Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/6V5eNgi25VGj2mSV8AIvWJLvr70.roa
File: 6V5eNgi25VGj2mSV8AIvWJLvr70.roa (raw, json)
Hash identifier: UK6N8GckK+jqsg0Fwfr414x0jVSFbnZez7HVImNdZfQ=
Subject key identifier: E9:5E:5E:36:08:B6:E5:51:A3:DA:64:95:F0:02:2F:58:92:EF:AF:BD
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018ACB554310C7134917367F39AA963CDD37
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/6V5eNgi25VGj2mSV8AIvWJLvr70.roa
Signing time: Mon 25 Sep 2023 07:54:37 +0000
ROA not before: Mon 25 Sep 2023 07:54:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 82.163.68.0/22 maxlen: 24
5.102.96.0/19 maxlen: 24
5.102.96.0/20 maxlen: 24
5.102.112.0/20 maxlen: 24
46.20.212.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 02 Oct 2023 07:48:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:cb:55:43:10:c7:13:49:17:36:7f:39:aa:96:3c:dd:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Sep 25 07:54:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e95e5e3608b6e551a3da6495f0022f5892efafbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:19:cd:ac:c6:a2:1f:fa:76:b2:ac:10:7a:33:
0c:fc:21:74:c7:e4:75:47:d4:1c:06:60:1e:de:8b:
c1:0b:74:fd:be:35:69:20:0d:ea:bc:a5:3b:72:15:
cf:75:35:96:e4:bb:1b:ac:57:39:33:95:41:3b:c3:
da:51:02:67:01:48:aa:d2:6c:3d:4f:11:c7:b5:b1:
cc:67:de:e3:bc:81:65:c6:9a:55:e6:2e:47:15:90:
f5:40:96:72:08:60:5a:3a:82:1e:66:27:f5:ee:c2:
b8:cf:51:ca:39:6d:a8:f8:4d:d0:3c:57:cf:f6:68:
56:5f:c8:43:5e:e8:57:aa:95:19:7e:b8:9f:18:1e:
fa:5d:89:6b:15:37:a1:5f:90:e2:7e:30:bb:17:b6:
2b:91:57:80:9a:be:a1:89:4e:58:a0:18:dc:de:f5:
f1:93:91:74:fa:ef:a5:d4:7a:42:f6:f3:41:ba:17:
82:23:e2:b2:a9:62:da:11:e9:66:b1:80:b3:03:a2:
c6:c1:05:1a:36:7c:99:70:93:9c:cf:c0:2a:b0:b7:
6c:a9:0e:1e:f1:76:70:0e:f6:a8:d6:d5:45:70:bb:
3f:e1:71:71:3e:40:c0:b0:7d:1a:f9:d6:c2:c5:13:
5b:e4:80:3d:0e:f3:d1:2c:6f:53:ff:64:43:ce:c6:
83:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:5E:5E:36:08:B6:E5:51:A3:DA:64:95:F0:02:2F:58:92:EF:AF:BD
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/6V5eNgi25VGj2mSV8AIvWJLvr70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/19
46.20.212.0/22
82.163.68.0/22
Signature Algorithm: sha256WithRSAEncryption
1a:4a:1d:c1:2e:4e:1d:3e:5a:4c:d3:fd:c9:85:a3:6c:44:39:
62:53:ec:c1:2b:28:ef:37:f1:1e:a4:81:1d:8b:7b:f7:4d:43:
19:af:ed:0f:b3:f3:a4:27:24:4e:76:f3:ae:cb:e2:c6:f2:d4:
1e:4e:38:5d:b8:8d:90:34:17:5b:dc:d0:02:28:45:8b:6c:5e:
c6:40:1b:21:64:6e:8a:70:56:ea:d4:6a:b4:12:13:55:4e:c1:
dc:ae:6d:99:de:82:1c:6b:a3:37:a0:a9:37:d5:ce:c9:cf:68:
9f:4b:0e:3c:a7:a9:de:a2:09:bb:d5:17:52:ef:be:57:7c:2b:
e5:3c:d0:1b:61:46:67:43:3d:b9:17:c3:20:c3:24:92:bd:3d:
cf:1e:2e:7d:37:5e:15:79:9c:e2:b0:bb:15:9e:f0:dd:a4:32:
f6:c5:ee:51:f7:b7:77:82:18:9f:64:a1:7a:b0:e7:47:37:96:
55:68:61:ca:47:1f:60:d7:e9:32:08:be:89:7a:04:57:45:2c:
90:fc:01:e1:7c:85:2d:ee:12:a6:99:ec:9b:99:c2:68:00:9a:
c2:69:55:1a:8c:2f:d7:ca:5f:75:f9:f2:1e:9a:19:d4:b2:55:
a2:5a:5d:43:25:99:f0:79:d5:71:65:33:3a:a8:5a:5b:e4:3f:
24:09:b2:21
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYrLVUMQxxNJFzZ/OaqWPN03MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMwOTI1MDc1NDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTVlNWUzNjA4YjZlNTUxYTNkYTY0OTVmMDAyMmY1ODkyZWZhZmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqBnNrMaiH/p2sqwQejMM/CF0x+R1
R9QcBmAe3ovBC3T9vjVpIA3qvKU7chXPdTWW5LsbrFc5M5VBO8PaUQJnAUiq0mw9
TxHHtbHMZ97jvIFlxppV5i5HFZD1QJZyCGBaOoIeZif17sK4z1HKOW2o+E3QPFfP
9mhWX8hDXuhXqpUZfrifGB76XYlrFTehX5DifjC7F7YrkVeAmr6hiU5YoBjc3vXx
k5F0+u+l1HpC9vNBuheCI+KyqWLaEelmsYCzA6LGwQUaNnyZcJOcz8AqsLdsqQ4e
8XZwDvao1tVFcLs/4XFxPkDAsH0a+dbCxRNb5IA9DvPRLG9T/2RDzsaDMwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOleXjYItuVRo9pklfACL1iS76+9MB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvNlY1ZU5naTI1VkdqMm1TVjhBSXZXSkx2cjcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQFBWZgAwQC
LhTUAwQCUqNEMA0GCSqGSIb3DQEBCwUAA4IBAQAaSh3BLk4dPlpM0/3JhaNsRDli
U+zBKyjvN/EepIEdi3v3TUMZr+0Ps/OkJyROdvOuy+LG8tQeTjhduI2QNBdb3NAC
KEWLbF7GQBshZG6KcFbq1Gq0EhNVTsHcrm2Z3oIca6M3oKk31c7Jz2ifSw48p6ne
ogm71RdS775XfCvlPNAbYUZnQz25F8MgwySSvT3PHi59N14VeZzisLsVnvDdpDL2
xe5R97d3ghifZKF6sOdHN5ZVaGHKRx9g1+kyCL6JegRXRSyQ/AHhfIUt7hKmmeyb
mcJoAJrCaVUajC/Xyl91+fIemhnUslWiWl1DJZnwedVxZTM6qFpb5D8kCbIh
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:46 2024 by rpki-client on console-ams.rpki-client.org