Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/JRHtvzchl1kmj1CuRZjUxzw2AQw.roa
File: JRHtvzchl1kmj1CuRZjUxzw2AQw.roa (raw, json)
Hash identifier: QBuOb70j4Kp93ssbwbHOckl3/2q1hB622qAGlhN+pqw=
Subject key identifier: 25:11:ED:BF:37:21:97:59:26:8F:50:AE:45:98:D4:C7:3C:36:01:0C
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018AB9431AF54A0DD5142BB4DF36603E0755
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/JRHtvzchl1kmj1CuRZjUxzw2AQw.roa
Signing time: Thu 21 Sep 2023 19:41:37 +0000
ROA not before: Thu 21 Sep 2023 19:41:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 82.163.168.0/22 maxlen: 24
82.163.68.0/22 maxlen: 24
5.102.96.0/19 maxlen: 24
5.102.96.0/20 maxlen: 24
82.163.224.0/22 maxlen: 24
5.102.112.0/20 maxlen: 24
46.20.212.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 25 Sep 2023 07:54:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b9:43:1a:f5:4a:0d:d5:14:2b:b4:df:36:60:3e:07:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Sep 21 19:41:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2511edbf37219759268f50ae4598d4c73c36010c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:7e:73:13:55:4f:66:1d:57:1e:05:62:a5:01:
1c:e3:d4:6d:98:da:3f:1c:51:ce:1c:7e:ea:2e:03:
bd:8e:e4:80:9f:9b:ec:e4:1a:26:e8:75:43:ef:70:
cb:e7:95:d8:ee:7c:e9:84:8e:04:f8:a1:49:e0:2e:
cc:24:96:2b:0b:de:51:c3:07:82:62:39:20:ad:f2:
de:7f:05:0f:e0:70:bb:89:0e:8b:61:a1:48:3f:7e:
b5:ce:eb:90:23:30:34:29:30:58:24:2e:0c:29:2a:
d5:14:7a:ce:60:f8:34:d9:a5:56:39:b5:37:d0:b1:
ed:08:63:18:2d:17:56:75:20:18:4d:f7:23:de:b7:
d0:21:bf:01:24:2c:13:1a:30:7f:af:f2:94:cf:37:
d4:7a:44:3a:b5:9b:b0:50:38:e1:50:af:56:04:60:
0e:a6:56:17:38:8e:0c:34:4a:90:73:0b:f0:c9:88:
94:ee:a3:c8:ba:d4:85:f6:77:50:d5:a6:57:54:81:
43:45:b5:74:0c:18:ef:96:90:18:ca:63:7f:5c:cb:
81:f0:23:5c:c5:b8:e0:22:48:0d:20:64:2a:14:64:
6f:8f:70:e9:cb:82:a5:2f:b5:2a:d9:d4:31:5f:36:
74:31:7e:bf:1d:0e:0f:76:65:80:63:e6:e4:1d:f5:
86:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:11:ED:BF:37:21:97:59:26:8F:50:AE:45:98:D4:C7:3C:36:01:0C
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/JRHtvzchl1kmj1CuRZjUxzw2AQw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/19
46.20.212.0/22
82.163.68.0/22
82.163.168.0/22
82.163.224.0/22
Signature Algorithm: sha256WithRSAEncryption
5d:0a:7f:d9:7d:b1:1f:78:ae:e0:6b:39:be:fc:e3:8b:33:74:
2e:7f:be:5e:d1:43:36:56:10:73:d1:69:4a:21:b2:ff:ea:ed:
2a:2e:9f:78:54:25:42:c2:de:b6:db:de:42:6f:81:92:ea:b2:
7f:a3:41:54:ba:8b:56:9a:55:d2:e0:8f:88:7a:e9:1a:4f:b5:
ca:89:5e:05:66:b3:af:59:ae:0c:e8:cc:90:c9:90:23:dc:b1:
4a:ce:1d:17:8c:6c:7c:3d:90:21:ca:90:90:d5:d0:ef:6f:d5:
b7:f0:35:5a:47:e1:4c:6e:99:eb:ae:d4:ec:26:62:25:64:6b:
2b:88:a7:16:6a:8f:dd:e9:d5:48:a9:03:b1:92:b6:92:72:e6:
f2:17:38:4c:cb:2e:38:59:0a:57:5a:2f:c3:d0:a6:81:e2:b9:
14:d0:cf:41:15:64:fe:ca:9f:d6:88:2e:f6:c2:13:fa:11:56:
5b:6c:9d:76:b4:ce:88:44:dc:68:3a:01:98:90:11:97:b6:3a:
64:ba:46:1d:f0:b1:bd:b1:c1:61:92:78:55:88:28:25:aa:77:
2c:09:fc:7e:35:64:6a:c1:4d:03:dd:00:4f:30:6e:06:42:f3:
d4:39:20:f8:9c:b3:94:32:ae:d9:1f:54:0c:94:28:f5:b6:4a:
da:99:9d:09
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYq5Qxr1Sg3VFCu03zZgPgdVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMwOTIxMTk0MTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTExZWRiZjM3MjE5NzU5MjY4ZjUwYWU0NTk4ZDRjNzNjMzYwMTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk35zE1VPZh1XHgVipQEc49RtmNo/
HFHOHH7qLgO9juSAn5vs5Bom6HVD73DL55XY7nzphI4E+KFJ4C7MJJYrC95RwweC
YjkgrfLefwUP4HC7iQ6LYaFIP361zuuQIzA0KTBYJC4MKSrVFHrOYPg02aVWObU3
0LHtCGMYLRdWdSAYTfcj3rfQIb8BJCwTGjB/r/KUzzfUekQ6tZuwUDjhUK9WBGAO
plYXOI4MNEqQcwvwyYiU7qPIutSF9ndQ1aZXVIFDRbV0DBjvlpAYymN/XMuB8CNc
xbjgIkgNIGQqFGRvj3Dpy4KlL7Uq2dQxXzZ0MX6/HQ4PdmWAY+bkHfWGoQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCUR7b83IZdZJo9QrkWY1Mc8NgEMMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvSlJIdHZ6Y2hsMWttajFDdVJaalV4encyQVF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQFBWZgAwQC
LhTUAwQCUqNEAwQCUqOoAwQCUqPgMA0GCSqGSIb3DQEBCwUAA4IBAQBdCn/ZfbEf
eK7gazm+/OOLM3Quf75e0UM2VhBz0WlKIbL/6u0qLp94VCVCwt62295Cb4GS6rJ/
o0FUuotWmlXS4I+IeukaT7XKiV4FZrOvWa4M6MyQyZAj3LFKzh0XjGx8PZAhypCQ
1dDvb9W38DVaR+FMbpnrrtTsJmIlZGsriKcWao/d6dVIqQOxkraScubyFzhMyy44
WQpXWi/D0KaB4rkU0M9BFWT+yp/WiC72whP6EVZbbJ12tM6IRNxoOgGYkBGXtjpk
ukYd8LG9scFhknhViCglqncsCfx+NWRqwU0D3QBPMG4GQvPUOSD4nLOUMq7ZH1QM
lCj1tkramZ0J
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:47 2024 by rpki-client on console-ams.rpki-client.org