Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/1-rta8qWkAI0EyWYpvAJfPkK4u4g.roa
File: 1-rta8qWkAI0EyWYpvAJfPkK4u4g.roa (raw, json)
Hash identifier: OfvfvxMbGG8ErGt+TgqdEU/TtIA0tRsxuN0NXX9x8pU=
Subject key identifier: FA:BB:5A:F2:A5:A4:00:8D:04:C9:66:29:BC:02:5F:3E:42:B8:BB:88
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0190020BEE4D415F647960DA6A07D78EC3F9
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/1-rta8qWkAI0EyWYpvAJfPkK4u4g.roa
Signing time: Mon 10 Jun 2024 12:07:34 +0000
ROA not before: Mon 10 Jun 2024 12:07:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5065
IP address blocks: 5.102.124.0/22 maxlen: 24
82.163.54.0/23 maxlen: 24
82.163.96.0/21 maxlen: 24
82.163.168.0/22 maxlen: 24
82.163.224.0/22 maxlen: 24
130.255.68.0/22 maxlen: 24
188.215.120.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 19 Jun 2024 06:57:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:02:0b:ee:4d:41:5f:64:79:60:da:6a:07:d7:8e:c3:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Jun 10 12:07:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fabb5af2a5a4008d04c96629bc025f3e42b8bb88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:63:69:d5:55:bc:f5:db:7b:02:a1:5b:17:ff:
eb:22:81:cc:c9:54:86:c9:67:87:56:01:59:50:75:
72:32:19:57:85:2b:63:6f:f5:81:0c:bc:a8:4f:d0:
3f:75:15:82:1a:c0:c9:24:5b:e5:32:91:96:06:ae:
a8:ec:26:96:a7:50:fd:4c:16:67:a3:ef:9e:c0:cb:
7b:e0:03:40:ca:ae:0c:04:0b:53:c4:20:6c:a3:56:
34:99:bb:42:08:bd:2f:fa:ef:1c:06:c0:52:8b:1d:
c5:4e:08:46:64:27:0a:a8:f3:3b:c0:52:f6:86:26:
a2:e8:f6:7d:cc:38:42:6b:e6:96:44:7d:6f:00:2f:
d6:21:6c:59:7e:10:3f:5e:90:5b:74:21:22:ca:23:
e8:c0:90:d2:b0:48:3e:35:5f:67:5c:07:7d:5c:39:
c6:ef:0a:08:5f:99:d7:ab:ab:2a:c8:26:46:4c:e1:
fe:98:a5:d3:0e:a9:0b:39:15:c9:fe:cb:e1:f4:3a:
09:55:40:33:21:a3:32:fa:50:d4:cf:6e:0a:51:ea:
dd:50:be:88:9f:69:4c:d9:bd:3e:c2:6b:de:55:50:
cb:e7:f5:0c:f3:d3:77:bb:fb:d4:b5:25:22:2f:4f:
81:2a:5f:b2:4f:2f:f6:37:09:7b:b9:1d:10:fe:43:
76:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:BB:5A:F2:A5:A4:00:8D:04:C9:66:29:BC:02:5F:3E:42:B8:BB:88
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/1-rta8qWkAI0EyWYpvAJfPkK4u4g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.124.0/22
82.163.54.0/23
82.163.96.0/21
82.163.168.0/22
82.163.224.0/22
130.255.68.0/22
188.215.120.0/22
Signature Algorithm: sha256WithRSAEncryption
1c:3c:bc:16:2e:75:2e:17:b3:02:6c:bb:08:17:85:aa:2b:08:
89:45:a7:81:b6:f3:3f:04:be:19:e4:b4:0d:68:e5:15:34:3c:
cc:28:25:fb:67:72:ce:af:73:ef:69:12:f0:ce:fa:21:d5:97:
64:0c:98:33:92:8a:29:f3:0c:68:05:b8:48:b9:a3:d9:82:34:
73:de:f7:92:b4:14:c8:d3:fc:36:26:f7:4f:64:fc:69:86:a4:
ba:24:e3:88:45:20:db:7a:c2:b2:28:60:d9:26:ad:c1:09:5e:
49:3f:94:a6:2f:7f:97:79:22:67:4b:88:78:aa:78:85:83:04:
06:51:fd:e9:2c:5e:f9:e2:14:bd:4f:4c:57:96:b6:33:44:4d:
8b:08:bc:31:47:04:23:92:2d:37:54:38:8c:72:4f:61:a4:db:
9f:89:27:57:87:ce:8f:94:06:85:ec:e5:01:d2:50:7c:4b:30:
95:c8:e1:d4:48:3e:1b:c3:cb:cf:cd:c3:29:7a:f2:39:16:51:
42:52:d4:e4:8e:f5:85:c4:5e:ee:33:c0:11:16:e6:d9:11:3f:
6b:bb:f0:9e:62:d1:72:d7:a4:88:60:b1:55:09:27:fa:46:40:
3c:66:5c:78:94:ab:5a:38:f7:de:f5:59:ff:1a:b7:8b:bd:57:
c7:d9:18:e2
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAZACC+5NQV9keWDaagfXjsP5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQwNjEwMTIwNzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWJiNWFmMmE1YTQwMDhkMDRjOTY2MjliYzAyNWYzZTQyYjhiYjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmNp1VW89dt7AqFbF//rIoHMyVSG
yWeHVgFZUHVyMhlXhStjb/WBDLyoT9A/dRWCGsDJJFvlMpGWBq6o7CaWp1D9TBZn
o++ewMt74ANAyq4MBAtTxCBso1Y0mbtCCL0v+u8cBsBSix3FTghGZCcKqPM7wFL2
hiai6PZ9zDhCa+aWRH1vAC/WIWxZfhA/XpBbdCEiyiPowJDSsEg+NV9nXAd9XDnG
7woIX5nXq6sqyCZGTOH+mKXTDqkLORXJ/svh9DoJVUAzIaMy+lDUz24KUerdUL6I
n2lM2b0+wmveVVDL5/UM89N3u/vUtSUiL0+BKl+yTy/2Nwl7uR0Q/kN2QwIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFPq7WvKlpACNBMlmKbwCXz5CuLuIMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvMS1ydGE4cVdrQUkwRXlXWXB2QUpmUGtLNHU0Zy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvNjZmMDVjLTc0MWMtNDcyMC1iYzdlLTg5NzE0YTdlOGQ1
OC8xL2hzemdibkRmbHcyUXFfNDh2bi1vZ3ZSbnNlUS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBDBggrBgEFBQcBBwEB/wQ0MDIwMAQCAAEwKgMEAgVmfAME
AVKjNgMEA1KjYAMEAlKjqAMEAlKj4AMEAoL/RAMEArzXeDANBgkqhkiG9w0BAQsF
AAOCAQEAHDy8Fi51LhezAmy7CBeFqisIiUWngbbzPwS+GeS0DWjlFTQ8zCgl+2dy
zq9z72kS8M76IdWXZAyYM5KKKfMMaAW4SLmj2YI0c973krQUyNP8Nib3T2T8aYak
uiTjiEUg23rCsihg2SatwQleST+Upi9/l3kiZ0uIeKp4hYMEBlH96Sxe+eIUvU9M
V5a2M0RNiwi8MUcEI5ItN1Q4jHJPYaTbn4knV4fOj5QGhezlAdJQfEswlcjh1Eg+
G8PLz83DKXryORZRQlLU5I71hcRe7jPAERbm2RE/a7vwnmLRctekiGCxVQkn+kZA
PGZceJSrWjj33vVZ/xq3i71Xx9kY4g==
-----END CERTIFICATE-----
Generated at Wed Jun 19 09:52:34 2024 by rpki-client on console-ams.rpki-client.org