Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/1-4ueodUHhGe-xQ7pdHk0-OX-jOg.roa
File: 1-4ueodUHhGe-xQ7pdHk0-OX-jOg.roa (raw, json)
Hash identifier: q+XMK2ZU6ksi2Ut5OwqUBnPdmcjxzZu0MLL3on/PbIg=
Subject key identifier: FB:8B:9E:A1:D5:07:84:67:BE:C5:0E:E9:74:79:34:F8:E5:FE:8C:E8
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018C6E9B6359023AAFCEBF82919C62976DB7
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/1-4ueodUHhGe-xQ7pdHk0-OX-jOg.roa
Signing time: Fri 15 Dec 2023 17:52:06 +0000
ROA not before: Fri 15 Dec 2023 17:52:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212238
IP address blocks: 82.163.68.0/22 maxlen: 22
5.102.108.0/22 maxlen: 22
5.102.120.0/22 maxlen: 22
5.102.124.0/22 maxlen: 22
Validation: Failed, certificate revoked on Sun 24 Dec 2023 07:41:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:6e:9b:63:59:02:3a:af:ce:bf:82:91:9c:62:97:6d:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Dec 15 17:52:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fb8b9ea1d5078467bec50ee9747934f8e5fe8ce8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:24:4b:c9:95:63:b4:80:c5:00:20:22:55:d5:
1a:83:7f:1c:9d:52:b0:ad:83:6c:f8:f2:67:4b:1f:
28:b5:a3:c9:c8:a2:5f:67:5b:ba:f0:7a:28:77:c2:
76:85:56:59:12:20:2c:ec:f8:4f:73:05:57:66:a7:
2d:e7:f1:90:46:40:5c:f4:5d:2b:fd:b1:46:8c:61:
7a:17:ed:2b:2a:51:40:2b:c4:7d:58:d7:88:61:b0:
af:20:c0:70:31:cc:68:22:94:63:75:47:83:6e:43:
c7:e7:96:55:1b:eb:b7:b8:59:dc:60:95:f7:3b:2f:
e5:11:36:52:26:6c:50:6b:e3:55:61:a9:63:ff:f4:
b3:30:a0:7a:61:20:e6:f2:54:eb:f9:52:46:39:7b:
af:e2:4f:35:09:3e:ef:de:5d:8b:07:b7:17:bc:5e:
5c:dc:03:eb:1f:d6:d4:e7:fe:ea:c3:e5:a1:28:c9:
2e:71:2c:b7:ba:4f:b7:50:cf:56:42:f0:f3:cd:94:
fb:17:16:56:0d:42:e5:0b:4b:4d:3c:44:87:82:f3:
8b:76:28:fa:ee:84:f7:04:e9:32:46:55:a9:79:61:
7e:5c:2f:7d:38:01:b5:78:c2:ae:6e:fa:c5:07:bc:
20:34:6c:59:95:74:5e:d4:b9:cb:60:9c:47:64:7e:
75:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:8B:9E:A1:D5:07:84:67:BE:C5:0E:E9:74:79:34:F8:E5:FE:8C:E8
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/1-4ueodUHhGe-xQ7pdHk0-OX-jOg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.108.0/22
5.102.120.0/21
82.163.68.0/22
Signature Algorithm: sha256WithRSAEncryption
24:76:b3:31:2d:8c:c2:54:8a:60:af:83:6e:1f:5f:c2:c6:d0:
af:4d:6d:fa:c9:a2:84:3b:1b:61:3e:1d:ba:d5:ea:37:53:ed:
4d:24:85:41:4a:84:9f:1e:87:a3:81:19:cd:19:16:f1:b1:d9:
54:46:a3:23:41:aa:fe:01:e5:f6:c1:32:f2:06:e7:c7:0e:3d:
d0:f6:83:ba:0e:95:1f:53:e6:d9:0d:db:08:c5:b2:32:1b:33:
7b:43:d4:1e:61:c7:f0:6d:89:45:f8:14:6c:6f:07:fc:1f:7b:
74:73:96:1e:24:a8:46:20:d1:91:69:48:02:12:c3:2a:c0:53:
34:3a:88:bb:e7:23:c4:3f:f5:ce:06:89:fa:f1:62:7e:ef:b5:
26:ea:97:75:26:84:85:8a:3f:d4:11:0a:e7:7e:3a:51:80:52:
57:18:e5:5b:88:8e:b3:28:75:2f:02:42:d0:00:9c:98:9c:22:
aa:79:cd:ba:92:39:c1:5b:a0:a0:d6:e8:de:e9:5d:d7:52:f7:
c2:1e:93:72:86:7e:a7:a0:25:6c:ec:ed:86:36:e0:16:68:91:
83:d6:9f:1a:b9:d2:ae:7c:01:be:fe:c8:11:1e:28:55:a3:39:
b5:c9:d0:66:01:4d:8e:21:48:ca:80:31:7d:5c:44:0e:47:ac:
74:e7:88:7b
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAYxum2NZAjqvzr+CkZxil223MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMxMjE1MTc1MjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjhiOWVhMWQ1MDc4NDY3YmVjNTBlZTk3NDc5MzRmOGU1ZmU4Y2U4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApiRLyZVjtIDFACAiVdUag38cnVKw
rYNs+PJnSx8otaPJyKJfZ1u68Hood8J2hVZZEiAs7PhPcwVXZqct5/GQRkBc9F0r
/bFGjGF6F+0rKlFAK8R9WNeIYbCvIMBwMcxoIpRjdUeDbkPH55ZVG+u3uFncYJX3
Oy/lETZSJmxQa+NVYalj//SzMKB6YSDm8lTr+VJGOXuv4k81CT7v3l2LB7cXvF5c
3APrH9bU5/7qw+WhKMkucSy3uk+3UM9WQvDzzZT7FxZWDULlC0tNPESHgvOLdij6
7oT3BOkyRlWpeWF+XC99OAG1eMKubvrFB7wgNGxZlXRe1LnLYJxHZH51cwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPuLnqHVB4RnvsUO6XR5NPjl/ozoMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvMS00dWVvZFVIaEdlLXhRN3BkSGswLU9YLWpPZy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvNjZmMDVjLTc0MWMtNDcyMC1iYzdlLTg5NzE0YTdlOGQ1
OC8xL2hzemdibkRmbHcyUXFfNDh2bi1vZ3ZSbnNlUS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAgVmbAME
AwVmeAMEAlKjRDANBgkqhkiG9w0BAQsFAAOCAQEAJHazMS2MwlSKYK+Dbh9fwsbQ
r01t+smihDsbYT4dutXqN1PtTSSFQUqEnx6Ho4EZzRkW8bHZVEajI0Gq/gHl9sEy
8gbnxw490PaDug6VH1Pm2Q3bCMWyMhsze0PUHmHH8G2JRfgUbG8H/B97dHOWHiSo
RiDRkWlIAhLDKsBTNDqIu+cjxD/1zgaJ+vFifu+1JuqXdSaEhYo/1BEK5346UYBS
VxjlW4iOsyh1LwJC0ACcmJwiqnnNupI5wVugoNbo3uld11L3wh6TcoZ+p6AlbOzt
hjbgFmiRg9afGrnSrnwBvv7IER4oVaM5tcnQZgFNjiFIyoAxfVxEDkesdOeIew==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:46 2024 by rpki-client on console-ams.rpki-client.org