Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/1-pZAnfjhPS8L0oOYsdkUFI6YZkE.roa
File: 1-pZAnfjhPS8L0oOYsdkUFI6YZkE.roa (raw, json)
Hash identifier: Ds0WTYuyMtSH0LZjTYNjnhAdJNoLMRpkb/JIqDZydnM=
Subject key identifier: FA:96:40:9D:F8:E1:3D:2F:0B:D2:83:98:B1:D9:14:14:8E:98:66:41
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018BE67668885E5F30484784DACE31B3BDAA
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/1-pZAnfjhPS8L0oOYsdkUFI6YZkE.roa
Signing time: Sun 19 Nov 2023 07:23:21 +0000
ROA not before: Sun 19 Nov 2023 07:23:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 37.218.208.0/21 maxlen: 24
149.126.88.0/22 maxlen: 24
5.102.96.0/19 maxlen: 24
5.102.96.0/20 maxlen: 24
5.102.112.0/20 maxlen: 24
Validation: Failed, certificate revoked on Wed 22 Nov 2023 12:04:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:e6:76:68:88:5e:5f:30:48:47:84:da:ce:31:b3:bd:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Nov 19 07:23:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fa96409df8e13d2f0bd28398b1d914148e986641
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:cb:02:6d:25:7f:75:4e:25:67:da:f7:50:72:
58:14:12:02:ed:0d:54:2c:90:39:ef:1a:ea:c6:eb:
d6:3c:9f:71:22:94:90:93:0a:d2:f4:82:6b:90:fd:
d8:ba:79:b4:be:8b:6f:f4:03:be:37:2f:67:25:e8:
b7:d4:ad:01:ec:4a:3c:a2:64:72:f0:ab:3e:f0:c4:
89:12:68:06:06:1d:7a:60:9b:aa:79:6f:57:8c:a9:
d0:ce:97:55:95:79:49:d1:92:7f:a8:86:aa:b1:c1:
11:9f:16:7d:02:c9:22:e4:df:4a:fd:76:4d:df:78:
16:c8:ec:ba:7c:c1:b5:6d:87:f5:a1:72:11:07:62:
41:d6:af:1b:26:7d:8b:e4:09:55:71:05:de:13:3d:
a5:fe:fa:b4:5d:b8:4c:72:0a:59:db:db:99:4e:61:
32:59:36:89:27:b9:58:05:c2:ba:a1:f0:ed:ae:8b:
b6:0f:71:bf:e6:b9:db:e6:ab:c4:48:23:79:96:e3:
26:c4:0d:c5:ec:fe:ae:0d:97:0f:63:5c:4b:03:d4:
39:34:12:b0:81:6e:12:43:a8:bb:fc:8b:a3:5d:e9:
aa:ca:04:b9:81:d1:22:be:7d:be:b8:8d:ea:d9:1e:
e8:6e:f8:c6:46:86:50:9c:cc:be:3b:1a:30:42:1a:
ee:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:96:40:9D:F8:E1:3D:2F:0B:D2:83:98:B1:D9:14:14:8E:98:66:41
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/1-pZAnfjhPS8L0oOYsdkUFI6YZkE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/19
37.218.208.0/21
149.126.88.0/22
Signature Algorithm: sha256WithRSAEncryption
98:85:b0:1c:97:c4:e8:71:40:07:7f:24:e1:9d:2e:bc:26:8b:
c7:8e:4e:41:21:95:53:26:b7:6d:79:aa:a0:05:fc:0b:bc:79:
a0:c2:d0:92:f5:ef:5c:20:e5:ce:6b:f9:72:39:d0:2a:6b:52:
ec:56:ea:e7:e5:46:05:0d:94:11:e9:6a:78:9c:d0:af:71:78:
be:4e:e1:8f:d8:79:2f:02:b5:04:32:b4:9e:59:44:d8:7a:be:
ad:89:61:35:10:f8:eb:f7:0f:2d:09:d9:db:42:24:43:3d:7b:
ec:eb:b3:82:7f:2a:51:42:46:09:c3:c1:e3:8a:d5:fb:4a:99:
79:4e:20:0b:da:1a:c4:3b:9f:63:b3:c5:3a:1c:c4:19:4a:fa:
c5:44:04:87:59:ae:90:df:e5:7d:2a:01:3e:70:b8:66:77:66:
e3:a0:27:ec:bb:72:d3:fd:2d:9e:40:c1:4a:64:89:94:58:49:
40:f8:26:9e:80:7f:15:18:39:4d:85:ae:6e:b5:5e:8f:a2:42:
d2:eb:c9:b5:12:26:c5:52:9b:e9:c6:df:79:40:4a:fd:05:5b:
c3:c8:f2:e6:51:23:7e:0c:13:8c:c6:84:ae:e9:80:c6:9b:d7:
66:e7:45:4f:d8:7f:71:a4:23:72:ff:6e:27:b0:ac:30:0c:e5:
4d:d9:30:5e
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAYvmdmiIXl8wSEeE2s4xs72qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMxMTE5MDcyMzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTk2NDA5ZGY4ZTEzZDJmMGJkMjgzOThiMWQ5MTQxNDhlOTg2NjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkMsCbSV/dU4lZ9r3UHJYFBIC7Q1U
LJA57xrqxuvWPJ9xIpSQkwrS9IJrkP3Yunm0votv9AO+Ny9nJei31K0B7Eo8omRy
8Ks+8MSJEmgGBh16YJuqeW9XjKnQzpdVlXlJ0ZJ/qIaqscERnxZ9Aski5N9K/XZN
33gWyOy6fMG1bYf1oXIRB2JB1q8bJn2L5AlVcQXeEz2l/vq0XbhMcgpZ29uZTmEy
WTaJJ7lYBcK6ofDtrou2D3G/5rnb5qvESCN5luMmxA3F7P6uDZcPY1xLA9Q5NBKw
gW4SQ6i7/IujXemqygS5gdEivn2+uI3q2R7obvjGRoZQnMy+OxowQhruEwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPqWQJ344T0vC9KDmLHZFBSOmGZBMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvMS1wWkFuZmpoUFM4TDBvT1lzZGtVRkk2WVprRS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvNjZmMDVjLTc0MWMtNDcyMC1iYzdlLTg5NzE0YTdlOGQ1
OC8xL2hzemdibkRmbHcyUXFfNDh2bi1vZ3ZSbnNlUS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEBQVmYAME
AyXa0AMEApV+WDANBgkqhkiG9w0BAQsFAAOCAQEAmIWwHJfE6HFAB38k4Z0uvCaL
x45OQSGVUya3bXmqoAX8C7x5oMLQkvXvXCDlzmv5cjnQKmtS7Fbq5+VGBQ2UEelq
eJzQr3F4vk7hj9h5LwK1BDK0nllE2Hq+rYlhNRD46/cPLQnZ20IkQz177Ouzgn8q
UUJGCcPB44rV+0qZeU4gC9oaxDufY7PFOhzEGUr6xUQEh1mukN/lfSoBPnC4Zndm
46An7Lty0/0tnkDBSmSJlFhJQPgmnoB/FRg5TYWubrVej6JC0uvJtRImxVKb6cbf
eUBK/QVbw8jy5lEjfgwTjMaErumAxpvXZudFT9h/caQjcv9uJ7CsMAzlTdkwXg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:35 2024 by rpki-client on console-fra.rpki-client.org