Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/KDl7xbDfBZYJqMjC0jJ5WollRjc.roa
File: KDl7xbDfBZYJqMjC0jJ5WollRjc.roa (raw, json)
Hash identifier: q/vpcXmAZf5Gvb7T+BskGNPAHx9/7HgMO4WAJbsbGFk=
Subject key identifier: 28:39:7B:C5:B0:DF:05:96:09:A8:C8:C2:D2:32:79:5A:89:65:46:37
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018CB9DCF8536149B84F5C75B03A2C60F18C
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/KDl7xbDfBZYJqMjC0jJ5WollRjc.roa
Signing time: Sat 30 Dec 2023 08:35:15 +0000
ROA not before: Sat 30 Dec 2023 08:35:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212238
IP address blocks: 82.163.68.0/22 maxlen: 22
149.126.88.0/22 maxlen: 22
5.102.96.0/22 maxlen: 22
5.102.120.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b9:dc:f8:53:61:49:b8:4f:5c:75:b0:3a:2c:60:f1:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Dec 30 08:35:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=28397bc5b0df059609a8c8c2d232795a89654637
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:b6:74:8d:a5:29:21:2f:45:fb:32:72:1a:28:
48:b4:46:62:cf:4b:00:61:47:24:3f:d0:ba:94:b0:
6f:9a:06:4e:b0:f5:4d:ba:b9:88:c5:71:cf:20:5b:
91:a3:e5:fa:67:9e:5a:fb:8d:db:e8:e3:94:41:1c:
57:2a:46:ff:87:e8:bb:a6:49:e5:2f:ff:83:b4:e3:
32:de:c3:0b:46:64:40:5a:d4:22:ea:99:72:ed:52:
22:04:d4:9d:d3:f6:7d:97:53:fe:19:84:1e:83:06:
44:3e:60:cf:f7:20:a6:d9:ae:79:9c:31:40:7e:72:
0c:7b:df:c2:ea:03:03:58:6a:4d:7b:bd:74:61:1d:
69:4a:5d:da:44:4c:3a:82:22:20:94:c5:26:c1:59:
5c:10:6b:ae:ec:05:bf:75:6a:b2:a6:36:b2:15:18:
c0:1f:5d:f0:36:cc:b4:b3:c2:83:ea:c5:10:5c:9d:
81:e8:e9:3f:ec:2f:2c:5e:0e:77:06:9e:04:0b:c8:
b7:54:cb:95:9f:4b:de:bc:68:80:a2:7f:37:56:bc:
35:83:50:18:ba:2e:36:3a:05:13:54:de:b2:9d:0e:
2f:29:e8:26:2b:70:4a:f3:1f:71:a1:f7:80:c4:c9:
55:99:e1:80:b8:92:ca:05:ac:19:c8:e7:fc:10:1e:
d6:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:39:7B:C5:B0:DF:05:96:09:A8:C8:C2:D2:32:79:5A:89:65:46:37
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/KDl7xbDfBZYJqMjC0jJ5WollRjc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/22
5.102.120.0/22
82.163.68.0/22
149.126.88.0/22
Signature Algorithm: sha256WithRSAEncryption
22:8c:1b:47:1f:33:66:09:94:dc:0d:56:ec:6f:83:3d:ea:34:
0d:47:f5:ef:bc:73:6d:5a:98:54:40:62:bf:f1:75:99:ed:33:
f1:c6:a3:70:b6:d8:64:17:e3:89:84:3e:45:f9:2b:27:15:af:
35:3f:cb:11:da:90:b2:2d:74:47:43:a4:ee:de:44:c2:c6:a4:
77:5c:3b:bc:63:39:7e:83:c1:d5:66:ac:6d:3d:61:aa:25:64:
1d:a8:56:63:8a:a8:3a:88:2f:bd:36:3b:9f:8d:db:14:1d:ac:
03:f6:3f:7b:99:e2:a3:04:4d:a0:92:7a:ed:d2:21:ba:a7:02:
b8:1b:d6:56:1d:6e:d5:1b:60:0c:2e:e8:17:96:68:3f:0b:91:
df:7c:61:5b:5f:b4:1f:bf:50:74:22:08:cd:62:5a:20:8f:7b:
c0:9a:41:da:dc:94:71:f9:3b:7c:08:43:9a:ec:bb:07:45:41:
47:ee:9d:cd:be:be:78:f7:c6:f7:f0:b5:11:82:6c:ec:85:bf:
64:91:24:8e:c2:4d:6d:b4:6d:95:06:85:9c:1f:96:95:8e:8b:
e9:c6:f8:92:2f:90:74:c3:fd:f6:8f:15:67:98:dd:02:89:ec:
33:fe:ff:43:3c:38:3d:03:f7:cc:51:24:cb:d9:b6:2b:cd:b7:
4d:28:8e:f9
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYy53PhTYUm4T1x1sDosYPGMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMxMjMwMDgzNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODM5N2JjNWIwZGYwNTk2MDlhOGM4YzJkMjMyNzk1YTg5NjU0NjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbZ0jaUpIS9F+zJyGihItEZiz0sA
YUckP9C6lLBvmgZOsPVNurmIxXHPIFuRo+X6Z55a+43b6OOUQRxXKkb/h+i7pknl
L/+DtOMy3sMLRmRAWtQi6ply7VIiBNSd0/Z9l1P+GYQegwZEPmDP9yCm2a55nDFA
fnIMe9/C6gMDWGpNe710YR1pSl3aREw6giIglMUmwVlcEGuu7AW/dWqypjayFRjA
H13wNsy0s8KD6sUQXJ2B6Ok/7C8sXg53Bp4EC8i3VMuVn0vevGiAon83Vrw1g1AY
ui42OgUTVN6ynQ4vKegmK3BK8x9xofeAxMlVmeGAuJLKBawZyOf8EB7WKQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCg5e8Ww3wWWCajIwtIyeVqJZUY3MB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvS0RsN3hiRGZCWllKcU1qQzBqSjVXb2xsUmpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCBWZgAwQC
BWZ4AwQCUqNEAwQClX5YMA0GCSqGSIb3DQEBCwUAA4IBAQAijBtHHzNmCZTcDVbs
b4M96jQNR/XvvHNtWphUQGK/8XWZ7TPxxqNwtthkF+OJhD5F+SsnFa81P8sR2pCy
LXRHQ6Tu3kTCxqR3XDu8Yzl+g8HVZqxtPWGqJWQdqFZjiqg6iC+9NjufjdsUHawD
9j97meKjBE2gknrt0iG6pwK4G9ZWHW7VG2AMLugXlmg/C5HffGFbX7Qfv1B0IgjN
Ylogj3vAmkHa3JRx+Tt8CEOa7LsHRUFH7p3Nvr5498b38LURgmzshb9kkSSOwk1t
tG2VBoWcH5aVjovpxviSL5B0w/32jxVnmN0Ciewz/v9DPDg9A/fMUSTL2bYrzbdN
KI75
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:35 2024 by rpki-client on console-fra.rpki-client.org