Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/MJZ56JAv5aK9D9DOPSvXGzEAu34.roa
File: MJZ56JAv5aK9D9DOPSvXGzEAu34.roa (raw, json)
Hash identifier: LYRF5mDd3ZwqZEJJdA7Kdi8/t8aUrU43E1yELyk7CyM=
Subject key identifier: 30:96:79:E8:90:2F:E5:A2:BD:0F:D0:CE:3D:2B:D7:1B:31:00:BB:7E
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0190BF9E330721051349C338D58F45A01EB3
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/MJZ56JAv5aK9D9DOPSvXGzEAu34.roa
Signing time: Wed 17 Jul 2024 07:35:34 +0000
ROA not before: Wed 17 Jul 2024 07:35:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.102.96.0/20 maxlen: 24
5.102.96.0/21 maxlen: 24
46.20.216.0/21 maxlen: 24
86.104.164.0/22 maxlen: 24
89.46.180.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 17 Jul 2024 09:43:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:bf:9e:33:07:21:05:13:49:c3:38:d5:8f:45:a0:1e:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Jul 17 07:35:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=309679e8902fe5a2bd0fd0ce3d2bd71b3100bb7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:73:42:04:d6:26:c5:d1:c5:26:6a:a0:1e:35:
63:fe:43:52:d0:ea:a6:2e:85:71:e7:28:bf:c7:91:
1f:cf:95:3b:38:13:a1:e7:ac:fe:45:bb:35:7c:84:
86:6d:7c:85:7f:0b:97:91:6e:93:08:ff:17:6c:3b:
b3:5e:54:ab:b3:95:11:68:f4:4b:e0:0e:f4:84:ca:
50:b8:e9:a1:44:db:60:9c:cf:ee:7c:0d:a5:0a:a7:
cb:28:e0:70:d0:ab:0e:32:48:37:5a:74:a6:b0:e0:
29:18:9c:0c:ed:37:eb:45:15:e4:c5:f1:1f:86:68:
a4:d4:ef:d3:24:c6:1f:44:e8:f6:6e:56:68:43:a2:
76:e5:16:cb:bf:d8:cd:9a:fe:38:e4:ed:29:bd:b1:
8f:70:a5:e3:88:53:0e:74:40:da:d7:56:37:8d:23:
81:3b:e4:dd:c1:7a:05:3f:75:32:b0:50:26:94:10:
43:ac:21:fa:7d:04:a5:2b:5b:ab:22:bb:e4:f2:d5:
62:9a:13:e9:7f:d4:c3:6e:5e:c8:dd:1d:8c:d9:21:
19:90:0d:71:06:c8:86:11:ed:24:db:e4:fe:cd:2e:
9c:e4:4c:d0:6f:ab:76:8d:53:21:f0:05:6f:fa:0e:
69:5c:e6:18:ae:26:36:72:01:3c:4b:cf:8c:09:91:
78:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:96:79:E8:90:2F:E5:A2:BD:0F:D0:CE:3D:2B:D7:1B:31:00:BB:7E
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/MJZ56JAv5aK9D9DOPSvXGzEAu34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/20
46.20.216.0/21
86.104.164.0/22
89.46.180.0/22
Signature Algorithm: sha256WithRSAEncryption
51:06:c3:7b:57:df:7a:0d:74:84:d7:da:ee:09:a0:cd:f4:df:
4c:68:30:3c:58:8a:d7:0c:a4:72:09:9e:bc:8d:e5:b1:e9:28:
37:19:50:8d:c9:27:12:aa:f5:e4:6d:8a:aa:4d:17:12:70:5c:
c9:62:7c:95:79:00:d2:0f:82:1b:43:09:20:3a:7f:11:12:49:
72:05:98:e8:2f:24:9d:e8:98:23:f5:c7:df:ea:3d:ec:bf:3e:
e0:13:e6:55:da:09:99:fe:ee:85:85:f4:b0:09:d6:10:82:36:
56:24:b0:55:fb:4d:1e:77:64:35:76:92:5b:f9:46:bd:0b:0d:
92:80:db:83:d8:0e:a1:8c:9e:0f:25:5f:cf:1d:2a:84:ab:9b:
ad:b3:c4:c3:4d:30:97:1e:11:9d:65:95:34:97:fc:00:1e:36:
bc:6b:fa:ab:e4:53:c4:1e:de:e3:69:e9:b4:db:25:8f:35:86:
63:8b:4a:05:12:98:1f:90:df:37:7b:c5:ed:3a:f6:f9:b8:a9:
51:f4:52:5f:92:87:eb:32:1a:90:9a:46:8e:54:5a:ff:ff:ef:
8c:3e:ae:be:e3:60:b4:b8:6b:9e:79:7c:ea:47:81:96:18:e5:
19:ad:c2:ad:10:b7:00:a7:82:05:e1:3c:64:3d:1e:e3:43:72:
54:1f:9c:dd
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZC/njMHIQUTScM41Y9FoB6zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQwNzE3MDczNTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDk2NzllODkwMmZlNWEyYmQwZmQwY2UzZDJiZDcxYjMxMDBiYjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1XNCBNYmxdHFJmqgHjVj/kNS0Oqm
LoVx5yi/x5Efz5U7OBOh56z+Rbs1fISGbXyFfwuXkW6TCP8XbDuzXlSrs5URaPRL
4A70hMpQuOmhRNtgnM/ufA2lCqfLKOBw0KsOMkg3WnSmsOApGJwM7TfrRRXkxfEf
hmik1O/TJMYfROj2blZoQ6J25RbLv9jNmv445O0pvbGPcKXjiFMOdEDa11Y3jSOB
O+TdwXoFP3UysFAmlBBDrCH6fQSlK1urIrvk8tVimhPpf9TDbl7I3R2M2SEZkA1x
BsiGEe0k2+T+zS6c5EzQb6t2jVMh8AVv+g5pXOYYriY2cgE8S8+MCZF4cQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDCWeeiQL+WivQ/Qzj0r1xsxALt+MB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvTUpaNTZKQXY1YUs5RDlET1BTdlhHekVBdTM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQEBWZgAwQD
LhTYAwQCVmikAwQCWS60MA0GCSqGSIb3DQEBCwUAA4IBAQBRBsN7V996DXSE19ru
CaDN9N9MaDA8WIrXDKRyCZ68jeWx6Sg3GVCNyScSqvXkbYqqTRcScFzJYnyVeQDS
D4IbQwkgOn8REklyBZjoLySd6Jgj9cff6j3svz7gE+ZV2gmZ/u6FhfSwCdYQgjZW
JLBV+00ed2Q1dpJb+Ua9Cw2SgNuD2A6hjJ4PJV/PHSqEq5uts8TDTTCXHhGdZZU0
l/wAHja8a/qr5FPEHt7jaem02yWPNYZji0oFEpgfkN83e8XtOvb5uKlR9FJfkofr
MhqQmkaOVFr//++MPq6+42C0uGueeXzqR4GWGOUZrcKtELcAp4IF4TxkPR7jQ3JU
H5zd
-----END CERTIFICATE-----
Generated at Wed Jul 17 11:14:43 2024 by rpki-client on console-ams.rpki-client.org