Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/N68GZqLl_F89_a1_S5GNTw7FKCw.roa
File: N68GZqLl_F89_a1_S5GNTw7FKCw.roa (raw, json)
Hash identifier: tvYvTk1B+Rv8wHGGNAOu936CbmMZO6S8Yk9gvf9lkyo=
Subject key identifier: 37:AF:06:66:A2:E5:FC:5F:3D:FD:AD:7F:4B:91:8D:4F:0E:C5:28:2C
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018AA754D8984DC8E5BB27354877A4BDEDAA
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/N68GZqLl_F89_a1_S5GNTw7FKCw.roa
Signing time: Mon 18 Sep 2023 08:07:50 +0000
ROA not before: Mon 18 Sep 2023 08:07:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 82.163.168.0/22 maxlen: 24
5.102.96.0/19 maxlen: 24
5.102.96.0/20 maxlen: 24
82.163.224.0/22 maxlen: 24
130.255.68.0/22 maxlen: 24
5.102.112.0/20 maxlen: 24
46.20.212.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 21 Sep 2023 08:19:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a7:54:d8:98:4d:c8:e5:bb:27:35:48:77:a4:bd:ed:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Sep 18 08:07:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=37af0666a2e5fc5f3dfdad7f4b918d4f0ec5282c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:90:5e:32:ac:28:63:53:59:52:bb:be:51:89:
cd:b7:86:da:9a:99:d0:47:7f:de:96:6d:c1:99:b6:
c9:d7:70:cc:62:0d:8e:ce:23:9f:09:34:41:b1:82:
2b:35:09:03:36:56:ed:e0:48:1e:9b:42:10:35:5c:
ec:8b:f7:f6:f6:18:88:bc:11:5f:ff:1f:65:b8:8a:
e6:a4:81:32:e9:ea:72:d6:dd:e5:be:1c:7d:67:a6:
64:c5:c2:57:01:4c:a0:97:64:16:75:3b:2d:c8:74:
2e:4c:a8:a9:92:a4:f6:de:78:76:d1:80:cf:85:39:
b2:34:45:10:9c:a0:be:a7:97:2c:da:68:8a:43:98:
a6:d3:78:2d:c3:71:90:8f:55:28:05:59:5c:43:a2:
ac:9c:12:ba:df:c8:0f:30:93:b9:f7:60:f8:bc:bc:
f9:d3:fd:48:dd:ff:a0:de:79:6d:12:bd:f3:e3:e0:
9c:39:88:7b:05:3a:bd:05:1c:fc:e4:e5:c0:4d:28:
1d:cb:8c:61:e7:f0:4a:0f:3f:06:51:66:27:bc:11:
e7:ba:e8:ed:b0:3b:c6:64:8f:84:68:90:b3:1e:39:
4f:99:b5:82:f2:ef:01:ee:05:a0:43:24:c3:e6:46:
32:f4:f8:4a:0e:60:23:6f:40:58:ad:07:bf:14:cc:
32:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:AF:06:66:A2:E5:FC:5F:3D:FD:AD:7F:4B:91:8D:4F:0E:C5:28:2C
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/N68GZqLl_F89_a1_S5GNTw7FKCw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/19
46.20.212.0/22
82.163.168.0/22
82.163.224.0/22
130.255.68.0/22
Signature Algorithm: sha256WithRSAEncryption
24:34:ab:cb:50:8d:1f:f9:ff:ff:51:c0:11:22:e3:83:4f:2e:
b0:7f:00:07:e4:16:ae:0a:6d:9d:18:22:d1:b6:b5:e2:2e:b1:
bd:dd:7c:96:b7:b7:4e:5b:20:71:1d:24:93:8e:62:80:0c:9d:
16:34:9d:57:8c:68:32:f5:61:06:c1:be:43:dc:c7:9e:c2:2c:
80:50:c7:aa:1a:10:73:5d:dc:82:60:8c:53:b8:95:4b:cb:6c:
6a:5b:3a:7c:32:ff:59:23:78:64:20:30:91:6a:39:a1:dd:53:
5d:3d:99:9e:0e:b3:e7:be:60:60:d8:c5:0a:7f:68:58:c0:fd:
17:ce:71:6d:86:ba:2e:ff:17:5b:f2:a7:fc:f7:97:40:58:a4:
36:12:51:90:00:b5:7b:02:75:d9:f5:dc:1b:19:7d:02:f3:15:
f5:fc:93:ff:1d:6a:51:95:ef:a9:3e:04:16:21:c1:d5:a5:44:
d6:6d:40:b0:d7:21:65:0d:6e:00:67:e5:1c:57:88:e9:e7:a9:
85:36:c5:60:52:63:c8:7b:35:ca:e3:9e:f0:d3:64:17:03:6d:
e0:17:fe:6d:71:e0:dd:4f:23:ad:de:49:ed:90:06:ec:7f:2b:
c6:eb:88:1a:ff:c0:5f:39:00:d6:67:28:60:ae:85:7b:7f:68:
66:40:33:8a
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYqnVNiYTcjluyc1SHekve2qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMwOTE4MDgwNzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2FmMDY2NmEyZTVmYzVmM2RmZGFkN2Y0YjkxOGQ0ZjBlYzUyODJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlZBeMqwoY1NZUru+UYnNt4bampnQ
R3/elm3BmbbJ13DMYg2OziOfCTRBsYIrNQkDNlbt4Egem0IQNVzsi/f29hiIvBFf
/x9luIrmpIEy6epy1t3lvhx9Z6ZkxcJXAUygl2QWdTstyHQuTKipkqT23nh20YDP
hTmyNEUQnKC+p5cs2miKQ5im03gtw3GQj1UoBVlcQ6KsnBK638gPMJO592D4vLz5
0/1I3f+g3nltEr3z4+CcOYh7BTq9BRz85OXATSgdy4xh5/BKDz8GUWYnvBHnuujt
sDvGZI+EaJCzHjlPmbWC8u8B7gWgQyTD5kYy9PhKDmAjb0BYrQe/FMwyZQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDevBmai5fxfPf2tf0uRjU8OxSgsMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvTjY4R1pxTGxfRjg5X2ExX1M1R05UdzdGS0N3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQFBWZgAwQC
LhTUAwQCUqOoAwQCUqPgAwQCgv9EMA0GCSqGSIb3DQEBCwUAA4IBAQAkNKvLUI0f
+f//UcARIuODTy6wfwAH5BauCm2dGCLRtrXiLrG93XyWt7dOWyBxHSSTjmKADJ0W
NJ1XjGgy9WEGwb5D3MeewiyAUMeqGhBzXdyCYIxTuJVLy2xqWzp8Mv9ZI3hkIDCR
ajmh3VNdPZmeDrPnvmBg2MUKf2hYwP0XznFthrou/xdb8qf895dAWKQ2ElGQALV7
AnXZ9dwbGX0C8xX1/JP/HWpRle+pPgQWIcHVpUTWbUCw1yFlDW4AZ+UcV4jp56mF
NsVgUmPIezXK457w02QXA23gF/5tceDdTyOt3kntkAbsfyvG64ga/8BfOQDWZyhg
roV7f2hmQDOK
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:47 2024 by rpki-client on console-ams.rpki-client.org