Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/NnlY9hHXdCeJlwnY-oB9oGEefJ8.roa
File: NnlY9hHXdCeJlwnY-oB9oGEefJ8.roa (raw, json)
Hash identifier: ZBVCuMJlDcjOFJSvxSCowUiMEivfU0+V2gdGFznSsPg=
Subject key identifier: 36:79:58:F6:11:D7:74:27:89:97:09:D8:FA:80:7D:A0:61:1E:7C:9F
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0191173C2A5C823D5E8FA2A4539345CE233F
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/NnlY9hHXdCeJlwnY-oB9oGEefJ8.roa
Signing time: Sat 03 Aug 2024 07:55:04 +0000
ROA not before: Sat 03 Aug 2024 07:55:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.102.96.0/20 maxlen: 24
5.102.96.0/21 maxlen: 24
5.102.96.0/22 maxlen: 24
46.20.216.0/21 maxlen: 24
82.163.54.0/23 maxlen: 23
82.163.96.0/21 maxlen: 24
86.104.160.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 08 Aug 2024 11:54:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:17:3c:2a:5c:82:3d:5e:8f:a2:a4:53:93:45:ce:23:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Aug 3 07:55:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=367958f611d77427899709d8fa807da0611e7c9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:5e:97:1b:29:59:01:63:67:4e:df:4c:37:7e:
f7:a6:eb:eb:2a:b9:7e:2c:74:ad:2f:32:7a:52:fc:
8f:55:23:80:aa:19:3d:43:03:50:ba:c0:82:cc:4f:
06:c6:d1:52:3c:85:83:2d:a0:d6:2a:4b:6e:9d:ef:
82:2d:1b:e3:ce:d4:b3:b8:8b:84:f9:a2:83:7e:ee:
98:2b:6a:bd:b3:f3:d5:86:f2:58:49:c5:2f:5f:1b:
65:4d:08:6c:5b:95:0f:03:f9:40:b4:a1:35:94:96:
ed:b7:0d:82:75:15:57:1e:1f:53:22:e9:43:3e:14:
0f:16:af:c8:45:67:f6:fa:18:00:ff:cf:9a:76:a4:
a1:86:f6:43:39:a4:0e:9f:ee:4b:ff:d7:1d:ee:1e:
a2:c0:46:f6:05:6f:61:a3:2a:31:e4:db:b4:bf:0c:
45:b5:62:79:e8:2b:b6:a0:88:42:e9:00:87:9d:d0:
06:46:7b:3f:de:98:a2:6f:64:92:b8:e8:4e:33:78:
8f:ac:e4:0b:75:fd:99:70:fb:53:48:8e:de:15:62:
59:45:b0:d8:7c:34:05:65:fc:33:09:21:0a:20:51:
22:77:b7:d1:b5:36:66:5f:35:f4:4c:cd:d5:a7:1d:
9e:c0:31:a2:ee:8b:c9:5a:fd:48:da:24:11:c9:13:
03:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:79:58:F6:11:D7:74:27:89:97:09:D8:FA:80:7D:A0:61:1E:7C:9F
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/NnlY9hHXdCeJlwnY-oB9oGEefJ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/20
46.20.216.0/21
82.163.54.0/23
82.163.96.0/21
86.104.160.0/22
Signature Algorithm: sha256WithRSAEncryption
a2:ed:4a:a0:14:53:1a:ff:84:3d:8f:72:a3:75:2f:90:6f:33:
38:2a:76:6c:73:f9:03:ac:7d:ea:16:2d:96:3f:a4:ca:fe:22:
49:6b:cb:c1:22:0a:4e:a0:ce:33:d4:ca:00:26:34:db:27:35:
67:ce:ae:e5:79:c3:46:f3:50:0a:38:c2:8b:49:97:84:bc:8e:
9e:fe:ff:4f:7f:9d:58:40:40:86:10:3d:82:08:e8:db:b9:83:
93:91:a5:5d:5a:27:3e:c1:72:bc:86:74:7a:56:76:b9:34:5f:
28:fd:51:76:54:7f:8c:1a:08:98:ea:c2:0f:26:9d:d7:e5:23:
e0:8c:0e:03:7c:1a:ec:10:c0:a2:89:19:f9:bc:4a:60:fc:b5:
99:5b:0a:6e:58:6d:6e:e9:de:9f:07:02:38:2c:84:37:8c:17:
35:48:af:d8:02:7a:05:6a:e6:62:b5:7e:1a:3d:e9:32:e5:85:
e3:b2:58:23:4a:2c:f4:96:77:d3:98:98:2c:cc:5b:8b:8a:29:
5b:fa:f0:62:aa:9a:14:7d:49:60:7d:7a:fa:87:51:70:9d:61:
d3:79:b2:3a:81:1a:3f:d2:54:64:38:35:45:d1:8f:ee:88:ca:
98:5d:d6:9a:c6:9b:c9:74:ff:65:fc:11:8a:2b:9a:5a:63:16:
de:07:69:34
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZEXPCpcgj1ej6KkU5NFziM/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQwODAzMDc1NTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjc5NThmNjExZDc3NDI3ODk5NzA5ZDhmYTgwN2RhMDYxMWU3YzlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs16XGylZAWNnTt9MN373puvrKrl+
LHStLzJ6UvyPVSOAqhk9QwNQusCCzE8GxtFSPIWDLaDWKktune+CLRvjztSzuIuE
+aKDfu6YK2q9s/PVhvJYScUvXxtlTQhsW5UPA/lAtKE1lJbttw2CdRVXHh9TIulD
PhQPFq/IRWf2+hgA/8+adqShhvZDOaQOn+5L/9cd7h6iwEb2BW9hoyox5Nu0vwxF
tWJ56Cu2oIhC6QCHndAGRns/3piib2SSuOhOM3iPrOQLdf2ZcPtTSI7eFWJZRbDY
fDQFZfwzCSEKIFEid7fRtTZmXzX0TM3Vpx2ewDGi7ovJWv1I2iQRyRMDNQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDZ5WPYR13QniZcJ2PqAfaBhHnyfMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvTm5sWTloSFhkQ2VKbHduWS1vQjlvR0VlZko4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQEBWZgAwQD
LhTYAwQBUqM2AwQDUqNgAwQCVmigMA0GCSqGSIb3DQEBCwUAA4IBAQCi7UqgFFMa
/4Q9j3KjdS+QbzM4KnZsc/kDrH3qFi2WP6TK/iJJa8vBIgpOoM4z1MoAJjTbJzVn
zq7lecNG81AKOMKLSZeEvI6e/v9Pf51YQECGED2CCOjbuYOTkaVdWic+wXK8hnR6
Vna5NF8o/VF2VH+MGgiY6sIPJp3X5SPgjA4DfBrsEMCiiRn5vEpg/LWZWwpuWG1u
6d6fBwI4LIQ3jBc1SK/YAnoFauZitX4aPeky5YXjslgjSiz0lnfTmJgszFuLiilb
+vBiqpoUfUlgfXr6h1FwnWHTebI6gRo/0lRkODVF0Y/uiMqYXdaaxpvJdP9l/BGK
K5paYxbeB2k0
-----END CERTIFICATE-----
Generated at Thu Aug 8 15:19:00 2024 by rpki-client on console-ams.rpki-client.org