Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/A1TIe5wPdPmjZ7_eebnZlFZwc_M.roa
File: A1TIe5wPdPmjZ7_eebnZlFZwc_M.roa (raw, json)
Hash identifier: AtS52JKCLAiPrBqhdLWZO8A0dm1Tjg1sGca4Y271xmE=
Subject key identifier: 03:54:C8:7B:9C:0F:74:F9:A3:67:BF:DE:79:B9:D9:94:56:70:73:F3
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018C1AC6BDCDAA6F392CDAA2C301D1ABAD11
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/A1TIe5wPdPmjZ7_eebnZlFZwc_M.roa
Signing time: Wed 29 Nov 2023 11:11:21 +0000
ROA not before: Wed 29 Nov 2023 11:11:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212238
IP address blocks: 82.163.68.0/22 maxlen: 22
5.102.108.0/22 maxlen: 22
5.102.124.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 15 Dec 2023 17:52:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:1a:c6:bd:cd:aa:6f:39:2c:da:a2:c3:01:d1:ab:ad:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Nov 29 11:11:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0354c87b9c0f74f9a367bfde79b9d994567073f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:fc:21:cf:32:26:63:3f:a4:25:11:16:c3:01:
78:26:9e:8d:75:8c:c7:44:6c:94:9d:e5:f3:57:76:
51:23:f2:17:be:bd:09:6d:e5:db:5f:08:f6:d0:fc:
a3:e8:f6:82:a3:b9:bc:ec:ba:7d:5e:61:ec:89:f8:
b6:77:73:77:51:93:d8:1c:d2:57:e1:b0:32:c7:b4:
bf:f7:c6:9c:ef:85:2f:a5:f5:29:46:80:7c:a0:17:
3a:a1:5b:7c:77:78:7f:10:0e:fd:e6:6d:76:89:04:
8f:59:4d:4e:99:47:54:70:70:fa:a5:5c:21:80:15:
7d:6e:df:81:90:98:b7:bd:3d:7e:58:ac:b1:3d:b9:
98:e4:c6:62:4b:9c:37:49:25:9a:4e:ba:ac:1c:a7:
0e:15:1e:4f:b1:32:32:99:04:45:fb:90:37:3d:a3:
d4:ec:36:78:24:81:34:c2:39:1e:d4:e9:ca:cf:3c:
3f:4c:84:9a:57:ba:bc:bc:00:3c:3c:2d:65:eb:04:
0a:26:63:5d:5e:f1:7c:97:94:05:5e:70:6c:e8:0b:
b8:e4:24:c3:d0:6d:b9:e9:98:33:e1:12:91:c8:f6:
ad:8b:e4:64:10:99:52:be:fb:e3:49:6b:df:29:0a:
4b:23:cd:b1:01:5a:e2:28:52:d3:1f:43:80:7a:a1:
b6:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:54:C8:7B:9C:0F:74:F9:A3:67:BF:DE:79:B9:D9:94:56:70:73:F3
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/A1TIe5wPdPmjZ7_eebnZlFZwc_M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.108.0/22
5.102.124.0/22
82.163.68.0/22
Signature Algorithm: sha256WithRSAEncryption
13:1d:a8:a6:78:1d:92:3c:88:c3:8d:d4:e1:80:07:27:e9:f3:
c1:54:11:2a:49:e7:ef:03:1e:a1:ae:f9:b4:83:26:ba:ea:49:
13:2c:8d:3a:fe:83:0c:77:c4:ec:38:3c:6a:d4:20:68:80:d1:
9d:e2:ba:98:d5:af:eb:13:70:0b:b1:5b:08:8b:16:a0:bb:6f:
97:18:35:fe:db:1f:ce:f5:30:7d:cf:f6:24:bf:36:98:56:3f:
1a:a5:ca:62:ee:b2:9c:25:56:34:36:11:63:a3:a7:cc:ab:25:
c8:2d:22:e0:1f:cc:13:7d:dc:31:80:52:40:97:90:ec:37:1d:
43:b7:95:af:73:d9:83:e7:1c:0d:c2:3b:ac:80:0d:24:e3:7a:
38:64:29:ee:2d:27:b6:21:cd:34:a9:89:00:46:3d:1f:81:7a:
a4:23:f0:3d:e9:74:06:51:52:3a:f0:68:4e:bc:c7:99:97:b6:
86:39:e3:3f:84:a6:76:bf:13:01:14:08:c4:11:c6:cd:71:f3:
e2:90:eb:c6:d3:72:23:5f:20:bc:8d:bd:74:a0:2e:3f:63:0a:
4e:75:9a:4f:47:a7:64:6f:7d:28:b5:9e:05:44:a5:cc:b1:64:
50:75:6d:be:fb:48:9f:96:58:d8:c7:6f:4e:d1:e3:bd:e4:45:
aa:6c:48:e4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYwaxr3Nqm85LNqiwwHRq60RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMxMTI5MTExMTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzU0Yzg3YjljMGY3NGY5YTM2N2JmZGU3OWI5ZDk5NDU2NzA3M2YzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxvwhzzImYz+kJREWwwF4Jp6NdYzH
RGyUneXzV3ZRI/IXvr0JbeXbXwj20Pyj6PaCo7m87Lp9XmHsifi2d3N3UZPYHNJX
4bAyx7S/98ac74UvpfUpRoB8oBc6oVt8d3h/EA795m12iQSPWU1OmUdUcHD6pVwh
gBV9bt+BkJi3vT1+WKyxPbmY5MZiS5w3SSWaTrqsHKcOFR5PsTIymQRF+5A3PaPU
7DZ4JIE0wjke1OnKzzw/TISaV7q8vAA8PC1l6wQKJmNdXvF8l5QFXnBs6Au45CTD
0G256Zgz4RKRyPati+RkEJlSvvvjSWvfKQpLI82xAVriKFLTH0OAeqG2+QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFANUyHucD3T5o2e/3nm52ZRWcHPzMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvQTFUSWU1d1BkUG1qWjdfZWViblpsRlp3Y19NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCBWZsAwQC
BWZ8AwQCUqNEMA0GCSqGSIb3DQEBCwUAA4IBAQATHaimeB2SPIjDjdThgAcn6fPB
VBEqSefvAx6hrvm0gya66kkTLI06/oMMd8TsODxq1CBogNGd4rqY1a/rE3ALsVsI
ixagu2+XGDX+2x/O9TB9z/YkvzaYVj8apcpi7rKcJVY0NhFjo6fMqyXILSLgH8wT
fdwxgFJAl5DsNx1Dt5Wvc9mD5xwNwjusgA0k43o4ZCnuLSe2Ic00qYkARj0fgXqk
I/A96XQGUVI68GhOvMeZl7aGOeM/hKZ2vxMBFAjEEcbNcfPikOvG03IjXyC8jb10
oC4/YwpOdZpPR6dkb30otZ4FRKXMsWRQdW2++0iflljYx29O0eO95EWqbEjk
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:47 2024 by rpki-client on console-ams.rpki-client.org