Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/6eKgQSkp4J3gHgGNi6RGVehwfNI.roa
File: 6eKgQSkp4J3gHgGNi6RGVehwfNI.roa (raw, json)
Hash identifier: UkpAda+EHNWeVCxEPfYU46cOP8swbjuHZo9dPMcZ+Fw=
Subject key identifier: E9:E2:A0:41:29:29:E0:9D:E0:1E:01:8D:8B:A4:46:55:E8:70:7C:D2
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0190BF9E3418C983799BA1F664C9A95BAA2D
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/6eKgQSkp4J3gHgGNi6RGVehwfNI.roa
Signing time: Wed 17 Jul 2024 07:35:34 +0000
ROA not before: Wed 17 Jul 2024 07:35:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210542
IP address blocks: 82.163.52.0/23 maxlen: 24
149.126.92.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 17 Jul 2024 07:54:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:bf:9e:34:18:c9:83:79:9b:a1:f6:64:c9:a9:5b:aa:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Jul 17 07:35:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e9e2a0412929e09de01e018d8ba44655e8707cd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:dc:e4:67:6f:c9:fc:5b:21:c5:6d:9b:39:99:
f4:e5:83:25:dd:47:a1:9e:29:ad:50:b9:15:a6:62:
c9:65:b7:45:c7:8f:5a:22:dd:51:4b:db:56:73:7c:
5e:56:8a:1b:b3:a0:fc:1c:91:69:db:38:e7:0e:31:
77:d4:0b:40:0d:9d:c5:7f:35:5a:fb:62:21:5f:19:
0b:74:85:a6:c7:df:4d:d8:40:ec:3f:05:0a:e7:26:
09:06:93:27:38:bd:06:18:0d:74:40:1d:b5:29:c9:
78:f7:b0:6b:94:0b:09:e1:93:63:ec:76:5d:38:2f:
68:1f:e2:a0:1a:2c:0e:b7:bb:a1:45:bc:9b:06:d8:
9c:4b:eb:ab:09:4d:ab:05:0b:75:5c:83:13:93:2f:
35:15:31:f5:16:52:21:5a:f1:f5:ef:24:e7:eb:aa:
6e:7f:10:7a:b0:49:cb:46:d8:fe:92:92:7a:50:38:
f8:56:9d:0b:c7:b5:0c:ba:ac:49:d9:04:73:cf:3a:
29:04:b1:78:cb:64:ba:d7:84:49:d6:58:e7:3b:a8:
c1:37:ef:d5:0d:b7:6d:73:72:c3:60:af:06:5f:af:
7c:c5:85:50:cc:86:32:d3:34:49:e4:ae:d7:46:51:
5f:b0:dc:bf:3a:20:87:f9:3d:f9:a2:3d:a3:9f:51:
85:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:E2:A0:41:29:29:E0:9D:E0:1E:01:8D:8B:A4:46:55:E8:70:7C:D2
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/6eKgQSkp4J3gHgGNi6RGVehwfNI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.163.52.0/23
149.126.92.0/22
Signature Algorithm: sha256WithRSAEncryption
10:0c:8d:17:73:e6:9c:bc:c1:96:72:46:0a:86:45:04:25:9b:
ba:7e:90:4a:61:16:56:f0:83:dc:a5:af:93:98:2f:0a:59:c8:
1d:99:ec:01:51:a7:1d:16:40:fe:23:df:9c:38:63:07:5f:0a:
dd:6c:1e:c6:f6:51:ea:99:3e:7c:27:8a:f0:b6:e3:ba:71:08:
1f:95:96:5b:e9:c6:23:68:dd:28:ab:29:98:e8:99:2e:61:11:
f1:b7:12:ba:27:17:38:b9:f9:87:cf:54:4b:17:0f:6d:b0:5a:
39:71:45:7e:93:b8:15:e0:cc:89:eb:57:09:0d:b2:f8:26:e8:
36:74:9a:eb:12:19:87:87:71:af:93:00:57:6b:d3:96:f4:99:
27:b6:c1:9a:5f:c6:9d:1f:8b:a0:1d:a0:ec:a0:9d:fe:d6:7b:
b6:24:20:df:16:15:0c:e0:9f:e1:f1:53:33:00:bc:00:31:45:
7e:72:19:e8:f1:77:57:39:b2:f6:59:09:a5:ef:c6:1f:73:94:
b5:4b:89:21:56:25:58:d9:33:c7:38:66:fe:0f:0b:b6:a7:98:
db:49:52:ef:f4:87:be:b6:90:0c:37:68:36:bf:12:0a:ec:cd:
0a:bf:28:9a:9b:01:c1:8a:61:b0:76:0e:6f:b0:5b:30:b2:e2:
69:bd:f7:c7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZC/njQYyYN5m6H2ZMmpW6otMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQwNzE3MDczNTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWUyYTA0MTI5MjllMDlkZTAxZTAxOGQ4YmE0NDY1NWU4NzA3Y2QyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuNzkZ2/J/FshxW2bOZn05YMl3Ueh
nimtULkVpmLJZbdFx49aIt1RS9tWc3xeVoobs6D8HJFp2zjnDjF31AtADZ3FfzVa
+2IhXxkLdIWmx99N2EDsPwUK5yYJBpMnOL0GGA10QB21Kcl497BrlAsJ4ZNj7HZd
OC9oH+KgGiwOt7uhRbybBticS+urCU2rBQt1XIMTky81FTH1FlIhWvH17yTn66pu
fxB6sEnLRtj+kpJ6UDj4Vp0Lx7UMuqxJ2QRzzzopBLF4y2S614RJ1ljnO6jBN+/V
Dbdtc3LDYK8GX698xYVQzIYy0zRJ5K7XRlFfsNy/OiCH+T35oj2jn1GFCQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOnioEEpKeCd4B4BjYukRlXocHzSMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvNmVLZ1FTa3A0SjNnSGdHTmk2UkdWZWh3Zk5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBUqM0AwQC
lX5cMA0GCSqGSIb3DQEBCwUAA4IBAQAQDI0Xc+acvMGWckYKhkUEJZu6fpBKYRZW
8IPcpa+TmC8KWcgdmewBUacdFkD+I9+cOGMHXwrdbB7G9lHqmT58J4rwtuO6cQgf
lZZb6cYjaN0oqymY6JkuYRHxtxK6Jxc4ufmHz1RLFw9tsFo5cUV+k7gV4MyJ61cJ
DbL4Jug2dJrrEhmHh3GvkwBXa9OW9JkntsGaX8adH4ugHaDsoJ3+1nu2JCDfFhUM
4J/h8VMzALwAMUV+chno8XdXObL2WQml78Yfc5S1S4khViVY2TPHOGb+Dwu2p5jb
SVLv9Ie+tpAMN2g2vxIK7M0KvyiamwHBimGwdg5vsFswsuJpvffH
-----END CERTIFICATE-----
Generated at Sun May 11 21:19:35 2025 by rpki-client