Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/34gUpOJMwR-o4u6zctsNMwrD_fc.roa
File: 34gUpOJMwR-o4u6zctsNMwrD_fc.roa (raw, json)
Hash identifier: JolxvouyKPWYWzDxKJu9jlMWyP7rQ3IJxgVmN+/3WYY=
Subject key identifier: DF:88:14:A4:E2:4C:C1:1F:A8:E2:EE:B3:72:DB:0D:33:0A:C3:FD:F7
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0189D8EF2A2C9A4FAB11D7872A7167741EAF
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/34gUpOJMwR-o4u6zctsNMwrD_fc.roa
Signing time: Wed 09 Aug 2023 06:14:59 +0000
ROA not before: Wed 09 Aug 2023 06:14:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 82.163.60.0/22 maxlen: 24
82.163.168.0/22 maxlen: 24
188.215.120.0/22 maxlen: 24
92.114.40.0/22 maxlen: 24
5.102.96.0/20 maxlen: 24
82.163.224.0/22 maxlen: 24
130.255.68.0/22 maxlen: 24
5.102.112.0/20 maxlen: 24
Validation: Failed, certificate revoked on Thu 10 Aug 2023 09:09:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:d8:ef:2a:2c:9a:4f:ab:11:d7:87:2a:71:67:74:1e:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Aug 9 06:14:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=df8814a4e24cc11fa8e2eeb372db0d330ac3fdf7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:0e:66:a4:bf:65:4d:7c:46:4b:7a:fa:9e:58:
07:ec:98:c0:db:65:98:b3:25:51:ee:4d:6e:e4:56:
d6:fc:67:03:9b:36:04:26:73:be:57:df:65:04:da:
bf:f8:f1:96:c5:61:ed:22:69:53:5b:c0:8f:8b:0f:
40:7f:5a:99:fd:88:f9:fd:bd:31:48:49:a2:92:2f:
1f:86:60:e3:2b:3a:18:51:c5:6c:01:cc:b8:89:d4:
35:b2:ed:b4:40:e1:51:b6:0b:23:dc:fb:13:ae:16:
b2:aa:ab:3a:d4:31:69:23:53:08:89:27:bb:d7:e3:
e6:ed:1f:a6:52:d7:4b:07:db:c7:db:d9:17:1d:92:
4d:a5:4c:1a:50:4c:f0:02:c6:13:72:2e:f5:2b:c7:
a5:40:f0:a3:1f:63:96:75:44:c5:79:89:37:ee:2e:
8e:30:07:3c:6f:36:d1:f6:3a:4c:53:4c:b5:fa:16:
b1:9d:3f:78:c2:87:6f:9a:7f:48:c0:a7:3f:f1:81:
80:70:10:ae:76:5d:09:40:f2:37:ed:90:fd:9a:ff:
95:87:29:8a:39:32:e0:18:6b:cd:ae:67:2a:d7:d3:
d9:07:f6:1a:22:d7:36:6a:e5:b9:36:01:c3:a9:f4:
5b:c0:a1:c6:1d:91:57:da:79:23:d1:b8:0a:40:02:
94:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:88:14:A4:E2:4C:C1:1F:A8:E2:EE:B3:72:DB:0D:33:0A:C3:FD:F7
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/34gUpOJMwR-o4u6zctsNMwrD_fc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/19
82.163.60.0/22
82.163.168.0/22
82.163.224.0/22
92.114.40.0/22
130.255.68.0/22
188.215.120.0/22
Signature Algorithm: sha256WithRSAEncryption
45:f4:e1:46:0a:44:bb:30:08:f0:4d:f3:5b:90:16:ca:66:f3:
b2:69:13:e9:9f:43:03:b8:b5:a1:8e:b3:ff:a3:d4:3d:5d:d8:
21:c3:70:86:c0:be:9c:b8:42:bf:ca:2f:99:69:86:3c:90:c4:
f3:ab:a6:43:b1:0c:45:61:4b:26:56:46:02:a1:6a:9a:e0:5d:
10:de:ef:b6:1b:9a:6f:dc:e0:40:bc:52:d1:fd:7e:08:f1:b9:
da:49:04:0b:b8:4e:1e:56:c4:8c:bf:d0:90:3d:0f:cf:5f:4a:
d4:ec:b1:52:22:a2:66:71:a1:c1:81:1a:3e:85:38:c6:e5:e0:
ca:6c:72:3f:80:03:cd:bf:80:9e:e9:8f:b2:b8:2e:0d:12:db:
9a:7f:86:18:4e:0a:cb:e0:e9:cf:0a:70:f0:a3:1f:85:6f:b1:
ba:67:40:81:fd:24:2e:47:08:be:fc:83:e4:bd:da:46:ef:9e:
7d:c9:ad:70:15:bb:9d:88:2e:2e:1d:b0:72:80:51:a7:8e:94:
3e:73:4d:10:d8:e4:97:ae:d8:69:1a:f5:ba:45:2c:ef:35:53:
34:be:8a:da:6a:46:af:3b:c5:eb:0a:f8:50:ad:9f:25:90:bc:
e0:04:01:d4:07:38:b1:43:58:6c:28:53:87:25:98:fa:cb:20:
25:11:04:48
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYnY7yosmk+rEdeHKnFndB6vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMwODA5MDYxNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjg4MTRhNGUyNGNjMTFmYThlMmVlYjM3MmRiMGQzMzBhYzNmZGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhw5mpL9lTXxGS3r6nlgH7JjA22WY
syVR7k1u5FbW/GcDmzYEJnO+V99lBNq/+PGWxWHtImlTW8CPiw9Af1qZ/Yj5/b0x
SEmiki8fhmDjKzoYUcVsAcy4idQ1su20QOFRtgsj3PsTrhayqqs61DFpI1MIiSe7
1+Pm7R+mUtdLB9vH29kXHZJNpUwaUEzwAsYTci71K8elQPCjH2OWdUTFeYk37i6O
MAc8bzbR9jpMU0y1+haxnT94wodvmn9IwKc/8YGAcBCudl0JQPI37ZD9mv+VhymK
OTLgGGvNrmcq19PZB/YaItc2auW5NgHDqfRbwKHGHZFX2nkj0bgKQAKUcQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFN+IFKTiTMEfqOLus3LbDTMKw/33MB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvMzRnVXBPSk13Ui1vNHU2emN0c05Nd3JEX2ZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQFBWZgAwQC
UqM8AwQCUqOoAwQCUqPgAwQCXHIoAwQCgv9EAwQCvNd4MA0GCSqGSIb3DQEBCwUA
A4IBAQBF9OFGCkS7MAjwTfNbkBbKZvOyaRPpn0MDuLWhjrP/o9Q9Xdghw3CGwL6c
uEK/yi+ZaYY8kMTzq6ZDsQxFYUsmVkYCoWqa4F0Q3u+2G5pv3OBAvFLR/X4I8bna
SQQLuE4eVsSMv9CQPQ/PX0rU7LFSIqJmcaHBgRo+hTjG5eDKbHI/gAPNv4Ce6Y+y
uC4NEtuaf4YYTgrL4OnPCnDwox+Fb7G6Z0CB/SQuRwi+/IPkvdpG7559ya1wFbud
iC4uHbBygFGnjpQ+c00Q2OSXrthpGvW6RSzvNVM0voraakavO8XrCvhQrZ8lkLzg
BAHUBzixQ1hsKFOHJZj6yyAlEQRI
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:46 2024 by rpki-client on console-ams.rpki-client.org