Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/79iT7R6piQQYURaRewJBYdj3RM4.roa
File: 79iT7R6piQQYURaRewJBYdj3RM4.roa (raw, json)
Hash identifier: Ob7ad0rMm/oaFdHZrErojDe2OokTo2Eevv0wOT+Mgbc=
Subject key identifier: EF:D8:93:ED:1E:A9:89:04:18:51:16:91:7B:02:41:61:D8:F7:44:CE
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0189DEB5B89E672ED65D59376E4EAA084D9C
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/79iT7R6piQQYURaRewJBYdj3RM4.roa
Signing time: Thu 10 Aug 2023 09:09:58 +0000
ROA not before: Thu 10 Aug 2023 09:09:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 82.163.60.0/22 maxlen: 24
82.163.168.0/22 maxlen: 24
188.215.120.0/22 maxlen: 24
5.102.96.0/19 maxlen: 24
92.114.40.0/22 maxlen: 24
5.102.96.0/20 maxlen: 24
82.163.224.0/22 maxlen: 24
130.255.68.0/22 maxlen: 24
5.102.112.0/20 maxlen: 24
Validation: Failed, certificate revoked on Wed 16 Aug 2023 07:28:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:de:b5:b8:9e:67:2e:d6:5d:59:37:6e:4e:aa:08:4d:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Aug 10 09:09:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=efd893ed1ea98904185116917b024161d8f744ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:43:bb:8f:b1:8c:17:8c:56:5c:07:e2:8b:7c:
5a:2d:14:be:9b:48:9d:99:37:f4:3f:f8:02:dc:de:
b9:4c:d7:8d:2f:9a:fa:9d:33:a4:1f:92:b6:9b:81:
62:8e:2b:48:7f:ab:80:03:31:19:3f:cd:98:a1:53:
3b:1e:2b:8b:54:01:b7:4a:1e:1c:cf:7c:f2:2b:33:
d5:44:07:78:ad:bc:73:2a:c9:29:d2:08:16:24:38:
8a:85:02:91:71:dd:33:f5:7d:dd:d8:45:45:58:71:
3e:cb:bb:4f:de:ad:72:1d:f0:9d:53:d8:92:72:c4:
19:b9:81:62:da:92:89:c3:f3:dd:b2:a9:0d:51:79:
88:7c:a2:5f:68:a9:e8:fa:22:b9:48:0b:be:f2:5b:
8e:8e:f2:53:e9:b0:82:78:0b:0d:ae:d0:bd:57:f6:
9d:9d:28:4c:d0:a3:38:25:05:1a:dc:8a:72:96:fc:
8e:53:4f:5e:e0:97:7a:ab:23:d1:96:cc:3f:86:02:
4b:aa:02:ab:dc:f5:50:15:4c:83:65:ec:f5:ae:f9:
08:71:f7:a2:ff:e3:9a:43:50:ac:4e:20:3f:91:5d:
f2:d1:c1:03:c0:4f:3a:ac:7b:55:9d:f4:a9:9d:85:
cf:7b:83:a4:c4:88:84:29:bf:29:42:b6:e6:88:08:
ec:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:D8:93:ED:1E:A9:89:04:18:51:16:91:7B:02:41:61:D8:F7:44:CE
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/79iT7R6piQQYURaRewJBYdj3RM4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/19
82.163.60.0/22
82.163.168.0/22
82.163.224.0/22
92.114.40.0/22
130.255.68.0/22
188.215.120.0/22
Signature Algorithm: sha256WithRSAEncryption
74:d7:1f:b1:2b:f0:82:03:e7:a6:5d:95:07:e1:0b:30:20:76:
75:4d:b0:55:7c:d8:0e:e9:4f:00:d3:0b:3a:9a:56:f3:81:39:
8c:a2:2a:dc:fb:91:89:71:64:4f:00:56:a6:a9:32:c0:54:43:
4e:9c:fd:23:b2:4d:1f:64:c9:56:3b:d5:d7:6f:e7:aa:62:31:
f9:b1:95:fa:51:af:2d:ea:ad:8a:ac:19:34:11:90:e4:d1:d4:
9d:16:3f:4e:48:2e:88:09:9f:94:3a:79:10:47:37:6a:97:95:
05:de:59:16:f3:f6:93:a1:13:26:d9:e1:44:8f:b7:06:9b:3b:
ed:f7:d8:b2:15:ad:03:d6:9d:62:36:3e:08:02:d8:f1:d2:a7:
af:a2:47:3d:39:87:df:50:c1:ea:7b:96:92:6b:6c:27:6c:b5:
56:6a:d2:fa:76:bf:18:4c:a0:8a:58:d8:18:e0:b7:31:90:37:
3d:12:e5:36:a2:5a:ee:a2:e4:75:fe:53:50:1b:3a:38:9b:bf:
97:6d:2d:d6:a5:63:81:70:a6:c7:3d:77:3f:e2:81:32:c4:1b:
82:fa:87:63:e8:23:77:e7:e9:6f:8c:1f:e8:d1:f2:57:18:51:
54:6e:2b:a6:9c:27:0e:a3:69:b5:60:d7:2f:b5:80:92:2d:30:
09:b9:8f:6b
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYnetbieZy7WXVk3bk6qCE2cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMwODEwMDkwOTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZmQ4OTNlZDFlYTk4OTA0MTg1MTE2OTE3YjAyNDE2MWQ4Zjc0NGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtEO7j7GMF4xWXAfii3xaLRS+m0id
mTf0P/gC3N65TNeNL5r6nTOkH5K2m4FijitIf6uAAzEZP82YoVM7HiuLVAG3Sh4c
z3zyKzPVRAd4rbxzKskp0ggWJDiKhQKRcd0z9X3d2EVFWHE+y7tP3q1yHfCdU9iS
csQZuYFi2pKJw/PdsqkNUXmIfKJfaKno+iK5SAu+8luOjvJT6bCCeAsNrtC9V/ad
nShM0KM4JQUa3IpylvyOU09e4Jd6qyPRlsw/hgJLqgKr3PVQFUyDZez1rvkIcfei
/+OaQ1CsTiA/kV3y0cEDwE86rHtVnfSpnYXPe4OkxIiEKb8pQrbmiAjsBQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFO/Yk+0eqYkEGFEWkXsCQWHY90TOMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvNzlpVDdSNnBpUVFZVVJhUmV3SkJZZGozUk00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQFBWZgAwQC
UqM8AwQCUqOoAwQCUqPgAwQCXHIoAwQCgv9EAwQCvNd4MA0GCSqGSIb3DQEBCwUA
A4IBAQB01x+xK/CCA+emXZUH4QswIHZ1TbBVfNgO6U8A0ws6mlbzgTmMoirc+5GJ
cWRPAFamqTLAVENOnP0jsk0fZMlWO9XXb+eqYjH5sZX6Ua8t6q2KrBk0EZDk0dSd
Fj9OSC6ICZ+UOnkQRzdql5UF3lkW8/aToRMm2eFEj7cGmzvt99iyFa0D1p1iNj4I
Atjx0qevokc9OYffUMHqe5aSa2wnbLVWatL6dr8YTKCKWNgY4LcxkDc9EuU2olru
ouR1/lNQGzo4m7+XbS3WpWOBcKbHPXc/4oEyxBuC+odj6CN35+lvjB/o0fJXGFFU
biumnCcOo2m1YNcvtYCSLTAJuY9r
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:35 2024 by rpki-client on console-fra.rpki-client.org