:9f:49:e9:a0:b3:
2d:fb:5c:5e:af:fe:66:4c:91:f0:3a:85:cc:a2:10:
a2:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:4D:96:EE:B9:74:B1:7B:AD:CB:66:EB:C2:7C:11:76:3F:8B:17:7E
X509v3 Authority Key Identifier:
keyid:DB:BF:37:90:9C:E1:7B:A5:3A:D9:0A:86:32:37:7A:5D:93:87:43:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2783kJzhe6U62QqGMjd6XZOHQ-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/1373a0-8c3d-4283-a5ce-822ea43dc18d/1/pk2W7rl0sXuty2brwnwRdj-LF34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/1373a0-8c3d-4283-a5ce-822ea43dc18d/1/2783kJzhe6U62QqGMjd6XZOHQ-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.86.112.0/20
Signature Algorithm: sha256WithRSAEncryption
79:26:3f:b1:a1:24:8b:40:85:0b:c0:c5:11:56:e7:e5:78:01:
5b:a8:e2:18:1b:a7:6b:37:74:f5:92:88:99:46:b1:d0:a1:c8:
23:8b:41:6e:4d:cb:c3:a8:cc:79:df:e9:8a:ab:d7:ef:ec:44:
6b:f4:57:58:ab:91:50:65:5b:16:ec:50:35:a6:c6:51:09:f4:
34:5e:5c:cd:5f:52:e5:87:70:88:47:c1:e0:0b:c0:a8:96:cf:
8d:ae:df:5f:c3:fc:b9:4c:db:cf:70:4a:b8:b0:81:e8:26:84:
99:b2:8a:51:63:c2:c7:41:a3:fa:48:67:15:09:b9:ed:0a:ff:
27:78:af:74:1a:b2:76:da:bb:b0:9d:73:cf:f8:7d:aa:0f:0d:
12:53:f1:b2:57:ca:17:a2:15:69:a3:fb:44:02:10:ae:9f:03:
f7:b8:0f:dc:1c:46:ad:ca:a7:ac:76:6d:40:4e:3c:84:82:2e:
50:62:27:98:e6:78:e7:d3:0e:7e:ef:36:d9:ec:2c:e6:8c:b7:
02:33:b7:89:20:57:ef:25:95:70:1c:2f:d6:83:bb:87:69:6f:
93:46:5f:b4:b6:72:e3:97:97:94:d3:22:fa:1d:26:43:68:1b:
1c:41:f0:3d:e0:17:0a:90:47:17:8d:f2:bb:36:40:ac:cf:07:
9c:b9:fb:cb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKnvJcefPzn4BYINvWLM5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiYmYzNzkwOWNlMTdiYTUzYWQ5MGE4NjMyMzc3YTVkOTM4
NzQzZTUwHhcNMjQwMTAyMTIzMzUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjRkOTZlZWI5NzRiMTdiYWRjYjY2ZWJjMjdjMTE3NjNmOGIxNzdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh5J08OF+7/UpuV4pN6TTaW7sIe8a
LM+Dk+UzHUEva6MDe8NWqRMnVmHHdG42Fkbb/U4c4hTObZVi4UFTJL+O+qQrjobB
HsNolodaCA+diPGeBUbPCKIW7wQbZv8wX3UGRiZytfrJf1p0eWPAtXd2Z5sSQEZ+
wToByrex+lwPP+mEWRwiB+uUYQnC7v17ROzmaJKSmN3BU0rqmFJEYWf6BalfmJUM
1qiZ9S5Y6Wg87IbaYb7x92529DYaaop5JeCFw1Mx/bNr+JUu8uynBH5wgO31MRj7
OId5AHNIHp5nmQvCXzo7kx+5QPPzn0npoLMt+1xer/5mTJHwOoXMohCi2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKZNlu65dLF7rctm68J8EXY/ixd+MB8GA1UdIwQY
MBaAFNu/N5Cc4XulOtkKhjI3el2Th0PlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjc4M2tKemhlNlU2MlFxR01qZDZYWk9IUS1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC8xMzczYTAtOGMzZC00MjgzLWE1Y2Ut
ODIyZWE0M2RjMThkLzEvcGsyVzdybDBzWHV0eTJicndud1Jkai1MRjM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC8xMzczYTAtOGMzZC00MjgzLWE1Y2UtODIyZWE0M2RjMThk
LzEvMjc4M2tKemhlNlU2MlFxR01qZDZYWk9IUS1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEUlZwMA0G
CSqGSIb3DQEBCwUAA4IBAQB5Jj+xoSSLQIULwMURVufleAFbqOIYG6drN3T1koiZ
RrHQocgji0FuTcvDqMx53+mKq9fv7ERr9FdYq5FQZVsW7FA1psZRCfQ0XlzNX1Ll
h3CIR8HgC8Cols+Nrt9fw/y5TNvPcEq4sIHoJoSZsopRY8LHQaP6SGcVCbntCv8n
eK90GrJ22ruwnXPP+H2qDw0SU/GyV8oXohVpo/tEAhCunwP3uA/cHEatyqesdm1A
TjyEgi5QYieY5njn0w5+7zbZ7CzmjLcCM7eJIFfvJZVwHC/Wg7uHaW+TRl+0tnLj
l5eU0yL6HSZDaBscQfA94BcKkEcXjfK7NkCszwecufvL
-----END CERTIFICATE-----
Generated at Wed Aug 21 09:45:55 2024 by rpki-client on console-ams.rpki-client.org