Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/R9ZX9yZvySo1265mMpwYdU4xtI4.roa
File: R9ZX9yZvySo1265mMpwYdU4xtI4.roa (raw, json)
Hash identifier: mE0rhbSH+4Job26/O/h9rVIZvJVj1qjhhMLGYma8ysQ=
Subject key identifier: 47:D6:57:F7:26:6F:C9:2A:35:DB:AE:66:32:9C:18:75:4E:31:B4:8E
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018BA3A3B22C14C9625019D5BADA0AAD5D3C
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/R9ZX9yZvySo1265mMpwYdU4xtI4.roa
Signing time: Mon 06 Nov 2023 07:58:16 +0000
ROA not before: Mon 06 Nov 2023 07:58:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 82.163.68.0/22 maxlen: 24
5.102.96.0/19 maxlen: 24
5.102.96.0/20 maxlen: 24
5.102.112.0/20 maxlen: 24
46.20.212.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 07 Nov 2023 06:47:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a3:a3:b2:2c:14:c9:62:50:19:d5:ba:da:0a:ad:5d:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Nov 6 07:58:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=47d657f7266fc92a35dbae66329c18754e31b48e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:75:27:15:58:14:6a:ef:29:0a:e1:85:67:a8:
00:80:bc:59:51:d7:e2:ff:14:57:ba:78:77:63:34:
f4:da:db:5b:84:b7:28:0f:83:64:34:85:b0:09:b1:
7b:57:e9:09:b5:e9:b4:2b:d3:ae:4f:58:19:8e:0f:
c9:92:84:ed:ef:dd:20:c1:c6:72:56:8d:30:a5:30:
bd:b6:8e:c4:85:b7:b4:8d:04:20:c3:db:dc:4e:e3:
0f:38:74:ba:37:83:2c:b2:1d:94:b8:fe:8f:37:8f:
8e:a4:f8:24:43:cc:ad:42:ad:40:cb:d3:c2:41:23:
0c:d8:91:53:20:d5:e2:08:6a:37:ea:33:2a:11:97:
1e:17:27:ef:6a:f6:cc:99:ea:b0:ba:76:30:c2:d9:
05:4a:ee:09:4f:9f:e8:0a:0d:15:01:53:f8:f5:4d:
93:a8:04:21:72:c3:6f:c9:01:15:4f:13:28:7c:c3:
8f:8d:2a:20:8d:2f:07:5b:8d:26:53:3e:03:42:13:
4b:8b:aa:88:a3:76:9e:79:34:1e:22:66:a0:85:8a:
96:70:c7:e4:fe:d3:a6:79:2c:b2:d4:4e:0b:0a:1f:
26:60:e2:ff:63:a1:0b:ca:ea:92:bd:09:d5:19:44:
a8:f1:43:5d:43:0e:64:a9:09:63:d3:1c:ea:c3:ce:
31:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:D6:57:F7:26:6F:C9:2A:35:DB:AE:66:32:9C:18:75:4E:31:B4:8E
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/R9ZX9yZvySo1265mMpwYdU4xtI4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/19
46.20.212.0/22
82.163.68.0/22
Signature Algorithm: sha256WithRSAEncryption
a3:b5:77:ac:78:ba:29:dc:7f:8c:84:b6:91:c4:f7:71:76:f8:
ce:e6:f8:16:9f:82:15:68:61:98:fe:7f:fa:6e:7a:89:f4:77:
55:1b:5d:0b:92:b0:82:01:4e:5a:3a:22:eb:91:15:a4:22:6e:
12:f0:0b:b7:36:ce:12:51:90:dd:fd:01:1b:d6:85:85:ef:1c:
59:0d:c1:4c:f3:d9:f4:76:0a:f3:a7:39:3a:eb:7e:af:21:19:
64:33:e4:79:ae:0b:fc:18:03:29:d2:06:a2:1d:4f:d2:f2:53:
f1:74:67:98:5b:0c:6d:7e:60:90:61:06:bf:22:60:5c:7b:c2:
68:dd:ca:03:5b:e0:1e:1b:80:59:54:32:72:5c:d2:0e:62:48:
63:81:09:12:17:06:ed:8b:bb:60:1f:f2:0d:88:49:34:b6:a8:
0d:b0:db:56:ea:c6:9b:a0:60:24:27:32:3a:0d:65:d2:1d:77:
d3:9b:fb:84:af:fa:84:05:e5:97:4a:fe:75:d2:12:22:bd:f6:
5b:ea:df:9c:39:05:dd:20:ee:e9:40:13:52:67:3f:2d:16:c4:
79:f1:ac:ba:48:b9:4a:49:1f:db:be:9a:c7:a6:19:62:47:14:
7d:ea:93:b3:74:c2:4a:25:c8:f7:d6:ba:46:1d:aa:0f:1e:50:
bd:bc:c1:d6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYujo7IsFMliUBnVutoKrV08MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMxMTA2MDc1ODE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2Q2NTdmNzI2NmZjOTJhMzVkYmFlNjYzMjljMTg3NTRlMzFiNDhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3UnFVgUau8pCuGFZ6gAgLxZUdfi
/xRXunh3YzT02ttbhLcoD4NkNIWwCbF7V+kJtem0K9OuT1gZjg/JkoTt790gwcZy
Vo0wpTC9to7Ehbe0jQQgw9vcTuMPOHS6N4Mssh2UuP6PN4+OpPgkQ8ytQq1Ay9PC
QSMM2JFTINXiCGo36jMqEZceFyfvavbMmeqwunYwwtkFSu4JT5/oCg0VAVP49U2T
qAQhcsNvyQEVTxMofMOPjSogjS8HW40mUz4DQhNLi6qIo3aeeTQeImaghYqWcMfk
/tOmeSyy1E4LCh8mYOL/Y6ELyuqSvQnVGUSo8UNdQw5kqQlj0xzqw84x5QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEfWV/cmb8kqNduuZjKcGHVOMbSOMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvUjlaWDl5WnZ5U28xMjY1bU1wd1lkVTR4dEk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQFBWZgAwQC
LhTUAwQCUqNEMA0GCSqGSIb3DQEBCwUAA4IBAQCjtXeseLop3H+MhLaRxPdxdvjO
5vgWn4IVaGGY/n/6bnqJ9HdVG10LkrCCAU5aOiLrkRWkIm4S8Au3Ns4SUZDd/QEb
1oWF7xxZDcFM89n0dgrzpzk6636vIRlkM+R5rgv8GAMp0gaiHU/S8lPxdGeYWwxt
fmCQYQa/ImBce8Jo3coDW+AeG4BZVDJyXNIOYkhjgQkSFwbti7tgH/INiEk0tqgN
sNtW6saboGAkJzI6DWXSHXfTm/uEr/qEBeWXSv510hIivfZb6t+cOQXdIO7pQBNS
Zz8tFsR58ay6SLlKSR/bvprHphliRxR96pOzdMJKJcj31rpGHaoPHlC9vMHW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:35 2024 by rpki-client on console-fra.rpki-client.org